Sourced from ratpack-core's releases.

v1.8.0

Ratpack 1.8.0 is now available!

This release adds support for configuring a proxy to utilize with the HttpClient for outgoing requests, additional convenience methods for Promise.retry, a number of dependency updates, and other improvements .

The following core dependencies have been upgraded:

• Netty 4.1.37.Final → 4.1.48.Final
• Netty TCNative 2.0.25.Final → 2.0.30.Final
• Jackson 2.9.8 → 2.10.3
• Slf4j 1.7.25 → 1.7.30
• Guava 21.0 → 28.2-jre
• Dropwizard Metrics 4.0.5 → 4.1.6
• Log4j 2.6.2 → 2.13.1
• Caffeine 2.6.2 → 2.8.1
• Retrofit 2.4.0 → 2.8.1

Ratpack's HttpClient can now be configured to utilize a proxy server when sending requests using the HttpClientSpec. proxy method. Configuring the proxy requires specifying the host and port of the proxy. Optionally, the configured proxy can be bypassed for a set of destinations. This set uses the same pattern matching utilized by the core Java libraries and specified here: https://docs.oracle.com/javase/8/docs/technotes/guides/net/proxies.html. It should be noted that the HttpClient does not respect the http.proxyHost, http.proxyPort, and http.nonProxyHosts system properties.

In this release, Promise.retry has been extended to allow for specifying a Predicate to indicate when the RetryPolicy should be evaluated.

There are also a few other new convenience methods added to support easier development and testing of Ratpack applications. Thanks to all who contributed.

We hope you enjoy Ratpack 1.8.

--

Team Ratpack

v1.7.6

This release includes a fix for a security vulnerability. This upgrade is recommended for all Ratpack users.

Versions of Ratpack 0.9.10 through and including 1.7.5 are vulnerable to CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') (aka. XSS), in the development error handler. An attacker can utilize this to perform XSS when an exception message contains untrusted data.

This vulnerability only exists in the handler that renders an internal server error as a readable HTML page which is activates when Ratpack is running in development mode. This mode is only activate by user request (i.e. setting development(true) in the ServerConfig, setting RATPACK_DEVELOPMENT=true in the environment), or when Ratpack detects it is running in an IDE (i.e. IntelliJ), being run by the Groovy shell, or attached to a debugger. By default, Ratpack sets development(false) when packaged as a Jar.

Users should verify that they are not running Ratpack with development mode activated in production environments.

We would like to thank Jonathan Leitschuh for reporting this vulnerability.

Please see the security advisory for this issue for more information.

v1.7.5

This release includes several minor bug fixes, and a fix for a security vulnerability. This upgrade is recommended for everyone using 1.7.x.

Versions of Ratpack 0.9.1 through and including 1.7.4 are vulnerable to HTTP Response Splitting, if untrusted and unsanitized data is used to populate the headers of a HTTP response. An attacker can utilize this vulnerability to have the server issue any HTTP response they specify.

... (truncated)

Sourced from ratpack-core's changelog.

v1.8.0

• 5f70b04 Version 1.8.0
• af9b71a Add javadoc and use try-with-resource
• a953b51 Merge pull request #1516 from andsel/feature/add_port_file_server_config
• 5a822db Merge pull request #1515 from annamalai87/test-enhancement
• 5c2f987 Merge pull request #1514 from ratpack/promise-onComplete
• bec0228 Added definition of portFile configuration property into ServerConfig
• 0360ac4 executingSingle with registry
• d816a2a Add Promise.onComplete.
• ec5b9a5 fix: additional guava deprecations in manual and javadoc.
• 93917a9 chore: update disruptor version to correspond with log4j update
• Additional commits viewable in compare view

Sourced from ratpack-dropwizard-metrics's releases.

v1.8.0

Ratpack 1.8.0 is now available!

This release adds support for configuring a proxy to utilize with the HttpClient for outgoing requests, additional convenience methods for Promise.retry, a number of dependency updates, and other improvements .

The following core dependencies have been upgraded:

• Netty 4.1.37.Final → 4.1.48.Final
• Netty TCNative 2.0.25.Final → 2.0.30.Final
• Jackson 2.9.8 → 2.10.3
• Slf4j 1.7.25 → 1.7.30
• Guava 21.0 → 28.2-jre
• Dropwizard Metrics 4.0.5 → 4.1.6
• Log4j 2.6.2 → 2.13.1
• Caffeine 2.6.2 → 2.8.1
• Retrofit 2.4.0 → 2.8.1

Ratpack's HttpClient can now be configured to utilize a proxy server when sending requests using the HttpClientSpec. proxy method. Configuring the proxy requires specifying the host and port of the proxy. Optionally, the configured proxy can be bypassed for a set of destinations. This set uses the same pattern matching utilized by the core Java libraries and specified here: https://docs.oracle.com/javase/8/docs/technotes/guides/net/proxies.html. It should be noted that the HttpClient does not respect the http.proxyHost, http.proxyPort, and http.nonProxyHosts system properties.

In this release, Promise.retry has been extended to allow for specifying a Predicate to indicate when the RetryPolicy should be evaluated.

