)]}' { "log": [ { "commit": "403ac4f9191b6d31f6ce9247e43752b0e5a09324", "tree": "a25d6ee9663aa77fa473fd1f3444e3009c340b4a", "parents": [ "7cb413bc3175cc04a6d21228f049ab258b24833a" ], "author": { "name": "Christopher L. Shannon", "email": "cshannon@apache.org", "time": "Thu Jun 11 19:44:44 2026 -0400" }, "committer": { "name": "GitHub", "email": "noreply@github.com", "time": "Thu Jun 11 19:44:44 2026 -0400" }, "message": "Remove extra buffer copy in StompNIOSSLTransport (#2107)\n\nOptimizes the StompNIOSSLTransport by removing the unnecessary extra\nbyte array allocation and buffer copy when processing frames" }, { "commit": "7cb413bc3175cc04a6d21228f049ab258b24833a", "tree": "ee03244ed8ecc6bd47c1ccb2476068fa5f574d41", "parents": [ "83ce2bacd84edfea4282132aff64f49ecb6baefd" ], "author": { "name": "Christopher L. Shannon", "email": "cshannon@apache.org", "time": "Thu Jun 11 19:44:24 2026 -0400" }, "committer": { "name": "GitHub", "email": "noreply@github.com", "time": "Thu Jun 11 19:44:24 2026 -0400" }, "message": "Validate Stomp headers against max frame size (#2104)\n\nUpdates Stomp codec to check headers against max frame size during\nreading of the headers and not after when reading the body." }, { "commit": "83ce2bacd84edfea4282132aff64f49ecb6baefd", "tree": "21a9c9d88c599311d4d9706ca341aec197f9c59f", "parents": [ "c36d5ebd6a7198f7bdf44101617e4092a58df816" ], "author": { "name": "Christopher L. Shannon", "email": "cshannon@apache.org", "time": "Thu Jun 11 16:42:40 2026 -0400" }, "committer": { "name": "GitHub", "email": "noreply@github.com", "time": "Thu Jun 11 16:42:40 2026 -0400" }, "message": "Add back missing closing tag (#2100)\n\nFix typo introduced in #2089" }, { "commit": "c36d5ebd6a7198f7bdf44101617e4092a58df816", "tree": "694499d38fcd732c98a832f1a301ffd76e62838b", "parents": [ "ac3d06454bdf8b21db7ef419f42d17ab124a6008" ], "author": { "name": "Christopher L. Shannon", "email": "cshannon@apache.org", "time": "Thu Jun 11 10:59:45 2026 -0400" }, "committer": { "name": "GitHub", "email": "noreply@github.com", "time": "Thu Jun 11 10:59:45 2026 -0400" }, "message": "Update SECURITY.md with more details (#2103)\n\nThis update adds info about setting a maxFrameSize and also some\ninformation about issues that are non-security" }, { "commit": "ac3d06454bdf8b21db7ef419f42d17ab124a6008", "tree": "d2ae8a6543926a62f0df38efa280056ca1e9b731", "parents": [ "a25839ad99b9bffd40c54ab852858a4153605369" ], "author": { "name": "Christopher L. Shannon", "email": "cshannon@apache.org", "time": "Mon Jun 08 17:36:05 2026 -0400" }, "committer": { "name": "GitHub", "email": "noreply@github.com", "time": "Mon Jun 08 17:36:05 2026 -0400" }, "message": "Add validation for LDAP network connector URIs (#2077)\n\nValidate the URIs provided by LDAP searches do not contain any protocols\nfrom the denied list." }, { "commit": "a25839ad99b9bffd40c54ab852858a4153605369", "tree": "e3739376cf3cce5e38111f97a92ca044295926a4", "parents": [ "aff105a1db9d4dbd607d5731314072bce9395cb0" ], "author": { "name": "dependabot[bot]", "email": "49699333+dependabot[bot]@users.noreply.github.com", "time": "Mon Jun 08 14:59:50 2026 -0400" }, "committer": { "name": "GitHub", "email": "noreply@github.com", "time": "Mon Jun 08 14:59:50 2026 -0400" }, "message": "build(deps): bump org.springframework:spring-webmvc (#2096)\n\nBumps [org.springframework:spring-webmvc](https://github.com/spring-projects/spring-framework) from 6.2.17 to 6.2.18.\n- [Release notes](https://github.com/spring-projects/spring-framework/releases)\n- [Commits](https://github.com/spring-projects/spring-framework/compare/v6.2.17...v6.2.18)\n\n---\nupdated-dependencies:\n- dependency-name: org.springframework:spring-webmvc\n dependency-version: 6.2.18\n dependency-type: direct:production\n...\n\nSigned-off-by: dependabot[bot] \u003csupport@github.com\u003e\nCo-authored-by: dependabot[bot] \u003c49699333+dependabot[bot]@users.noreply.github.com\u003e" }, { "commit": "aff105a1db9d4dbd607d5731314072bce9395cb0", "tree": "6a86c27d8557cb06b0bc43f17113ccfa35493a2a", "parents": [ "7c04e76887ca5d8f5356b0b46c4a6e7152cce1d9" ], "author": { "name": "dependabot[bot]", "email": "49699333+dependabot[bot]@users.noreply.github.com", "time": "Mon Jun 08 14:58:39 2026 -0400" }, "committer": { "name": "GitHub", "email": "noreply@github.com", "time": "Mon Jun 08 14:58:39 2026 -0400" }, "message": "build(deps): bump com.fasterxml.jackson.core:jackson-annotations (#2070)\n\nBumps [com.fasterxml.jackson.core:jackson-annotations](https://github.com/FasterXML/jackson) from 2.21 to 2.22.\n- [Commits](https://github.com/FasterXML/jackson/commits)\n\n---\nupdated-dependencies:\n- dependency-name: com.fasterxml.jackson.core:jackson-annotations\n dependency-version: \u00272.22\u0027\n dependency-type: direct:production\n update-type: version-update:semver-minor\n...\n\nSigned-off-by: dependabot[bot] \u003csupport@github.com\u003e\nCo-authored-by: dependabot[bot] \u003c49699333+dependabot[bot]@users.noreply.github.com\u003e" }, { "commit": "7c04e76887ca5d8f5356b0b46c4a6e7152cce1d9", "tree": "f31c4fb8bba71b5096dabf6315d5e5091337c369", "parents": [ "771f2ee93bc365f95083cd4f902600d53a787c04" ], "author": { "name": "dependabot[bot]", "email": "49699333+dependabot[bot]@users.noreply.github.com", "time": "Mon Jun 08 14:56:48 2026 -0400" }, "committer": { "name": "GitHub", "email": "noreply@github.com", "time": "Mon Jun 08 14:56:48 2026 -0400" }, "message": "build(deps): bump jackson-version from 2.21.3 to 2.22.0 (#2072)\n\nBumps `jackson-version` from 2.21.3 to 2.22.0.\n\nUpdates `com.fasterxml.jackson.core:jackson-core` from 2.21.3 to 2.22.0\n- [Commits](https://github.com/FasterXML/jackson-core/compare/jackson-core-2.21.3...jackson-core-2.22.0)\n\nUpdates `com.fasterxml.jackson.core:jackson-databind` from 2.21.3 to 2.22.0\n- [Commits](https://github.com/FasterXML/jackson/commits)\n\nUpdates `com.fasterxml.jackson.dataformat:jackson-dataformat-xml` from 2.21.3 to 2.22.0\n- [Commits](https://github.com/FasterXML/jackson-dataformat-xml/compare/jackson-dataformat-xml-2.21.3...jackson-dataformat-xml-2.22.0)\n\n---\nupdated-dependencies:\n- dependency-name: com.fasterxml.jackson.core:jackson-core\n dependency-version: 2.22.0\n dependency-type: direct:production\n update-type: version-update:semver-minor\n- dependency-name: com.fasterxml.jackson.core:jackson-databind\n dependency-version: 2.22.0\n dependency-type: direct:production\n update-type: version-update:semver-minor\n- dependency-name: com.fasterxml.jackson.dataformat:jackson-dataformat-xml\n dependency-version: 2.22.0\n dependency-type: direct:production\n update-type: version-update:semver-minor\n...\n\nSigned-off-by: dependabot[bot] \u003csupport@github.com\u003e\nCo-authored-by: dependabot[bot] \u003c49699333+dependabot[bot]@users.noreply.github.com\u003e" }, { "commit": "771f2ee93bc365f95083cd4f902600d53a787c04", "tree": "78bc862e06efec7963a6c6b40842568a6988a8c4", "parents": [ "4e4a8685022489b7d8628caf5113102703840616" ], "author": { "name": "dependabot[bot]", "email": "49699333+dependabot[bot]@users.noreply.github.com", "time": "Mon Jun 08 14:56:16 2026 -0400" }, "committer": { "name": "GitHub", "email": "noreply@github.com", "time": "Mon Jun 08 14:56:16 2026 -0400" }, "message": "build(deps-dev): bump org.sonarsource.scanner.maven:sonar-maven-plugin (#2050)\n\nBumps [org.sonarsource.scanner.maven:sonar-maven-plugin](https://github.com/SonarSource/sonar-scanner-maven) from 5.6.0.6792 to 5.7.0.6970.\n- [Release notes](https://github.com/SonarSource/sonar-scanner-maven/releases)\n- [Commits](https://github.com/SonarSource/sonar-scanner-maven/compare/5.6.0.6792...5.7.0.6970)\n\n---\nupdated-dependencies:\n- dependency-name: org.sonarsource.scanner.maven:sonar-maven-plugin\n dependency-version: 5.7.0.6970\n dependency-type: direct:development\n update-type: version-update:semver-minor\n...\n\nSigned-off-by: dependabot[bot] \u003csupport@github.com\u003e\nCo-authored-by: dependabot[bot] \u003c49699333+dependabot[bot]@users.noreply.github.com\u003e" }, { "commit": "4e4a8685022489b7d8628caf5113102703840616", "tree": "84f5fb07ac7ef2ec208dfa43e44e4eb59abb8992", "parents": [ "e49e0528cf218ba8c31455758a8d04b150b55970" ], "author": { "name": "dependabot[bot]", "email": "49699333+dependabot[bot]@users.noreply.github.com", "time": "Mon Jun 08 14:55:04 2026 -0400" }, "committer": { "name": "GitHub", "email": "noreply@github.com", "time": "Mon Jun 08 14:55:04 2026 -0400" }, "message": "build(deps-dev): bump org.eclipse.jdt:ecj from 3.45.0 to 3.46.0 (#2085)\n\nBumps [org.eclipse.jdt:ecj](https://github.com/eclipse-jdt/eclipse.jdt.core) from 3.45.0 to 3.46.0.\n- [Commits](https://github.com/eclipse-jdt/eclipse.jdt.core/commits)\n\n---\nupdated-dependencies:\n- dependency-name: org.eclipse.jdt:ecj\n dependency-version: 3.46.0\n dependency-type: direct:development\n update-type: version-update:semver-minor\n...\n\nSigned-off-by: dependabot[bot] \u003csupport@github.com\u003e\nCo-authored-by: dependabot[bot] \u003c49699333+dependabot[bot]@users.noreply.github.com\u003e" }, { "commit": "e49e0528cf218ba8c31455758a8d04b150b55970", "tree": "02a60865e9559d5f84e12cffed3c236c56c6b2a3", "parents": [ "515591884514022ea5afcdcdbbca16cf680ee198" ], "author": { "name": "dependabot[bot]", "email": "49699333+dependabot[bot]@users.noreply.github.com", "time": "Mon Jun 08 14:54:11 2026 -0400" }, "committer": { "name": "GitHub", "email": "noreply@github.com", "time": "Mon Jun 08 14:54:11 2026 -0400" }, "message": "build(deps): bump org.glassfish.jaxb:jaxb-bom from 4.0.8 to 4.0.9 (#2053)\n\nBumps org.glassfish.jaxb:jaxb-bom from 4.0.8 to 4.0.9.\n\n---\nupdated-dependencies:\n- dependency-name: org.glassfish.jaxb:jaxb-bom\n dependency-version: 4.0.9\n dependency-type: direct:production\n update-type: version-update:semver-patch\n...\n\nSigned-off-by: dependabot[bot] \u003csupport@github.com\u003e\nCo-authored-by: dependabot[bot] \u003c49699333+dependabot[bot]@users.noreply.github.com\u003e" }, { "commit": "515591884514022ea5afcdcdbbca16cf680ee198", "tree": "653a2cd1f15017a9428995988d1f2eb5a6c96649", "parents": [ "78cc238ab239db0e85830e42fca1dd4adbb2d059" ], "author": { "name": "dependabot[bot]", "email": "49699333+dependabot[bot]@users.noreply.github.com", "time": "Mon Jun 08 14:53:28 2026 -0400" }, "committer": { "name": "GitHub", "email": "noreply@github.com", "time": "Mon Jun 08 14:53:28 2026 -0400" }, "message": "build(deps-dev): bump netty-version from 4.2.14.Final to 4.2.15.Final (#2069)\n\nBumps `netty-version` from 4.2.14.Final to 4.2.15.Final.