Upgrades XStream from 1.4.15 to 1.4.17
Prevents the following vulnerabilities when using XStream instances with an uninitialized security framework:
* CVE-2021-21341
* CVE-2021-21342
* CVE-2021-21343
* CVE-2021-21344
* CVE-2021-21345
* CVE-2021-21346
* CVE-2021-21347
* CVE-2021-21348
* CVE-2021-21349
* CVE-2021-21350
* CVE-2021-21351
* CVE-2021-29505
See: http://x-stream.github.io/changes.html#1.4.17
Related to: #2250, #2251
Signed-off-by: Wouter Born <github@maindrain.net>
Upgrades UoM dependencies to:
* javax.measure 2.1.2
* si-units 2.0.1
* indriya 2.1.2
An openHAB OSGi-ified si-units bundle is used as runtime dependency, because the latest si-units release is still missing proper OSGi manifest headers.
Notable changes:
* Quantity not longer implements an `equals` method, so the unit tests had to be adjusted. This should have any impact outside of the unit tests though since the rest of openHAB should be using QuantityType instead.
* RationalConverter is not package private, so instances of it much be created through the MultiplyConverter static functions.
* Quantities.getQuantity can no longer parse values without units like `100`. A workaround has been implemented.
* The unicode greek `mu` letter is now returned for unit prefixes instead of the unicode `micro` character. These characters are visually identical but the unit tests had to be adjusted. The new library seems to parse both types just fine.
Also-by: Connor Petty <mistercpp2000+gitsignoff@gmail.com>
Signed-off-by: Wouter Born <github@maindrain.net>
* Ignore illegal thing status updates from REMOVING
Ignore illegal thing status transitions from REMOVING instead of throwing IllegalArgumentException
Signed-off-by: Björn Lange <blange@itemis.com>
* Aligns compile dependencies with OSGi R7
* Aligns runtime dependencies with Karaf 4.3.1
* Fixes issues due to dependency changes:
* AudioServletTest never ending due to Jetty upgrade
* Feature resolution failing due to Karaf activation-api no longer visible
* Uses Pax Logging as runtime dependency instead of Felix Log
This dependency change makes itests and Demo App behave more like the actual distro
To change the log level in itests, change the value of org.ops4j.pax.logging.DefaultServiceLog.level in itest-include.bndrun
* Adds --add-opens and nashorn.args in itest-include.bndrun to prevent some warnings being logged in itests
Related to openhab/openhab-distro#1167
Signed-off-by: Wouter Born <github@maindrain.net>
* Fixes bugs (vulnerabilities/performance issues)
* Supports OSGi better
* Prevents illegal reflective access warnings on newer Java versions
* Supports java.time converters
For XStream release notes see: https://x-stream.github.io/changes.html
The XmlDocumentReader which uses XStream has also been modified to configure XStream security to prevent "Security framework of XStream not initialized, XStream is probably vulnerable" warnings.
Signed-off-by: Wouter Born <github@maindrain.net>
Upgrades the compiler and its dependencies so the compiler results of Maven builds are more similar to those generated in recent Eclipse versions.
To fix compilation issues in Eclipse for add-ons using classes from javax.xml.stream several dependencies were upgraded/excluded.
Signed-off-by: Wouter Born <github@maindrain.net>
* Fix item channel links not properly initialized
* Add ChannelLinkNotifierOSGiTest
* Send at most one channelLinked event per linked thing channel when activating ChannelLinkNotifier
* Send channelUnlinked event only if all items are unlinked
* Use Registry stream instead of getAll
Fixes#1596
Signed-off-by: Wouter Born <github@maindrain.net>
* Migrates all tests to the JUnit 5 Jupiter API
* Updates bnd to 5.1.2
* Updates maven-surefire-plugin to 3.0.0-M5
* Updates Mockito to 3.4.6
* Updates Hamcrest to 2.2
* Removes org.openhab.core.boot POM dependencies
Signed-off-by: Wouter Born <github@maindrain.net>
* Add and fix more null annotations
* Add more @NonNullByDefault and @Nullable annotations
* Remove unnecessary @NonNull annotations
* Fix a few other trivial SAT issues
* Add constructor injection for MDNSDiscoveryService
Signed-off-by: Wouter Born <github@maindrain.net>
* Clarify return values for implementation
* Dynamic state/command provider should not return original descritpion
* Added ERROR log message
* Added integration test for CommandDescriptionProvider
Signed-off-by: Christoph Weitkamp <github@christophweitkamp.de>
* removed ThingLinkManager and with it the auto-linking feature and "Simple Mode"
Signed-off-by: Kai Kreuzer <kai@openhab.org>
* removed feature from REST API as well
Signed-off-by: Kai Kreuzer <kai@openhab.org>
* removed tests
Signed-off-by: Kai Kreuzer <kai@openhab.org>
Use the same Pax Web and Jetty version for the runtime dependencies
(used by the demo application) as is used in the Karaf distribution.
This PR needs to be merged synchron to the updated bndrun in the openHAB
demo repository.
Related to: https://github.com/openhab/openhab-core/pull/1197#issuecomment-553029014
Signed-off-by: Markus Rathgeb <maggu2810@gmail.com>
Adds null annotations to all registries, the interfaces they implement and a few other classes.
Also-by: Christoph Weitkamp <github@christophweitkamp.de>
Signed-off-by: Wouter Born <github@maindrain.net>
* Minor code improvements in profile factory
* Added integration test to check if factory creates all available profiles
Signed-off-by: Christoph Weitkamp <github@christophweitkamp.de>
Mockito 3 does not introduce any breaking API changes, but now requires Java 8 over Java 6 for Mockito 2.
Signed-off-by: Wouter Born <github@maindrain.net>
* Changed pid from 'org.eclipse.smarthome.core.i18nprovider' to 'org.eclipse.smarthome.i18n'
Signed-off-by: Christoph Weitkamp <github@christophweitkamp.de>
Fixes wrong names identified by the following rules:
* ConstantNameCheck
* LocalFinalVariableNameCheck
* LocalVariableNameCheck
* StaticVariableNameCheck
Most mismatches identified by the MemberNameCheck have also been fixed except for those where the variables are used in events/DTOs etc which would cause issues.
Signed-off-by: Wouter Born <github@maindrain.net>
There is a recommended ordering for all Maven POM files.
See: https://maven.apache.org/developers/conventions/code.html
The POM files has been "fixed" by using the "sortpom-maven-plugin".
The blank lines has been kept to keep the element separation for
readability.
The plugin also fixes indentation etc.
Have a look at: https://github.com/Ekryd/sortpom/wiki
The profile has been set to "recommended_2008_06" that states:
The POM Code Convention that was chosen by Maven developers in 2008
Command that has been executed:
mvn \
com.github.ekryd.sortpom:sortpom-maven-plugin:sort \
-Dsort.keepBlankLines=true \
-Dsort.predefinedSortOrder=recommended_2008_06
Signed-off-by: Markus Rathgeb <maggu2810@gmail.com>
Adds the following bundles required for building on Java 11 by default to the run requirements:
* org.apache.servicemix.specs.activation-api-1.1
* org.apache.servicemix.specs.annotation-api-1.3
* org.apache.servicemix.specs.jaxb-api-2.2
Signed-off-by: Wouter Born <github@maindrain.net>