This is a workaround for JDK-8301341 by using the Java 11 LinkedTransferQueue with the QueueingThreadPoolExecutor in the Core and jUPnP.
Signed-off-by: Wouter Born <github@maindrain.net>
This addresses CVE-2022-40151 and CVE-2022-41966, see:
https://x-stream.github.io/changes.html#1.4.20
This version also fixes an issue with closing streams so the workaround in GenerateDefaultTranslationsMojoTest is no longer needed.
Signed-off-by: Wouter Born <github@maindrain.net>
* Sync runtime dependencies with Karaf 4.4.3, most notably:
* Jetty 9.4.50.v20221201
* Pax Logging 2.2.0
* Pax Web 8.0.15
* Use OSGi R8 as compile dependency
* Rework Servlets to use Http Whiteboard annotations in favor of proprietary `org.openhab.core.io.http.servlet` classes
* Resolve itest runbundles
Also-by: Jan N. Klug <github@klug.nrw>
Signed-off-by: Wouter Born <github@maindrain.net>
* Raise source level to Java 17 (except for model classes)
* Remove Nashorn script engine
* Upgrade spotless and add jvm options
See https://github.com/diffplug/spotless/issues/834
* Add suppression for findBugs false positive error
* Upgrade xtext to 2.29.0
* Adjust JNA
* Resolve itests
Signed-off-by: Jan N. Klug <github@klug.nrw>
This fixes the build being broken when building on Windows.
It also contains many fixes for timing issues which seem to impact macOS and Windows more than Linux.
* Fix .gitattributes and add *.xml_gen to fix line ending issues on Windows
* Derive fork count from CPU details in org.openhab.core tests for more stable tests on machines with fewer cores
* Adjust SafeCallerImplTest timings
* Increase ExecUtilTest timeout
* Increase SchedulerImplTest timeouts
* Increase AudioConsoleTest serveStream timeout
* Increase AudioServletTest serveStream timeout
* Increase SchedulerImplTest test timeouts
* Increase ExpireManagerTest timeout used for checking published events
* Increase PeriodicSchedulerImplTest max allowed delta
* Increase SchedulerImplTest timeouts
* Fix BundleInfoReader file stream not closed causing temp dir deletion issues on Windows
* Fix GenerateDefaultTranslationsMojoTest Windows line endings issues
* Fix GenerateDefaultTranslationsMojoTest Windows temp dir deletion problem
* Fix GenericItemProviderTest tearDown sometimes fails because of queued events
* Fix ChannelLinkNotifierOSGiTest wait for channel link events
* Fix ChannelCommandDescriptionProviderOSGiTest fails if provider not immediately registered
* Fix ChannelStateDescriptionProviderOSGiTest fails if provider not immediately registered
* Fix GenericItemChannelLinkProviderTest not waiting for async updated state to become true
* Fix GenericThingProviderTest failing due to events of previous test
* Fix InboxOSGiTest sometimes fails because of queued events
* Fix ScriptEngineOSGiTest failing because items are not yet added to registry
* Fix ThingManagerOSGiTest failing due to async handleRemoval call
Signed-off-by: Wouter Born <github@maindrain.net>
* Add more null annotations
* Fix mock name
Adds null annotations to most of the tests as well as a few other classes.
Also fixes a few other SAT findings.
Fixes ~300 SAT findings in total.
Signed-off-by: Wouter Born <github@maindrain.net>
Upgrades XStream from 1.4.15 to 1.4.17
Prevents the following vulnerabilities when using XStream instances with an uninitialized security framework:
* CVE-2021-21341
* CVE-2021-21342
* CVE-2021-21343
* CVE-2021-21344
* CVE-2021-21345
* CVE-2021-21346
* CVE-2021-21347
* CVE-2021-21348
* CVE-2021-21349
* CVE-2021-21350
* CVE-2021-21351
* CVE-2021-29505
See: http://x-stream.github.io/changes.html#1.4.17
Related to: #2250, #2251
Signed-off-by: Wouter Born <github@maindrain.net>