\n\nUpdates `io.netty:netty-buffer` from 4.2.14.Final to 4.2.15.Final\n- [Release notes](https://github.com/netty/netty/releases)\n- [Commits](https://github.com/netty/netty/compare/netty-4.2.14.Final...netty-4.2.15.Final)\n\nUpdates `io.netty:netty-common` from 4.2.14.Final to 4.2.15.Final\n- [Release notes](https://github.com/netty/netty/releases)\n- [Commits](https://github.com/netty/netty/compare/netty-4.2.14.Final...netty-4.2.15.Final)\n\nUpdates `io.netty:netty-handler` from 4.2.14.Final to 4.2.15.Final\n- [Release notes](https://github.com/netty/netty/releases)\n- [Commits](https://github.com/netty/netty/compare/netty-4.2.14.Final...netty-4.2.15.Final)\n\nUpdates `io.netty:netty-codec-http` from 4.2.14.Final to 4.2.15.Final\n- [Release notes](https://github.com/netty/netty/releases)\n- [Commits](https://github.com/netty/netty/compare/netty-4.2.14.Final...netty-4.2.15.Final)\n\nUpdates `io.netty:netty-transport` from 4.2.14.Final to 4.2.15.Final\n- [Release notes](https://github.com/netty/netty/releases)\n- [Commits](https://github.com/netty/netty/compare/netty-4.2.14.Final...netty-4.2.15.Final)\n\n---\nupdated-dependencies:\n- dependency-name: io.netty:netty-buffer\n dependency-version: 4.2.15.Final\n dependency-type: direct:development\n update-type: version-update:semver-patch\n- dependency-name: io.netty:netty-common\n dependency-version: 4.2.15.Final\n dependency-type: direct:development\n update-type: version-update:semver-patch\n- dependency-name: io.netty:netty-handler\n dependency-version: 4.2.15.Final\n dependency-type: direct:development\n update-type: version-update:semver-patch\n- dependency-name: io.netty:netty-codec-http\n dependency-version: 4.2.15.Final\n dependency-type: direct:development\n update-type: version-update:semver-patch\n- dependency-name: io.netty:netty-transport\n dependency-version: 4.2.15.Final\n dependency-type: direct:development\n update-type: version-update:semver-patch\n...\n\nSigned-off-by: dependabot[bot] \u003csupport@github.com\u003e\nCo-authored-by: dependabot[bot] \u003c49699333+dependabot[bot]@users.noreply.github.com\u003e" }, { "commit": "78cc238ab239db0e85830e42fca1dd4adbb2d059", "tree": "497b773ed996b73e51b3296f62fa437d0d536629", "parents": [ "60af38679254749195e403df6bad7d7504f0d193" ], "author": { "name": "dependabot[bot]", "email": "49699333+dependabot[bot]@users.noreply.github.com", "time": "Mon Jun 08 14:52:14 2026 -0400" }, "committer": { "name": "GitHub", "email": "noreply@github.com", "time": "Mon Jun 08 14:52:14 2026 -0400" }, "message": "build(deps): bump org.jvnet.jaxb:jaxb-plugins-runtime (#2084)\n\nBumps org.jvnet.jaxb:jaxb-plugins-runtime from 4.0.14 to 4.0.16.\n\n---\nupdated-dependencies:\n- dependency-name: org.jvnet.jaxb:jaxb-plugins-runtime\n dependency-version: 4.0.16\n dependency-type: direct:production\n update-type: version-update:semver-patch\n...\n\nSigned-off-by: dependabot[bot] \u003csupport@github.com\u003e\nCo-authored-by: dependabot[bot] \u003c49699333+dependabot[bot]@users.noreply.github.com\u003e" }, { "commit": "60af38679254749195e403df6bad7d7504f0d193", "tree": "e43201d617fbf9363310c8f258386756ecfbbfed", "parents": [ "085efea55270aca20f2158c0a91a0f4a9fe497f4" ], "author": { "name": "Christopher L. Shannon", "email": "cshannon@apache.org", "time": "Mon Jun 08 14:39:27 2026 -0400" }, "committer": { "name": "GitHub", "email": "noreply@github.com", "time": "Mon Jun 08 14:39:27 2026 -0400" }, "message": "Limit platform details to a reasonable length (#2088)\n\nNow that #2083 limits value sizes for properties inside of\nWireFormatInfo we should add a check to make sure platform details do\nnot go past that limit. Limit has been set to 512 bytes as that should\nbe more than enough as the details are usually less than half that.\nThis is not turned of by default but if someone is using it this will\nprevent potential future problems for too large a value." }, { "commit": "085efea55270aca20f2158c0a91a0f4a9fe497f4", "tree": "4fcc7adbc81c8bc0cef32186694992a552341299", "parents": [ "ea5a33ce87a203e0c8335f46f976e0a29c90f18a" ], "author": { "name": "JB Onofré", "email": "jbonofre@apache.org", "time": "Mon Jun 08 17:50:52 2026 +0200" }, "committer": { "name": "GitHub", "email": "noreply@github.com", "time": "Mon Jun 08 11:50:52 2026 -0400" }, "message": "Restrict full web console URI to admins role (#2074)\n\nChange the admin security constraint mapping from *.action to /admin/*\nso the entire web console (including read-only pages) requires the\nadmins role, not just action endpoints. Add comments to each constraint\nmapping explaining its scope, and remove duplicate Referrer-Policy and\nPermissions-Policy rewrite rules left over from earlier edits." }, { "commit": "ea5a33ce87a203e0c8335f46f976e0a29c90f18a", "tree": "62e5ecc5625ee5a2004c6c863b289aee943c20bf", "parents": [ "80562ea8d327b7f538de1ff7672f158fe2abc4c1" ], "author": { "name": "Christopher L. Shannon", "email": "cshannon@apache.org", "time": "Mon Jun 08 11:50:26 2026 -0400" }, "committer": { "name": "GitHub", "email": "noreply@github.com", "time": "Mon Jun 08 11:50:26 2026 -0400" }, "message": "Adding missing jsp escapes (#2089)" }, { "commit": "80562ea8d327b7f538de1ff7672f158fe2abc4c1", "tree": "1bab917967717aaf7c934d0539459e2e08e4d7ea", "parents": [ "6fc46e520bac7d9763ba5762cc2de603f19ed517" ], "author": { "name": "Christopher L. Shannon", "email": "cshannon@apache.org", "time": "Mon Jun 08 09:58:09 2026 -0400" }, "committer": { "name": "GitHub", "email": "noreply@github.com", "time": "Mon Jun 08 09:58:09 2026 -0400" }, "message": "Ensure at most one BrokerInfo command is received (#2083)\n\nThere should only ever be at most one BrokerInfo command received on a\nconnection so we should throw an exception and close the connection if a\nsecond is receveived as that is a protocol error." }, { "commit": "6fc46e520bac7d9763ba5762cc2de603f19ed517", "tree": "bd29571795fd6fa0659d58a99036be5f51d9f389", "parents": [ "dfa00d04d4aae678e0eca7e43d4ebd9dea512696" ], "author": { "name": "Christopher L. Shannon", "email": "cshannon@apache.org", "time": "Fri Jun 05 18:41:51 2026 -0400" }, "committer": { "name": "GitHub", "email": "noreply@github.com", "time": "Fri Jun 05 18:41:51 2026 -0400" }, "message": "Add validation for WireFormatInfo (#2080)\n\nThe max number of properties in the map for the WireFormatInfo\ncommand was lowered to 64 and a new max value buffer size was\nadded to validate buffers created during unmarshalling of the properties\nmap. The max buffer allowed has been set to 512 bytes.\n\nThis also adds a maxDepth check for handling nested collections inside\nthe map. It is set to 0 which will block list/map from being used as\na value for a property." }, { "commit": "dfa00d04d4aae678e0eca7e43d4ebd9dea512696", "tree": "344dee41f9e6fe5264ec1430f92c5eddc378731a", "parents": [ "3598fc562337c467b3f6b59364b29ac2d9bdb068" ], "author": { "name": "Christopher L. Shannon", "email": "cshannon@apache.org", "time": "Fri Jun 05 13:19:05 2026 -0400" }, "committer": { "name": "GitHub", "email": "noreply@github.com", "time": "Fri Jun 05 13:19:05 2026 -0400" }, "message": "Add https to BrokerView restricted list (#2073)\n\nThis adds https to the denied list eventhough there is currently no\nhttps discovery protocol. This is being done just for extra defense in\ndepth in case a protocol is added in the future. There\u0027s also already\nother checks in place (we deny remote protocols by default already, etc)\nso this is just precautionary." }, { "commit": "3598fc562337c467b3f6b59364b29ac2d9bdb068", "tree": "54b3cdfa0c73e4f7d73cf46f14e8c43141727a14", "parents": [ "f84eb3968a02bb5a9698da508d66c56c72ccdaaf" ], "author": { "name": "Christopher L. Shannon", "email": "cshannon@apache.org", "time": "Thu Jun 04 18:35:10 2026 -0400" }, "committer": { "name": "GitHub", "email": "noreply@github.com", "time": "Thu Jun 04 18:35:10 2026 -0400" }, "message": "Send advisory messages using Broker connection context (#2071)\n\nThis updates the AdvisoryBroker to always publish advisory messages\nthat were generated by other events to use the Broker\u0027s own\nConnectionContext. Before this change the AdvisoryBroker was\nusing the original ConnectionContext that used used for the action that\ntriggered the advisory. This doesn\u0027t make sense because its actually the\nbroker itself firing the advisory message and not the original\nconnection. It also meant requiring all users to be given access to\ncreate new advisory topics that could be created on demand.\n\nAfter this update, all users no longer need permission to create\nadvisory destinations which was required previously. Users only need\nread access to the temporary destination advisories for the AMQ client\nas the broker itself will now use its own context going forward to\ncreate all the destinations on demand and for publishing.\n\nThis update also consolidates the on consumer with no messages advisory\ninto the Advisory broker so it is all managed in one location." }, { "commit": "f84eb3968a02bb5a9698da508d66c56c72ccdaaf", "tree": "d041c7fd6a5318bd5a0f7016b6b81cd865a9dfd5", "parents": [ "1493db95b5918d4f4a305fd1df8155f57c38850b" ], "author": { "name": "Christopher L. Shannon", "email": "cshannon@apache.org", "time": "Tue Jun 02 08:28:33 2026 -0400" }, "committer": { "name": "GitHub", "email": "noreply@github.com", "time": "Tue Jun 02 08:28:33 2026 -0400" }, "message": "Improve Stomp protocol error messages (#2067)\n\nThis adds some more detail to the error messages in StompWireFormat to\nmake it easier to debug if using the wireformat and it is configured\nincorrectly." }, { "commit": "1493db95b5918d4f4a305fd1df8155f57c38850b", "tree": "7461a5150c940d66be6362b0a4b1e7866c4d1928", "parents": [ "ba73f37574dc6949ac8171cbc907979f1ebdb4e8" ], "author": { "name": "Christopher L. Shannon", "email": "cshannon@apache.org", "time": "Mon Jun 01 17:58:03 2026 -0400" }, "committer": { "name": "GitHub", "email": "noreply@github.com", "time": "Mon Jun 01 17:58:03 2026 -0400" }, "message": "Update Stomp transports with improved validation (#2064)\n\nThis update makes the following changes to improve validation for the\nStomp transport:\n\n* Verifies that the first frame seen by the server is either a CONNECT\n (or FRAME) frame.\n* Verifies that a duplicate CONNECT (or FRAME) frame is not received.\n* Adds validation to make sure a content-length header that is set is\n not negative.\n* Adds a new server mode (default true) to the Stomp wireformat to\n handle the validation differences between clients and servers. Client\n mode is only used for testing (currently). Also adds the option to\n configure using the StompWireFormatFactory in case there is a future use\n case.\n* Centralizes the state tracking for frame size validation and for the\n new validation checks inside StompWireFormat so that it is shared by\n NIO, non-NIO and WS transports.\n* Adds tests to verify everything for the NIO transports, non-NIO\n transprots and WS transports.\n\nIf any of these new validation checks throw a protocol error then it\nis marked as a fatal exception, an error is sent to the client and\nconnection closed. Both NIO and non-NIO will stop parsing the rest of\nthe frame on error, but only NIO transport errors will stop reading\nthe frame from the socket buffer because non NIO requires reading the\nentire frame into a buffer first to validate." }, { "commit": "ba73f37574dc6949ac8171cbc907979f1ebdb4e8", "tree": "8db7c51626366284f93aaa57febf4a2b26ad4254", "parents": [ "b6f9a14e1a6ad1b9a3f1c41eb5ea2db990eaba34" ], "author": { "name": "Christopher L. Shannon", "email": "cshannon@apache.org", "time": "Fri May 29 09:32:40 2026 -0400" }, "committer": { "name": "GitHub", "email": "noreply@github.com", "time": "Fri May 29 09:32:40 2026 -0400" }, "message": "Update docs and default configs for advisory topics (#2055)" }, { "commit": "b6f9a14e1a6ad1b9a3f1c41eb5ea2db990eaba34", "tree": "2a9901044da390ff6352dee894b9fea53a53a0c1", "parents": [ "c18999bcc23451ecb89cbef352f89eba64223a4c" ], "author": { "name": "Christopher L. Shannon", "email": "cshannon@apache.org", "time": "Wed May 27 01:42:11 2026 -0400" }, "committer": { "name": "GitHub", "email": "noreply@github.com", "time": "Wed May 27 07:42:11 2026 +0200" }, "message": "Ensure connection info is processed before durable sync (#2047)\n\nThis update waits until the ConnectionInfo command is processed by the\nentire broker chain without error before sending the BrokerSubscriptionInfo\ncommand for durable sync back to a remote broker requesting it" }, { "commit": "c18999bcc23451ecb89cbef352f89eba64223a4c", "tree": "7b5de33a18b23d3fdda7f100a14d6447b03418d3", "parents": [ "fb663d180730f3a8e4b2ae03d2b824878d0c10ae" ], "author": { "name": "JB Onofré", "email": "jbonofre@apache.org", "time": "Wed May 27 07:41:06 2026 +0200" }, "committer": { "name": "GitHub", "email": "noreply@github.com", "time": "Wed May 27 07:41:06 2026 +0200" }, "message": "Add dependabot on activemq-6.2.x and activemq-5.19.x branches (#2040)" }, { "commit": "fb663d180730f3a8e4b2ae03d2b824878d0c10ae", "tree": "3b89cb649154a23a18b87bfd22edaac6d09a1c25", "parents": [ "f7d4b47bff99fa9e0b10fe3d3c5702a5d1e3a6e3" ], "author": { "name": "dependabot[bot]", "email": "49699333+dependabot[bot]@users.noreply.github.com", "time": "Tue May 26 16:29:08 2026 +0200" }, "committer": { "name": "GitHub", "email": "noreply@github.com", "time": "Tue May 26 16:29:08 2026 +0200" }, "message": "build(deps): bump camel-version from 4.18.1 to 4.20.0 (#1970)\n\nBumps `camel-version` from 4.18.1 to 4.20.0.