Skip to content

Commit

Permalink
JEXL: getting ready for 3.4;
Browse files Browse the repository at this point in the history 
- release notes;
- remove useless code;
  • Loading branch information
Henri Biestro committed May 25, 2024
1 parent 33ca4a8 commit 3955168
Show file tree
Hide file tree
Showing 4 changed files with 158 additions and 14 deletions.
8 changes: 0 additions & 8 deletions src/main/java/org/apache/commons/jexl3/internal/introspection/ArrayIterator.java
View file
Original file line number Diff line number Diff line change
Expand Up @@ -87,12 +87,4 @@ public Object next() {
public boolean hasNext() {
return pos < size;
}

/**
* No op--merely added to satify the <code>Iterator</code> interface.
*/
@Override
public void remove() {
throw new UnsupportedOperationException();
}
}
5 changes: 0 additions & 5 deletions src/main/java/org/apache/commons/jexl3/internal/introspection/EnumerationIterator.java
View file
Original file line number Diff line number Diff line change
Expand Up @@ -50,9 +50,4 @@ public T next() {
public boolean hasNext() {
return enumeration.hasMoreElements();
}

@Override
public void remove() {
// not implemented
}
}
2 changes: 1 addition & 1 deletion src/site/site.xml
View file
Original file line number Diff line number Diff line change
Expand Up @@ -25,7 +25,7 @@
<body>
<menu name="JEXL">
<item name="Overview" href="index.html" />
<item name="Release Notes" href="relnotes33.html"/>
<item name="Release Notes" href="relnotes34.html"/>
<item name="Javadoc 3.4" href="apidocs/index.html"/>
<item name="Javadoc 2.1.1" href="javadocs/apidocs-2.1.1/index.html"/>
<item name="Javadoc 1.1" href="javadocs/apidocs-1.1/index.html"/>
Expand Down
157 changes: 157 additions & 0 deletions src/site/xdoc/relnotes34.xml
View file
Original file line number Diff line number Diff line change
@@ -0,0 +1,157 @@
<?xml version="1.0"?>
<!--
Licensed to the Apache Software Foundation (ASF) under one or more
contributor license agreements. See the NOTICE file distributed with
this work for additional information regarding copyright ownership.
The ASF licenses this file to You under the Apache License, Version 2.0
(the "License"); you may not use this file except in compliance with
the License. You may obtain a copy of the License at
http://www.apache.org/licenses/LICENSE-2.0
Unless required by applicable law or agreed to in writing, software
distributed under the License is distributed on an "AS IS" BASIS,
WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
See the License for the specific language governing permissions and
limitations under the License.
-->

<document>
<properties>
<title>Apache Commons JEXL 3.4 Release Notes</title>
</properties>

<body>
<section name="Compatibility with previous release">
<p>
Version 3.4 is source and binary compatible with 3.3.
</p>
</section>
<section name="Compatibility with older releases (&lt; 3.3, 2.x)">
<p>
Since 3.3 release, the default setting for permissions that determine which packages, classes and methods are
accessible to scripts has been reduced to a very narrow set. When migrating from previous version of JEXL,
this may result in breaking your application behavior ; this breaking change requires remediation in your code.
</p>
<p>
Despite the obvious inconvenience - our sincere apologies on the matter -, how much functional and semantic
power is accessible through scripts has a real impact on your application security and stability ;
that potential risk requires an informed review and conscious choice on your end.
</p>
<p>
To mitigate the change, you can revert to the previous behavior with one line of code
(see <a href="apidocs/org/apache/commons/jexl3/introspection/JexlPermissions.html">JexlPermissions</a>,
<a href="apidocs/org/apache/commons/jexl3/JexlBuilder.html">JexlBuilder</a>
and
<a href="apidocs/org/apache/commons/jexl3/scripting/JexlScriptEngine.html">JexlScriptEngine</a>
) or use this
opportunity to reduce exposure. Whether Files, URLs, networking, processes, class-loaders or reflection classes
or whether loops or side effects are accessible are part of your choice to make.
</p>
</section>
<section name="What's new in 3.4:">
<p>
Features and permissions are easier to define through new methods.
</p>
<p>
Some new syntaxes are introduced ; try/catch/finally (including with resources),
an array-access safe navigation ((x?[y]), strict equality/inequality operators (===, !==),
instanceof/!instanceof operators and more permissive structured literals.
</p>
</section>

