Skip to content

2.5.1.0

Choose a tag to compare

View all tags
@kwwall kwwall released this 27 Nov 22:24
· 151 commits to develop since this release
esapi-2.5.1.0
This tag was signed with the committer’s verified signature.
kwwall Kevin W. Wall
GPG key ID: 337995638A2A524F
Verified
Learn about vigilant mode.
958892f
This commit was signed with the committer’s verified signature.
kwwall Kevin W. Wall
GPG key ID: 337995638A2A524F
Verified
Learn about vigilant mode.

Update summary

  1. Updates to latest versions of direct dependencies, including:
  • An update to AntiSamy: 1.7.0 --> 1.7.2
  • An update to SLFJ4 API: 1.7.36 --> 2.0.4 (Note: 2.0.5 is available and likely would would result in "convergence" issues with the version AntiSamy 1.7.2 pulls in)
  1. A new codec (org.owasp.esapi.codecs.JSONCodec) is provided that provides JSON output encoding as per section 7 of RFC 8259. It is made available via Encoder.encodeForJSON(). (Note unlike other encoders, there is no corresponding decoder (i.e., decodeForJSON()) made available. Since that would normally be done by your JavaScript code, it wasn't deemed essential.
  2. Executing 'mvn site' now creates Javadoc for the ESAPI tag library (GitHub issue #733).

Details

For full details, please see the release notes for ESAPI release 2.5.1.0 located at:
https://github.com/ESAPI/esapi-java-legacy/blob/develop/documentation/esapi4java-core-2.5.1.0-release-notes.txt

Note the file "esapi-2.5.1.0-configuration.jar" contains the default ESAPI configuration files under 'configuration/' (ESAPI.properties, validation.properties, etc.) and the file "esapi-2.5.1.0-configuration.jar.asc" is a GPG signature of that jar file made by 'Kevin W. Wall (GitHub signing key) [email protected]'.

Assets 4
Loading