This addresses CVE-2022-40151 and CVE-2022-41966, see:
https://x-stream.github.io/changes.html#1.4.20
This version also fixes an issue with closing streams so the workaround in GenerateDefaultTranslationsMojoTest is no longer needed.
Signed-off-by: Wouter Born <github@maindrain.net>
* Sync runtime dependencies with Karaf 4.4.3, most notably:
* Jetty 9.4.50.v20221201
* Pax Logging 2.2.0
* Pax Web 8.0.15
* Use OSGi R8 as compile dependency
* Rework Servlets to use Http Whiteboard annotations in favor of proprietary `org.openhab.core.io.http.servlet` classes
* Resolve itest runbundles
Also-by: Jan N. Klug <github@klug.nrw>
Signed-off-by: Wouter Born <github@maindrain.net>
* Raise source level to Java 17 (except for model classes)
* Remove Nashorn script engine
* Upgrade spotless and add jvm options
See https://github.com/diffplug/spotless/issues/834
* Add suppression for findBugs false positive error
* Upgrade xtext to 2.29.0
* Adjust JNA
* Resolve itests
Signed-off-by: Jan N. Klug <github@klug.nrw>
* Bump commons-net from 3.7.2 to 3.9.0 in /bom/runtime
Signed-off-by: dependabot[bot] <support@github.com>
Signed-off-by: Wouter Born <github@maindrain.net>
* Improve FeatureInstaller
* Remove unnecessary synchronized and clean up processing
* Re-add refeshing bundles after all configuratzion changes are processed
* Prevent unnecessary refreshes
* Make JNA part of the tp
Signed-off-by: Jan N. Klug <github@klug.nrw>
The `jackson-databind` bundle contains a vulnerability that is fixed in version 2.12.6.1. This version is only available for that bundle, all other bundles are still available as 2.12.6.
Signed-off-by: Jan N. Klug <github@klug.nrw>
Uses an openHAB 5.2.1.OH1 build based on the latest changes in the nrjavaserial master branch (7aa21d1dc8).
When there is an official release containing those changes we can upgrade to that.
Most importantly this fixes a file descriptor leak when checking lock dir permissions.
It also adds FreeBSD aarch64 (ARM64) support.
Fixes#1842
Signed-off-by: Wouter Born <github@maindrain.net>
* Bump netty to 4.1.72.Final for log4j2 2.15.0 fix
* Add netty-tcnative/2.0.46.Final
* Change to netty-tcnative-classes
Signed-off-by: Matthew Skinner <matt@pcmus.com>
It causes unneccessary bundle refreshes whenever add-ons are installed/uninstalled.
As a result the UI does not get properly notified of installation changes.
Fixes#2580
Reverts the Aries JAX-RS Whiteboard upgrade of #2532
Signed-off-by: Wouter Born <github@maindrain.net>
* Add ser2net mDNS USB serial discovery
* Add support for using multiple UsbSerialDiscovery services
* Add Ser2NetUsbSerialDiscovery that can use mDNS to discover ser2net RFC2217 serial ports
* Use discovered USB ports in SerialConfigOptionProvider
mDNS discovery is supported in ser2net 4.3.0 and newer.
E.g. you can install a ser2net version that provides this using APT in Ubuntu 21.04 and Debian 11.
Example ser2net YAML configuration that allows a serial port to be discovered using mDNS discovery:
%YAML 1.1
---
connection: &con01
accepter: telnet(rfc2217),tcp,2222
connector: serialdev,/dev/ttyUSB0
options:
mdns: true
mdns-sysattrs: true
mdns-name: devicename
Closes#1511
Signed-off-by: Wouter Born <github@maindrain.net>
jimtng
Andrew Fiddian-Green
Wouter Born
J-N-K
openhab-bot
dependabot[bot]
Kai Kreuzer
Christoph Weitkamp
Matthew Skinner
J-N-K
Yannick Schaus