<section name="New Features in 3.4:">
<p>
<table>
<tr>
<td><a href="https://issues.apache.org/jira/browse/JEXL-423>">JEXL-423:</a></td>
<td>Add support for instanceof / !instanceof</td>
</tr>
<tr>
<td><a href="https://issues.apache.org/jira/browse/JEXL-422>">JEXL-422:</a></td>
<td>Add strict equality (===) and inequality (!==) operators</td>
</tr>
<tr>
<td><a href="https://issues.apache.org/jira/browse/JEXL-421>">JEXL-421:</a></td>
<td>ArrayBuilder: array type should reflect common class of its entries</td>
</tr>
<tr>
<td><a href="https://issues.apache.org/jira/browse/JEXL-419>">JEXL-419:</a></td>
<td>Add permission syntax to allow class/method/field</td>
</tr>
<tr>
<td><a href="https://issues.apache.org/jira/browse/JEXL-418>">JEXL-418:</a></td>
<td>Add try-catch-finally support</td>
</tr>
<tr>
<td><a href="https://issues.apache.org/jira/browse/JEXL-408>">JEXL-408:</a></td>
<td>Using JexlFeatures is tedious</td>
</tr>
<tr>
<td><a href="https://issues.apache.org/jira/browse/JEXL-404>">JEXL-404:</a></td>
<td>Support array-access safe navigation (x?[y])</td>
</tr>
<tr>
<td><a href="https://issues.apache.org/jira/browse/JEXL-401>">JEXL-401:</a></td>
<td>Captured variables should be read-only</td>
</tr>
<tr>
<td><a href="https://issues.apache.org/jira/browse/JEXL-398>">JEXL-398:</a></td>
<td>Allow 'trailing commas' or ellipsis while defining array, map and set literals</td>
</tr>
</table>
</p>
</section>

<section name="Bugs Fixed in 3.4:">
<p>
<table>
<tr>
<td><a href="https://issues.apache.org/jira/browse/JEXL-420>">JEXL-420:</a></td>
<td>Error while comparing float and string value</td>
</tr>
<tr>
<td><a href="https://issues.apache.org/jira/browse/JEXL-417>">JEXL-417:</a></td>
<td>JexlArithmetic looses precision during arithmetic operator execution</td>
</tr>
<tr>
<td><a href="https://issues.apache.org/jira/browse/JEXL-416>">JEXL-416:</a></td>
<td>Null-valued pragma throws NPE in 3.3</td>
</tr>
<tr>
<td><a href="https://issues.apache.org/jira/browse/JEXL-415>">JEXL-415:</a></td>
<td>Incorrect template eval result</td>
</tr>
<tr>
<td><a href="https://issues.apache.org/jira/browse/JEXL-414>">JEXL-414:</a></td>
<td>SoftCache may suffer from race conditions</td>
</tr>
<tr>
<td><a href="https://issues.apache.org/jira/browse/JEXL-412>">JEXL-412:</a></td>
<td>Ambiguous syntax between namespace function call and map object definition.</td>
</tr>
<tr>
<td><a href="https://issues.apache.org/jira/browse/JEXL-410>">JEXL-410:</a></td>
<td>JexlFeatures: ctor does not enable all features</td>
</tr>
<tr>
<td><a href="https://issues.apache.org/jira/browse/JEXL-409>">JEXL-409:</a></td>
<td>Disable LEXICAL should disable LEXICAL_SHADE</td>
</tr>
<tr>
<td><a href="https://issues.apache.org/jira/browse/JEXL-405>">JEXL-405:</a></td>
<td>Recursive functions corrupt evaluation frame if reassigned</td>
</tr>
<tr>
<td><a href="https://issues.apache.org/jira/browse/JEXL-403>">JEXL-403:</a></td>
<td>Exception while evaluating template literal used in array assignment in loop.</td>
</tr>
<tr>
<td><a href="https://issues.apache.org/jira/browse/JEXL-423>">JEXL-402:</a></td>
<td>parse failed with empty return value.</td>
</tr>
</table>
</p>
</section>
</body>
</document>

0 comments on commit 3955168

Please sign in to comment.