\n\nUpdates `org.apache.camel:camel-bom` from 4.18.1 to 4.20.0\n\nUpdates `org.apache.camel:camel-core` from 4.18.1 to 4.20.0\n\nUpdates `org.apache.camel:camel-spring` from 4.18.1 to 4.20.0\n\n---\nupdated-dependencies:\n- dependency-name: org.apache.camel:camel-bom\n dependency-version: 4.20.0\n dependency-type: direct:production\n update-type: version-update:semver-minor\n- dependency-name: org.apache.camel:camel-core\n dependency-version: 4.20.0\n dependency-type: direct:development\n update-type: version-update:semver-minor\n- dependency-name: org.apache.camel:camel-spring\n dependency-version: 4.20.0\n dependency-type: direct:production\n update-type: version-update:semver-minor\n...\n\nSigned-off-by: dependabot[bot] \u003csupport@github.com\u003e\nCo-authored-by: dependabot[bot] \u003c49699333+dependabot[bot]@users.noreply.github.com\u003e" }, { "commit": "f7d4b47bff99fa9e0b10fe3d3c5702a5d1e3a6e3", "tree": "608862bb978ca4957712c53f1a248255d5c6a9e4", "parents": [ "3879c27d681b51f434365924a07561b087f58a61" ], "author": { "name": "dependabot[bot]", "email": "49699333+dependabot[bot]@users.noreply.github.com", "time": "Tue May 26 16:28:26 2026 +0200" }, "committer": { "name": "GitHub", "email": "noreply@github.com", "time": "Tue May 26 16:28:26 2026 +0200" }, "message": "build(deps): bump karaf-version from 4.4.10 to 4.4.11 (#1978)\n\nBumps `karaf-version` from 4.4.10 to 4.4.11.\n\nUpdates `org.apache.karaf.shell:org.apache.karaf.shell.console` from 4.4.10 to 4.4.11\n\nUpdates `org.apache.karaf:apache-karaf` from 4.4.10 to 4.4.11\n\n---\nupdated-dependencies:\n- dependency-name: org.apache.karaf.shell:org.apache.karaf.shell.console\n dependency-version: 4.4.11\n dependency-type: direct:production\n update-type: version-update:semver-patch\n- dependency-name: org.apache.karaf:apache-karaf\n dependency-version: 4.4.11\n dependency-type: direct:development\n update-type: version-update:semver-patch\n...\n\nSigned-off-by: dependabot[bot] \u003csupport@github.com\u003e\nCo-authored-by: dependabot[bot] \u003c49699333+dependabot[bot]@users.noreply.github.com\u003e" }, { "commit": "3879c27d681b51f434365924a07561b087f58a61", "tree": "71526d9d2e7a95108c34aa58a9babe9b7a9518cd", "parents": [ "db9dd1ba31e9971125e9ae293e74906a107c7a52" ], "author": { "name": "dependabot[bot]", "email": "49699333+dependabot[bot]@users.noreply.github.com", "time": "Tue May 26 16:26:31 2026 +0200" }, "committer": { "name": "GitHub", "email": "noreply@github.com", "time": "Tue May 26 16:26:31 2026 +0200" }, "message": "build(deps): bump org.ow2.asm:asm from 9.10 to 9.10.1 (#2043)\n\nBumps org.ow2.asm:asm from 9.10 to 9.10.1.\n\n---\nupdated-dependencies:\n- dependency-name: org.ow2.asm:asm\n dependency-version: 9.10.1\n dependency-type: direct:production\n update-type: version-update:semver-patch\n...\n\nSigned-off-by: dependabot[bot] \u003csupport@github.com\u003e\nCo-authored-by: dependabot[bot] \u003c49699333+dependabot[bot]@users.noreply.github.com\u003e" }, { "commit": "db9dd1ba31e9971125e9ae293e74906a107c7a52", "tree": "2e16a95b1cbcc795a27d7a3d530cf5164ab50251", "parents": [ "b97aaaf1b5ede3f3d4747eb3a5d0832e85a6c6b2" ], "author": { "name": "JB Onofré", "email": "jbonofre@apache.org", "time": "Fri May 22 15:54:46 2026 +0200" }, "committer": { "name": "GitHub", "email": "noreply@github.com", "time": "Fri May 22 15:54:46 2026 +0200" }, "message": "Harden default broker and web console configuration (#2029)\n\n* Harden default broker and web console configuration\n\nReduce the attack surface of the sample broker shipped in the binary\nassembly:\n\n* activemq.xml: enable only the openwire TCP transportConnector by\n default; amqp, stomp, mqtt and ws are commented out with a note\n pointing to the SSL-secured variants.\n* activemq.xml: add a commented \u003cplugins\u003e block wiring JAAS\n authentication, destination-level authorization and broker-side\n audit logging, with a prominent reminder to rotate the default\n admin\u003dadmin credentials and an ACTIVEMQ_OPTS hint for restricting\n ObjectMessage deserialization.\n* jetty.xml: suppress X-Powered-By and Date response headers in\n addition to the already-disabled Server header.\n* jetty.xml: add Referrer-Policy, Permissions-Policy,\n Cross-Origin-Opener-Policy and Cross-Origin-Resource-Policy\n response headers alongside the existing CSP/XFO/XSS rules.\n\n* Add SSL recommendation comment on default openwire connector" }, { "commit": "b97aaaf1b5ede3f3d4747eb3a5d0832e85a6c6b2", "tree": "c62bd7d64d885f1b3b2a88c22333fc405cf1af59", "parents": [ "1ae283210b99a478750417274ebe63ab77038c12" ], "author": { "name": "dependabot[bot]", "email": "49699333+dependabot[bot]@users.noreply.github.com", "time": "Fri May 22 14:53:36 2026 +0200" }, "committer": { "name": "GitHub", "email": "noreply@github.com", "time": "Fri May 22 14:53:36 2026 +0200" }, "message": "build(deps): bump shiro-version from 2.1.0 to 2.2.0 (#2023)\n\nBumps `shiro-version` from 2.1.0 to 2.2.0.\n\nUpdates `org.apache.shiro:shiro-core` from 2.1.0 to 2.2.0\n- [Release notes](https://github.com/apache/shiro/releases)\n- [Changelog](https://github.com/apache/shiro/blob/main/RELEASE-NOTES)\n- [Commits](https://github.com/apache/shiro/compare/shiro-root-2.1.0...shiro-root-2.2.0)\n\nUpdates `org.apache.shiro:shiro-spring` from 2.1.0 to 2.2.0\n\n---\nupdated-dependencies:\n- dependency-name: org.apache.shiro:shiro-core\n dependency-version: 2.2.0\n dependency-type: direct:production\n update-type: version-update:semver-minor\n- dependency-name: org.apache.shiro:shiro-spring\n dependency-version: 2.2.0\n dependency-type: direct:production\n update-type: version-update:semver-minor\n...\n\nSigned-off-by: dependabot[bot] \u003csupport@github.com\u003e\nCo-authored-by: dependabot[bot] \u003c49699333+dependabot[bot]@users.noreply.github.com\u003e" }, { "commit": "1ae283210b99a478750417274ebe63ab77038c12", "tree": "27e5222459b05861faa747ba435dc43f90ee5012", "parents": [ "6d3321999c035753186659cea7e8ddc9596eede7" ], "author": { "name": "Matt Pavlovich", "email": "mattrpav@apache.org", "time": "Fri May 22 06:48:32 2026 -0500" }, "committer": { "name": "GitHub", "email": "noreply@github.com", "time": "Fri May 22 07:48:32 2026 -0400" }, "message": "[#] SECURITY.md updates (#2034)\n\n* [#] SECURITY.md updates\n\n---------\n\nCo-authored-by: Christopher L. Shannon \u003ccshannon@apache.org\u003e" }, { "commit": "6d3321999c035753186659cea7e8ddc9596eede7", "tree": "736d94596036ad9f9168f404f29cbd0a4401aa7a", "parents": [ "052369f00a43757e3694abbbe6d0c1a8e72fa4d5" ], "author": { "name": "Matt Pavlovich", "email": "mattrpav@apache.org", "time": "Thu May 21 22:48:16 2026 -0500" }, "committer": { "name": "GitHub", "email": "noreply@github.com", "time": "Fri May 22 05:48:16 2026 +0200" }, "message": "[#] Fix flaky test: ActiveDurableSubscriptionBrowseExpireTest.java (#1986)" }, { "commit": "052369f00a43757e3694abbbe6d0c1a8e72fa4d5", "tree": "2350e103bb9f475ce596345d5d2653f84907a4c4", "parents": [ "bc5e831959ad304b6257e149018518a21b89cc5a" ], "author": { "name": "JB Onofré", "email": "jbonofre@apache.org", "time": "Fri May 22 05:47:40 2026 +0200" }, "committer": { "name": "GitHub", "email": "noreply@github.com", "time": "Fri May 22 05:47:40 2026 +0200" }, "message": "Harden web console and Jolokia access by default (#2025)\n\n* Harden web console and Jolokia access by default\n\njetty.xml:\n- Add Referrer-Policy and Permissions-Policy response headers; provide\n commented-out Strict-Transport-Security for HTTPS deployments.\n- Wrap the existing HandlerCollection in an InetAccessHandler and restrict\n access to loopback (127.0.0.1, ::1) by default. Provide commented-out\n templates for RFC1918 includes and exclude rules.\n- Tie Server.start() to the loopback include beans via depends-on so the\n allow-list is fully populated before the server starts.\n- Add a commented-out ForwardedRequestCustomizer for reverse-proxy setups,\n with a warning about header spoofing when the proxy does not strip\n inbound X-Forwarded-* headers.\n\njolokia-access.xml:\n- Restrict Jolokia to HTTP POST to kill GET-based CSRF/SSRF vectors.\n- Deny destructive and privileged broker operations (terminateJVM, stop,\n restart, add/removeConnector, add/removeQueue/Topic, durable subscriber\n lifecycle, runtime limit setters, reloadLog4jProperties).\n- Deny destination message-data mutation (purge, remove/copy/move\n messages, sendTextMessage*, pause/resume); browse* remains allowed.\n- Deny durable subscriber destroy/setSelector and JobScheduler removeJob*.\n- Deny NetworkConnector Password/RemotePassword attributes and credential\n setters.\n- Deny known JMX RCE / introspection surfaces: javax.management.loading\n MLet, JMImplementation, java.util.logging, java.lang:type\u003dMemory and\n ClassLoading, plus java.lang:type\u003dRuntime SystemProperties and\n InputArguments.\n\n* jetty.xml: restrict Jolokia endpoint to admins role\n\nAdd a jolokiaSecurityConstraintMapping that binds adminSecurityConstraint\n(admins-only) to /api/jolokia/*, mirroring how *.action is gated on the\nweb console. Wired into securityHandler before securityConstraintMapping\nso the admin role check applies to all Jolokia requests rather than the\nbroader users/admins constraint." }, { "commit": "bc5e831959ad304b6257e149018518a21b89cc5a", "tree": "86d42cd5a77c17b215835eee16457ad20d1293fd", "parents": [ "74de2b7a2301df6181e2c4277360114f1bf1874b" ], "author": { "name": "dependabot[bot]", "email": "49699333+dependabot[bot]@users.noreply.github.com", "time": "Fri May 22 05:39:22 2026 +0200" }, "committer": { "name": "GitHub", "email": "noreply@github.com", "time": "Fri May 22 05:39:22 2026 +0200" }, "message": "build(deps): bump actions/stale from 10.2.0 to 10.3.0 (#2033)\n\nBumps [actions/stale](https://github.com/actions/stale) from 10.2.0 to 10.3.0.\n- [Release notes](https://github.com/actions/stale/releases)\n- [Changelog](https://github.com/actions/stale/blob/main/CHANGELOG.md)\n- [Commits](https://github.com/actions/stale/compare/b5d41d4e1d5dceea10e7104786b73624c18a190f...eb5cf3af3ac0a1aa4c9c45633dd1ae542a27a899)\n\n---\nupdated-dependencies:\n- dependency-name: actions/stale\n dependency-version: 10.3.0\n dependency-type: direct:production\n update-type: version-update:semver-minor\n...