Apache Struts latest version

« Changelog History

Apache Struts v7.1.1 Release Notes

• What's Changed

  • ⚡️ WW-5529 Adds autogenerated files with updated desc by @lukaszlenart in #1224
  • ⬆️ WW-5532 Upgrade and align various dependencies by @kusalk in #1232
  • WW-5376 Fix BOM leaking unrelated dependencies by @kusalk in #1234
  • 👍 WW-5533 Add compilation support for Jakarta EE 11 by @kusalk in #1233
  • WW-5530 make DateConverter work for LocalDate and LocalTime by @bill-humblcloud in #1223
  • 🏗 Uses proper config to avoid failing a build when generating JavaDocs by @lukaszlenart in #1240
  • 🔀 WW-5527 Sync tag with main ftl template. by @gregh3269 in #1212
  • WW-5534 Simplify ProxyUtil, add OgnlCache#computeIfAbsent by @kusalk in #1236
  • WW-5534 Allow @StrutsParameter recognition and OGNL allowlist for Spring proxies by @kusalk in #1237
  • WW-5538 Add conversion handling for java.time.OffsetDateTime by @bill-humblcloud in #1241
  • 🔌 WW-5455 Defines a new plugin to support Jasper Reports 7 by @lukaszlenart in #1124
  • WW-5534 Proper fix ModelDriven parameter injection and allowlisting by @kusalk in #1243
  • 👉 Uses new url for Maven Badges app by @lukaszlenart in #1252
  • 🗄 WW-5544 Marks ReflectionContextFactory as deprecated and uses ActionContext instead by @lukaszlenart in #1255
  • WW-5547 Bump com.github.ben-manes.caffeine:caffeine from 3.1.8 to 3.2.0 by @dependabot[bot] in #1257
  • 🛠 WW-5546 Fixes NPE when uploaded file is empty by @lukaszlenart in #1263
  • Adjusts required checks to the new structure by @lukaszlenart in #1264
  • 👉 Uses proper name of check to pass by @lukaszlenart in #1266
  • WW-5548 Defines proper request attributes when forwarding or including final path by @lukaszlenart in #1265
  • WW-5550 Bump asm.version from 9.7.1 to 9.8 by @dependabot[bot] in #1274
  • WW-5551 Bump commons-beanutils:commons-beanutils from 1.9.4 to 1.11.0 in /parent by @dependabot[bot] in #1277
  • WW-5552 Bump weld.version from 5.1.2.Final to 6.0.2.Final by @dependabot[bot] in #1270
  • WW-5553 Bump com.fasterxml.jackson:jackson-bom from 2.18.3 to 2.19.1 by @dependabot[bot] in #1281
  • WW-5557 Bump org.apache.commons:commons-lang3 from 3.17.0 to 3.18.0 in /parent by @dependabot[bot] in #1289
  • Defines basic set of files to work with Claude Code by @lukaszlenart in #1295
  • 🛠 Fixes build check for Struts 6.x by @lukaszlenart in #1308
  • WW-5554 Bump org.apache.struts:struts-annotations from 1.0.8 to 2.0 by @dependabot[bot] in #1311
  • WW-5561 Bump org.apache.commons:commons-text from 1.13.1 to 1.14.0 by @dependabot[bot] in #1312
  • WW-5366 Rejects empty files during upload by @lukaszlenart in #1307
  • WW-5524 Fixup StrutsConverterFactory by @MFAshby in #1309
  • 🚚 WW-5502 Removes deprecated sanitizeNewlines method by @lukaszlenart in #1319
  • WW-5511 Adds missing JavaDocs to addCspHeaders method by @lukaszlenart in #1318
  • WW-5565 Bump org.apache.commons:commons-collections4 from 4.4 to 4.5.0 by @dependabot[bot] in #1323
  • WW-5566 Bump commons-validator:commons-validator from 1.9.0 to 1.10.0 by @dependabot[bot] in #1325
  • 🌲 WW-5567 Bump org.apache.logging.log4j:log4j-bom from 2.24.3 to 2.25.1 by @dependabot[bot] in #1336
  • WW-5569 Bump org.apache.commons:commons-compress from 1.27.1 to 1.28.0 by @dependabot[bot] in #1338
  • WW-5504 Allows to use request instead of session attribute to store nonce by @lukaszlenart in #1352
  • 👌 Improves CLAUDE.md and defines specific subagents by @lukaszlenart in #1363
  • 🤡 WW-5572 Bump org.mockito:mockito-core from 5.15.2 to 5.20.0 by @dependabot[bot] in #1362
  • 🚀 Reverse merge changes from release/7.1.0 by @lukaszlenart in #1364
  • ⬆️ WW-5575 Upgrades commons-io to version 2.20.0 by @lukaszlenart in #1367
  • ⬆️ WW-5574 Upgrades commons-logging to version 1.3.5 by @lukaszlenart in #1366
  • 👌 Improve Claude Code agents configuration for Apache Struts by @lukaszlenart in #1376
  • ⚠ WW-5573 Avoids false positive warning if file doesn't exist already by @lukaszlenart in #1365
  • WW-5577 Bump org.apache.commons:commons-lang3 from 3.18.0 to 3.19.0 by @dependabot[bot] in #1373

