[request] Developer Portal Plugin #367
Comments
sonicaghi
added
idea/new plugin
|
👍 👍 |
|
+1 |
|
How you guys envision this? As on-prem plugin that runs on your server or cloud plugin that you click a button and spin up a https://developer.yourcompany.com dev portal w/ relative admin. |
|
I think the nice thing about Kong is that it's just doing the technical stuff, making it ideal to implement in your own portal. Kong is a gateway, not a management suite (or am I wrong?). Perhaps you should use Mashape then ;-) |
|
@dvh Kong core is the gateway and always will be. But the plugins, can be 1,000s and eventually cover all the use cases related to API problems, from monitoring to dev portal. In this case Kong will become a platform and the value from the ecosystem will be much greater than the sum of its parts. Those who just want the gateway won't activate other plugins, while companies looking into one-shop to solve all their API problems can find all their solutions in the plugins gallery, and if not, they can always build one their self. |
|
Alright, then I agree ;-) |
|
Pretty cool feature, I agree 👍 |
|
coming very soon. |
|
A first version of Dev Portal plugin will be available in the 0.6 |
|
+1 |
thibaultcha
removed
user suggestion
idea/new plugin
sonicaghi
changed the title
|
Integration on the way! http://blog.mashape.com/mashape-acquires-gelato-io-to-provide-dev-portals-for-everyone/ |
|
It's pretty cool thank @sinzone 👍 |
|
Any docs for this integration? |
|
@CoreySwish It's still in the works, but coming soon. |
|
I've worked on a frontend GUI for managing a Kong setup. It's available here for those interested: |
|
Following up on this: Is this feature going to be available as a free plugin or only as a part of paid plans? |
|
@JohanTan This integration (not a full plugin yet) is now live: https://docs.gelato.io/guides/using-gelato-with-kong - it's a commercial integration (https://gelato.io/pricing) but there is a free plan if you need it for OSS projects. |
|
Is the plan that Gelato will also be able to do the creation (and maintenance) of APIs, Consumers and Plugins? From what I can see now there is a way to "integrate" with Kong but that doesn't actually appear to give me an ability to add new APIs through the Gelato interface. Maybe I'm missing something though. |
|
@arsdehnel the plan would be to release a separate product that will provide a GUI for Kong, built on top of the Kong API. The plan is to release it tentatively around Q3/Q4 2016. |
|
Alright, good deal and thanks for the clarification. |
|
@thefosk The Kong GUI will be an open-source product or a SaaS like Gelato or Galileo? |
|
Closing this due to the now-available Admin Portals and Gelato integration options. |
bungle
added a commit
that referenced
this issue
May 6, 2021
### Summary - deprecate: `permute.iter`, renamed to `permute.order_iter` (removal later) [#360](lunarmodules/Penlight#360) - deprecate: `permute.table`, renamed to `permute.order_table` (removal later) [#360](lunarmodules/Penlight#360) - deprecate: `Date` module (removal later) [#367](lunarmodules/Penlight#367) - feat: `permute.list_iter` to iterate over different sets of values [#360](lunarmodules/Penlight#360) - feat: `permute.list_table` generate table with different sets of values [#360](lunarmodules/Penlight#360) - feat: Lua 5.4 'warn' compatibility function [#366](lunarmodules/Penlight#366) - feat: deprecation functionality `utils.raise_deprecation` [#361](lunarmodules/Penlight#361) - feat: `utils.splitv` now takes same args as `split` [#373](lunarmodules/Penlight#373) - fix: `dir.rmtree` failed to remove symlinks to directories [#365](lunarmodules/Penlight#365) - fix: `pretty.write` could error out on failing metamethods (Lua 5.3+) [#368](lunarmodules/Penlight#368) - fix: `app.parse` now correctly parses values containing '=' or ':' [#373](lunarmodules/Penlight#373) - fix: `dir.makepath` failed to create top-level directories [#372](lunarmodules/Penlight#372) - overhaul: `array2d` module was updated, got additional tests and several documentation updates [#377](lunarmodules/Penlight#377) - feat: `aray2d` now accepts negative indices - feat: `array2d.row` added to align with `column` - fix: bad error message in `array2d.map` - fix: `array2d.flatten` now ensures to deliver a 'square' result if `nil` is encountered - feat: `array2d.transpose` added - feat: `array2d.swap_rows` and `array2d.swap_cols` now return the array - fix: `aray2d.range` correctly recognizes `R` column in spreadsheet format, was mistaken for `R1C1` format. - fix: `aray2d.range` correctly recognizes 2 char column in spreadsheet format - feat: `array2d.default_range` added (previously private) - feat: `array2d.set` if used with a function now passes `i,j` to the function in line with the `new` implementation. - fix: `array2d.iter` didn't properly iterate the indices [#376](lunarmodules/Penlight#376) - feat: `array2d.columns` now returns a second value; the column index - feat: `array2d.rows` added to be in line with `columns`
bungle
added a commit
that referenced
this issue
May 6, 2021
### Summary - deprecate: `permute.iter`, renamed to `permute.order_iter` (removal later) [#360](lunarmodules/Penlight#360) - deprecate: `permute.table`, renamed to `permute.order_table` (removal later) [#360](lunarmodules/Penlight#360) - deprecate: `Date` module (removal later) [#367](lunarmodules/Penlight#367) - feat: `permute.list_iter` to iterate over different sets of values [#360](lunarmodules/Penlight#360) - feat: `permute.list_table` generate table with different sets of values [#360](lunarmodules/Penlight#360) - feat: Lua 5.4 'warn' compatibility function [#366](lunarmodules/Penlight#366) - feat: deprecation functionality `utils.raise_deprecation` [#361](lunarmodules/Penlight#361) - feat: `utils.splitv` now takes same args as `split` [#373](lunarmodules/Penlight#373) - fix: `dir.rmtree` failed to remove symlinks to directories [#365](lunarmodules/Penlight#365) - fix: `pretty.write` could error out on failing metamethods (Lua 5.3+) [#368](lunarmodules/Penlight#368) - fix: `app.parse` now correctly parses values containing '=' or ':' [#373](lunarmodules/Penlight#373) - fix: `dir.makepath` failed to create top-level directories [#372](lunarmodules/Penlight#372) - overhaul: `array2d` module was updated, got additional tests and several documentation updates [#377](lunarmodules/Penlight#377) - feat: `aray2d` now accepts negative indices - feat: `array2d.row` added to align with `column` - fix: bad error message in `array2d.map` - fix: `array2d.flatten` now ensures to deliver a 'square' result if `nil` is encountered - feat: `array2d.transpose` added - feat: `array2d.swap_rows` and `array2d.swap_cols` now return the array - fix: `aray2d.range` correctly recognizes `R` column in spreadsheet format, was mistaken for `R1C1` format. - fix: `aray2d.range` correctly recognizes 2 char column in spreadsheet format - feat: `array2d.default_range` added (previously private) - feat: `array2d.set` if used with a function now passes `i,j` to the function in line with the `new` implementation. - fix: `array2d.iter` didn't properly iterate the indices [#376](lunarmodules/Penlight#376) - feat: `array2d.columns` now returns a second value; the column index - feat: `array2d.rows` added to be in line with `columns`
kikito
pushed a commit
that referenced
this issue
Apr 23, 2024
### Summary
#### 2.6.0
```
Release 2.6.0 Tue February 6 2024
Security fixes:
#789 #814 CVE-2023-52425 -- Fix quadratic runtime issues with big tokens
that can cause denial of service, in partial where
dealing with compressed XML input. Applications
that parsed a document in one go -- a single call to
functions XML_Parse or XML_ParseBuffer -- were not affected.
The smaller the chunks/buffers you use for parsing
previously, the bigger the problem prior to the fix.
Backporters should be careful to no omit parts of
pull request #789 and to include earlier pull request #771,
in order to not break the fix.
#777 CVE-2023-52426 -- Fix billion laughs attacks for users
compiling *without* XML_DTD defined (which is not common).
Users with XML_DTD defined have been protected since
Expat >=2.4.0 (and that was CVE-2013-0340 back then).
