aboutsummaryrefslogtreecommitdiffstats
Commit message (Collapse)AuthorAgeFilesLines
* Do not run Java 18 preview feature tests with Java 19 JDT CoreAlexander Kriegisch2022-10-031-2/+2
| | | | Signed-off-by: Alexander Kriegisch <Alexander@Kriegisch.name>
* Bump ASM to 9.4, supporting Java 20 class filesAlexander Kriegisch2022-10-021-1/+1
| | | | | | | Even though we just upgraded to 9.3 for Java 19, it does not hurt to have ASM recognise the Java 20 class file major version. Signed-off-by: Alexander Kriegisch <Alexander@Kriegisch.name>
* Set Maven version to 1.9.19-SNAPSHOTAlexander Kriegisch2022-10-0228-29/+29
| | | | | | | It makes sense to indicate the Java version in the minor-minor of AspectJ artifacts. Signed-off-by: Alexander Kriegisch <Alexander@Kriegisch.name>
* Set Java 19 compiler version after JDT Core mergeAlexander Kriegisch2022-10-021-1/+1
| | | | | | | In messages_aspectj.properties, set compiler.version to "Eclipse Compiler 5fd28398cc7aba (21Sep2022) - Java19". Signed-off-by: Alexander Kriegisch <Alexander@Kriegisch.name>
* First Java 19 version, barely tested.Alexander Kriegisch2022-10-015-10/+16
| | | | Signed-off-by: Alexander Kriegisch <Alexander@Kriegisch.name>
* Add docs/dist/LICENSE-AspectJ.html to all public artifactsAlexander Kriegisch2022-10-019-7/+65
| | | | | | | | | | | | | | The license file will be included right in the main directory of both binary and source artifacts for - AspectJ Matcher, - AspectJ Runtime, - AspectJ Weaver, - AspectJ Tools (Compiler), - AspectJ Installer. Fixes #185. Signed-off-by: Alexander Kriegisch <Alexander@Kriegisch.name>
* vuln-fix: Partial Path Traversal VulnerabilityJonathan Leitschuh2022-09-102-2/+2
| | | | | | | | | | | | | | | | | | | | | | | This fixes a partial path traversal vulnerability. Replaces `dir.getCanonicalPath().startsWith(parent.getCanonicalPath())`, which is vulnerable to partial path traversal attacks, with the more secure `dir.getCanonicalFile().toPath().startsWith(parent.getCanonicalFile().toPath())`. To demonstrate this vulnerability, consider `"/usr/outnot".startsWith("/usr/out")`. The check is bypassed although `/outnot` is not under the `/out` directory. It's important to understand that the terminating slash may be removed when using various `String` representations of the `File` object. For example, on Linux, `println(new File("/var"))` will print `/var`, but `println(new File("/var", "/")` will print `/var/`; however, `println(new File("/var", "/").getCanonicalPath())` will print `/var`. Weakness: CWE-22: Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') Severity: Medium CVSSS: 6.1 Detection: CodeQL & OpenRewrite (https://public.moderne.io/recipes/org.openrewrite.java.security.PartialPathTraversalVulnerability) Reported-by: Jonathan Leitschuh <Jonathan.Leitschuh@gmail.com> Signed-off-by: Jonathan Leitschuh <Jonathan.Leitschuh@gmail.com> Bug-tracker: https://github.com/JLLeitschuh/security-research/issues/13 Co-authored-by: Moderne <team@moderne.io>
* Improve condy (constant dynamic) supportAlexander Kriegisch2022-08-134-8/+34
| | | | | | Relates to #170. Fixes the "Unknown constant type 17" problem. Signed-off-by: Alexander Kriegisch <Alexander@Kriegisch.name>
* CI build: upgrade from Java 18-EA to 18Alexander Kriegisch2022-07-031-2/+2
| | | | Signed-off-by: Alexander Kriegisch <Alexander@Kriegisch.name>
* Use System.lineSeparator() instead of hand-crafted methodAndrey Turbanov2022-04-211-17/+1
|
* Make IStateListener.aboutToCompareClasspaths use typed listsAlexander Kriegisch2022-04-184-5/+4
| | | | | | | | | | | | | | | | Before, the signature was: void aboutToCompareClasspaths( List oldClasspath, List newClasspath); Now it is: void aboutToCompareClasspaths( List<String> oldClasspath, List<String> newClasspath); AJDT will also use the typed version after generics refactoring. Signed-off-by: Alexander Kriegisch <Alexander@Kriegisch.name>
* Cleanup redundant null check before instanceofAndrey Turbanov2022-04-178-11/+10
|
* Do not use String literal as synchronized lockAndrey Turbanov2022-04-151-1/+1
|
* Reduce 'Object' class usageAndrey Turbanov2022-04-1523-64/+53
|
* Fix suspicious Map.get callAndrey Turbanov2022-04-151-1/+1
|
* Merge pull request #155 from turbanoff/cleanup_redundant_castsAndy Clement2022-04-1250-112/+99
|\ | | | | Remove redundant casts after generics update
| * Remove redundant casts after generics updateAndrey Turbanov2022-04-1250-112/+99
|/
* Merge pull request #131 from turbanoff/use_generics_ajdt.coreAndy Clement2022-04-1121-59/+66
