You are viewing a plain text version of this content. The canonical link for it is here.
Posted to commits@sling.apache.org by ra...@apache.org on 2020/01/23 10:44:59 UTC
[sling-org-apache-sling-xss] branch master updated (5ca5b28 ->
8472d94)
This is an automated email from the ASF dual-hosted git repository.
radu pushed a change to branch master
in repository https://gitbox.apache.org/repos/asf/sling-org-apache-sling-xss.git.
from 5ca5b28 SLING-9019 - The XSSFilter will mark URLs containing both escaped characters and HTML entities as invalid
new d276bfd SLING-9022 - Update to latest OWASP AntiSamy, ESAPI, encoder Java libraries
new 8472d94 SLING-9023 - Switch from legacy commons collections 3 to commons collections 4
The 2 revisions listed above as "new" are entirely new to this
repository and will be described in separate emails. The revisions
listed as "add" were already present in the repository and have only
been added to this reference.
Summary of changes:
bnd.bnd | 1 +
pom.xml | 10 +++++++---
2 files changed, 8 insertions(+), 3 deletions(-)
[sling-org-apache-sling-xss] 01/02: SLING-9022 - Update to latest
OWASP AntiSamy, ESAPI, encoder Java libraries
Posted by ra...@apache.org.
This is an automated email from the ASF dual-hosted git repository.
radu pushed a commit to branch master
in repository https://gitbox.apache.org/repos/asf/sling-org-apache-sling-xss.git
commit d276bfdf8c58a340afa5bb9aa697a9c044a88007
Author: Radu Cotescu <ra...@apache.org>
AuthorDate: Thu Jan 23 11:41:22 2020 +0100
SLING-9022 - Update to latest OWASP AntiSamy, ESAPI, encoder Java libraries
---
pom.xml | 6 +++---
1 file changed, 3 insertions(+), 3 deletions(-)
diff --git a/pom.xml b/pom.xml
index db431fd..80bbbf5 100644
--- a/pom.xml
+++ b/pom.xml
@@ -164,7 +164,7 @@
<dependency>
<groupId>org.owasp.antisamy</groupId>
<artifactId>antisamy</artifactId>
- <version>1.5.7</version>
+ <version>1.5.8</version>
<scope>provided</scope>
</dependency>
<dependency>
@@ -182,7 +182,7 @@
<dependency>
<groupId>org.owasp.esapi</groupId>
<artifactId>esapi</artifactId>
- <version>2.1.0.1</version>
+ <version>2.2.0.0</version>
<scope>provided</scope>
<exclusions>
<exclusion>
@@ -196,7 +196,7 @@
<groupId>org.owasp.encoder</groupId>
<artifactId>encoder</artifactId>
<scope>provided</scope>
- <version>1.1.1</version>
+ <version>1.2.2</version>
</dependency>
<dependency>
[sling-org-apache-sling-xss] 02/02: SLING-9023 - Switch from legacy
commons collections 3 to commons collections 4
Posted by ra...@apache.org.
This is an automated email from the ASF dual-hosted git repository.
radu pushed a commit to branch master
in repository https://gitbox.apache.org/repos/asf/sling-org-apache-sling-xss.git
commit 8472d9439fd163585614f3ae7276e3aa0dfbdd31
Author: Radu Cotescu <ra...@apache.org>
AuthorDate: Thu Jan 23 11:43:29 2020 +0100
SLING-9023 - Switch from legacy commons collections 3 to commons collections 4
* commons-collections is a transitive dependency of a module that esapi uses,
but which is not needed for the o.a.s.xss implementations
---
bnd.bnd | 1 +
pom.xml | 4 ++++
2 files changed, 5 insertions(+)
diff --git a/bnd.bnd b/bnd.bnd
index c1243e6..67023a9 100644
--- a/bnd.bnd
+++ b/bnd.bnd
@@ -6,6 +6,7 @@ Import-Package: !bsh, \
!org.w3c.dom, \
!org.w3c.dom.*, \
!org.apache.avalon.framework.logger, \
+ !org.apache.commons.collections.*, \
!org.apache.commons.digester.*, \
!org.apache.commons.jexl2, \
!org.apache.commons.jxpath.*, \
diff --git a/pom.xml b/pom.xml
index 80bbbf5..1602c84 100644
--- a/pom.xml
+++ b/pom.xml
@@ -189,6 +189,10 @@
<groupId>commons-lang</groupId>
<artifactId>commons-lang</artifactId>
</exclusion>
+ <exclusion>
+ <groupId>commons-collections</groupId>
+ <artifactId>commons-collections</artifactId>
+ </exclusion>
</exclusions>
</dependency>