Bug fixes:
#753 Fix parse-size-dependent "invalid token" error for
external entities that start with a byte order mark
#780 Fix NULL pointer dereference in setContext via
XML_ExternalEntityParserCreate for compilation with
XML_DTD undefined
#812 #813 Protect against closing entities out of order
Other changes:
#723 Improve support for arc4random/arc4random_buf
#771 #788 Improve buffer growth in XML_GetBuffer and XML_Parse
#761 #770 xmlwf: Support --help and --version
#759 #770 xmlwf: Support custom buffer size for XML_GetBuffer and read
#744 xmlwf: Improve language and URL clickability in help output
#673 examples: Add new example "element_declarations.c"
#764 Be stricter about macro XML_CONTEXT_BYTES at build time
#765 Make inclusion to expat_config.h consistent
#726 #727 Autotools: configure.ac: Support --disable-maintainer-mode
#678 #705 ..
#706 #733 #792 Autotools: Sync CMake templates with CMake 3.26
#795 Autotools: Make installation of shipped man page doc/xmlwf.1
independent of docbook2man availability
#815 Autotools|CMake: Add missing -DXML_STATIC to pkg-config file
section "Cflags.private" in order to fix compilation
against static libexpat using pkg-config on Windows
#724 #751 Autotools|CMake: Require a C99 compiler
(a de-facto requirement already since Expat 2.2.2 of 2017)
#793 Autotools|CMake: Fix PACKAGE_BUGREPORT variable
#750 #786 Autotools|CMake: Make test suite require a C++11 compiler
#749 CMake: Require CMake >=3.5.0
#672 CMake: Lowercase off_t and size_t to help a bug in Meson
#746 CMake: Sort xmlwf sources alphabetically
#785 CMake|Windows: Fix generation of DLL file version info
#790 CMake: Build tests/benchmark/benchmark.c as well for
a build with -DEXPAT_BUILD_TESTS=ON
#745 #757 docs: Document the importance of isFinal + adjust tests
accordingly
#736 docs: Improve use of "NULL" and "null"
#713 docs: Be specific about version of XML (XML 1.0r4)
and version of C (C99); (XML 1.0r5 will need a sponsor.)
#762 docs: reference.html: Promote function XML_ParseBuffer more
#779 docs: reference.html: Add HTML anchors to XML_* macros
#760 docs: reference.html: Upgrade to OK.css 1.2.0
#763 #739 docs: Fix typos
#696 docs|CI: Use HTTPS URLs instead of HTTP at various places
#669 #670 ..
#692 #703 ..
#733 #772 Address compiler warnings
#798 #800 Address clang-tidy warnings
#775 #776 Version info bumped from 9:10:8 (libexpat*.so.1.8.10)
to 10:0:9 (libexpat*.so.1.9.0); see https://verbump.de/
for what these numbers do
Infrastructure:
#700 #701 docs: Document security policy in file SECURITY.md
#766 docs: Improve parse buffer variables in-code documentation
#674 #738 ..
#740 #747 ..
#748 #781 #782 Refactor coverage and conformance tests
#714 #716 Refactor debug level variables to unsigned long
#671 Improve handling of empty environment variable value
in function getDebugLevel (without visible user effect)
#755 #774 ..
#758 #783 ..
#784 #787 tests: Improve test coverage with regard to parse chunk size
#660 #797 #801 Fuzzing: Improve fuzzing coverage
#367 #799 Fuzzing|CI: Start running OSS-Fuzz fuzzing regression tests
#698 #721 CI: Resolve some Travis CI leftovers
#669 CI: Be robust towards absence of Git tags
#693 #694 CI: Set permissions to "contents: read" for security
#709 CI: Pin all GitHub Actions to specific commits for security
#739 CI: Reject spelling errors using codespell
#798 CI: Enforce clang-tidy clean code
#773 #808 ..
