[struts-site] branch master updated: Announces Struts 2.5.30

[lu...@apache.org]

This is an automated email from the ASF dual-hosted git repository.

lukaszlenart pushed a commit to branch master
in repository https://gitbox.apache.org/repos/asf/struts-site.git


The following commit(s) were added to refs/heads/master by this push:
     new 4419608dc Announces Struts 2.5.30
4419608dc is described below

commit 4419608dc4f0b4dec25ea762111cf3781ca90ee9
Author: Lukasz Lenart <lu...@apache.org>
AuthorDate: Mon Apr 4 08:20:12 2022 +0200

    Announces Struts 2.5.30
---
 _config.yml             |  8 ++++----
 source/announce-2022.md | 46 ++++++++++++++++++++++++++++++++++++++++++++++
 2 files changed, 50 insertions(+), 4 deletions(-)

diff --git a/_config.yml b/_config.yml
index 098ce5429..ad446c5c4 100644
--- a/_config.yml
+++ b/_config.yml
@@ -9,15 +9,15 @@ kramdown:
   syntax_highlighter: rouge
 
 # Simplifies introducing changes related to the latest release
-current_version: 2.5.29
-current_version_short: 2529
+current_version: 2.5.30
+current_version_short: 2530
 prev_version: 2.3.37
 prev_version_short: 2337
 archetype_version: 2.5.22
 current_beta_version: 2.5-BETA3
 current_beta_version_short: 25B3
-release_date: 22 January 2022
-release_date_short: 20220122
+release_date: 04 April 2022
+release_date_short: 20220404
 prev_release_date: 30 December 2018
 prev_release_date_short: 20181230
 beta_release_date_short: 20160126
diff --git a/source/announce-2022.md b/source/announce-2022.md
index 4313cefff..3ff84d30c 100644
--- a/source/announce-2022.md
+++ b/source/announce-2022.md
@@ -13,6 +13,52 @@ title: Announcements 2022
   Skip to: <a href="announce-2021">Announcements - 2021</a>
 </p>
 
+#### 04 April 2022 - Struts 2.5.30 General Availability {#a20220404}
+
+The Apache Struts group is pleased to announce that Struts 2.5.30 is available as a "General Availability"
+release. The GA designation is our highest quality grade.
+
+#### Internal Changes:
+
+Yasser's PR has been merged which contains a fix to double evaluation security vulnerability - it should solve any future 
+attack vectors, yet it can impact your application if you have been depending on double evaluation.
+
+**How to test**
+Run all your app tests, you shouldn't see any WARN log like below:
+
+```
+Expression [so-and-so] isn't allowed by pattern [so-and-so]! See Accepted / Excluded patterns at
+https://struts.apache.org/security/
+```
+
+See if following components are still functioning correctly regarding java-scripts:
+- forms with client side validations
+- doubleselect
+- combobox
+
+Check also `StreamResult`, `AliasInterceptor` and `JasperReportResult` if they are still working as expected.
+
+#### Dependency:
+[WW-5170] - Upgrade Jackson-Core to version 2.10.5 and Jackson-Databind to 2.10.5.1
+[WW-5172] - Upgrade freemarker to 2.3.31
+
+> Please read the [Version Notes]({{ site.wiki_url }}/Version+Notes+2.5.30) to find more details about performed
+> bug fixes and improvements.
+
+Apache Struts 2 is an elegant, extensible framework for creating enterprise-ready Java web applications.
+The framework has been designed to streamline the full development cycle, from building, to deploying,
+to maintaining applications over time.
+
+**All developers are strongly advised to perform this upgrade.**
+
+The 2.5.x series of the Apache Struts framework has a minimum requirement of the following specification versions:
+Servlet API 2.4, JSP API 2.0, and Java 7.
+
+Should any issues arise with your use of any version of the Struts framework, please post your comments to the user list,
+and, if appropriate, file [a tracking ticket]({{ site.jira_url }}).
+
+You can download this version from our [download](download.cgi#struts-ga) page.
+
 #### 22 January 2022 - Struts 2.5.29 General Availability {#a20220122}
 
 The Apache Struts group is pleased to announce that Struts 2.5.29 is available as a "General Availability"