|\ | | | | Update 'org.aspectj.ajdt.core' code to use generics
| * Update 'org.aspectj.ajdt.core' code to use genericsAndrey Turbanov2022-02-2821-59/+66
| |
* | BcelWorld.reportMatch: handle 'kind.getName() == null' correctlyAlexander Kriegisch2022-04-101-5/+7
| | | | | | | | | | | | Fixes #153. Signed-off-by: Alexander Kriegisch <Alexander@Kriegisch.name>
* | Make TypeSafeEnum immutableAlexander Kriegisch2022-04-101-4/+4
| | | | | | | | Signed-off-by: Alexander Kriegisch <Alexander@Kriegisch.name>
* | JavaVersionCompatibility.md: add link to "Java language changes since Java 9"Alexander Kriegisch2022-04-101-1/+6
| | | | | | | | | | https://docs.oracle.com/en/java/javase/18/language/java-language-changes.html Signed-off-by: Alexander Kriegisch <Alexander@Kriegisch.name>
* | Remove obsolete comments in POM mentioning GitHub PackagesAlexander Kriegisch2022-04-101-2/+0
| | | | | | | | Signed-off-by: Alexander Kriegisch <Alexander@Kriegisch.name>
* | Merge pull request #151 from eclipse/150-improve-ci-buildAlexander Kriegisch2022-04-021-1/+51
|\ \ | | | | | | Improve CI build: create docs, use Maven cache, attach artifacts
| * | CI build: attach main artifacts to buildAlexander Kriegisch2022-04-021-0/+27
| | | | | | | | | | | | | | | | | | Relates to #150. Signed-off-by: Alexander Kriegisch <Alexander@Kriegisch.name>
| * | CI build: create docs and attach them to buildAlexander Kriegisch2022-04-021-1/+12
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | In order to create the docs separately, running just a single module, add 'install' to the previous build step, so the 'docs' module can find the 'lib' dummy JAR in the local Maven repo. Relates to #150. Signed-off-by: Alexander Kriegisch <Alexander@Kriegisch.name>
| * | CI build: use Maven cacheAlexander Kriegisch2022-04-021-0/+12
|/ / | | | | | | | | | | Relates to #150. Signed-off-by: Alexander Kriegisch <Alexander@Kriegisch.name>
* | Merge pull request #149 from eclipse/148-remove-aspectj-browserAlexander Kriegisch2022-04-0248-2898/+191
|\ \ | | | | | | Remove AspectJ Browser
| * | Remove AspectJ Browser (ajbrowser) code and documentationAlexander Kriegisch2022-04-0248-2898/+191
|/ / | | | | | | | | | | | | Closes #148. TODO: Should more AJDE stuff be removed? Signed-off-by: Alexander Kriegisch <Alexander@Kriegisch.name>
* | Delete unused directories org.aspectj.lib, shadows.org.eclipse.jdt.coreAlexander Kriegisch2022-04-0120-937/+0
| | | | | | | | | | | | | | | | | | | | I have not used those directories or any files inside them at all. I hope I am not taking away anything helpful from people who prefer working with inter-linked Eclipse projects instead of Maven, but I think we will notice if anyone complains and can revert in case of an emergency. Signed-off-by: Alexander Kriegisch <Alexander@Kriegisch.name>
* | Remove Aspectj.dev artifact and plugin repositoriesAlexander Kriegisch2022-04-012-29/+2
| | | | | | | | | | | | | | | | | | | | | | After having removed the custom-built Maven Shade version, there should be no more references to artifacts in that repository left. Let us see if the build passes. Furthermore, since being a committer, I can also attach AspectJ installers to GitHub releases. Signed-off-by: Alexander Kriegisch <Alexander@Kriegisch.name>
* | Bump Maven Shade Plugin to 3.3.0, add TODO to remove Flatten Maven PluginAlexander Kriegisch2022-04-011-7/+5
| | | | | | | | | | | | | | | | | | Fixed issues of concern include MSHADE-252, MSHADE-396, MSHADE-391. TODO: MSHADE-36 is in Maven Shade 3.3.0 -> it should be possible to include the dependency-reduced POM there directly. So maybe, we can rid of Flatten Maven Plugin. Signed-off-by: Alexander Kriegisch <Alexander@Kriegisch.name>
* | Set version to 1.9.10-SNAPSHOTAlexander Kriegisch2022-03-3129-29/+29
| | | | | | | | Signed-off-by: Alexander Kriegisch <Alexander@Kriegisch.name>
* | Release AspectJ version 1.9.9.1V1_9_9_1Alexander Kriegisch2022-03-3129-29/+29
| | | | | | | | Signed-off-by: Alexander Kriegisch <Alexander@Kriegisch.name>
* | Bump JDT Core to 1.9.9.1Alexander Kriegisch2022-03-311-1/+1
| | | | | | | | Signed-off-by: Alexander Kriegisch <Alexander@Kriegisch.name>
* | Add AspectJ 1.9.9.1 delta to existing 1.9.9 release notesAlexander Kriegisch2022-03-311-4/+20
| | | | | | | | | | | | | | The minor release from a user perspective is just going to be about Signed-off-by: Alexander Kriegisch <Alexander@Kriegisch.name> #145, so we are not creating an extra release notes document.