There are also a few other new convenience methods added to support easier development and testing of Ratpack applications. Thanks to all who contributed.

We hope you enjoy Ratpack 1.8.

--

Team Ratpack

v1.7.6

This release includes a fix for a security vulnerability. This upgrade is recommended for all Ratpack users.

Versions of Ratpack 0.9.10 through and including 1.7.5 are vulnerable to CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') (aka. XSS), in the development error handler. An attacker can utilize this to perform XSS when an exception message contains untrusted data.

This vulnerability only exists in the handler that renders an internal server error as a readable HTML page which is activates when Ratpack is running in development mode. This mode is only activate by user request (i.e. setting development(true) in the ServerConfig, setting RATPACK_DEVELOPMENT=true in the environment), or when Ratpack detects it is running in an IDE (i.e. IntelliJ), being run by the Groovy shell, or attached to a debugger. By default, Ratpack sets development(false) when packaged as a Jar.

Users should verify that they are not running Ratpack with development mode activated in production environments.

We would like to thank Jonathan Leitschuh for reporting this vulnerability.

Please see the security advisory for this issue for more information.

v1.7.5

This release includes several minor bug fixes, and a fix for a security vulnerability. This upgrade is recommended for everyone using 1.7.x.

Versions of Ratpack 0.9.1 through and including 1.7.4 are vulnerable to HTTP Response Splitting, if untrusted and unsanitized data is used to populate the headers of a HTTP response. An attacker can utilize this vulnerability to have the server issue any HTTP response they specify.

... (truncated)

Sourced from ratpack-dropwizard-metrics's changelog.

v1.8.0

• 5f70b04 Version 1.8.0
• af9b71a Add javadoc and use try-with-resource
• a953b51 Merge pull request #1516 from andsel/feature/add_port_file_server_config
• 5a822db Merge pull request #1515 from annamalai87/test-enhancement
• 5c2f987 Merge pull request #1514 from ratpack/promise-onComplete
• bec0228 Added definition of portFile configuration property into ServerConfig
• 0360ac4 executingSingle with registry
• d816a2a Add Promise.onComplete.
• ec5b9a5 fix: additional guava deprecations in manual and javadoc.
• 93917a9 chore: update disruptor version to correspond with log4j update
• Additional commits viewable in compare view

Sourced from ratpack-handlebars's releases.

v1.8.0

Ratpack 1.8.0 is now available!

This release adds support for configuring a proxy to utilize with the HttpClient for outgoing requests, additional convenience methods for Promise.retry, a number of dependency updates, and other improvements .

The following core dependencies have been upgraded:

• Netty 4.1.37.Final → 4.1.48.Final
• Netty TCNative 2.0.25.Final → 2.0.30.Final
• Jackson 2.9.8 → 2.10.3
• Slf4j 1.7.25 → 1.7.30
• Guava 21.0 → 28.2-jre
• Dropwizard Metrics 4.0.5 → 4.1.6
• Log4j 2.6.2 → 2.13.1
• Caffeine 2.6.2 → 2.8.1
• Retrofit 2.4.0 → 2.8.1

Ratpack's HttpClient can now be configured to utilize a proxy server when sending requests using the HttpClientSpec. proxy method. Configuring the proxy requires specifying the host and port of the proxy. Optionally, the configured proxy can be bypassed for a set of destinations. This set uses the same pattern matching utilized by the core Java libraries and specified here: https://docs.oracle.com/javase/8/docs/technotes/guides/net/proxies.html. It should be noted that the HttpClient does not respect the http.proxyHost, http.proxyPort, and http.nonProxyHosts system properties.

In this release, Promise.retry has been extended to allow for specifying a Predicate to indicate when the RetryPolicy should be evaluated.

There are also a few other new convenience methods added to support easier development and testing of Ratpack applications. Thanks to all who contributed.

We hope you enjoy Ratpack 1.8.

--

Team Ratpack

v1.7.6

This release includes a fix for a security vulnerability. This upgrade is recommended for all Ratpack users.

Versions of Ratpack 0.9.10 through and including 1.7.5 are vulnerable to CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') (aka. XSS), in the development error handler. An attacker can utilize this to perform XSS when an exception message contains untrusted data.

This vulnerability only exists in the handler that renders an internal server error as a readable HTML page which is activates when Ratpack is running in development mode. This mode is only activate by user request (i.e. setting development(true) in the ServerConfig, setting RATPACK_DEVELOPMENT=true in the environment), or when Ratpack detects it is running in an IDE (i.e. IntelliJ), being run by the Groovy shell, or attached to a debugger. By default, Ratpack sets development(false) when packaged as a Jar.

Users should verify that they are not running Ratpack with development mode activated in production environments.

We would like to thank Jonathan Leitschuh for reporting this vulnerability.

Please see the security advisory for this issue for more information.

v1.7.5

This release includes several minor bug fixes, and a fix for a security vulnerability. This upgrade is recommended for everyone using 1.7.x.

Versions of Ratpack 0.9.1 through and including 1.7.4 are vulnerable to HTTP Response Splitting, if untrusted and unsanitized data is used to populate the headers of a HTTP response. An attacker can utilize this vulnerability to have the server issue any HTTP response they specify.