\n\nSigned-off-by: dependabot[bot] \u003csupport@github.com\u003e\nCo-authored-by: dependabot[bot] \u003c49699333+dependabot[bot]@users.noreply.github.com\u003e" }, { "commit": "74de2b7a2301df6181e2c4277360114f1bf1874b", "tree": "238035e1838e79633724c70835073923cfb4cc28", "parents": [ "e9ed448c9905b117566a9cd653f4206117e5243f" ], "author": { "name": "dependabot[bot]", "email": "49699333+dependabot[bot]@users.noreply.github.com", "time": "Thu May 21 15:11:46 2026 +0200" }, "committer": { "name": "GitHub", "email": "noreply@github.com", "time": "Thu May 21 15:11:46 2026 +0200" }, "message": "build(deps-dev): bump netty-version from 4.2.13.Final to 4.2.14.Final (#2032)\n\nBumps `netty-version` from 4.2.13.Final to 4.2.14.Final.\n\nUpdates `io.netty:netty-buffer` from 4.2.13.Final to 4.2.14.Final\n- [Release notes](https://github.com/netty/netty/releases)\n- [Commits](https://github.com/netty/netty/compare/netty-4.2.13.Final...netty-4.2.14.Final)\n\nUpdates `io.netty:netty-common` from 4.2.13.Final to 4.2.14.Final\n- [Release notes](https://github.com/netty/netty/releases)\n- [Commits](https://github.com/netty/netty/compare/netty-4.2.13.Final...netty-4.2.14.Final)\n\nUpdates `io.netty:netty-handler` from 4.2.13.Final to 4.2.14.Final\n- [Release notes](https://github.com/netty/netty/releases)\n- [Commits](https://github.com/netty/netty/compare/netty-4.2.13.Final...netty-4.2.14.Final)\n\nUpdates `io.netty:netty-codec-http` from 4.2.13.Final to 4.2.14.Final\n- [Release notes](https://github.com/netty/netty/releases)\n- [Commits](https://github.com/netty/netty/compare/netty-4.2.13.Final...netty-4.2.14.Final)\n\nUpdates `io.netty:netty-transport` from 4.2.13.Final to 4.2.14.Final\n- [Release notes](https://github.com/netty/netty/releases)\n- [Commits](https://github.com/netty/netty/compare/netty-4.2.13.Final...netty-4.2.14.Final)\n\n---\nupdated-dependencies:\n- dependency-name: io.netty:netty-buffer\n dependency-version: 4.2.14.Final\n dependency-type: direct:development\n update-type: version-update:semver-patch\n- dependency-name: io.netty:netty-common\n dependency-version: 4.2.14.Final\n dependency-type: direct:development\n update-type: version-update:semver-patch\n- dependency-name: io.netty:netty-handler\n dependency-version: 4.2.14.Final\n dependency-type: direct:development\n update-type: version-update:semver-patch\n- dependency-name: io.netty:netty-codec-http\n dependency-version: 4.2.14.Final\n dependency-type: direct:development\n update-type: version-update:semver-patch\n- dependency-name: io.netty:netty-transport\n dependency-version: 4.2.14.Final\n dependency-type: direct:development\n update-type: version-update:semver-patch\n...\n\nSigned-off-by: dependabot[bot] \u003csupport@github.com\u003e\nCo-authored-by: dependabot[bot] \u003c49699333+dependabot[bot]@users.noreply.github.com\u003e" }, { "commit": "e9ed448c9905b117566a9cd653f4206117e5243f", "tree": "1434d84a484ad8a4458317c9fc183509e82d9b1a", "parents": [ "e3375061e67b54d85125c9d68eda4b93a8b20730" ], "author": { "name": "Christopher L. Shannon", "email": "cshannon@apache.org", "time": "Wed May 20 08:13:36 2026 -0400" }, "committer": { "name": "GitHub", "email": "noreply@github.com", "time": "Wed May 20 08:13:36 2026 -0400" }, "message": "Remove \"java.lang\" package as a default allowed serializable package (#2026)\n\nMany classes in the java.lang package should not ever need to be\nserialized so this commit removes the default package and instead\nincludes an allow list of classes that are ok to serialize that are\npart of the package. Users have the option to restore the previous\nbehavior by appending \"java.lang\" back to the serialized packages\nproperty if desired." }, { "commit": "e3375061e67b54d85125c9d68eda4b93a8b20730", "tree": "e5b9a918ccaced1d3a0940ecc4a323a3062cddb4", "parents": [ "d16c6278f65f85a7b74a592556c63b64fbbac1a9" ], "author": { "name": "dependabot[bot]", "email": "49699333+dependabot[bot]@users.noreply.github.com", "time": "Tue May 19 06:02:37 2026 +0200" }, "committer": { "name": "GitHub", "email": "noreply@github.com", "time": "Tue May 19 06:02:37 2026 +0200" }, "message": "build(deps): bump maven-core-version from 3.9.15 to 3.9.16 (#2024)\n\nBumps `maven-core-version` from 3.9.15 to 3.9.16.\n\nUpdates `org.apache.maven:maven-plugin-api` from 3.9.15 to 3.9.16\n- [Release notes](https://github.com/apache/maven/releases)\n- [Commits](https://github.com/apache/maven/compare/maven-3.9.15...maven-3.9.16)\n\nUpdates `org.apache.maven:maven-core` from 3.9.15 to 3.9.16\n\n---\nupdated-dependencies:\n- dependency-name: org.apache.maven:maven-plugin-api\n dependency-version: 3.9.16\n dependency-type: direct:production\n update-type: version-update:semver-patch\n- dependency-name: org.apache.maven:maven-core\n dependency-version: 3.9.16\n dependency-type: direct:production\n update-type: version-update:semver-patch\n...\n\nSigned-off-by: dependabot[bot] \u003csupport@github.com\u003e\nCo-authored-by: dependabot[bot] \u003c49699333+dependabot[bot]@users.noreply.github.com\u003e" }, { "commit": "d16c6278f65f85a7b74a592556c63b64fbbac1a9", "tree": "e712b8e9c2643d2e08c1abe26bc9d3d76cc7833a", "parents": [ "8a8ab87dba257a14ac12127664bb938ad97e9871" ], "author": { "name": "Matt Pavlovich", "email": "mattrpav@apache.org", "time": "Thu May 14 10:23:49 2026 -0500" }, "committer": { "name": "Matt Pavlovich", "email": "matt@hyte.io", "time": "Mon May 18 09:58:08 2026 -0500" }, "message": "[#] Updated SECURITY.md\n" }, { "commit": "8a8ab87dba257a14ac12127664bb938ad97e9871", "tree": "638e6af4d792f63464a1b0ecc594a9843448b677", "parents": [ "795a79ef270e3f8c029ce3ed18c40190237aaf33" ], "author": { "name": "dependabot[bot]", "email": "49699333+dependabot[bot]@users.noreply.github.com", "time": "Sun May 17 07:11:55 2026 +0200" }, "committer": { "name": "GitHub", "email": "noreply@github.com", "time": "Sun May 17 07:11:55 2026 +0200" }, "message": "build(deps): bump org.ow2.asm:asm from 9.9.1 to 9.10 (#2021)\n\nBumps org.ow2.asm:asm from 9.9.1 to 9.10.\n\n---\nupdated-dependencies:\n- dependency-name: org.ow2.asm:asm\n dependency-version: \u00279.10\u0027\n dependency-type: direct:production\n update-type: version-update:semver-minor\n...\n\nSigned-off-by: dependabot[bot] \u003csupport@github.com\u003e\nCo-authored-by: dependabot[bot] \u003c49699333+dependabot[bot]@users.noreply.github.com\u003e" }, { "commit": "795a79ef270e3f8c029ce3ed18c40190237aaf33", "tree": "37937c10a8fe0156ae6204adbce0c7019fe77b6d", "parents": [ "523d8c5ed65b95ee053327f844727598058bcb3c" ], "author": { "name": "dependabot[bot]", "email": "49699333+dependabot[bot]@users.noreply.github.com", "time": "Mon May 11 17:39:55 2026 +0000" }, "committer": { "name": "Matt Pavlovich", "email": "matt@hyte.io", "time": "Wed May 13 11:23:23 2026 -0500" }, "message": "build(deps): bump org.jvnet.jaxb:jaxb-plugins-runtime\n\nBumps org.jvnet.jaxb:jaxb-plugins-runtime from 4.0.13 to 4.0.14.\n\n---\nupdated-dependencies:\n- dependency-name: org.jvnet.jaxb:jaxb-plugins-runtime\n dependency-version: 4.0.14\n dependency-type: direct:production\n update-type: version-update:semver-patch\n...\n\nSigned-off-by: dependabot[bot] \u003csupport@github.com\u003e" }, { "commit": "523d8c5ed65b95ee053327f844727598058bcb3c", "tree": "ff4f03a426d20ccb4ce1b9977043adb6bfe088bd", "parents": [ "d8a85400f453387c60bcee0576fe11e4f9f5adab" ], "author": { "name": "Matt Pavlovich", "email": "mattrpav@apache.org", "time": "Tue May 12 16:26:16 2026 -0500" }, "committer": { "name": "Matt Pavlovich", "email": "matt@hyte.io", "time": "Wed May 13 11:22:29 2026 -0500" }, "message": "[#2005] Fix authorization check on removeDestination\n" }, { "commit": "d8a85400f453387c60bcee0576fe11e4f9f5adab", "tree": "705e2c1a20797175a2f51a6b792b821b5dd31edb", "parents": [ "cf0006041d2c78c4638f5ea513db4d59515998f6" ], "author": { "name": "Christopher L. Shannon", "email": "cshannon@apache.org", "time": "Wed May 13 11:39:09 2026 -0400" }, "committer": { "name": "GitHub", "email": "noreply@github.com", "time": "Wed May 13 11:39:09 2026 -0400" }, "message": "Disable the message servlet by default (#2000)\n\n* Disable the message servlet by default\n\n* Add warning message and deprecated annotation" }, { "commit": "cf0006041d2c78c4638f5ea513db4d59515998f6", "tree": "4636651c88089c0f88e5020e0a99d8b217f901a8", "parents": [ "103962e45cdf683f8bb948d385dc1e14fcfbd4c8" ], "author": { "name": "Christopher L. Shannon", "email": "cshannon@apache.org", "time": "Wed May 13 11:15:15 2026 -0400" }, "committer": { "name": "GitHub", "email": "noreply@github.com", "time": "Wed May 13 11:15:15 2026 -0400" }, "message": "Handle validation for Composite URIs without parens (#2004)\n\nParentheses are optional when creating composite and nested URIs so this\nupdates the validation to handle missing parens as well.\n\nFollow on to #1847" }, { "commit": "103962e45cdf683f8bb948d385dc1e14fcfbd4c8", "tree": "07ea81c9e1165dda91235dcc8881f9826df88cae", "parents": [ "d98457d37eb87c24bc8c6a13fa65e57fe0048157" ], "author": { "name": "Christopher L. Shannon", "email": "cshannon@apache.org", "time": "Wed May 13 11:14:44 2026 -0400" }, "committer": { "name": "GitHub", "email": "noreply@github.com", "time": "Wed May 13 11:14:44 2026 -0400" }, "message": "Block the XBeanBrokerFactory by default inside VMTransportFactory (#2003)\n\nBy default the VMTransportFactory will not be allowed to use\nXBeanBrokerFactory to create new brokers. Only the default and\nproperties factories will be enabled. To enable the XBeanBrokerFactory,\nthe property org.apache.activemq.transport.VM_TRANSPORT_FACTORY_SCHEMES_ENABLED\ncan be configured." }, { "commit": "d98457d37eb87c24bc8c6a13fa65e57fe0048157", "tree": "581333df971a991a7f9fd25f0e3cec4e5d4e36e9", "parents": [ "64be6fc13b2ea36236bf67a66bb528ed05a6d18c" ], "author": { "name": "dependabot[bot]", "email": "49699333+dependabot[bot]@users.noreply.github.com", "time": "Wed May 13 15:04:28 2026 +0200" }, "committer": { "name": "GitHub", "email": "noreply@github.com", "time": "Wed May 13 15:04:28 2026 +0200" }, "message": "build(deps): bump slf4j-version from 2.0.17 to 2.0.18 (#2007)\n\nBumps `slf4j-version` from 2.0.17 to 2.0.18.\n\nUpdates `org.slf4j:slf4j-api` from 2.0.17 to 2.0.18\n\nUpdates `org.slf4j:jcl-over-slf4j` from 2.0.17 to 2.0.18\n\nUpdates `org.slf4j:slf4j-simple` from 2.0.17 to 2.0.18\n\n---\nupdated-dependencies:\n- dependency-name: org.slf4j:slf4j-api\n dependency-version: 2.0.18\n dependency-type: direct:production\n update-type: version-update:semver-patch\n- dependency-name: org.slf4j:jcl-over-slf4j\n dependency-version: 2.0.18\n dependency-type: direct:production\n update-type: version-update:semver-patch\n- dependency-name: org.slf4j:slf4j-simple\n dependency-version: 2.0.18\n dependency-type: direct:development\n update-type: version-update:semver-patch\n...\n\nSigned-off-by: dependabot[bot] \u003csupport@github.com\u003e\nCo-authored-by: dependabot[bot] \u003c49699333+dependabot[bot]@users.noreply.github.com\u003e" }, { "commit": "64be6fc13b2ea36236bf67a66bb528ed05a6d18c", "tree": "aded07fa7b6bf9020178a9d47dfa9e903b0206a9", "parents": [ "4178cf29e2eaf79728df6804eafb1a7146fb5ac8" ], "author": { "name": "dependabot[bot]", "email": "49699333+dependabot[bot]@users.noreply.github.com", "time": "Wed May 13 13:50:46 2026 +0200" }, "committer": { "name": "GitHub", "email": "noreply@github.com", "time": "Wed May 13 13:50:46 2026 +0200" }, "message": "build(deps): bump org.apache:apache from 37 to 38 (#2002)\n\nBumps [org.apache:apache](https://github.com/apache/maven-apache-parent) from 37 to 38.