Dropwizard v2.0.15 Release Notes
Release Date: 2020-11-03 // about 4 years ago-
👌 Improvements
- 🛠 Fix logFormat configuration inconsistencies (#3530)
🐛 Bug fixes
- 📇 Prevent deep recursion in
ConfigurationMetadata
(#3536)
🔒 Security
- 0️⃣ Replace invalid default
excludedProtocols
inHttpsConnectorFactory
(#3533)- If you're using regular expressions in the
excludedProtocols
configuration setting, make sure change these to specific protocols, for example["TLSv1", "TLSv1.1", "TLSv1.2"]
instead of["TLSv1(\.[12])?"]
.
- If you're using regular expressions in the
- ⬆️ Bump jetty.version from 9.4.32.v20200930 to 9.4.33.v20201020 (#3522)
- This is addressing GHSA-g3wg-6mcf-8jj6 (CVE-2020-27216)
⚡️ Dependency updates
- ⬆️ Bump byte-buddy from 1.10.17 to 1.10.18 (#3539)
- ⬆️ Bump checker-qual from 3.7.0 to 3.7.1 (#3544)
- ⬆️ Bump hibernate-core from 5.4.22.Final to 5.4.23.Final (#3538)
- ⬆️ Bump joda-time from 2.10.7 to 2.10.8 (#3525)
- ⬆️ Bump assertj-core from 3.17.2 to 3.18.0 (#3524)
- ⬆️ Bump bcprov-jdk15on from 1.66 to 1.67 (#3540)
- ⬆️ Bump actions/stale from v3.0.12 to v3.0.13 (#3545)
- ⬆️ Bump sphinx from 3.2.1 to 3.3.0 in /docs (#3543)
Assorted