#809 #810 CI: Upgrade Clang from 15 to 18
#796 CI: Start using Clang's Control Flow Integrity sanitizer
#675 #720 #722 CI: Adapt to breaking changes in GitHub Actions Ubuntu images
#689 CI: Adapt to breaking changes in Clang/LLVM Debian packaging
#763 CI: Adapt to breaking changes in codespell
#803 CI: Adapt to breaking changes in Cppcheck
Special thanks to:
Ivan Galkin
Joyce Brum
Philippe Antoine
Rhodri James
Snild Dolkow
spookyahell
Steven Garske
and
Clang AddressSanitizer
Clang UndefinedBehaviorSanitizer
codespell
GCC Farm Project
OSS-Fuzz
Sony Mobile
```
#### 2.6.1
```
Release 2.6.1 Thu February 29 2024
Bug fixes:
#817 Make tests independent of CPU speed, and thus more robust
#828 #836 Expose billion laughs API with XML_DTD defined and
XML_GE undefined, regression from 2.6.0
Other changes:
#829 Hide test-only code behind new internal macro
#833 Autotools: Reject expat_config.h.in defining SIZEOF_VOID_P
#819 Address compiler warnings
#832 #834 Version info bumped from 10:0:9 (libexpat*.so.1.9.0)
to 10:1:9 (libexpat*.so.1.9.1); see https://verbump.de/
for what these numbers do
Infrastructure:
#818 CI: Adapt to breaking changes in clang-format
Special thanks to:
David Hall
Snild Dolkow
```
#### 2.6.2
```
Release 2.6.2 Wed March 13 2024
Security fixes:
#839 #842 CVE-2024-28757 -- Prevent billion laughs attacks with
isolated use of external parsers. Please see the commit
message of commit 1d50b80cf31de87750103656f6eb693746854aa8
for details.
Bug fixes:
#839 #841 Reject direct parameter entity recursion
and avoid the related undefined behavior
Other changes:
#847 Autotools: Fix build for DOCBOOK_TO_MAN containing spaces
#837 Add missing #821 and #824 to 2.6.1 change log
#838 #843 Version info bumped from 10:1:9 (libexpat*.so.1.9.1)
to 10:2:9 (libexpat*.so.1.9.2); see https://verbump.de/
for what these numbers do
Special thanks to:
Philippe Antoine
Tomas Korbar
and
Clang UndefinedBehaviorSanitizer
OSS-Fuzz / ClusterFuzz
```
Signed-off-by: Aapo Talvensaari <aapo.talvensaari@gmail.com>
bungle
added a commit
that referenced
this issue
Apr 23, 2024
### Summary
#### 2.6.0
```
Release 2.6.0 Tue February 6 2024
Security fixes:
#789 #814 CVE-2023-52425 -- Fix quadratic runtime issues with big tokens
that can cause denial of service, in partial where
dealing with compressed XML input. Applications
that parsed a document in one go -- a single call to
functions XML_Parse or XML_ParseBuffer -- were not affected.
The smaller the chunks/buffers you use for parsing
previously, the bigger the problem prior to the fix.
Backporters should be careful to no omit parts of
pull request #789 and to include earlier pull request #771,
in order to not break the fix.
#777 CVE-2023-52426 -- Fix billion laughs attacks for users
compiling *without* XML_DTD defined (which is not common).
Users with XML_DTD defined have been protected since
Expat >=2.4.0 (and that was CVE-2013-0340 back then).
Bug fixes:
#753 Fix parse-size-dependent "invalid token" error for
external entities that start with a byte order mark
#780 Fix NULL pointer dereference in setContext via
XML_ExternalEntityParserCreate for compilation with
XML_DTD undefined
#812 #813 Protect against closing entities out of order
Other changes:
#723 Improve support for arc4random/arc4random_buf
#771 #788 Improve buffer growth in XML_GetBuffer and XML_Parse
#761 #770 xmlwf: Support --help and --version
#759 #770 xmlwf: Support custom buffer size for XML_GetBuffer and read
#744 xmlwf: Improve language and URL clickability in help output
#673 examples: Add new example "element_declarations.c"
#764 Be stricter about macro XML_CONTEXT_BYTES at build time
#765 Make inclusion to expat_config.h consistent
#726 #727 Autotools: configure.ac: Support --disable-maintainer-mode
#678 #705 ..