\n- [Release notes](https://github.com/apache/maven-apache-parent/releases)\n- [Commits](https://github.com/apache/maven-apache-parent/commits)\n\n---\nupdated-dependencies:\n- dependency-name: org.apache:apache\n dependency-version: \u002738\u0027\n dependency-type: direct:production\n update-type: version-update:semver-major\n...\n\nSigned-off-by: dependabot[bot] \u003csupport@github.com\u003e\nCo-authored-by: dependabot[bot] \u003c49699333+dependabot[bot]@users.noreply.github.com\u003e" }, { "commit": "4178cf29e2eaf79728df6804eafb1a7146fb5ac8", "tree": "0f246623fb3a40c9b2b1091c84c7bcffec869f87", "parents": [ "1980955d64582c1bf5b6e8e3ad54e9e3b01e8564" ], "author": { "name": "Matt Pavlovich", "email": "mattrpav@apache.org", "time": "Sat May 02 11:42:12 2026 -0500" }, "committer": { "name": "Matt Pavlovich", "email": "matt@hyte.io", "time": "Mon May 11 13:22:25 2026 -0500" }, "message": "[#1979] activemq-protobuf: Convert to using Long.valueOf Double.valueOf\n" }, { "commit": "1980955d64582c1bf5b6e8e3ad54e9e3b01e8564", "tree": "3c9048ac0ff5f55a691319290aec0a4ba3888868", "parents": [ "35a69b75402ce3df07a4b2ab4f1170ccc806431e" ], "author": { "name": "dependabot[bot]", "email": "49699333+dependabot[bot]@users.noreply.github.com", "time": "Sat May 09 08:15:45 2026 +0200" }, "committer": { "name": "GitHub", "email": "noreply@github.com", "time": "Sat May 09 08:15:45 2026 +0200" }, "message": "build(deps-dev): bump org.owasp:dependency-check-maven (#1987)\n\nBumps [org.owasp:dependency-check-maven](https://github.com/dependency-check/DependencyCheck) from 12.2.1 to 12.2.2.\n- [Release notes](https://github.com/dependency-check/DependencyCheck/releases)\n- [Changelog](https://github.com/dependency-check/DependencyCheck/blob/main/CHANGELOG.md)\n- [Commits](https://github.com/dependency-check/DependencyCheck/compare/v12.2.1...v12.2.2)\n\n---\nupdated-dependencies:\n- dependency-name: org.owasp:dependency-check-maven\n dependency-version: 12.2.2\n dependency-type: direct:development\n update-type: version-update:semver-patch\n...\n\nSigned-off-by: dependabot[bot] \u003csupport@github.com\u003e\nCo-authored-by: dependabot[bot] \u003c49699333+dependabot[bot]@users.noreply.github.com\u003e" }, { "commit": "35a69b75402ce3df07a4b2ab4f1170ccc806431e", "tree": "a415fa05800cb1d183b79c819ebb3455fb32d253", "parents": [ "0421a582a89af3bb7268fc12caca00cea4f96d2b" ], "author": { "name": "dependabot[bot]", "email": "49699333+dependabot[bot]@users.noreply.github.com", "time": "Fri May 08 06:10:07 2026 +0200" }, "committer": { "name": "GitHub", "email": "noreply@github.com", "time": "Fri May 08 06:10:07 2026 +0200" }, "message": "build(deps): bump org.glassfish.jaxb:jaxb-bom from 4.0.7 to 4.0.8 (#1988)\n\nBumps org.glassfish.jaxb:jaxb-bom from 4.0.7 to 4.0.8.\n\n---\nupdated-dependencies:\n- dependency-name: org.glassfish.jaxb:jaxb-bom\n dependency-version: 4.0.8\n dependency-type: direct:production\n update-type: version-update:semver-patch\n...\n\nSigned-off-by: dependabot[bot] \u003csupport@github.com\u003e\nCo-authored-by: dependabot[bot] \u003c49699333+dependabot[bot]@users.noreply.github.com\u003e" }, { "commit": "0421a582a89af3bb7268fc12caca00cea4f96d2b", "tree": "ab3d6a05b3ace049f96b6c6c58b4aee44717592d", "parents": [ "7cac138937ea695a5d47eecac89457b1caaec6db" ], "author": { "name": "dependabot[bot]", "email": "49699333+dependabot[bot]@users.noreply.github.com", "time": "Fri May 08 06:09:44 2026 +0200" }, "committer": { "name": "GitHub", "email": "noreply@github.com", "time": "Fri May 08 06:09:44 2026 +0200" }, "message": "build(deps-dev): bump org.apache.cxf:cxf-xjc-plugin from 4.1.2 to 4.2.0 (#1991)\n\nBumps org.apache.cxf:cxf-xjc-plugin from 4.1.2 to 4.2.0.\n\n---\nupdated-dependencies:\n- dependency-name: org.apache.cxf:cxf-xjc-plugin\n dependency-version: 4.2.0\n dependency-type: direct:development\n update-type: version-update:semver-minor\n...\n\nSigned-off-by: dependabot[bot] \u003csupport@github.com\u003e\nCo-authored-by: dependabot[bot] \u003c49699333+dependabot[bot]@users.noreply.github.com\u003e" }, { "commit": "7cac138937ea695a5d47eecac89457b1caaec6db", "tree": "a0d5628e263f6311d5f8061c82fe15302b0cee1b", "parents": [ "0547b2204e05a56238f2dacdd6b0cfae297a5981" ], "author": { "name": "dependabot[bot]", "email": "49699333+dependabot[bot]@users.noreply.github.com", "time": "Fri May 08 05:48:53 2026 +0200" }, "committer": { "name": "GitHub", "email": "noreply@github.com", "time": "Fri May 08 05:48:53 2026 +0200" }, "message": "build(deps): bump org.apache.groovy:groovy from 5.0.5 to 5.0.6 (#1996)\n\nBumps [org.apache.groovy:groovy](https://github.com/apache/groovy) from 5.0.5 to 5.0.6.\n- [Commits](https://github.com/apache/groovy/commits)\n\n---\nupdated-dependencies:\n- dependency-name: org.apache.groovy:groovy\n dependency-version: 5.0.6\n dependency-type: direct:production\n update-type: version-update:semver-patch\n...\n\nSigned-off-by: dependabot[bot] \u003csupport@github.com\u003e\nCo-authored-by: dependabot[bot] \u003c49699333+dependabot[bot]@users.noreply.github.com\u003e" }, { "commit": "0547b2204e05a56238f2dacdd6b0cfae297a5981", "tree": "8237a7b783c3483f243af8bf49aee20a8a663fb2", "parents": [ "a6b231671351c058dad3ee36ab6be81e93aaca3e" ], "author": { "name": "dependabot[bot]", "email": "49699333+dependabot[bot]@users.noreply.github.com", "time": "Thu May 07 14:28:45 2026 +0200" }, "committer": { "name": "GitHub", "email": "noreply@github.com", "time": "Thu May 07 14:28:45 2026 +0200" }, "message": "build(deps): bump org.jvnet.jaxb:jaxb-plugins-runtime (#1990)\n\nBumps org.jvnet.jaxb:jaxb-plugins-runtime from 4.0.12 to 4.0.13.\n\n---\nupdated-dependencies:\n- dependency-name: org.jvnet.jaxb:jaxb-plugins-runtime\n dependency-version: 4.0.13\n dependency-type: direct:production\n update-type: version-update:semver-patch\n...\n\nSigned-off-by: dependabot[bot] \u003csupport@github.com\u003e\nCo-authored-by: dependabot[bot] \u003c49699333+dependabot[bot]@users.noreply.github.com\u003e" }, { "commit": "a6b231671351c058dad3ee36ab6be81e93aaca3e", "tree": "ca7a99835eacaa723fbeaa1e8881578fac1983cc", "parents": [ "3923a5c486265bad0a4f51f7bd21cf9070909978" ], "author": { "name": "dependabot[bot]", "email": "49699333+dependabot[bot]@users.noreply.github.com", "time": "Thu May 07 14:27:21 2026 +0200" }, "committer": { "name": "GitHub", "email": "noreply@github.com", "time": "Thu May 07 14:27:21 2026 +0200" }, "message": "build(deps): bump log4j-version from 2.25.4 to 2.26.0 (#1994)\n\nBumps `log4j-version` from 2.25.4 to 2.26.0.\n\nUpdates `org.apache.logging.log4j:log4j-api` from 2.25.4 to 2.26.0\n\nUpdates `org.apache.logging.log4j:log4j-core` from 2.25.4 to 2.26.0\n\nUpdates `org.apache.logging.log4j:log4j-slf4j2-impl` from 2.25.4 to 2.26.0\n\n---\nupdated-dependencies:\n- dependency-name: org.apache.logging.log4j:log4j-api\n dependency-version: 2.26.0\n dependency-type: direct:production\n update-type: version-update:semver-minor\n- dependency-name: org.apache.logging.log4j:log4j-core\n dependency-version: 2.26.0\n dependency-type: direct:production\n update-type: version-update:semver-minor\n- dependency-name: org.apache.logging.log4j:log4j-slf4j2-impl\n dependency-version: 2.26.0\n dependency-type: direct:production\n update-type: version-update:semver-minor\n...\n\nSigned-off-by: dependabot[bot] \u003csupport@github.com\u003e\nCo-authored-by: dependabot[bot] \u003c49699333+dependabot[bot]@users.noreply.github.com\u003e" }, { "commit": "3923a5c486265bad0a4f51f7bd21cf9070909978", "tree": "ce4e8913464c8ea8ea9ceb11c3b44034cd3892da", "parents": [ "0deea08d0a7556f562ac749a0210a18db59fdb52" ], "author": { "name": "dependabot[bot]", "email": "49699333+dependabot[bot]@users.noreply.github.com", "time": "Thu May 07 14:26:32 2026 +0200" }, "committer": { "name": "GitHub", "email": "noreply@github.com", "time": "Thu May 07 14:26:32 2026 +0200" }, "message": "build(deps): bump org.apache.groovy:groovy-ant from 5.0.5 to 5.0.6 (#1995)\n\nBumps [org.apache.groovy:groovy-ant](https://github.com/apache/groovy) from 5.0.5 to 5.0.6.\n- [Commits](https://github.com/apache/groovy/commits)\n\n---\nupdated-dependencies:\n- dependency-name: org.apache.groovy:groovy-ant\n dependency-version: 5.0.6\n dependency-type: direct:production\n update-type: version-update:semver-patch\n...\n\nSigned-off-by: dependabot[bot] \u003csupport@github.com\u003e\nCo-authored-by: dependabot[bot] \u003c49699333+dependabot[bot]@users.noreply.github.com\u003e" }, { "commit": "0deea08d0a7556f562ac749a0210a18db59fdb52", "tree": "56cb1118861cb6967a36e72247c366d187754269", "parents": [ "9d6ab80aa1f2dbfe822ef65090f52cbbb04b862d" ], "author": { "name": "dependabot[bot]", "email": "49699333+dependabot[bot]@users.noreply.github.com", "time": "Wed May 06 06:28:51 2026 +0200" }, "committer": { "name": "GitHub", "email": "noreply@github.com", "time": "Wed May 06 06:28:51 2026 +0200" }, "message": "build(deps-dev): bump netty-version from 4.2.12.Final to 4.2.13.Final (#1989)\n\nBumps `netty-version` from 4.2.12.Final to 4.2.13.Final.\n\nUpdates `io.netty:netty-buffer` from 4.2.12.Final to 4.2.13.Final\n- [Release notes](https://github.com/netty/netty/releases)\n- [Commits](https://github.com/netty/netty/compare/netty-4.2.12.Final...netty-4.2.13.Final)\n\nUpdates `io.netty:netty-common` from 4.2.12.Final to 4.2.13.Final\n- [Release notes](https://github.com/netty/netty/releases)\n- [Commits](https://github.com/netty/netty/compare/netty-4.2.12.Final...netty-4.2.13.Final)\n\nUpdates `io.netty:netty-handler` from 4.2.12.Final to 4.2.13.Final\n- [Release notes](https://github.com/netty/netty/releases)\n- [Commits](https://github.com/netty/netty/compare/netty-4.2.12.Final...netty-4.2.13.Final)\n\nUpdates `io.netty:netty-codec-http` from 4.2.12.Final to 4.2.13.Final\n- [Release notes](https://github.com/netty/netty/releases)\n- [Commits](https://github.com/netty/netty/compare/netty-4.2.12.Final...netty-4.2.13.Final)\n\nUpdates `io.netty:netty-transport` from 4.2.12.Final to 4.2.13.Final\n- [Release notes](https://github.com/netty/netty/releases)\n- [Commits](https://github.com/netty/netty/compare/netty-4.2.12.Final...netty-4.2.13.Final)\n\n---\nupdated-dependencies:\n- dependency-name: io.netty:netty-buffer\n dependency-version: 4.2.13.Final\n dependency-type: direct:development\n update-type: version-update:semver-patch\n- dependency-name: io.netty:netty-common\n dependency-version: 4.2.13.Final\n dependency-type: direct:development\n update-type: version-update:semver-patch\n- dependency-name: io.netty:netty-handler\n dependency-version: 4.2.13.Final\n dependency-type: direct:development\n update-type: version-update:semver-patch\n- dependency-name: io.netty:netty-codec-http\n dependency-version: 4.2.13.Final\n dependency-type: direct:development\n update-type: version-update:semver-patch\n- dependency-name: io.netty:netty-transport\n dependency-version: 4.2.13.Final\n dependency-type: direct:development\n update-type: version-update:semver-patch\n...