... (truncated)

Sourced from ratpack-handlebars's changelog.

v1.8.0

• 5f70b04 Version 1.8.0
• af9b71a Add javadoc and use try-with-resource
• a953b51 Merge pull request #1516 from andsel/feature/add_port_file_server_config
• 5a822db Merge pull request #1515 from annamalai87/test-enhancement
• 5c2f987 Merge pull request #1514 from ratpack/promise-onComplete
• bec0228 Added definition of portFile configuration property into ServerConfig
• 0360ac4 executingSingle with registry
• d816a2a Add Promise.onComplete.
• ec5b9a5 fix: additional guava deprecations in manual and javadoc.
• 93917a9 chore: update disruptor version to correspond with log4j update
• Additional commits viewable in compare view

Sourced from ratpack-guice's releases.

v1.8.0

Ratpack 1.8.0 is now available!

This release adds support for configuring a proxy to utilize with the HttpClient for outgoing requests, additional convenience methods for Promise.retry, a number of dependency updates, and other improvements .

The following core dependencies have been upgraded:

• Netty 4.1.37.Final → 4.1.48.Final
• Netty TCNative 2.0.25.Final → 2.0.30.Final
• Jackson 2.9.8 → 2.10.3
• Slf4j 1.7.25 → 1.7.30
• Guava 21.0 → 28.2-jre
• Dropwizard Metrics 4.0.5 → 4.1.6
• Log4j 2.6.2 → 2.13.1
• Caffeine 2.6.2 → 2.8.1
• Retrofit 2.4.0 → 2.8.1

Ratpack's HttpClient can now be configured to utilize a proxy server when sending requests using the HttpClientSpec. proxy method. Configuring the proxy requires specifying the host and port of the proxy. Optionally, the configured proxy can be bypassed for a set of destinations. This set uses the same pattern matching utilized by the core Java libraries and specified here: https://docs.oracle.com/javase/8/docs/technotes/guides/net/proxies.html. It should be noted that the HttpClient does not respect the http.proxyHost, http.proxyPort, and http.nonProxyHosts system properties.

In this release, Promise.retry has been extended to allow for specifying a Predicate to indicate when the RetryPolicy should be evaluated.

There are also a few other new convenience methods added to support easier development and testing of Ratpack applications. Thanks to all who contributed.

We hope you enjoy Ratpack 1.8.

--

Team Ratpack

v1.7.6

This release includes a fix for a security vulnerability. This upgrade is recommended for all Ratpack users.

Versions of Ratpack 0.9.10 through and including 1.7.5 are vulnerable to CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') (aka. XSS), in the development error handler. An attacker can utilize this to perform XSS when an exception message contains untrusted data.

This vulnerability only exists in the handler that renders an internal server error as a readable HTML page which is activates when Ratpack is running in development mode. This mode is only activate by user request (i.e. setting development(true) in the ServerConfig, setting RATPACK_DEVELOPMENT=true in the environment), or when Ratpack detects it is running in an IDE (i.e. IntelliJ), being run by the Groovy shell, or attached to a debugger. By default, Ratpack sets development(false) when packaged as a Jar.

Users should verify that they are not running Ratpack with development mode activated in production environments.

We would like to thank Jonathan Leitschuh for reporting this vulnerability.

Please see the security advisory for this issue for more information.

v1.7.5

This release includes several minor bug fixes, and a fix for a security vulnerability. This upgrade is recommended for everyone using 1.7.x.

Versions of Ratpack 0.9.1 through and including 1.7.4 are vulnerable to HTTP Response Splitting, if untrusted and unsanitized data is used to populate the headers of a HTTP response. An attacker can utilize this vulnerability to have the server issue any HTTP response they specify.

... (truncated)

Sourced from ratpack-guice's changelog.

v1.8.0

• 5f70b04 Version 1.8.0
• af9b71a Add javadoc and use try-with-resource
• a953b51 Merge pull request #1516 from andsel/feature/add_port_file_server_config
• 5a822db Merge pull request #1515 from annamalai87/test-enhancement
• 5c2f987 Merge pull request #1514 from ratpack/promise-onComplete
• bec0228 Added definition of portFile configuration property into ServerConfig
• 0360ac4 executingSingle with registry
• d816a2a Add Promise.onComplete.
• ec5b9a5 fix: additional guava deprecations in manual and javadoc.
• 93917a9 chore: update disruptor version to correspond with log4j update
• Additional commits viewable in compare view

Sourced from ratpack-groovy's releases.

v1.8.0

Ratpack 1.8.0 is now available!

This release adds support for configuring a proxy to utilize with the HttpClient for outgoing requests, additional convenience methods for Promise.retry, a number of dependency updates, and other improvements .

