Changelog for
snakeyaml-javadoc-1.33-150200.3.12.4.noarch.rpm :
* Tue Oct 18 2022 fstrbaAATTsuse.com- Fix --with tests build
* Mon Oct 17 2022 fstrbaAATTsuse.com- Upgrade to upstream release 1.33
* Fixes + bsc#1204173 + bsc#1203154 (CVE-2022-38752)
* Changes of 1.33 + Remove some deprecated unused methods + Fix #555: Fixed Github actions + Fix #553: LoaderOptions.setCodePointLimit() not honored by loadAll() + Fix #554: Always emit numberish strings with quotes
* Changes of 1.32 + Fix #543: show the configuration in the test + Fix #531: provide configuration to fail early + Fix #547: Set the limit for incoming data to prevent a CVE report in NIST. By default it is 3MB + Fix #544: Support unescaped unicode characters for double-quoted scalars- Modified patches:
* 0001-replace-bundled-base64coder-with-java.util.Base64.patch
* 0002-Replace-bundled-gdata-java-client-classes-with-commo.patch + rebase- Added patch:
* 0003-Fix-ReaderBomTest.patch + remove two tests that require unicode boms
* Wed Sep 07 2022 fstrbaAATTsuse.com- Upgrade to upstream release 1.31
* Fixes + bsc#1202932 (CVE-2022-25857) + bsc#1203149 (CVE-2022-38749) + bsc#1203153 (CVE-2022-38751) + bsc#1203158 (CVE-2022-38750)
* Changes of 1.31 + Fix #539: false positive CVE-2020-13936 (bsc#1183360) + Fix #537: Improved RE for integers + Improve restrictions against DoS attacks + Fix #525: Restrict nested depth for collections to avoid DoS attacks + Fix #522: De-serializing key \"on\" fails with Exception + Example with Lombok and ENV variable substitution was added + reported issue with trailing TAB + fixes for reading and writing comments
* Changes of 1.30 + Migrate to new home: snakeyaml/snakeyaml + fixes for reading and writing comments + Fix #506: Improve parsing a number starting with 0x
* Changes of 1.29 + fixes for reading and writing comments- Modified patches:
* 0001-replace-bundled-base64coder-with-java.util.Base64.patch
* 0002-Replace-bundled-gdata-java-client-classes-with-commo.patch + rebase
* Sat May 15 2021 fstrbaAATTsuse.com- Upgrade to upstream release 1.28
* Fixes bsc#1159488, bsc#1186088, CVE-2017-18640
* Changes of 1.28 + Add possibility to construct enum with case sensitivity + Fix #493: substitution default can contain special characters + Add possibility to read and write comments + Fix #485: Alias names are too permissive compared to libyaml and future spec
* Changes of 1.27 + Update #307: add example + Add: build with CI on github + Fix #481: Serialize anchors that are not used by any alias + Fix #416: Improve dumping sequences + Fix #480: Anchor allows non ASCII characters while dumping + Fix #476: Make constructor of EnvScalarConstructor public + Fix #474: Parse the value of byte and short after a narrowing primitive conversion + Fix yet another OWASP false positive. It complains that the Spring controller makes SnakeYAML insecure even though SnakeYAML does not use Spring controller and does not depend on Spring (but the tests do). Bump spring.version from 3.2.17.RELEASE to 5.2.4.RELEASE + Migrated from hg to git
* Changes of 1.26 + Fix #377: Allow configuration for preventing billion laughs attack + Add: parse ENV variables similar to how it works for docker-compose + Fix #468: Allow non ASCII characters in the anchor names + Add: expose Event.ID in Event via a getter + Fix #454: Add example for integer without time pattern- Removed patch:
* 0003-fix-broken-test.patch + not needed since integrated upstream- Modified patch:
* 0001-replace-bundled-base64coder-with-java.util.Base64.patch
* rediff to changed context
* Sun Nov 10 2019 fstrbaAATTsuse.com- Upgrade to upstream release 1.25
* Changes of 1.25 + Fix #441: Restore the way to get anchor for a Node + Fix #437: Introduce setting to keep !!str tag for String even when it contains non-printable chars + Update plugin versions
* Changes of 1.24 + BaseConstructor: Factored out postponed mapping logic so subclasses can effectively override constructMapping2ndStep() and delegate to the postponed mapping logic + Fix #431: Customize simple key length when dumping + Fix #430: Wrap runtime exceptions into YAMLException. + Fix: Null tag constructor not called when parsing top-level null value. + Fix #429: Provide \"Automatic-Module-Name\" entry in MANIFEST + Fix #426: Fix NPE when duplicate keys are not allowed and the key is null + Apply pull request #41: Support java.sql classes without the need to depend on java.sql module in java9+ + Update: Java 7 is required. + Fix #423: Date Serialization Fails for TimeZones on Daylight Savings Time