* | UseJDKExtendedCharsets.java: add "how to fix test" commentAlexander Kriegisch2022-03-311-0/+7
| | | | | | | | Signed-off-by: Alexander Kriegisch <Alexander@Kriegisch.name>
* | Merge pull request #147 from kriegaex/revert-full-ltw-java18Alexander Kriegisch2022-03-3121-199/+188
|\ \ | | | | | | Fix JDK-version-dependent test JVM arguments in POM
| * | Revert "Fix more LTW tests"Alexander Kriegisch2022-03-313-32/+5
| | | | | | | | | | | | This reverts commit 63d5e3e893bd149245465de1610716930998dec8.
| * | Revert "AtAjLTWTests: 4 test cases switched to 'useFullLTW' mode"Alexander Kriegisch2022-03-312-14/+13
| | | | | | | | | | | | This reverts commit 5288ef1c1c8be2df85e59740f41622f4cfb9d899.
| * | Revert "A few dozen more tests need 'useFullLTW' mode"Alexander Kriegisch2022-03-3113-145/+145
| | | | | | | | | | | | This reverts commit 8c15d83a466843b5dba8ba454329baaca0080cc5.
| * | POM bug: separate jvm.arg.allowSecurityManager from jvm.arg.addOpensAlexander Kriegisch2022-03-315-8/+25
|/ / | | | | | | | | | | | | | | | | | | | | | | Before, this was in a single variable, and for JDK 18+, the security manager setting also falsely overwrote the '--add-opens' command. This was the root cause for a few dozen LTW tests to fail on JDK 18, if they were not run in full LTW mode, i.e. in a separate JVM. After this fix, it should be possible to revert the corresponding commits, at least their non-cosmetic parts. Signed-off-by: Alexander Kriegisch <Alexander@Kriegisch.name>
* | Merge pull request #146 from kriegaex/gh-145Alexander Kriegisch2022-03-3114-77/+228
|\ \ | | | | | | Make AJC respect `--add-reads` and `--add-exports`
| * | Add some smoke test cases for '--add-reads' and '--add-modules'Alexander Kriegisch2022-03-319-4/+129
| | | | | | | | | | | | | | | | | | | | | in order to show that the compiler options basically work. The test cases are by no means exhaustive and simply verify that it works at all. Signed-off-by: Alexander Kriegisch <Alexander@Kriegisch.name>
| * | AjcTestCase: be less verbose when appending to buffer repeatedlyAlexander Kriegisch2022-03-311-71/+39
| | | | | | | | | | | | | | | | | | | | | | | | Also put 'else (if)' and 'finally' on new lines rather than after the preceding closing curly braces. This helps IDEs when using code folding (show/hide content of code blocks enclosed in curly braces). Signed-off-by: Alexander Kriegisch <Alexander@Kriegisch.name>
| * | Make sure to always print commands when running Java test classesAlexander Kriegisch2022-03-312-8/+10
| | | | | | | | | | | | | | | | | | | | | In some cases, the 'java ...' command was not printed, which is especially unhelpful when tests fail. Signed-off-by: Alexander Kriegisch <Alexander@Kriegisch.name>
| * | Use upstream method to generate '--add-reads', '--add-exports' infoAlexander Kriegisch2022-03-272-4/+9
| | | | | | | | | | | | | | | | | | | | | | | | and copy it into our FileSystem instance. In order to be able to access JDT Core's FileSystem.moduleUpdates field, we had to make it public there first. Signed-off-by: Alexander Kriegisch <Alexander@Kriegisch.name>
| * | Add test case + experimental fix for AJC option '--add-exports'Alexander Kriegisch2022-03-276-2/+53
|/ / | | | | | | | | | | | | I am expecting the test case to pass, but other tests to fail. This temporary commit is meant to create feedback from GitHub CI test runs. Signed-off-by: Alexander Kriegisch <Alexander@Kriegisch.name>
* | IDE.md: add download info for AspectJ installerAlexander Kriegisch2022-03-241-0/+12
| | | | | | | | Signed-off-by: Alexander Kriegisch <Alexander@Kriegisch.name>
* | Merge pull request #140 from kriegaex/java-18Alexander Kriegisch2022-03-2495-711/+1637
|\ \ | | | | | | Prepare code, tests and docs for Java 18
generated by cgit v1.2.3 (git 2.39.1) at 2025-02-01 12:51:44 +0000