The following core dependencies have been upgraded:

• Netty 4.1.37.Final → 4.1.48.Final
• Netty TCNative 2.0.25.Final → 2.0.30.Final
• Jackson 2.9.8 → 2.10.3
• Slf4j 1.7.25 → 1.7.30
• Guava 21.0 → 28.2-jre
• Dropwizard Metrics 4.0.5 → 4.1.6
• Log4j 2.6.2 → 2.13.1
• Caffeine 2.6.2 → 2.8.1
• Retrofit 2.4.0 → 2.8.1

Ratpack's HttpClient can now be configured to utilize a proxy server when sending requests using the HttpClientSpec. proxy method. Configuring the proxy requires specifying the host and port of the proxy. Optionally, the configured proxy can be bypassed for a set of destinations. This set uses the same pattern matching utilized by the core Java libraries and specified here: https://docs.oracle.com/javase/8/docs/technotes/guides/net/proxies.html. It should be noted that the HttpClient does not respect the http.proxyHost, http.proxyPort, and http.nonProxyHosts system properties.

In this release, Promise.retry has been extended to allow for specifying a Predicate to indicate when the RetryPolicy should be evaluated.

There are also a few other new convenience methods added to support easier development and testing of Ratpack applications. Thanks to all who contributed.

We hope you enjoy Ratpack 1.8.

--

Team Ratpack

v1.7.6

This release includes a fix for a security vulnerability. This upgrade is recommended for all Ratpack users.

Versions of Ratpack 0.9.10 through and including 1.7.5 are vulnerable to CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') (aka. XSS), in the development error handler. An attacker can utilize this to perform XSS when an exception message contains untrusted data.

This vulnerability only exists in the handler that renders an internal server error as a readable HTML page which is activates when Ratpack is running in development mode. This mode is only activate by user request (i.e. setting development(true) in the ServerConfig, setting RATPACK_DEVELOPMENT=true in the environment), or when Ratpack detects it is running in an IDE (i.e. IntelliJ), being run by the Groovy shell, or attached to a debugger. By default, Ratpack sets development(false) when packaged as a Jar.

Users should verify that they are not running Ratpack with development mode activated in production environments.

We would like to thank Jonathan Leitschuh for reporting this vulnerability.

Please see the security advisory for this issue for more information.

v1.7.5

This release includes several minor bug fixes, and a fix for a security vulnerability. This upgrade is recommended for everyone using 1.7.x.

Versions of Ratpack 0.9.1 through and including 1.7.4 are vulnerable to HTTP Response Splitting, if untrusted and unsanitized data is used to populate the headers of a HTTP response. An attacker can utilize this vulnerability to have the server issue any HTTP response they specify.

... (truncated)

Sourced from ratpack-groovy's changelog.

v1.8.0

• 5f70b04 Version 1.8.0
• af9b71a Add javadoc and use try-with-resource
• a953b51 Merge pull request #1516 from andsel/feature/add_port_file_server_config
• 5a822db Merge pull request #1515 from annamalai87/test-enhancement
• 5c2f987 Merge pull request #1514 from ratpack/promise-onComplete
• bec0228 Added definition of portFile configuration property into ServerConfig
• 0360ac4 executingSingle with registry
• d816a2a Add Promise.onComplete.
• ec5b9a5 fix: additional guava deprecations in manual and javadoc.
• 93917a9 chore: update disruptor version to correspond with log4j update
• Additional commits viewable in compare view

Sourced from ratpack-newrelic's releases.

v1.8.0

Ratpack 1.8.0 is now available!

This release adds support for configuring a proxy to utilize with the HttpClient for outgoing requests, additional convenience methods for Promise.retry, a number of dependency updates, and other improvements .

The following core dependencies have been upgraded:

• Netty 4.1.37.Final → 4.1.48.Final
• Netty TCNative 2.0.25.Final → 2.0.30.Final
• Jackson 2.9.8 → 2.10.3
• Slf4j 1.7.25 → 1.7.30
• Guava 21.0 → 28.2-jre
• Dropwizard Metrics 4.0.5 → 4.1.6
• Log4j 2.6.2 → 2.13.1
• Caffeine 2.6.2 → 2.8.1
• Retrofit 2.4.0 → 2.8.1

Ratpack's HttpClient can now be configured to utilize a proxy server when sending requests using the HttpClientSpec. proxy method. Configuring the proxy requires specifying the host and port of the proxy. Optionally, the configured proxy can be bypassed for a set of destinations. This set uses the same pattern matching utilized by the core Java libraries and specified here: https://docs.oracle.com/javase/8/docs/technotes/guides/net/proxies.html. It should be noted that the HttpClient does not respect the http.proxyHost, http.proxyPort, and http.nonProxyHosts system properties.

In this release, Promise.retry has been extended to allow for specifying a Predicate to indicate when the RetryPolicy should be evaluated.

There are also a few other new convenience methods added to support easier development and testing of Ratpack applications. Thanks to all who contributed.

We hope you enjoy Ratpack 1.8.

--

Team Ratpack

v1.7.6

This release includes a fix for a security vulnerability. This upgrade is recommended for all Ratpack users.

Versions of Ratpack 0.9.10 through and including 1.7.5 are vulnerable to CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') (aka. XSS), in the development error handler. An attacker can utilize this to perform XSS when an exception message contains untrusted data.

This vulnerability only exists in the handler that renders an internal server error as a readable HTML page which is activates when Ratpack is running in development mode. This mode is only activate by user request (i.e. setting development(true) in the ServerConfig, setting RATPACK_DEVELOPMENT=true in the environment), or when Ratpack detects it is running in an IDE (i.e. IntelliJ), being run by the Groovy shell, or attached to a debugger. By default, Ratpack sets development(false) when packaged as a Jar.

