[Git][java-team/openrefine][upstream] New upstream version 3.7.8
Markus Koschany (@apo)
gitlab at salsa.debian.org
Sat Apr 6 21:02:30 BST 2024
Markus Koschany pushed to branch upstream at Debian Java Maintainers / openrefine
Commits:
d8b7345d by Markus Koschany at 2024-04-06T21:44:53+02:00
New upstream version 3.7.8
- - - - -
15 changed files:
- benchmark/pom.xml
- extensions/database/pom.xml
- extensions/database/src/com/google/refine/extension/database/DatabaseConfiguration.java
- extensions/database/tests/src/com/google/refine/extension/database/DatabaseConfigurationTest.java
- extensions/gdata/pom.xml
- extensions/jython/pom.xml
- extensions/pc-axis/pom.xml
- extensions/phonetic/pom.xml
- extensions/pom.xml
- extensions/wikibase/pom.xml
- main/pom.xml
- main/src/com/google/refine/RefineServlet.java
- packaging/pom.xml
- pom.xml
- server/pom.xml
Changes:
=====================================
benchmark/pom.xml
=====================================
@@ -6,7 +6,7 @@
<parent>
<artifactId>openrefine</artifactId>
<groupId>org.openrefine</groupId>
- <version>3.7.7</version>
+ <version>3.7.8</version>
</parent>
<artifactId>benchmark</artifactId>
=====================================
extensions/database/pom.xml
=====================================
@@ -11,7 +11,7 @@
<parent>
<groupId>org.openrefine</groupId>
<artifactId>extensions</artifactId>
- <version>3.7.7</version>
+ <version>3.7.8</version>
</parent>
<build>
=====================================
extensions/database/src/com/google/refine/extension/database/DatabaseConfiguration.java
=====================================
@@ -67,6 +67,13 @@ public class DatabaseConfiguration {
}
public void setDatabaseHost(String databaseServer) {
+ // forbid setting settings inside the host parameter:
+ // https://dev.mysql.com/doc/connector-j/en/connector-j-reference-jdbc-url-format.html
+ if (databaseServer == null ||
+ databaseServer.contains("(") ||
+ databaseServer.contains("=")) {
+ throw new IllegalArgumentException("Invalid host supplied");
+ }
this.databaseHost = databaseServer;
}
=====================================
extensions/database/tests/src/com/google/refine/extension/database/DatabaseConfigurationTest.java
=====================================
@@ -1,5 +1,8 @@
package com.google.refine.extension.database;
+import static org.testng.Assert.assertEquals;
+import static org.testng.Assert.assertThrows;
+
import org.testng.annotations.Test;
import static org.testng.Assert.assertEquals;
@@ -18,4 +21,13 @@ public class DatabaseConfigurationTest {
// the database name is escaped, preventing the exploit
assertEquals(url, "jdbc:mysql://my.host/test%3FallowLoadLocalInfile=true%23");
}
+
+ @Test
+ public void testSetMaliciousHost() {
+ DatabaseConfiguration config = new DatabaseConfiguration();
+ config.setDatabaseType("mysql");
+
+ assertThrows(IllegalArgumentException.class,
+ () -> config.setDatabaseHost("127.0.0.1:3306,(allowLoadLocalInfile=true,allowUrlInLocalInfile=true),127.0.0.1"));
+ }
}
=====================================
extensions/gdata/pom.xml
=====================================
@@ -11,7 +11,7 @@
<parent>
<groupId>org.openrefine</groupId>
<artifactId>extensions</artifactId>
- <version>3.7.7</version>
+ <version>3.7.8</version>
</parent>
<properties>
=====================================
extensions/jython/pom.xml
=====================================
@@ -5,7 +5,7 @@
<groupId>org.openrefine</groupId>
<artifactId>jython</artifactId>
<packaging>jar</packaging>
- <version>3.7.7</version>
+ <version>3.7.8</version>
<name>OpenRefine - Jython extension</name>
<description>OpenRefine integration of Python as an expression language</description>
@@ -13,7 +13,7 @@
<parent>
<groupId>org.openrefine</groupId>
<artifactId>extensions</artifactId>
- <version>3.7.7</version>
+ <version>3.7.8</version>
</parent>