#706 #733 #792 Autotools: Sync CMake templates with CMake 3.26
#795 Autotools: Make installation of shipped man page doc/xmlwf.1
independent of docbook2man availability
#815 Autotools|CMake: Add missing -DXML_STATIC to pkg-config file
section "Cflags.private" in order to fix compilation
against static libexpat using pkg-config on Windows
#724 #751 Autotools|CMake: Require a C99 compiler
(a de-facto requirement already since Expat 2.2.2 of 2017)
#793 Autotools|CMake: Fix PACKAGE_BUGREPORT variable
#750 #786 Autotools|CMake: Make test suite require a C++11 compiler
#749 CMake: Require CMake >=3.5.0
#672 CMake: Lowercase off_t and size_t to help a bug in Meson
#746 CMake: Sort xmlwf sources alphabetically
#785 CMake|Windows: Fix generation of DLL file version info
#790 CMake: Build tests/benchmark/benchmark.c as well for
a build with -DEXPAT_BUILD_TESTS=ON
#745 #757 docs: Document the importance of isFinal + adjust tests
accordingly
#736 docs: Improve use of "NULL" and "null"
#713 docs: Be specific about version of XML (XML 1.0r4)
and version of C (C99); (XML 1.0r5 will need a sponsor.)
#762 docs: reference.html: Promote function XML_ParseBuffer more
#779 docs: reference.html: Add HTML anchors to XML_* macros
#760 docs: reference.html: Upgrade to OK.css 1.2.0
#763 #739 docs: Fix typos
#696 docs|CI: Use HTTPS URLs instead of HTTP at various places
#669 #670 ..
#692 #703 ..
#733 #772 Address compiler warnings
#798 #800 Address clang-tidy warnings
#775 #776 Version info bumped from 9:10:8 (libexpat*.so.1.8.10)
to 10:0:9 (libexpat*.so.1.9.0); see https://verbump.de/
for what these numbers do
Infrastructure:
#700 #701 docs: Document security policy in file SECURITY.md
#766 docs: Improve parse buffer variables in-code documentation
#674 #738 ..
#740 #747 ..
#748 #781 #782 Refactor coverage and conformance tests
#714 #716 Refactor debug level variables to unsigned long
#671 Improve handling of empty environment variable value
in function getDebugLevel (without visible user effect)
#755 #774 ..
#758 #783 ..
#784 #787 tests: Improve test coverage with regard to parse chunk size
#660 #797 #801 Fuzzing: Improve fuzzing coverage
#367 #799 Fuzzing|CI: Start running OSS-Fuzz fuzzing regression tests
#698 #721 CI: Resolve some Travis CI leftovers
#669 CI: Be robust towards absence of Git tags
#693 #694 CI: Set permissions to "contents: read" for security
#709 CI: Pin all GitHub Actions to specific commits for security
#739 CI: Reject spelling errors using codespell
#798 CI: Enforce clang-tidy clean code
#773 #808 ..
#809 #810 CI: Upgrade Clang from 15 to 18
#796 CI: Start using Clang's Control Flow Integrity sanitizer
#675 #720 #722 CI: Adapt to breaking changes in GitHub Actions Ubuntu images
#689 CI: Adapt to breaking changes in Clang/LLVM Debian packaging
#763 CI: Adapt to breaking changes in codespell
#803 CI: Adapt to breaking changes in Cppcheck
Special thanks to:
Ivan Galkin
Joyce Brum
Philippe Antoine
Rhodri James
Snild Dolkow
spookyahell
Steven Garske
and
Clang AddressSanitizer
Clang UndefinedBehaviorSanitizer
codespell
GCC Farm Project
OSS-Fuzz
Sony Mobile
```
#### 2.6.1
```
Release 2.6.1 Thu February 29 2024
Bug fixes:
#817 Make tests independent of CPU speed, and thus more robust
#828 #836 Expose billion laughs API with XML_DTD defined and
XML_GE undefined, regression from 2.6.0
Other changes:
#829 Hide test-only code behind new internal macro
#833 Autotools: Reject expat_config.h.in defining SIZEOF_VOID_P
#819 Address compiler warnings
#832 #834 Version info bumped from 10:0:9 (libexpat*.so.1.9.0)
to 10:1:9 (libexpat*.so.1.9.1); see https://verbump.de/
for what these numbers do
Infrastructure:
#818 CI: Adapt to breaking changes in clang-format
Special thanks to:
David Hall
Snild Dolkow
```
#### 2.6.2
```
Release 2.6.2 Wed March 13 2024
Security fixes:
#839 #842 CVE-2024-28757 -- Prevent billion laughs attacks with
isolated use of external parsers. Please see the commit
message of commit 1d50b80cf31de87750103656f6eb693746854aa8
for details.