  Dependencies

  • ⬆️ Bump actions/upload-artifact from 4.6.0 to 4.6.1 by @dependabot[bot] in #1227
  • ⬆️ Bump github/codeql-action from 3.28.9 to 3.28.10 by @dependabot[bot] in #1228
  • ⬆️ Bump ossf/scorecard-action from 2.4.0 to 2.4.1 by @dependabot[bot] in #1229
  • ⬆️ Bump com.fasterxml.jackson:jackson-bom from 2.18.2 to 2.18.3 by @dependabot[bot] in #1238
  • ⬆️ Bump org.eclipse.transformer:transformer-maven-plugin from 0.5.0 to 1.0.0 by @dependabot[bot] in #1216
  • ⬆️ Bump github/codeql-action from 3.28.10 to 3.28.15 by @dependabot[bot] in #1253
  • ⬆️ Bump actions/upload-artifact from 4.6.1 to 4.6.2 by @dependabot[bot] in #1247
  • ⬆️ Bump org.apache.maven.doxia:doxia-module-markdown from 1.12.0 to 2.0.0 by @dependabot[bot] in #1245
  • ⬆️ Bump byte-buddy.version from 1.17.1 to 1.17.2 by @dependabot[bot] in #1244
  • ⬆️ Bump org.apache.maven.plugins:maven-site-plugin from 3.20.0 to 3.21.0 by @dependabot[bot] in #1256
  • ⬆️ Bump org.owasp:dependency-check-maven from 10.0.4 to 12.1.1 by @dependabot[bot] in #1259
  • ⬆️ Bump github/codeql-action from 3.28.15 to 3.28.17 by @dependabot[bot] in #1261
  • ⬆️ Bump org.htmlunit:htmlunit from 4.9.0 to 4.11.1 by @dependabot[bot] in #1258
  • ⬆️ Bump org.apache.felix:maven-bundle-plugin from 5.1.9 to 6.0.0 by @dependabot[bot] in #1271
  • ⬆️ Bump org.apache.maven.plugins:maven-project-info-reports-plugin from 3.8.0 to 3.9.0 by @dependabot[bot] in #1269
  • ⬆️ Bump byte-buddy.version from 1.17.2 to 1.17.5 by @dependabot[bot] in #1268
  • ⬆️ Bump org.awaitility:awaitility from 4.2.2 to 4.3.0 by @dependabot[bot] in #1276
  • ⬆️ Bump github/codeql-action from 3.28.17 to 3.29.0 by @dependabot[bot] in #1280
  • ⬆️ Bump jasperreports7.version from 7.0.1 to 7.0.3 by @dependabot[bot] in #1275
  • ⬆️ Bump ossf/scorecard-action from 2.4.1 to 2.4.2 by @dependabot[bot] in #1278
  • ⬆️ Bump com.github.ben-manes.caffeine:caffeine from 3.2.0 to 3.2.1 by @dependabot[bot] in #1282
  • ⬆️ Bump github/codeql-action from 3.29.0 to 3.29.2 by @dependabot[bot] in #1288
  • ⬆️ Bump weld.version from 6.0.2.Final to 6.0.3.Final by @dependabot[bot] in #1284
  • ⬆️ Bump org.easymock:easymock from 5.4.0 to 5.6.0 by @dependabot[bot] in #1287
  • ⬆️ Bump org.owasp:dependency-check-maven from 12.1.1 to 12.1.3 by @dependabot[bot] in #1290
  • ⬆️ Bump maven-surefire-plugin.version from 3.5.2 to 3.5.3 by @dependabot[bot] in #1291
  • ⬆️ Bump org.apache.maven.plugins:maven-failsafe-plugin from 3.5.2 to 3.5.3 by @dependabot[bot] in #1292
  • ⬆️ Bump org.apache.commons:commons-text from 1.13.0 to 1.13.1 by @dependabot[bot] in #1293
  • ⬆️ Bump org.apache.maven.plugins:maven-enforcer-plugin from 3.5.0 to 3.6.1 by @dependabot[bot] in #1296
  • ⬆️ Bump com.github.ben-manes.caffeine:caffeine from 3.2.1 to 3.2.2 by @dependabot[bot] in #1297
  • ⬆️ Bump org.htmlunit:htmlunit from 4.11.1 to 4.13.0 by @dependabot[bot] in #1298
  • ⬆️ Bump org.jfree:jfreechart from 1.5.5 to 1.5.6 by @dependabot[bot] in #1299
  • ⬆️ Bump org.codehaus.mojo:exec-maven-plugin from 3.5.0 to 3.5.1 by @dependabot[bot] in #1301
  • ⬆️ Bump org.springframework:spring-framework-bom from 6.2.3 to 6.2.9 by @dependabot[bot] in #1304
  • ⬆️ Bump github/codeql-action from 3.29.2 to 3.29.5 by @dependabot[bot] in https://github.com/a...

Previous changes from v7.0.3

• What's Changed

  • ➕ Adds info about homepage and descritpion to Github repo by @lukaszlenart in #1151
  • 👍 [readme] add link to struts site commercial support page by @ljharb in #1160
  • ➕ Adds additional test cases to match Struts packages by @lukaszlenart in #1161
  • 🚚 WW-5503 Removes unused dependencies by @lukaszlenart in #1159
  • 👉 Uses exact branch name instead of wildcard by @lukaszlenart in #1162
  • ➕ Add YourKit thank you section by @lukaszlenart in #1165
  • ✂ Removes checking branch ref and removes branch name as not needed by @lukaszlenart in #1166
  • ⚡️ Updates SECURITY.md by @lukaszlenart in #1172
  • ⚡️ Updates dependabot.yml by @lukaszlenart in #1173
  • WW-5498 Adds devMode errors as action messages to avoid breaking validation logic by @lukaszlenart in #1170
  • WW-5500 Extends pattern to validate multipart uploads by @lukaszlenart in #1171
  • ➕ Add jakarta package to exclusion list by @kusalk in #1179
  • 🗄 WW-5510 Marks support for tooltips as deprecated by @lukaszlenart in #1185
  • ➕ Adds 6.7.x branch to nigthlies step by @lukaszlenart in #1186
  • 🛠 WW-5517 Fixes <s:debug/> to be compatible with allowlist capability by @lukaszlenart in #1187
  • 7.0: WW-5516 Fix TemplateDir and Theme fallback to Request/Session/Application attributes by @kusalk in #1193
  • 👍 WW-5512 Extends the container to support injecting optional parameters into constructor by @lukaszlenart in #1191
  • 👌 Improves code quality by @lukaszlenart in #1204
  • WW-5526 Fix AttributeMap NPE when PageContext has no request by @kusalk in #1209
  • ⏪ WW-5501 Reverts changes related to WW-5501 by @lukaszlenart in #1219
  • WW-5525 Fix NPE in ProxyUtil for SecurityMemberAccess originating static members by @kusalk in #1214
  • 🛠 WW-5525 Fixes NPE when checking if expressions is acceptable by @lukaszlenart in #1201
  • WW-5529 Drops unused misleading setter setMaxLength in favor of setMaxlength by @lukaszlenart in #1221

  Dependencies

  • ⬆️ Bump org.apache.maven.plugins:maven-failsafe-plugin from 3.5.1 to 3.5.2 by @dependabot in #1147
  • ⬆️ Bump org.codehaus.mojo:exec-maven-plugin from 3.4.1 to 3.5.0 by @dependabot in #1148
  • ⬆️ Bump github/codeql-action from 3.27.7 to 3.27.9 by @dependabot in #1149
  • ⬆️ Bump actions/upload-artifact from 4.4.3 to 4.5.0 by @dependabot in #1155
  • ⬆️ Bump github/codeql-action from 3.27.9 to 3.28.0 by @dependabot in #1154
  • ⬆️ Bump org.codehaus.mojo:versions-maven-plugin from 2.17.1 to 2.18.0 by @dependabot in #1152
  • ⬆️ Bump org.freemarker:freemarker from 2.3.33 to 2.3.34 by @dependabot in #1163
  • ⬆️ Bump org.apache.velocity:velocity-engine-core from 2.3 to 2.4.1 by @dependabot in #1164
  • ⬆️ Bump commons-io:commons-io from 2.15.1 to 2.18.0 by @dependabot in #1133
  • ⬆️ Bump log4j2.version from 2.24.2 to 2.24.3 by @dependabot in #1178
  • ⬆️ Bump github/codeql-action from 3.28.0 to 3.28.1 by @dependabot in #1182
  • ⬆️ Bump actions/upload-artifact from 4.5.0 to 4.6.0 by @dependabot in #1183
  • ⬆️ Bump byte-buddy.version from 1.14.11 to 1.15.11 by @dependabot in #1176
  • ⬆️ Bump org.sitemesh:sitemesh from 3.2.1 to 3.2.2 by @dependabot in #1189
  • ⬆️ Bump github/codeql-action from 3.28.1 to 3.28.5 by @dependabot in #1196
  • ⬆️ Bump byte-buddy.version from 1.15.11 to 1.16.1 by @dependabot in #1198
  • ⬆️ Bump org.apache.commons:commons-text from 1.12.0 to 1.13.0 by @dependabot in #1199
  • ⬆️ Bump github/codeql-action from 3.28.5 to 3.28.8 by @dependabot in #1205
  • ⬆️ Bump org.htmlunit:htmlunit from 4.2.0 to 4.9.0 by @dependabot in #1207
  • ⬆️ Bump github/codeql-action from 3.28.8 to 3.28.9 by @dependabot in #1217

  🆕 New Contributors

  • @ljharb made their first contribution in #1160

  Full Changelog : STRUTS_7_0_0...STRUTS_7_0_3

• All Versions
• Previous v7.0.3