<build>
=====================================
extensions/pc-axis/pom.xml
=====================================
@@ -11,7 +11,7 @@
<parent>
<groupId>org.openrefine</groupId>
<artifactId>extensions</artifactId>
- <version>3.7.7</version>
+ <version>3.7.8</version>
</parent>
<build>
=====================================
extensions/phonetic/pom.xml
=====================================
@@ -5,7 +5,7 @@
<groupId>org.openrefine</groupId>
<artifactId>phonetic</artifactId>
<packaging>jar</packaging>
- <version>3.7.7</version>
+ <version>3.7.8</version>
<name>OpenRefine - Phonetic clustering extension</name>
<description>Adds a few advanced phonetic clustering methods</description>
@@ -13,7 +13,7 @@
<parent>
<groupId>org.openrefine</groupId>
<artifactId>extensions</artifactId>
- <version>3.7.7</version>
+ <version>3.7.8</version>
</parent>
<build>
=====================================
extensions/pom.xml
=====================================
@@ -5,7 +5,7 @@
<groupId>org.openrefine</groupId>
<artifactId>extensions</artifactId>
<packaging>pom</packaging>
- <version>3.7.7</version>
+ <version>3.7.8</version>
<name>OpenRefine - extensions</name>
<description>Extensions add importers, exporters and other sorts of features to OpenRefine</description>
@@ -14,7 +14,7 @@
<parent>
<groupId>org.openrefine</groupId>
<artifactId>openrefine</artifactId>
- <version>3.7.7</version>
+ <version>3.7.8</version>
</parent>
<modules>
=====================================
extensions/wikibase/pom.xml
=====================================
@@ -11,7 +11,7 @@
<parent>
<groupId>org.openrefine</groupId>
<artifactId>extensions</artifactId>
- <version>3.7.7</version>
+ <version>3.7.8</version>
</parent>
<properties>
=====================================
main/pom.xml
=====================================
@@ -11,7 +11,7 @@
<parent>
<groupId>org.openrefine</groupId>
<artifactId>openrefine</artifactId>
- <version>3.7.7</version>
+ <version>3.7.8</version>
</parent>
<properties>
=====================================
main/src/com/google/refine/RefineServlet.java
=====================================
@@ -65,7 +65,7 @@ import edu.mit.simile.butterfly.ButterflyModule;
public class RefineServlet extends Butterfly {
- static private String ASSIGNED_VERSION = "3.7.7";
+ static private String ASSIGNED_VERSION = "3.7.8";
static public String VERSION = "";
static public String REVISION = "";
=====================================
packaging/pom.xml
=====================================
@@ -10,7 +10,7 @@
<parent>
<groupId>org.openrefine</groupId>
<artifactId>openrefine</artifactId>
- <version>3.7.7</version>
+ <version>3.7.8</version>
</parent>
<properties>
<rootdir>${basedir}/..</rootdir>
=====================================
pom.xml
=====================================
@@ -5,7 +5,7 @@
<groupId>org.openrefine</groupId>
<artifactId>openrefine</artifactId>
<packaging>pom</packaging>
- <version>3.7.7</version>
+ <version>3.7.8</version>
<name>OpenRefine</name>
<description>OpenRefine is a free, open source power tool for working with messy data and improving it</description>
=====================================
server/pom.xml
=====================================
@@ -11,7 +11,7 @@
<parent>
<groupId>org.openrefine</groupId>
<artifactId>openrefine</artifactId>
- <version>3.7.7</version>
+ <version>3.7.8</version>
</parent>
<properties>
View it on GitLab: https://salsa.debian.org/java-team/openrefine/-/commit/d8b7345d0cbf2ca3e490a37f064fa48139ea2c8f
--
View it on GitLab: https://salsa.debian.org/java-team/openrefine/-/commit/d8b7345d0cbf2ca3e490a37f064fa48139ea2c8f
You're receiving this email because of your account on salsa.debian.org.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/pkg-java-commits/attachments/20240406/f13b5d7d/attachment.htm>
More information about the pkg-java-commits
mailing list