* Changes of 1.23 + Update: run tests under Java 11. This is the last release to support Java 6. As of the next release Java 7 will be required. + Fix #412: Restore the Boolean constructors for Events and Nodes for binary compatibility of dependent projects + Fix #411: System Property \"java.runtime.name\" is not required to be defined + Fix #409: Dumping Enum breaks when Enum value is Anonymous inner class
* Changes of 1.21 + Update: Scanner.peekToken() and Scanner.getToken() throw exception instead of returning null + Update: Enhance output of token IDs + Update: Mark - expose buffer and pointer + Update: Improvements in the Bitbucket pipeline + Fix #397: Plain scalars with colons in flow sequences/mappings are valid YAML. This change follows what happens with PyYAML and libyaml (thanks to developers from the YAML community)
* Changes of 1.20 + Fix #393: Improve reflective access operation to avoid warning under Java 9 + Hold #397: because of the inconsistent corner cases the \':\' is not yet allowed in a flow context + Refactor nodes and events - use enum FlowStyle instead of Boolean (minor backwards-incompatible change) + Refactor ScalarToken, ScalarNode and ScalarEvent - use enum ScalarStyle instead of Character (minor backwards-incompatible change) + Refactor Mark - remove unused code (minor backwards-incompatible change) + Fix #395 and #394: Introduce DuplicateKeyException and report line number for duplicate keys when creating non-Javabeans
* Changes of 1.19 + Apply pull request #22: Only use FIELD access for Android in PropertyUtils + Apply pull request #27: Add getAnnotations() and getAnnotation() methods to Property. + Apply pull request #26 and fix #383: Some configuration properties of Representer were ignored. + Fix issue #386:Fix order of duplicate keys indices to prevent wrong removals. + Update: major improvement when parsing JavaBeans. + Fix issue #382 and #322: MethodProperty should check for generic type in getters and setters. + Fix issue #377: Add test for billion laughs attack. + Fix issue #368: Relax final restriction on TypeDescription. + Fix issue #375: Empty YAML file must return null instead of throwing an exception when loading a JavaBean. + Fix issue #374: Localization settings (e.g. fr_CA) convert Number type floats to ints. + Apply pull request #20: Provide access to node\'s anchor + Fix issue #370: Remove redundant \"Bundle-RequiredExecutionEnvironment: J2SE-1.5\" + Fix issue #364: Serializing Calendar objects with certain timezone offsets renders invalid YAML
* Changes of 1.18 + Add: create Android artifact with android classifier + Fix issue #358: Validate DumperOptions to prevent invalid YAML to be dumped. + Fix issue #355: Fix for emitter to split long plain string scalars over multiple lines. + Apply pull request #13: Let Mark implement Serializable so that ParserException can be serialized + Fix issue #337: Throw exception in case of duplicate keys when LoaderOptions.allowDuplicateKeys is false. + Fix issue #351: Keep same nodes order on merge (preprocess keys for MappingNode and remove duplicates keeping the last one). + Fix issue #349: Ignore white spaces for base64 encoded scalar + Fix issue #348: Not removing parent object when composed object is an anchor + Fix issue #323: Support \"Miscellaneous Symbols and Pictographs\". This fix introduces minor backwards-incompatible changes - some of the methods have been renamed. This fixes also long standing issue with iOS emoji + Fix issue #341: Fix NPE in BaseRepresenter.multiRepresenters if it contains \'null\' as a key + Update plugin versions- Removed patch:
* 0001-Replace-bundled-base64-implementation.patch + replaced by other implementation- Modified patch:
* 0002-Replace-bundled-gdata-java-client-classes-with-commo.patch + Rediff to changed context- Added patches:
* 0001-replace-bundled-base64coder-with-java.util.Base64.patch + Replace with internal jdk8+ implementation
* 0003-fix-broken-test.patch + fix a broken test
* Fri Mar 01 2019 fstrbaAATTsuse.com- Packaging of snakeyaml 1.17 based on Fedora package- Generated and customized ant build file- Removed patch:
* snakeyaml-1.10-jdk9.patch + not needed any more
* Thu Nov 02 2017 jgonzalezAATTsuse.com- Fix build with java9- Add:
* snakeyaml-1.10-jdk9.patch
* Tue Jul 01 2014 mseidlAATTsuse.de- modified for sle12
* Fri Nov 18 2011 roAATTsuse.de- explicitly add java-devel to buildrequires
* Fri Aug 26 2011 bmaryniukAATTsuse.com- Removed bootstrap binaries.