Users should verify that they are not running Ratpack with development mode activated in production environments.

We would like to thank Jonathan Leitschuh for reporting this vulnerability.

Please see the security advisory for this issue for more information.

v1.7.5

This release includes several minor bug fixes, and a fix for a security vulnerability. This upgrade is recommended for everyone using 1.7.x.

Versions of Ratpack 0.9.1 through and including 1.7.4 are vulnerable to HTTP Response Splitting, if untrusted and unsanitized data is used to populate the headers of a HTTP response. An attacker can utilize this vulnerability to have the server issue any HTTP response they specify.

... (truncated)

Sourced from ratpack-newrelic's changelog.

v1.8.0

• 5f70b04 Version 1.8.0
• af9b71a Add javadoc and use try-with-resource
• a953b51 Merge pull request #1516 from andsel/feature/add_port_file_server_config
• 5a822db Merge pull request #1515 from annamalai87/test-enhancement
• 5c2f987 Merge pull request #1514 from ratpack/promise-onComplete
• bec0228 Added definition of portFile configuration property into ServerConfig
• 0360ac4 executingSingle with registry
• d816a2a Add Promise.onComplete.
• ec5b9a5 fix: additional guava deprecations in manual and javadoc.
• 93917a9 chore: update disruptor version to correspond with log4j update
• Additional commits viewable in compare view

Sourced from ratpack-rx's releases.

v1.8.0

Ratpack 1.8.0 is now available!

This release adds support for configuring a proxy to utilize with the HttpClient for outgoing requests, additional convenience methods for Promise.retry, a number of dependency updates, and other improvements .

The following core dependencies have been upgraded:

• Netty 4.1.37.Final → 4.1.48.Final
• Netty TCNative 2.0.25.Final → 2.0.30.Final
• Jackson 2.9.8 → 2.10.3
• Slf4j 1.7.25 → 1.7.30
• Guava 21.0 → 28.2-jre
• Dropwizard Metrics 4.0.5 → 4.1.6
• Log4j 2.6.2 → 2.13.1
• Caffeine 2.6.2 → 2.8.1
• Retrofit 2.4.0 → 2.8.1

Ratpack's HttpClient can now be configured to utilize a proxy server when sending requests using the HttpClientSpec. proxy method. Configuring the proxy requires specifying the host and port of the proxy. Optionally, the configured proxy can be bypassed for a set of destinations. This set uses the same pattern matching utilized by the core Java libraries and specified here: https://docs.oracle.com/javase/8/docs/technotes/guides/net/proxies.html. It should be noted that the HttpClient does not respect the http.proxyHost, http.proxyPort, and http.nonProxyHosts system properties.

In this release, Promise.retry has been extended to allow for specifying a Predicate to indicate when the RetryPolicy should be evaluated.

There are also a few other new convenience methods added to support easier development and testing of Ratpack applications. Thanks to all who contributed.

We hope you enjoy Ratpack 1.8.

--

Team Ratpack

v1.7.6

This release includes a fix for a security vulnerability. This upgrade is recommended for all Ratpack users.

Versions of Ratpack 0.9.10 through and including 1.7.5 are vulnerable to CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') (aka. XSS), in the development error handler. An attacker can utilize this to perform XSS when an exception message contains untrusted data.

This vulnerability only exists in the handler that renders an internal server error as a readable HTML page which is activates when Ratpack is running in development mode. This mode is only activate by user request (i.e. setting development(true) in the ServerConfig, setting RATPACK_DEVELOPMENT=true in the environment), or when Ratpack detects it is running in an IDE (i.e. IntelliJ), being run by the Groovy shell, or attached to a debugger. By default, Ratpack sets development(false) when packaged as a Jar.

Users should verify that they are not running Ratpack with development mode activated in production environments.

We would like to thank Jonathan Leitschuh for reporting this vulnerability.

Please see the security advisory for this issue for more information.

v1.7.5

This release includes several minor bug fixes, and a fix for a security vulnerability. This upgrade is recommended for everyone using 1.7.x.

Versions of Ratpack 0.9.1 through and including 1.7.4 are vulnerable to HTTP Response Splitting, if untrusted and unsanitized data is used to populate the headers of a HTTP response. An attacker can utilize this vulnerability to have the server issue any HTTP response they specify.

... (truncated)

Sourced from ratpack-rx's changelog.

v1.8.0

• 5f70b04 Version 1.8.0
• af9b71a Add javadoc and use try-with-resource
• a953b51 Merge pull request #1516 from andsel/feature/add_port_file_server_config
• 5a822db Merge pull request #1515 from annamalai87/test-enhancement
• 5c2f987 Merge pull request #1514 from ratpack/promise-onComplete
• bec0228 Added definition of portFile configuration property into ServerConfig
• 0360ac4 executingSingle with registry
• d816a2a Add Promise.onComplete.
• ec5b9a5 fix: additional guava deprecations in manual and javadoc.
• 93917a9 chore: update disruptor version to correspond with log4j update
• Additional commits viewable in compare view

Sourced from ratpack-session's releases.

v1.8.0

Ratpack 1.8.0 is now available!

This release adds support for configuring a proxy to utilize with the HttpClient for outgoing requests, additional convenience methods for Promise.retry, a number of dependency updates, and other improvements .

The following core dependencies have been upgraded:

• Netty 4.1.37.Final → 4.1.48.Final
• Netty TCNative 2.0.25.Final → 2.0.30.Final
• Jackson 2.9.8 → 2.10.3
• Slf4j 1.7.25 → 1.7.30
• Guava 21.0 → 28.2-jre
• Dropwizard Metrics 4.0.5 → 4.1.6
• Log4j 2.6.2 → 2.13.1
• Caffeine 2.6.2 → 2.8.1
• Retrofit 2.4.0 → 2.8.1

Ratpack's HttpClient can now be configured to utilize a proxy server when sending requests using the HttpClientSpec. proxy method. Configuring the proxy requires specifying the host and port of the proxy. Optionally, the configured proxy can be bypassed for a set of destinations. This set uses the same pattern matching utilized by the core Java libraries and specified here: https://docs.oracle.com/javase/8/docs/technotes/guides/net/proxies.html. It should be noted that the HttpClient does not respect the http.proxyHost, http.proxyPort, and http.nonProxyHosts system properties.

In this release, Promise.retry has been extended to allow for specifying a Predicate to indicate when the RetryPolicy should be evaluated.

There are also a few other new convenience methods added to support easier development and testing of Ratpack applications. Thanks to all who contributed.

We hope you enjoy Ratpack 1.8.

--

Team Ratpack

v1.7.6

This release includes a fix for a security vulnerability. This upgrade is recommended for all Ratpack users.

Versions of Ratpack 0.9.10 through and including 1.7.5 are vulnerable to CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') (aka. XSS), in the development error handler. An attacker can utilize this to perform XSS when an exception message contains untrusted data.

This vulnerability only exists in the handler that renders an internal server error as a readable HTML page which is activates when Ratpack is running in development mode. This mode is only activate by user request (i.e. setting development(true) in the ServerConfig, setting RATPACK_DEVELOPMENT=true in the environment), or when Ratpack detects it is running in an IDE (i.e. IntelliJ), being run by the Groovy shell, or attached to a debugger. By default, Ratpack sets development(false) when packaged as a Jar.

Users should verify that they are not running Ratpack with development mode activated in production environments.

We would like to thank Jonathan Leitschuh for reporting this vulnerability.

Please see the security advisory for this issue for more information.

v1.7.5

This release includes several minor bug fixes, and a fix for a security vulnerability. This upgrade is recommended for everyone using 1.7.x.

Versions of Ratpack 0.9.1 through and including 1.7.4 are vulnerable to HTTP Response Splitting, if untrusted and unsanitized data is used to populate the headers of a HTTP response. An attacker can utilize this vulnerability to have the server issue any HTTP response they specify.

... (truncated)

Sourced from ratpack-session's changelog.

v1.8.0

• 5f70b04 Version 1.8.0
• af9b71a Add javadoc and use try-with-resource
• a953b51 Merge pull request #1516 from andsel/feature/add_port_file_server_config
• 5a822db Merge pull request #1515 from annamalai87/test-enhancement
• 5c2f987 Merge pull request #1514 from ratpack/promise-onComplete
• bec0228 Added definition of portFile configuration property into ServerConfig
• 0360ac4 executingSingle with registry
• d816a2a Add Promise.onComplete.
• ec5b9a5 fix: additional guava deprecations in manual and javadoc.
• 93917a9 chore: update disruptor version to correspond with log4j update
• Additional commits viewable in compare view

Sourced from ratpack-session-redis's releases.

v1.8.0

Ratpack 1.8.0 is now available!

This release adds support for configuring a proxy to utilize with the HttpClient for outgoing requests, additional convenience methods for Promise.retry, a number of dependency updates, and other improvements .

The following core dependencies have been upgraded:

• Netty 4.1.37.Final → 4.1.48.Final
• Netty TCNative 2.0.25.Final → 2.0.30.Final
• Jackson 2.9.8 → 2.10.3
• Slf4j 1.7.25 → 1.7.30
• Guava 21.0 → 28.2-jre
• Dropwizard Metrics 4.0.5 → 4.1.6
• Log4j 2.6.2 → 2.13.1
• Caffeine 2.6.2 → 2.8.1
• Retrofit 2.4.0 → 2.8.1

Ratpack's HttpClient can now be configured to utilize a proxy server when sending requests using the HttpClientSpec. proxy method. Configuring the proxy requires specifying the host and port of the proxy. Optionally, the configured proxy can be bypassed for a set of destinations. This set uses the same pattern matching utilized by the core Java libraries and specified here: https://docs.oracle.com/javase/8/docs/technotes/guides/net/proxies.html. It should be noted that the HttpClient does not respect the http.proxyHost, http.proxyPort, and http.nonProxyHosts system properties.

In this release, Promise.retry has been extended to allow for specifying a Predicate to indicate when the RetryPolicy should be evaluated.

There are also a few other new convenience methods added to support easier development and testing of Ratpack applications. Thanks to all who contributed.

We hope you enjoy Ratpack 1.8.

--

Team Ratpack

v1.7.6

This release includes a fix for a security vulnerability. This upgrade is recommended for all Ratpack users.

Versions of Ratpack 0.9.10 through and including 1.7.5 are vulnerable to CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') (aka. XSS), in the development error handler. An attacker can utilize this to perform XSS when an exception message contains untrusted data.

This vulnerability only exists in the handler that renders an internal server error as a readable HTML page which is activates when Ratpack is running in development mode. This mode is only activate by user request (i.e. setting development(true) in the ServerConfig, setting RATPACK_DEVELOPMENT=true in the environment), or when Ratpack detects it is running in an IDE (i.e. IntelliJ), being run by the Groovy shell, or attached to a debugger. By default, Ratpack sets development(false) when packaged as a Jar.

Users should verify that they are not running Ratpack with development mode activated in production environments.

We would like to thank Jonathan Leitschuh for reporting this vulnerability.

Please see the security advisory for this issue for more information.

v1.7.5

This release includes several minor bug fixes, and a fix for a security vulnerability. This upgrade is recommended for everyone using 1.7.x.

Versions of Ratpack 0.9.1 through and including 1.7.4 are vulnerable to HTTP Response Splitting, if untrusted and unsanitized data is used to populate the headers of a HTTP response. An attacker can utilize this vulnerability to have the server issue any HTTP response they specify.

... (truncated)

Sourced from ratpack-session-redis's changelog.

v1.8.0

• 5f70b04 Version 1.8.0
• af9b71a Add javadoc and use try-with-resource
• a953b51 Merge pull request #1516 from andsel/feature/add_port_file_server_config
• 5a822db Merge pull request #1515 from annamalai87/test-enhancement
• 5c2f987 Merge pull request #1514 from ratpack/promise-onComplete
• bec0228 Added definition of portFile configuration property into ServerConfig
• 0360ac4 executingSingle with registry
• d816a2a Add Promise.onComplete.
• ec5b9a5 fix: additional guava deprecations in manual and javadoc.
• 93917a9 chore: update disruptor version to correspond with log4j update
• Additional commits viewable in compare view

Sourced from ratpack-spring-boot's releases.

v1.8.0

Ratpack 1.8.0 is now available!

This release adds support for configuring a proxy to utilize with the HttpClient for outgoing requests, additional convenience methods for Promise.retry, a number of dependency updates, and other improvements .

The following core dependencies have been upgraded:

• Netty 4.1.37.Final → 4.1.48.Final
• Netty TCNative 2.0.25.Final → 2.0.30.Final
• Jackson 2.9.8 → 2.10.3
• Slf4j 1.7.25 → 1.7.30
• Guava 21.0 → 28.2-jre
• Dropwizard Metrics 4.0.5 → 4.1.6
• Log4j 2.6.2 → 2.13.1
• Caffeine 2.6.2 → 2.8.1
• Retrofit 2.4.0 → 2.8.1

Ratpack's HttpClient can now be configured to utilize a proxy server when sending requests using the HttpClientSpec. proxy method. Configuring the proxy requires specifying the host and port of the proxy. Optionally, the configured proxy can be bypassed for a set of destinations. This set uses the same pattern matching utilized by the core Java libraries and specified here: https://docs.oracle.com/javase/8/docs/technotes/guides/net/proxies.html. It should be noted that the HttpClient does not respect the http.proxyHost, http.proxyPort, and http.nonProxyHosts system properties.

In this release, Promise.retry has been extended to allow for specifying a Predicate to indicate when the RetryPolicy should be evaluated.

There are also a few other new convenience methods added to support easier development and testing of Ratpack applications. Thanks to all who contributed.

We hope you enjoy Ratpack 1.8.

--

Team Ratpack

v1.7.6

This release includes a fix for a security vulnerability. This upgrade is recommended for all Ratpack users.

Versions of Ratpack 0.9.10 through and including 1.7.5 are vulnerable to CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') (aka. XSS), in the development error handler. An attacker can utilize this to perform XSS when an exception message contains untrusted data.

This vulnerability only exists in the handler that renders an internal server error as a readable HTML page which is activates when Ratpack is running in development mode. This mode is only activate by user request (i.e. setting development(true) in the ServerConfig, setting RATPACK_DEVELOPMENT=true in the environment), or when Ratpack detects it is running in an IDE (i.e. IntelliJ), being run by the Groovy shell, or attached to a debugger. By default, Ratpack sets development(false) when packaged as a Jar.

Users should verify that they are not running Ratpack with development mode activated in production environments.

We would like to thank Jonathan Leitschuh for reporting this vulnerability.

Please see the security advisory for this issue for more information.

v1.7.5

This release includes several minor bug fixes, and a fix for a security vulnerability. This upgrade is recommended for everyone using 1.7.x.

Versions of Ratpack 0.9.1 through and including 1.7.4 are vulnerable to HTTP Response Splitting, if untrusted and unsanitized data is used to populate the headers of a HTTP response. An attacker can utilize this vulnerability to have the server issue any HTTP response they specify.

... (truncated)

Sourced from ratpack-spring-boot's changelog.

v1.8.0

• 5f70b04 Version 1.8.0
• af9b71a Add javadoc and use try-with-resource
• a953b51 Merge pull request #1516 from andsel/feature/add_port_file_server_config
• 5a822db Merge pull request #1515 from annamalai87/test-enhancement
• 5c2f987 Merge pull request #1514 from ratpack/promise-onComplete
• bec0228 Added definition of portFile configuration property into ServerConfig
• 0360ac4 executingSingle with registry
• d816a2a Add Promise.onComplete.
• ec5b9a5 fix: additional guava deprecations in manual and javadoc.
• 93917a9 chore: update disruptor version to correspond with log4j update
• Additional commits viewable in compare view

Sourced from ratpack-thymeleaf's releases.

v1.8.0

Ratpack 1.8.0 is now available!

This release adds support for configuring a proxy to utilize with the HttpClient for outgoing requests, additional convenience methods for Promise.retry, a number of dependency updates, and other improvements .

The following core dependencies have been upgraded:

• Netty 4.1.37.Final → 4.1.48.Final
• Netty TCNative 2.0.25.Final → 2.0.30.Final
• Jackson 2.9.8 → 2.10.3
• Slf4j 1.7.25 → 1.7.30
• Guava 21.0 → 28.2-jre
• Dropwizard Metrics 4.0.5 → 4.1.6
• Log4j 2.6.2 → 2.13.1
• Caffeine 2.6.2 → 2.8.1
• Retrofit 2.4.0 → 2.8.1

Ratpack's HttpClient can now be configured to utilize a proxy server when sending requests using the HttpClientSpec. proxy method. Configuring the proxy requires specifying the host and port of the proxy. Optionally, the configured proxy can be bypassed for a set of destinations. This set uses the same pattern matching utilized by the core Java libraries and specified here: https://docs.oracle.com/javase/8/docs/technotes/guides/net/proxies.html. It should be noted that the HttpClient does not respect the http.proxyHost, http.proxyPort, and http.nonProxyHosts system properties.

In this release, Promise.retry has been extended to allow for specifying a Predicate to indicate when the RetryPolicy should be evaluated.

There are also a few other new convenience methods added to support easier development and testing of Ratpack applications. Thanks to all who contributed.

We hope you enjoy Ratpack 1.8.

--

Team Ratpack

v1.7.6

This release includes a fix for a security vulnerability. This upgrade is recommended for all Ratpack users.

Versions of Ratpack 0.9.10 through and including 1.7.5 are vulnerable to CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') (aka. XSS), in the development error handler. An attacker can utilize this to perform XSS when an exception message contains untrusted data.

This vulnerability only exists in the handler that renders an internal server error as a readable HTML page which is activates when Ratpack is running in development mode. This mode is only activate by user request (i.e. setting development(true) in the ServerConfig, setting RATPACK_DEVELOPMENT=true in the environment), or when Ratpack detects it is running in an IDE (i.e. IntelliJ), being run by the Groovy shell, or attached to a debugger. By default, Ratpack sets development(false) when packaged as a Jar.

Users should verify that they are not running Ratpack with development mode activated in production environments.

We would like to thank Jonathan Leitschuh for reporting this vulnerability.

Please see the security advisory for this issue for more information.

v1.7.5

This release includes several minor bug fixes, and a fix for a security vulnerability. This upgrade is recommended for everyone using 1.7.x.

Versions of Ratpack 0.9.1 through and including 1.7.4 are vulnerable to HTTP Response Splitting, if untrusted and unsanitized data is used to populate the headers of a HTTP response. An attacker can utilize this vulnerability to have the server issue any HTTP response they specify.

... (truncated)

Sourced from ratpack-thymeleaf's changelog.

v1.8.0

• 5f70b04 Version 1.8.0
• af9b71a Add javadoc and use try-with-resource
• a953b51 Merge pull request #1516 from andsel/feature/add_port_file_server_config
• 5a822db Merge pull request #1515 from annamalai87/test-enhancement
• 5c2f987 Merge pull request #1514 from ratpack/promise-onComplete
• bec0228 Added definition of portFile configuration property into ServerConfig
• 0360ac4 executingSingle with registry
• d816a2a Add Promise.onComplete.
• ec5b9a5 fix: additional guava deprecations in manual and javadoc.
• 93917a9 chore: update disruptor version to correspond with log4j update
• Additional commits viewable in compare view

You can trigger Dependabot actions by commenting on this PR:

• @dependabot rebase will rebase this PR
• @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
• @dependabot merge will merge this PR after your CI passes on it
• @dependabot squash and merge will squash and merge this PR after your CI passes on it
• @dependabot cancel merge will cancel a previously requested merge and block automerging
• @dependabot reopen will reopen this PR if it is closed
• @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
• @dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
• @dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
• @dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)
• @dependabot use these labels will set the current labels as the default for future PRs for this repo and language
• @dependabot use these reviewers will set the current reviewers as the default for future PRs for this repo and language
• @dependabot use these assignees will set the current assignees as the default for future PRs for this repo and language
• @dependabot use this milestone will set the current milestone as the default for future PRs for this repo and language

You can disable automated security fix PRs for this repo from the Security Alerts page.