Bug fixes:
#839 #841 Reject direct parameter entity recursion
and avoid the related undefined behavior
Other changes:
#847 Autotools: Fix build for DOCBOOK_TO_MAN containing spaces
#837 Add missing #821 and #824 to 2.6.1 change log
#838 #843 Version info bumped from 10:1:9 (libexpat*.so.1.9.1)
to 10:2:9 (libexpat*.so.1.9.2); see https://verbump.de/
for what these numbers do
Special thanks to:
Philippe Antoine
Tomas Korbar
and
Clang UndefinedBehaviorSanitizer
OSS-Fuzz / ClusterFuzz
```
Signed-off-by: Aapo Talvensaari <aapo.talvensaari@gmail.com>
tysoekong
pushed a commit
that referenced
this issue
Apr 26, 2024
```
Release 2.6.0 Tue February 6 2024
Security fixes:
#789 #814 CVE-2023-52425 -- Fix quadratic runtime issues with big tokens
that can cause denial of service, in partial where
dealing with compressed XML input. Applications
that parsed a document in one go -- a single call to
functions XML_Parse or XML_ParseBuffer -- were not affected.
The smaller the chunks/buffers you use for parsing
previously, the bigger the problem prior to the fix.
Backporters should be careful to no omit parts of
pull request #789 and to include earlier pull request #771,
in order to not break the fix.
#777 CVE-2023-52426 -- Fix billion laughs attacks for users
compiling *without* XML_DTD defined (which is not common).
Users with XML_DTD defined have been protected since
Expat >=2.4.0 (and that was CVE-2013-0340 back then).
Bug fixes:
#753 Fix parse-size-dependent "invalid token" error for
external entities that start with a byte order mark
#780 Fix NULL pointer dereference in setContext via
XML_ExternalEntityParserCreate for compilation with
XML_DTD undefined
#812 #813 Protect against closing entities out of order
Other changes:
#723 Improve support for arc4random/arc4random_buf
#771 #788 Improve buffer growth in XML_GetBuffer and XML_Parse
#761 #770 xmlwf: Support --help and --version
#759 #770 xmlwf: Support custom buffer size for XML_GetBuffer and read
#744 xmlwf: Improve language and URL clickability in help output
#673 examples: Add new example "element_declarations.c"
#764 Be stricter about macro XML_CONTEXT_BYTES at build time
#765 Make inclusion to expat_config.h consistent
#726 #727 Autotools: configure.ac: Support --disable-maintainer-mode
#678 #705 ..
#706 #733 #792 Autotools: Sync CMake templates with CMake 3.26
#795 Autotools: Make installation of shipped man page doc/xmlwf.1
independent of docbook2man availability
#815 Autotools|CMake: Add missing -DXML_STATIC to pkg-config file
section "Cflags.private" in order to fix compilation
against static libexpat using pkg-config on Windows
#724 #751 Autotools|CMake: Require a C99 compiler
(a de-facto requirement already since Expat 2.2.2 of 2017)
#793 Autotools|CMake: Fix PACKAGE_BUGREPORT variable
#750 #786 Autotools|CMake: Make test suite require a C++11 compiler
#749 CMake: Require CMake >=3.5.0
#672 CMake: Lowercase off_t and size_t to help a bug in Meson
#746 CMake: Sort xmlwf sources alphabetically
#785 CMake|Windows: Fix generation of DLL file version info
#790 CMake: Build tests/benchmark/benchmark.c as well for
a build with -DEXPAT_BUILD_TESTS=ON
#745 #757 docs: Document the importance of isFinal + adjust tests
accordingly
#736 docs: Improve use of "NULL" and "null"
#713 docs: Be specific about version of XML (XML 1.0r4)
and version of C (C99); (XML 1.0r5 will need a sponsor.)
#762 docs: reference.html: Promote function XML_ParseBuffer more
#779 docs: reference.html: Add HTML anchors to XML_* macros
#760 docs: reference.html: Upgrade to OK.css 1.2.0
#763 #739 docs: Fix typos
#696 docs|CI: Use HTTPS URLs instead of HTTP at various places
#669 #670 ..