\n\nSigned-off-by: dependabot[bot] \u003csupport@github.com\u003e\nCo-authored-by: dependabot[bot] \u003c49699333+dependabot[bot]@users.noreply.github.com\u003e" }, { "commit": "9d6ab80aa1f2dbfe822ef65090f52cbbb04b862d", "tree": "e33d1774b5c8fdf3c875bf122e895c86b7070268", "parents": [ "172c79de6ddb7249126b9d09c31a167bdf4361a1" ], "author": { "name": "Matt Pavlovich", "email": "mattrpav@apache.org", "time": "Sat May 02 11:55:46 2026 -0500" }, "committer": { "name": "Matt Pavlovich", "email": "matt@hyte.io", "time": "Sun May 03 12:50:28 2026 -0500" }, "message": "[#1981] Convert deprecated TransportConnector.conenctionCount() calls to use TransportConnector.getConnectionCount()\n" }, { "commit": "172c79de6ddb7249126b9d09c31a167bdf4361a1", "tree": "5621658e6eb75688991a903a08111f2f14700829", "parents": [ "6e03532d82f579eb839f06cfc568195f0467758e" ], "author": { "name": "Matt Pavlovich", "email": "mattrpav@apache.org", "time": "Wed Apr 24 09:16:57 2024 -0500" }, "committer": { "name": "Matt Pavlovich", "email": "matt@hyte.io", "time": "Fri May 01 11:13:30 2026 -0500" }, "message": "[AMQ-9485] Host activemq-protobuf modules for modernization\n" }, { "commit": "6e03532d82f579eb839f06cfc568195f0467758e", "tree": "dad5061e4be8a55f38ac5788864b916b1c4816c7", "parents": [ "2270e435b9266290a361ca471a1441ec83f4b992" ], "author": { "name": "JB Onofré", "email": "jbonofre@apache.org", "time": "Fri May 01 07:25:39 2026 +0200" }, "committer": { "name": "GitHub", "email": "noreply@github.com", "time": "Fri May 01 07:25:39 2026 +0200" }, "message": "Execute CI on activemq-5.19.x and activemq-6.2.x branches (#1957)" }, { "commit": "2270e435b9266290a361ca471a1441ec83f4b992", "tree": "ade2f243820b941b88e55777394efc61cdc39162", "parents": [ "a6a72e91426a051fd581505b8d5ab61142405c00" ], "author": { "name": "dependabot[bot]", "email": "49699333+dependabot[bot]@users.noreply.github.com", "time": "Fri May 01 07:23:03 2026 +0200" }, "committer": { "name": "GitHub", "email": "noreply@github.com", "time": "Fri May 01 07:23:03 2026 +0200" }, "message": "build(deps): bump jackson-version from 2.21.2 to 2.21.3 (#1976)\n\nBumps `jackson-version` from 2.21.2 to 2.21.3.\n\nUpdates `com.fasterxml.jackson.core:jackson-core` from 2.21.2 to 2.21.3\n- [Commits](https://github.com/FasterXML/jackson-core/compare/jackson-core-2.21.2...jackson-core-2.21.3)\n\nUpdates `com.fasterxml.jackson.core:jackson-databind` from 2.21.2 to 2.21.3\n- [Commits](https://github.com/FasterXML/jackson/commits)\n\nUpdates `com.fasterxml.jackson.dataformat:jackson-dataformat-xml` from 2.21.2 to 2.21.3\n- [Commits](https://github.com/FasterXML/jackson-dataformat-xml/compare/jackson-dataformat-xml-2.21.2...jackson-dataformat-xml-2.21.3)\n\n---\nupdated-dependencies:\n- dependency-name: com.fasterxml.jackson.core:jackson-core\n dependency-version: 2.21.3\n dependency-type: direct:production\n update-type: version-update:semver-patch\n- dependency-name: com.fasterxml.jackson.core:jackson-databind\n dependency-version: 2.21.3\n dependency-type: direct:production\n update-type: version-update:semver-patch\n- dependency-name: com.fasterxml.jackson.dataformat:jackson-dataformat-xml\n dependency-version: 2.21.3\n dependency-type: direct:production\n update-type: version-update:semver-patch\n...\n\nSigned-off-by: dependabot[bot] \u003csupport@github.com\u003e\nCo-authored-by: dependabot[bot] \u003c49699333+dependabot[bot]@users.noreply.github.com\u003e" }, { "commit": "a6a72e91426a051fd581505b8d5ab61142405c00", "tree": "c54acd4518eec0a451fd70aea68b666eb0c00fe9", "parents": [ "58c82040fe5150fbbdee865563e360c73f0daa3d" ], "author": { "name": "dependabot[bot]", "email": "49699333+dependabot[bot]@users.noreply.github.com", "time": "Fri May 01 07:22:38 2026 +0200" }, "committer": { "name": "GitHub", "email": "noreply@github.com", "time": "Fri May 01 07:22:38 2026 +0200" }, "message": "build(deps): bump jolokia-version from 2.5.1 to 2.6.0 (#1977)\n\nBumps `jolokia-version` from 2.5.1 to 2.6.0.\n\nUpdates `org.jolokia:jolokia-server-core` from 2.5.1 to 2.6.0\n- [Release notes](https://github.com/jolokia/jolokia/releases)\n- [Commits](https://github.com/jolokia/jolokia/compare/v2.5.1...v2.6.0)\n\nUpdates `org.jolokia:jolokia-service-jmx` from 2.5.1 to 2.6.0\n\nUpdates `org.jolokia:jolokia-service-serializer` from 2.5.1 to 2.6.0\n\n---\nupdated-dependencies:\n- dependency-name: org.jolokia:jolokia-server-core\n dependency-version: 2.6.0\n dependency-type: direct:production\n update-type: version-update:semver-minor\n- dependency-name: org.jolokia:jolokia-service-jmx\n dependency-version: 2.6.0\n dependency-type: direct:production\n update-type: version-update:semver-minor\n- dependency-name: org.jolokia:jolokia-service-serializer\n dependency-version: 2.6.0\n dependency-type: direct:production\n update-type: version-update:semver-minor\n...\n\nSigned-off-by: dependabot[bot] \u003csupport@github.com\u003e\nCo-authored-by: dependabot[bot] \u003c49699333+dependabot[bot]@users.noreply.github.com\u003e" }, { "commit": "58c82040fe5150fbbdee865563e360c73f0daa3d", "tree": "6734bc132be71cf680ee581e014f079dcb010840", "parents": [ "352a2e8999856ca890ff18b8e2acac7444edccb7" ], "author": { "name": "dependabot[bot]", "email": "49699333+dependabot[bot]@users.noreply.github.com", "time": "Tue Apr 28 11:08:13 2026 +0200" }, "committer": { "name": "GitHub", "email": "noreply@github.com", "time": "Tue Apr 28 11:08:13 2026 +0200" }, "message": "build(deps): bump org.ops4j.pax.url:pax-url-aether from 3.0.2 to 3.0.3 (#1969)" }, { "commit": "352a2e8999856ca890ff18b8e2acac7444edccb7", "tree": "47081d5b8a822c7aa6c12c8926b21c2c2c246b7b", "parents": [ "1f2a2571524c56b3b103a9d3a625ceda3430f6e9" ], "author": { "name": "dependabot[bot]", "email": "49699333+dependabot[bot]@users.noreply.github.com", "time": "Tue Apr 28 11:07:36 2026 +0200" }, "committer": { "name": "GitHub", "email": "noreply@github.com", "time": "Tue Apr 28 11:07:36 2026 +0200" }, "message": "build(deps): bump commons-codec:commons-codec from 1.21.0 to 1.22.0 (#1971)" }, { "commit": "1f2a2571524c56b3b103a9d3a625ceda3430f6e9", "tree": "c24a6199e0ede93fa985650808da99e8d7e50e79", "parents": [ "82351687a6dfa84d4e89614d77d2438f6d159b7a" ], "author": { "name": "Christopher L. Shannon", "email": "cshannon@apache.org", "time": "Mon Apr 27 13:06:13 2026 -0400" }, "committer": { "name": "GitHub", "email": "noreply@github.com", "time": "Mon Apr 27 13:06:13 2026 -0400" }, "message": "Add more transport types to the denied list for JMX part 2 (#1972)\n\nFollow on to #1949" }, { "commit": "82351687a6dfa84d4e89614d77d2438f6d159b7a", "tree": "4365ad6800967cc62138aabc63c8f2737067e22e", "parents": [ "9db2707b23aa2ff37c7ed91df749c0539317fbcb" ], "author": { "name": "pradeep85841", "email": "pradeep.kunchala15@gmail.com", "time": "Thu Apr 02 09:04:57 2026 +0530" }, "committer": { "name": "Matt Pavlovich", "email": "matt@hyte.io", "time": "Thu Apr 23 11:06:32 2026 -0500" }, "message": "Fix flaky NetworkAdvancedStatisticsTest race condition\n" }, { "commit": "9db2707b23aa2ff37c7ed91df749c0539317fbcb", "tree": "7431fec4c323f55de2851682d7c4fb33fb4bcdfe", "parents": [ "6adc875a060ce1efab58a92a14d38475e177155f" ], "author": { "name": "dependabot[bot]", "email": "49699333+dependabot[bot]@users.noreply.github.com", "time": "Thu Apr 23 17:51:40 2026 +0200" }, "committer": { "name": "GitHub", "email": "noreply@github.com", "time": "Thu Apr 23 17:51:40 2026 +0200" }, "message": "build(deps-dev): bump commons-io:commons-io from 2.21.0 to 2.22.0 (#1956)\n\nBumps commons-io:commons-io from 2.21.0 to 2.22.0.\n\n---\nupdated-dependencies:\n- dependency-name: commons-io:commons-io\n dependency-version: 2.22.0\n dependency-type: direct:development\n update-type: version-update:semver-minor\n...\n\nSigned-off-by: dependabot[bot] \u003csupport@github.com\u003e\nCo-authored-by: dependabot[bot] \u003c49699333+dependabot[bot]@users.noreply.github.com\u003e" }, { "commit": "6adc875a060ce1efab58a92a14d38475e177155f", "tree": "0c563222bae7cc4e01ea2e9a49f2df84eafecded", "parents": [ "0df19aefcfb05b6de4299ed39110dc45c77168d8" ], "author": { "name": "JB Onofré", "email": "jbonofre@apache.org", "time": "Thu Apr 23 15:22:08 2026 +0200" }, "committer": { "name": "GitHub", "email": "noreply@github.com", "time": "Thu Apr 23 15:22:08 2026 +0200" }, "message": "fix(test): avoid race condition in TwoBrokerVirtualTopicSelectorAwareForwardingTest (#1951)\n\nReplace bare assertEquals with Wait.waitFor for the queue depth check in\ntestSelectorAwareForwarding. The broker decrements its messages counter only\nafter processing the MessageAck asynchronously, so asserting immediately after\nwaitForMessagesToArrive could fire before the ACK is processed on a loaded CI runner." }, { "commit": "0df19aefcfb05b6de4299ed39110dc45c77168d8", "tree": "74f012e2a865a9947cb6c8d5e5e1565fda68404e", "parents": [ "87f18804650810627f562848fa64519c114c6392" ], "author": { "name": "dependabot[bot]", "email": "49699333+dependabot[bot]@users.noreply.github.com", "time": "Tue Apr 21 17:09:46 2026 +0200" }, "committer": { "name": "GitHub", "email": "noreply@github.com", "time": "Tue Apr 21 17:09:46 2026 +0200" }, "message": "build(deps): bump org.javassist:javassist from 3.30.2-GA to 3.31.0-GA (#1948)\n\nBumps [org.javassist:javassist](https://github.com/jboss-javassist/javassist) from 3.30.2-GA to 3.31.0-GA.\n- [Release notes](https://github.com/jboss-javassist/javassist/releases)\n- [Changelog](https://github.com/jboss-javassist/javassist/blob/master/Changes.md)\n- [Commits](https://github.com/jboss-javassist/javassist/commits)\n\n---\nupdated-dependencies:\n- dependency-name: org.javassist:javassist\n dependency-version: 3.31.0-GA\n dependency-type: direct:production\n update-type: version-update:semver-minor\n...\n\nSigned-off-by: dependabot[bot] \u003csupport@github.com\u003e\nCo-authored-by: dependabot[bot] \u003c49699333+dependabot[bot]@users.noreply.github.com\u003e" }, { "commit": "87f18804650810627f562848fa64519c114c6392", "tree": "169a90a0f5d819750f589743d33121ca6095c00a", "parents": [ "fb9f86dbab88df391cd4885855fe3b68106c9ddd" ], "author": { "name": "Christopher L. Shannon", "email": "cshannon@apache.org", "time": "Tue Apr 21 10:51:34 2026 -0400" }, "committer": { "name": "GitHub", "email": "noreply@github.com", "time": "Tue Apr 21 10:51:34 2026 -0400" }, "message": "Add remote file filtering for XBeanBrokerFactory (#1950)\n\nThis expands on the previous work in #1910 to add treat remote files as\na separate protocol category that can be controlled independently of\nregular files when loading resources. By default remote files will be\ndisabled.\n\nFollow on to #1910" }, { "commit": "fb9f86dbab88df391cd4885855fe3b68106c9ddd", "tree": "f675fcc9463d008aac1480ae8232c01e8f39e617", "parents": [ "0d4ed95faac9703036ecde819f6e1ebdfd49be1a" ], "author": { "name": "Christopher L. Shannon", "email": "cshannon@apache.org", "time": "Tue Apr 21 09:39:56 2026 -0400" }, "committer": { "name": "GitHub", "email": "noreply@github.com", "time": "Tue Apr 21 09:39:56 2026 -0400" }, "message": "Add more transport types to the denied list for JMX (#1949)\n\nAdd on more types to the list of denied transports through JMX\n\nFollow on to #1918" }, { "commit": "0d4ed95faac9703036ecde819f6e1ebdfd49be1a", "tree": "b8a51ea01d0265ea268f9e0961aee0c340f6e8c1", "parents": [ "2b91f01e81caf2b33b883c678bc81a85d3d51034" ], "author": { "name": "dependabot[bot]", "email": "49699333+dependabot[bot]@users.noreply.github.com", "time": "Tue Apr 21 08:07:54 2026 +0200" }, "committer": { "name": "GitHub", "email": "noreply@github.com", "time": "Tue Apr 21 08:07:54 2026 +0200" }, "message": "build(deps-dev): bump org.sonarsource.scanner.maven:sonar-maven-plugin (#1947)\n\nBumps [org.sonarsource.scanner.maven:sonar-maven-plugin](https://github.com/SonarSource/sonar-scanner-maven) from 5.5.0.6356 to 5.6.0.6792.\n- [Release notes](https://github.com/SonarSource/sonar-scanner-maven/releases)\n- [Commits](https://github.com/SonarSource/sonar-scanner-maven/compare/5.5.0.6356...5.6.0.6792)\n\n---\nupdated-dependencies:\n- dependency-name: org.sonarsource.scanner.maven:sonar-maven-plugin\n dependency-version: 5.6.0.6792\n dependency-type: direct:development\n update-type: version-update:semver-minor\n...\n\nSigned-off-by: dependabot[bot] \u003csupport@github.com\u003e\nCo-authored-by: dependabot[bot] \u003c49699333+dependabot[bot]@users.noreply.github.com\u003e" }, { "commit": "2b91f01e81caf2b33b883c678bc81a85d3d51034", "tree": "855a858562d60c66472114eca079d5ab0cb3c7de", "parents": [ "17b188504c5f29f999dd7214bb0d95abedb96329" ], "author": { "name": "JB Onofré", "email": "jbonofre@apache.org", "time": "Fri Apr 17 15:43:59 2026 +0200" }, "committer": { "name": "GitHub", "email": "noreply@github.com", "time": "Fri Apr 17 15:43:59 2026 +0200" }, "message": "fix(webconsole): the webconsole now redirect to the slave.jsp when required (#1931)\n\n* fix(webconsole): the webconsole now redirect to the slave.jsp when required (slave broker with startAsync\u003d\"true\")\n\n* fix(assembly): add id\u003d\"broker\" to sample configs so jetty.xml depends-on resolves\n\nThe BrokerXmlConfigStartTest loads all activemq-*.xml sample configs\nwhich import jetty.xml. Since jetty.xml now has depends-on\u003d\"broker\" on\nthe invokeStart bean, the sample configs need a matching bean id." }, { "commit": "17b188504c5f29f999dd7214bb0d95abedb96329", "tree": "186a2a488a9c5d09cd9b1fadc0d69bba6beb0485", "parents": [ "9b4b6f9fbd177c802fa8d4ee22cf2d03a31cbd29" ], "author": { "name": "Christopher L. Shannon", "email": "cshannon@apache.org", "time": "Fri Apr 17 09:16:39 2026 -0400" }, "committer": { "name": "GitHub", "email": "noreply@github.com", "time": "Fri Apr 17 09:16:39 2026 -0400" }, "message": "Fix variable rename (#1944)" }, { "commit": "9b4b6f9fbd177c802fa8d4ee22cf2d03a31cbd29", "tree": "ff958390101145899f429acf7ff930cadcccc93e", "parents": [ "a240dba6088b971dcbad079c4b2272da8baf56c8" ], "author": { "name": "dependabot[bot]", "email": "49699333+dependabot[bot]@users.noreply.github.com", "time": "Fri Apr 17 15:13:08 2026 +0200" }, "committer": { "name": "GitHub", "email": "noreply@github.com", "time": "Fri Apr 17 15:13:08 2026 +0200" }, "message": "build(deps): bump maven-core-version from 3.9.14 to 3.9.15 (#1941)\n\nBumps `maven-core-version` from 3.9.14 to 3.9.15.\n\nUpdates `org.apache.maven:maven-plugin-api` from 3.9.14 to 3.9.15\n- [Release notes](https://github.com/apache/maven/releases)\n- [Commits](https://github.com/apache/maven/compare/maven-3.9.14...maven-3.9.15)\n\nUpdates `org.apache.maven:maven-core` from 3.9.14 to 3.9.15\n\n---\nupdated-dependencies:\n- dependency-name: org.apache.maven:maven-plugin-api\n dependency-version: 3.9.15\n dependency-type: direct:production\n update-type: version-update:semver-patch\n- dependency-name: org.apache.maven:maven-core\n dependency-version: 3.9.15\n dependency-type: direct:production\n update-type: version-update:semver-patch\n...\n\nSigned-off-by: dependabot[bot] \u003csupport@github.com\u003e\nCo-authored-by: dependabot[bot] \u003c49699333+dependabot[bot]@users.noreply.github.com\u003e" }, { "commit": "a240dba6088b971dcbad079c4b2272da8baf56c8", "tree": "991f5dde25d7048f1981ac9383a2ebfcdba30fb9", "parents": [ "cfd698aa7695a7e239fd5fd178edef23347d3853" ], "author": { "name": "Christopher L. Shannon", "email": "cshannon@apache.org", "time": "Fri Apr 17 07:48:11 2026 -0400" }, "committer": { "name": "GitHub", "email": "noreply@github.com", "time": "Fri Apr 17 07:48:11 2026 -0400" }, "message": "Queue browse improvements in webconsole (#1938)\n\nThis change makes sure we always use the correct content type for the\noutput based on the configured view and also escape xml content when\ndisplaying." }, { "commit": "cfd698aa7695a7e239fd5fd178edef23347d3853", "tree": "13867427612a6811d9c64918b56c9bc599cf8a13", "parents": [ "ca34bcd387156b7bacb8abc382c768354c48d730" ], "author": { "name": "Sai Asish Y", "email": "say.apm35@gmail.com", "time": "Fri Apr 17 04:33:10 2026 -0700" }, "committer": { "name": "GitHub", "email": "noreply@github.com", "time": "Fri Apr 17 13:33:10 2026 +0200" }, "message": "Fix \u0027occured\u0027 -\u003e \u0027occurred\u0027 typos in 3 files (#1939)\n\n- activemq-ra/.../SimpleConnectionManager.java: four user-visible LOG.warn\n messages emitted from connectionClosed / connectionErrorOccurred.\n- activemq-client/.../TransportListener.java: Javadoc on onException().\n- activemq-broker/.../JmsConnector.java: @param Javadoc on\n handleConnectionFailure().\n\nNo functional changes.\n\nSigned-off-by: Sai Asish Y \u003csay.apm35@gmail.com\u003e" }, { "commit": "ca34bcd387156b7bacb8abc382c768354c48d730", "tree": "b0b414afab94baad4a939263560e732b188a28d6", "parents": [ "95eeb906d74ff02665dd8a1b3f084e824a10648c" ], "author": { "name": "gurpartap3697", "email": "singh.gurpar0306@gmail.com", "time": "Thu Apr 16 02:18:39 2026 +0530" }, "committer": { "name": "GitHub", "email": "noreply@github.com", "time": "Wed Apr 15 22:48:39 2026 +0200" }, "message": "Fix flaky DurableSubInBrokerNetworkTest by replacing fixed sleeps with Wait.waitFor polling (#1906)\n\n* replace Thread.sleep() with waitfor() to fix flakiness in DurableSubInBrokerNetworkTest\n\n* update polling time of Wait.waitFor()" }, { "commit": "95eeb906d74ff02665dd8a1b3f084e824a10648c", "tree": "e515ae3b48d1766e3dbbfbde3d363fc82bf6d643", "parents": [ "52bef00e510790b0a63eb287e285d6787671bbc6" ], "author": { "name": "Matt Pavlovich", "email": "mattrpav@apache.org", "time": "Tue Apr 14 12:16:24 2026 -0500" }, "committer": { "name": "GitHub", "email": "noreply@github.com", "time": "Tue Apr 14 13:16:24 2026 -0400" }, "message": "[#1913] Update DestinationView uri resolution (#1914)" }, { "commit": "52bef00e510790b0a63eb287e285d6787671bbc6", "tree": "a329e4ea8e38fe0910fe4fd604177524812e08b2", "parents": [ "5bda7d83ffbec658f75c583eb2f830787cdf55f9" ], "author": { "name": "Matt Pavlovich", "email": "mattrpav@apache.org", "time": "Tue Apr 14 12:16:04 2026 -0500" }, "committer": { "name": "GitHub", "email": "noreply@github.com", "time": "Tue Apr 14 13:16:04 2026 -0400" }, "message": "[#1911] Update resource cleanup on queueBrowse servlet (#1912)" }, { "commit": "5bda7d83ffbec658f75c583eb2f830787cdf55f9", "tree": "f3add1b0cd002cc0d0498800c58a814814990a07", "parents": [ "084502ae2e16d411c80e07e6c3f6d34d3e08a295" ], "author": { "name": "Christopher L. Shannon", "email": "cshannon@apache.org", "time": "Tue Apr 14 09:03:36 2026 -0400" }, "committer": { "name": "GitHub", "email": "noreply@github.com", "time": "Tue Apr 14 09:03:36 2026 -0400" }, "message": "Add Http discovery transport to denied list for JMX (#1918)\n\nThis also prevents the Http discovery transport from being added as a\nconnector or network connector through JMX and Jolokia" }, { "commit": "084502ae2e16d411c80e07e6c3f6d34d3e08a295", "tree": "e2bfe817f1eadc2b84f713bcbaa3cfed541e974a", "parents": [ "3218266f52cef16d27ccfb61a45ca9e8890e671c" ], "author": { "name": "Christopher L. Shannon", "email": "cshannon@apache.org", "time": "Tue Apr 14 08:56:41 2026 -0400" }, "committer": { "name": "GitHub", "email": "noreply@github.com", "time": "Tue Apr 14 08:56:41 2026 -0400" }, "message": "Make brokerName immutable in RegionBroker (#1917)\n\nThe brokerName should come from BrokerService and should only be\nconfigured on first creation. This update changes RegionBroker so that\nit gets the name from the broker service during construction and\nverifies that it is not null.\n\nThe other benefit of this is that BrokerService always validates the\nname has valid characters. This change also cleans up the name regex to\nget rid of unnecessary escapes and also adds some regex tests." }, { "commit": "3218266f52cef16d27ccfb61a45ca9e8890e671c", "tree": "3dc9cf7307c8681e4038b502701d9edaaf724fc2", "parents": [ "85fa7bbf17be57107a624d7aa7161008fee7d488" ], "author": { "name": "dependabot[bot]", "email": "49699333+dependabot[bot]@users.noreply.github.com", "time": "Tue Apr 14 14:05:52 2026 +0200" }, "committer": { "name": "GitHub", "email": "noreply@github.com", "time": "Tue Apr 14 14:05:52 2026 +0200" }, "message": "build(deps-dev): bump org.owasp:dependency-check-maven (#1908)\n\nBumps [org.owasp:dependency-check-maven](https://github.com/dependency-check/DependencyCheck) from 12.2.0 to 12.2.1.\n- [Release notes](https://github.com/dependency-check/DependencyCheck/releases)\n- [Changelog](https://github.com/dependency-check/DependencyCheck/blob/main/CHANGELOG.md)\n- [Commits](https://github.com/dependency-check/DependencyCheck/compare/v12.2.0...v12.2.1)\n\n---\nupdated-dependencies:\n- dependency-name: org.owasp:dependency-check-maven\n dependency-version: 12.2.1\n dependency-type: direct:development\n update-type: version-update:semver-patch\n...\n\nSigned-off-by: dependabot[bot] \u003csupport@github.com\u003e\nCo-authored-by: dependabot[bot] \u003c49699333+dependabot[bot]@users.noreply.github.com\u003e" }, { "commit": "85fa7bbf17be57107a624d7aa7161008fee7d488", "tree": "fa22a050273e13f3495046f940ead4665af7535e", "parents": [ "a04c0887b4269c2cce981a0cf5512a61fde53a6b" ], "author": { "name": "Christopher L. Shannon", "email": "cshannon@apache.org", "time": "Mon Apr 13 13:13:31 2026 -0400" }, "committer": { "name": "GitHub", "email": "noreply@github.com", "time": "Mon Apr 13 13:13:31 2026 -0400" }, "message": "Restrict URL protocol types loaded by XBeanBrokerFactory (#1910)\n\nThis adds a new system property to control which protocol types are\nvalid for loading resources using the XBeanBrokerFactory. By default\nonly file and classpath resources can be loaded.\n\nThe goal of this is to prevent possible future security issues by\nhardening what is allowed to be loaded by default." }, { "commit": "a04c0887b4269c2cce981a0cf5512a61fde53a6b", "tree": "386daa3d7f759d5b6dfc598c7d47d33fd10ba6b2", "parents": [ "b787b0ed11cf1b7444b0a3904398fea5dc16179b" ], "author": { "name": "dependabot[bot]", "email": "49699333+dependabot[bot]@users.noreply.github.com", "time": "Mon Apr 13 17:40:46 2026 +0200" }, "committer": { "name": "GitHub", "email": "noreply@github.com", "time": "Mon Apr 13 17:40:46 2026 +0200" }, "message": "build(deps): bump org.apache.ant:ant from 1.10.16 to 1.10.17 (#1909)\n\nBumps org.apache.ant:ant from 1.10.16 to 1.10.17.\n\n---\nupdated-dependencies:\n- dependency-name: org.apache.ant:ant\n dependency-version: 1.10.17\n dependency-type: direct:production\n update-type: version-update:semver-patch\n...\n\nSigned-off-by: dependabot[bot] \u003csupport@github.com\u003e\nCo-authored-by: dependabot[bot] \u003c49699333+dependabot[bot]@users.noreply.github.com\u003e" }, { "commit": "b787b0ed11cf1b7444b0a3904398fea5dc16179b", "tree": "5034c80b382cff8ae84b5c24bbe148ed27abdda4", "parents": [ "ffa7e9fb0e197b7da44b31043e1e7886c0fb73ae" ], "author": { "name": "Christopher L. Shannon", "email": "cshannon@apache.org", "time": "Fri Apr 10 13:50:34 2026 -0400" }, "committer": { "name": "GitHub", "email": "noreply@github.com", "time": "Fri Apr 10 13:50:34 2026 -0400" }, "message": "Minor bug fix for BrokerView#validateAllowedUri (#1900)\n\nThe wrong variable is being referenced in the nested loop. This does not\ncause the validation to actually break due to other checks done during\nthe recursive call, but is incorrect either way. With this fix the\ncounter needed tweaking for limiting the number of nested components as\nwell.\n\nFollow on to #1847" }, { "commit": "ffa7e9fb0e197b7da44b31043e1e7886c0fb73ae", "tree": "10d4f04340224a605019b4c633a7d547e0b7c38e", "parents": [ "2a777f37ece9fea8aab83bc1e7d3420575fc3900" ], "author": { "name": "Christopher L. Shannon", "email": "cshannon@apache.org", "time": "Fri Apr 10 13:24:05 2026 -0400" }, "committer": { "name": "GitHub", "email": "noreply@github.com", "time": "Fri Apr 10 13:24:05 2026 -0400" }, "message": "Also add rerunFailingTestFlag back to Jenkins builds (#1881)\n\nFollow on issue to #1880" }, { "commit": "2a777f37ece9fea8aab83bc1e7d3420575fc3900", "tree": "2fe2fb456aff9b9537e36408624cf153c7dcc8fb", "parents": [ "ee5e30ac42cc5717c58f7586619ad866da59e8cc" ], "author": { "name": "gurpartap3697", "email": "singh.gurpar0306@gmail.com", "time": "Fri Apr 10 13:49:10 2026 +0530" }, "committer": { "name": "GitHub", "email": "noreply@github.com", "time": "Fri Apr 10 10:19:10 2026 +0200" }, "message": "(Fix/ci) remove surefire rerun flag when tests are skipped (#1897)\n\n* (fix/ci) remove surefire rerun flag when tests are skipped\n\n* (fix/ci) remove surefire rerun flag when tests are skipped in ci-weekly" }, { "commit": "ee5e30ac42cc5717c58f7586619ad866da59e8cc", "tree": "3b31d3edd3c3b7b7802b2371ca2bbf47ae537821", "parents": [ "2fee1583181dbbce1917eed01b6d7f19ae102087" ], "author": { "name": "gurpartap3697", "email": "singh.gurpar0306@gmail.com", "time": "Fri Apr 10 01:50:12 2026 +0530" }, "committer": { "name": "GitHub", "email": "noreply@github.com", "time": "Thu Apr 09 16:20:12 2026 -0400" }, "message": "fix flaky AMQ6366Test (#1895)" }, { "commit": "2fee1583181dbbce1917eed01b6d7f19ae102087", "tree": "961f4f1bc6f421a0b3cdf839ff3ceb23cf2df889", "parents": [ "3b4e819664edea7e58a958f6542474f045ca5d0b" ], "author": { "name": "Jean-Louis Monteiro", "email": "jeanouii@gmail.com", "time": "Thu Apr 09 19:51:48 2026 +0200" }, "committer": { "name": "GitHub", "email": "noreply@github.com", "time": "Thu Apr 09 13:51:48 2026 -0400" }, "message": "[AMQ-9569][#1882] SSL handshake write timeout enforcement (#1883)\n\n* feat(AMQ-9559)/feat(#1882): The failover test correctly reproduces the bug: it blocks for 20+ seconds proving WriteTimeoutFilter.start() does not enforce soWriteTimeout.\n\n* feat(AMQ-9559)/feat(#1882): Similar to oneway() add registerWrite/deRegisterWrite around super.start()\n\nAdding a null check in the TimeoutThread is required to avoid random NPE if the TimeoutThread kicks in after the registerWrite but before initializeStreams() is called resulting in a NPE because TcpTransport.buffOut is null." }, { "commit": "3b4e819664edea7e58a958f6542474f045ca5d0b", "tree": "1f01c819df7b86a899ddbc7df75c7cae788bd98c", "parents": [ "c8b71abe2f9f9a3b8643b0d888623053e37e9fb2" ], "author": { "name": "Christopher L. Shannon", "email": "cshannon@apache.org", "time": "Wed Apr 08 14:07:52 2026 -0400" }, "committer": { "name": "GitHub", "email": "noreply@github.com", "time": "Wed Apr 08 14:07:52 2026 -0400" }, "message": "Properly handle SSL handshake updates (#1885)\n\nHandle different handshake state changes in NIOSSL transports" }, { "commit": "c8b71abe2f9f9a3b8643b0d888623053e37e9fb2", "tree": "a6334136941f2e3f343eb7162130ebdcc58228dc", "parents": [ "656b88111a9f40528076f79ffab0e8586f78c25a" ], "author": { "name": "Christopher L. Shannon", "email": "cshannon@apache.org", "time": "Mon Apr 06 15:28:05 2026 -0400" }, "committer": { "name": "GitHub", "email": "noreply@github.com", "time": "Mon Apr 06 15:28:05 2026 -0400" }, "message": "Optimize SecurityContext#isInOneOf attempt 2 (#1879)\n\nThis is an update to #1874 which fixes the previous issue with wildcard\nprincipal handling which caused things to break\n\nThis method was iterating over a set to find matching entries instead of\njust using contains(). This update switches to using contains() which will\nbe faster and also cleans up the code with a for each loop.\n\nThe wildcard principal handling was simplified by using a\npredefined static object inside SecurityContext to mark\nthat everything should be allowed if the name is \"*\".\nDefaultAuthorizationMap now references this and uses this object\nwhen parsing ACLs if a wildcard is used. Because it\u0027s been moved\nto SecurityContext it\u0027s flexible and can be used by other impls as well.\n\nA small test was added but there are several other authorization tests that\nalready exist that also exercise this method." }, { "commit": "656b88111a9f40528076f79ffab0e8586f78c25a", "tree": "6647e6d59b53e336bcb7d7f11ef10366342de263", "parents": [ "dc29cca4ad40f1610877fdf01eb0d0aaa07d54aa" ], "author": { "name": "Christopher L. Shannon", "email": "cshannon@apache.org", "time": "Mon Apr 06 12:18:35 2026 -0400" }, "committer": { "name": "GitHub", "email": "noreply@github.com", "time": "Mon Apr 06 12:18:35 2026 -0400" }, "message": "Add back in rerunFailingTests flag for unit tests (#1880)\n\nWe still have too many flaky tests that cause the build to fail almost\nevery time with different failures so this is needed for now." }, { "commit": "dc29cca4ad40f1610877fdf01eb0d0aaa07d54aa", "tree": "0bc415aa6c2e428e9705eecf178296b4eb3aee5a", "parents": [ "4199744426b936efccc6ef1037a0f9ad2ba6b4d1" ], "author": { "name": "gurpartap3697", "email": "singh.gurpar0306@gmail.com", "time": "Sun Apr 05 21:00:20 2026 +0530" }, "committer": { "name": "GitHub", "email": "noreply@github.com", "time": "Sun Apr 05 17:30:20 2026 +0200" }, "message": "fix(test): Fix flakiness in AMQ4930Test (#1825)" }, { "commit": "4199744426b936efccc6ef1037a0f9ad2ba6b4d1", "tree": "3fade359147f8eb3b41fe173b0744842699f5dd1", "parents": [ "ac047b6c8f37afb3e42c7f03323fd1d9d6deb132" ], "author": { "name": "gurpartap3697", "email": "singh.gurpar0306@gmail.com", "time": "Sun Apr 05 11:06:13 2026 +0530" }, "committer": { "name": "GitHub", "email": "noreply@github.com", "time": "Sun Apr 05 07:36:13 2026 +0200" }, "message": "Fix flakiness in AdvisoryViaNetworkTest by verifying peer broker info on both sides for duplex network (#1867)" }, { "commit": "ac047b6c8f37afb3e42c7f03323fd1d9d6deb132", "tree": "7f12c8771c6f127f7bfb2a8d6dee3934578f65f9", "parents": [ "e612481b6dcc54e813cebb8d0c6b7e839f3dbccd" ], "author": { "name": "gurpartap3697", "email": "singh.gurpar0306@gmail.com", "time": "Sun Apr 05 11:05:58 2026 +0530" }, "committer": { "name": "GitHub", "email": "noreply@github.com", "time": "Sun Apr 05 07:35:58 2026 +0200" }, "message": "fix flaky AMQ6133PersistJMSRedeliveryTest using Wait.waitFor (#1872)" }, { "commit": "e612481b6dcc54e813cebb8d0c6b7e839f3dbccd", "tree": "c97ad095eb60afaccce9921a79da2dc5166e7684", "parents": [ "b404e1e335011af93ff3c40318bcfc2fc2800660" ], "author": { "name": "Christopher L. Shannon", "email": "cshannon@apache.org", "time": "Fri Apr 03 20:42:44 2026 -0400" }, "committer": { "name": "GitHub", "email": "noreply@github.com", "time": "Fri Apr 03 20:42:44 2026 -0400" }, "message": "Revert \"Optimize SecurityContext#isInOneOf (#1874)\" (#1875)\n\nThis reverts commit b404e1e335011af93ff3c40318bcfc2fc2800660.\n\nThis change needs more work because DefaultAuthorizationMap requires\nequals() to be used the way it handles a wildcard Principal. This needs\nto be fixed before the change can be made" }, { "commit": "b404e1e335011af93ff3c40318bcfc2fc2800660", "tree": "a76311ff29b44c9b5b85542ce825d5427aaaffaf", "parents": [ "df3f6caefe0763fb46ceac4117b6187bacd98eec" ], "author": { "name": "Christopher L. Shannon", "email": "cshannon@apache.org", "time": "Fri Apr 03 18:20:25 2026 -0400" }, "committer": { "name": "GitHub", "email": "noreply@github.com", "time": "Fri Apr 03 18:20:25 2026 -0400" }, "message": "Optimize SecurityContext#isInOneOf (#1874)\n\nThis method was iterating over a set to find matching entries instead of\njust using contains(). This updates switches to using contains() which\nwill be faster and also cleans up the code with a for each loop.\nThis also removes the copying of the principal set set copy that is \nunnecessary and actually not thread safe without external sync when using\nJaas.\n\nA small test was added but there are several other authorization tests\nthat already exist that also exercise this method." }, { "commit": "df3f6caefe0763fb46ceac4117b6187bacd98eec", "tree": "c97ad095eb60afaccce9921a79da2dc5166e7684", "parents": [ "d21d12ef8cc2c218b0ba49cb8767626163315955" ], "author": { "name": "Matt Pavlovich", "email": "mattrpav@apache.org", "time": "Tue Feb 10 18:04:01 2026 -0600" }, "committer": { "name": "Matt Pavlovich", "email": "matt@hyte.io", "time": "Fri Apr 03 14:10:08 2026 -0500" }, "message": "[AMQ-9858] Support purging the first number of messages from a queue\n" }, { "commit": "d21d12ef8cc2c218b0ba49cb8767626163315955", "tree": "25b896c0d4343306df188f0dec57be17fbdcf6c0", "parents": [ "27c17441d681e2b325e5e0700220a7b0d302e780" ], "author": { "name": "Anmol Saxena", "email": "asaxena@meshiq.com", "time": "Fri Apr 03 18:10:57 2026 +0530" }, "committer": { "name": "GitHub", "email": "noreply@github.com", "time": "Fri Apr 03 14:40:57 2026 +0200" }, "message": " AMQ-9386: Remove legacy IBM JDK-specific test paths from MBeanTest and StompTest. (#1863)" }, { "commit": "27c17441d681e2b325e5e0700220a7b0d302e780", "tree": "9e7db4f3c7127117c3dbec37e0cf72d28fc10ca9", "parents": [ "66d5d749b10654dabc1872cf96983bd9809e8380" ], "author": { "name": "gurpartap3697", "email": "singh.gurpar0306@gmail.com", "time": "Thu Apr 02 13:49:50 2026 +0530" }, "committer": { "name": "GitHub", "email": "noreply@github.com", "time": "Thu Apr 02 10:19:50 2026 +0200" }, "message": "Fix flaky XACompletionTest by adding wait for async states (#1862)\n\n* Fix flaky XACompletionTest by adding wait for async states\n\n* add async wait for getQueueSize" }, { "commit": "66d5d749b10654dabc1872cf96983bd9809e8380", "tree": "f86f6955392b6b7116da79e6ffcb4b1ffca686cb", "parents": [ "35a351bf05ae18440a23fa3cc67d4f42cd881e24" ], "author": { "name": "dependabot[bot]", "email": "49699333+dependabot[bot]@users.noreply.github.com", "time": "Wed Apr 01 15:43:07 2026 +0200" }, "committer": { "name": "GitHub", "email": "noreply@github.com", "time": "Wed Apr 01 15:43:07 2026 +0200" }, "message": "build(deps): bump log4j-version from 2.25.3 to 2.25.4 (#1854)\n\nBumps `log4j-version` from 2.25.3 to 2.25.4.\n\nUpdates `org.apache.logging.log4j:log4j-api` from 2.25.3 to 2.25.4\n\nUpdates `org.apache.logging.log4j:log4j-core` from 2.25.3 to 2.25.4\n\nUpdates `org.apache.logging.log4j:log4j-slf4j2-impl` from 2.25.3 to 2.25.4\n\n---\nupdated-dependencies:\n- dependency-name: org.apache.logging.log4j:log4j-api\n dependency-version: 2.25.4\n dependency-type: direct:production\n update-type: version-update:semver-patch\n- dependency-name: org.apache.logging.log4j:log4j-core\n dependency-version: 2.25.4\n dependency-type: direct:production\n update-type: version-update:semver-patch\n- dependency-name: org.apache.logging.log4j:log4j-slf4j2-impl\n dependency-version: 2.25.4\n dependency-type: direct:production\n update-type: version-update:semver-patch\n...\n\nSigned-off-by: dependabot[bot] \u003csupport@github.com\u003e\nCo-authored-by: dependabot[bot] \u003c49699333+dependabot[bot]@users.noreply.github.com\u003e" } ], "next": "35a351bf05ae18440a23fa3cc67d4f42cd881e24" }