#692 #703 ..
#733 #772 Address compiler warnings
#798 #800 Address clang-tidy warnings
#775 #776 Version info bumped from 9:10:8 (libexpat*.so.1.8.10)
to 10:0:9 (libexpat*.so.1.9.0); see https://verbump.de/
for what these numbers do
Infrastructure:
#700 #701 docs: Document security policy in file SECURITY.md
#766 docs: Improve parse buffer variables in-code documentation
#674 #738 ..
#740 #747 ..
#748 #781 #782 Refactor coverage and conformance tests
#714 #716 Refactor debug level variables to unsigned long
#671 Improve handling of empty environment variable value
in function getDebugLevel (without visible user effect)
#755 #774 ..
#758 #783 ..
#784 #787 tests: Improve test coverage with regard to parse chunk size
#660 #797 #801 Fuzzing: Improve fuzzing coverage
#367 #799 Fuzzing|CI: Start running OSS-Fuzz fuzzing regression tests
#698 #721 CI: Resolve some Travis CI leftovers
#669 CI: Be robust towards absence of Git tags
#693 #694 CI: Set permissions to "contents: read" for security
#709 CI: Pin all GitHub Actions to specific commits for security
#739 CI: Reject spelling errors using codespell
#798 CI: Enforce clang-tidy clean code
#773 #808 ..
#809 #810 CI: Upgrade Clang from 15 to 18
#796 CI: Start using Clang's Control Flow Integrity sanitizer
#675 #720 #722 CI: Adapt to breaking changes in GitHub Actions Ubuntu images
#689 CI: Adapt to breaking changes in Clang/LLVM Debian packaging
#763 CI: Adapt to breaking changes in codespell
#803 CI: Adapt to breaking changes in Cppcheck
Special thanks to:
Ivan Galkin
Joyce Brum
Philippe Antoine
Rhodri James
Snild Dolkow
spookyahell
Steven Garske
and
Clang AddressSanitizer
Clang UndefinedBehaviorSanitizer
codespell
GCC Farm Project
OSS-Fuzz
Sony Mobile
```
```
Release 2.6.1 Thu February 29 2024
Bug fixes:
#817 Make tests independent of CPU speed, and thus more robust
#828 #836 Expose billion laughs API with XML_DTD defined and
XML_GE undefined, regression from 2.6.0
Other changes:
#829 Hide test-only code behind new internal macro
#833 Autotools: Reject expat_config.h.in defining SIZEOF_VOID_P
#819 Address compiler warnings
#832 #834 Version info bumped from 10:0:9 (libexpat*.so.1.9.0)
to 10:1:9 (libexpat*.so.1.9.1); see https://verbump.de/
for what these numbers do
Infrastructure:
#818 CI: Adapt to breaking changes in clang-format
Special thanks to:
David Hall
Snild Dolkow
```
```
Release 2.6.2 Wed March 13 2024
Security fixes:
#839 #842 CVE-2024-28757 -- Prevent billion laughs attacks with
isolated use of external parsers. Please see the commit
message of commit 1d50b80cf31de87750103656f6eb693746854aa8
for details.
Bug fixes:
#839 #841 Reject direct parameter entity recursion
and avoid the related undefined behavior
Other changes:
#847 Autotools: Fix build for DOCBOOK_TO_MAN containing spaces
#837 Add missing #821 and #824 to 2.6.1 change log
#838 #843 Version info bumped from 10:1:9 (libexpat*.so.1.9.1)
to 10:2:9 (libexpat*.so.1.9.2); see https://verbump.de/
for what these numbers do
Special thanks to:
Philippe Antoine
Tomas Korbar
and
Clang UndefinedBehaviorSanitizer
OSS-Fuzz / ClusterFuzz
```
KAG-4331
Signed-off-by: Aapo Talvensaari <aapo.talvensaari@gmail.com>
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
More in details:
User details
View/edit email address/Change password/etc
API details/API keys
API subscriptions
Analytics/Usage statistics/Charts
Documentation/code-snippet
The text was updated successfully, but these errors were encountered: