Commit Graph

1224 Commits

Author SHA1 Message Date
dependabot[bot]
924c496b95
Bump maven-resources-plugin from 3.2.0 to 3.3.0 (#2157)
Bumps [maven-resources-plugin](https://github.com/apache/maven-resources-plugin) from 3.2.0 to 3.3.0.
- [Release notes](https://github.com/apache/maven-resources-plugin/releases)
- [Commits](https://github.com/apache/maven-resources-plugin/compare/maven-resources-plugin-3.2.0...maven-resources-plugin-3.3.0)

---
updated-dependencies:
- dependency-name: org.apache.maven.plugins:maven-resources-plugin
  dependency-type: direct:production
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>

Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2022-07-25 20:37:16 -07:00
Marcono1234
503c20bb39
Rename ReflectiveTypeAdapterFactory field inclusion check method (#2121) 2022-07-21 11:53:52 -07:00
Marcono1234
cbc0af867b
Improve lenient mode documentation (#2122) 2022-06-28 09:48:05 -07:00
Marcono1234
2d01d6a20f
Make Object and JsonElement deserialization iterative (#1912)
* Make Object and JsonElement deserialization iterative

Often when Object and JsonElement are deserialized the format of the JSON
data is unknown and it might come from an untrusted source. To avoid a
StackOverflowError from maliciously crafted JSON, deserialize Object and
JsonElement iteratively instead of recursively.

Concept based on 51fd2faab7
But implementation is not based on it.

* Improve imports grouping

* Address review feedback
2022-06-22 17:42:19 -07:00
Nathan Herring
d2aee6502b
Add explicit support for floats in JsonTreeWriter. (#2132)
Follow-up to comments on #2130, which introduced a new override which was not overridden by `JsonTreeWriter`. Also tweaks the doccomments for `float`, `double` and `Number` variants of `JsonWriter.value`.

Supplement to the fix for #1127.
2022-06-21 09:50:07 -07:00
dependabot[bot]
08d4572fc4
Bump proguard-maven-plugin from 2.5.3 to 2.6.0 (#2136)
Bumps [proguard-maven-plugin](https://github.com/wvengen/proguard-maven-plugin) from 2.5.3 to 2.6.0.
- [Release notes](https://github.com/wvengen/proguard-maven-plugin/releases)
- [Changelog](https://github.com/wvengen/proguard-maven-plugin/blob/master/CHANGELOG.md)
- [Commits](https://github.com/wvengen/proguard-maven-plugin/commits)

---
updated-dependencies:
- dependency-name: com.github.wvengen:proguard-maven-plugin
  dependency-type: direct:production
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>

Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2022-06-20 17:01:20 -07:00
Marcono1234
57225c6741
Fail when parsing invalid local date (#2134)
* Fail when parsing invalid local date

* Improve invalid date tests
2022-06-16 13:47:57 -07:00
Nathan Herring
96ab171eb4
Add explicit support for floats in JsonWriter. (#2130)
This avoids floats being treated as doubles and having an unwarranted level of precision.

Fixes #1127.
2022-06-08 15:04:42 -07:00
dependabot[bot]
15b9fa9c31
Bump maven-surefire-plugin from 3.0.0-M6 to 3.0.0-M7 (#2128)
Bumps [maven-surefire-plugin](https://github.com/apache/maven-surefire) from 3.0.0-M6 to 3.0.0-M7.
- [Release notes](https://github.com/apache/maven-surefire/releases)
- [Commits](https://github.com/apache/maven-surefire/compare/surefire-3.0.0-M6...surefire-3.0.0-M7)

---
updated-dependencies:
- dependency-name: org.apache.maven.plugins:maven-surefire-plugin
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>

Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2022-06-08 07:21:23 -07:00
dependabot[bot]
d1fce29b27
Bump bnd-maven-plugin from 6.2.0 to 6.3.1 (#2129)
Bumps [bnd-maven-plugin](https://github.com/bndtools/bnd) from 6.2.0 to 6.3.1.
- [Release notes](https://github.com/bndtools/bnd/releases)
- [Changelog](https://github.com/bndtools/bnd/blob/master/docs/ADDING_RELEASE_DOCS.md)
- [Commits](https://github.com/bndtools/bnd/compare/6.2.0...6.3.1)

---
updated-dependencies:
- dependency-name: biz.aQute.bnd:bnd-maven-plugin
  dependency-type: direct:production
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>

Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2022-06-08 07:21:02 -07:00
Marcono1234
b1c399fd62
Improve TypeToken creation validation (#2072)
* Add comments regarding multiple bounds of wildcard

* Remove WildcardType check in getCollectionElementType

The returned Type is never a wildcard due to the changes made to getSupertype
by commit b1fb9ca9a1.

* Remove redundant getRawType call from MapTypeAdapterFactory

getRawType(TypeToken.getType()) is the same as calling TypeToken.getRawType().

* Make TypeToken members private

* Remove incorrect statement about TypeToken wildcards

It is possible to use wildcards as part of the type argument, e.g.:
`new TypeToken<List<? extends CharSequence>>() {}`

* Only allow direct subclasses of TypeToken

Previously subclasses of subclasses (...) of TypeToken were allowed which
can behave incorrectly when retrieving the type argument, e.g.:

  class SubTypeToken<T> extends TypeToken<Integer> {}
  new SubTypeToken<String>() {}.getType()

This returned `String` despite the class extending TypeToken<Integer>.

* Throw exception when TypeToken captures type variable

Due to type erasure the runtime type argument for a type variable is not
available. Therefore there is no point in capturing a type variable and it
might even give a false sense of type-safety.

* Make $Gson$Types members private

* Rename $Gson$Types.getGenericSupertype parameter

Rename the method parameter to match the documentation of the method and
to be similar to getSupertype(...).

* Improve tests and handle raw TypeToken supertype better

* Make some $Gson$Types members package-private again to prevent synthetic accessors

* Remove TypeToken check for type variable

As mentioned in review comments, there are cases during serialization where
usage of the type variable is not so problematic (but still not ideal).
2022-04-19 08:20:58 -07:00
Marcono1234
4dda4ec5ba
Use diamond operator when creating generic instances (#2104) 2022-04-17 15:27:21 -07:00
Marcono1234
e82637c485
Add support for reflection access filter (#1905)
* Add support for reflection access filter

* Improve documentation

* Fix compilation errors

* Relax handling for BLOCK_ALL when invoking default constructor

* Improve handling for inherited fields

* Fix accessible test failing for static fields

* Simplify ReflectiveTypeAdapterFactory field writing

* Fix GsonBuilder changes affecting created Gson instances

* Improve documentation

* Improve handling for IllegalAccessException

For Java < 9, AccessibleObject.canAccess is not available and therefore checks
might pass even if object is not accessible, causing IllegalAccessException
later.

* Fix incorrect GsonBuilder.addReflectionAccessFilter documentation
2022-04-17 09:05:18 -07:00
dependabot[bot]
f79ea208b1
Bump maven-surefire-plugin from 3.0.0-M5 to 3.0.0-M6 (#2101)
Bumps [maven-surefire-plugin](https://github.com/apache/maven-surefire) from 3.0.0-M5 to 3.0.0-M6.
- [Release notes](https://github.com/apache/maven-surefire/releases)
- [Commits](https://github.com/apache/maven-surefire/compare/surefire-3.0.0-M5...surefire-3.0.0-M6)

---
updated-dependencies:
- dependency-name: org.apache.maven.plugins:maven-surefire-plugin
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>

Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2022-04-03 20:08:33 -07:00
dependabot[bot]
9125653278
Bump bnd-maven-plugin from 6.1.0 to 6.2.0 (#2084)
Bumps [bnd-maven-plugin](https://github.com/bndtools/bnd) from 6.1.0 to 6.2.0.
- [Release notes](https://github.com/bndtools/bnd/releases)
- [Changelog](https://github.com/bndtools/bnd/blob/master/docs/ADDING_RELEASE_DOCS.md)
- [Commits](https://github.com/bndtools/bnd/compare/6.1.0...6.2.0)

---
updated-dependencies:
- dependency-name: biz.aQute.bnd:bnd-maven-plugin
  dependency-type: direct:production
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>

Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2022-02-28 07:40:22 -08:00
Marcono1234
81bb6d1dec
Remove gson/build.gradle (#2081)
Follow-up for be0a1f4ff7
2022-02-23 11:18:56 -08:00
Marcono1234
b5343ba96c
Add tests for enum constant toString() reading (#2080) 2022-02-21 14:53:59 -08:00
Mahmut H. Kocas
7ee3e2787f
Parsing Map<Enum,Obj> - 501 (#1950)
* Added parsing support for enum that has overridden toString() method.

* Fix a tiny formatting problem

* Fixed formatting issue

Co-authored-by: Éamonn McManus <emcmanus@google.com>
2022-02-21 13:11:43 -08:00
Marcono1234
49ddab9eeb
Add CodeQL GitHub code scanning workflow (#2076)
* Add CodeQL GitHub code scanning workflow

* Only compile main sources for code scanning

* Move test .proto  files to test sources

`annotations.proto` also seems to be only relevant for tests because the test
explicitly registers them as extensions. By default the Proto adapter does not
consider them.

* Address some code scanning findings

* Fix some more findings
2022-02-17 18:40:40 -08:00
Marcono1234
d19e9fe0af
Improve Maven build and GitHub Maven workflow (#2079)
* Fix consecutive Maven builds failing without performing `clean`

By default moditect-maven-plugin refuses to overwrite the JAR file it
generated in a previous run.

* Make GitHub Maven build workflow detect Javadoc issues
2022-02-16 12:51:08 -08:00
Éamonn McManus
e58db43f57 [maven-release-plugin] prepare for next development iteration 2022-02-11 11:13:24 -08:00
Éamonn McManus
b6acf1178a [maven-release-plugin] prepare release gson-parent-2.9.0 2022-02-11 11:13:22 -08:00
Marcono1234
47dea2eefc
Improve error message when abstract class cannot be constructed (#1814) 2022-02-04 14:19:47 -08:00
Marcono1234
565b7a198e
Support EnumMap deserialization (#2071) 2022-02-04 07:20:32 -08:00
Marcono1234
e2e851c9bc
Add LazilyParsedNumber default adapter (#2060)
* Add LazilyParsedNumber default adapter

* Validate JsonWriter.value(Number) argument

* Fix incorrect JSON number pattern, extend tests
2022-01-28 11:26:28 -08:00
Marcono1234
710a76c8b8
Fix JsonReader.hasNext() returning true at end of document (#2061) 2022-01-27 15:59:50 -08:00
Éamonn McManus
26e08fe742
Fix a mistaken use of StringBuilder('#'). (#2052) 2022-01-12 08:58:30 -08:00
Marcono1234
73216b2ad7
Add more Gson default constants to be used by GsonBuilder (#2051) 2022-01-12 07:07:55 -08:00
Marcono1234
d38e397421
Fix ObjectTest not restoring default Locale (#2050) 2022-01-10 07:18:42 -08:00
Marcono1234
6b96a389cc
Put module-info.class into Multi-Release JAR folder (#2013)
* Put module-info.class into Multi-Release JAR folder

Uses ModiTect to place module-info.class under Multi-Release JAR folder
`META-INF/versions/9`.

* Adjust pom.xml to drop support for Java 6

* Change doclint setting

All Javadoc errors have been solved previously; doclint can now be enabled
without causing build failures.

* Improve README Java requirements
2022-01-01 12:44:39 -08:00
Marcono1234
dc28951fa7
Change target Java version to 7 (#2043)
* Change target Java version to 7

* Document Gson requirements

* Add package-info.java for `stream` package
2021-12-31 07:20:29 -08:00
Marcono1234
615c8835d3
Add GsonBuilder.disableJdkUnsafe() (#1904)
* Add GsonBuilder.disableJdkUnsafe()

* Address review feedback
2021-12-30 15:08:18 -08:00
Marcono1234
97938283a7
Remove explicit ProGuard plugin dependencies (#2041)
Explicitly specifying dependencies only seems to be necessary when using
`<proguardVersion>` config element to override version (and even that might
not be necessary; only adding explicit dependencies might suffice). However,
when omitting it, plugin uses a recent ProGuard version on its own.
2021-12-28 09:56:49 -08:00
Marcono1234
abd2191b0e
Add READMEs to Maven modules (#2039)
* Add READMEs to Maven modules

* Address feedback
2021-12-27 10:17:41 -08:00
Marcono1234
6ffcdf3029
Fix Javadoc warnings and errors (#2040) 2021-12-26 15:30:21 -08:00
dependabot[bot]
1dd150e86f
Bump proguard-maven-plugin from 2.5.2 to 2.5.3 (#2037)
Bumps [proguard-maven-plugin](https://github.com/wvengen/proguard-maven-plugin) from 2.5.2 to 2.5.3.
- [Release notes](https://github.com/wvengen/proguard-maven-plugin/releases)
- [Changelog](https://github.com/wvengen/proguard-maven-plugin/blob/master/CHANGELOG.md)
- [Commits](https://github.com/wvengen/proguard-maven-plugin/commits)

---
updated-dependencies:
- dependency-name: com.github.wvengen:proguard-maven-plugin
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>

Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2021-12-20 09:37:56 -08:00
dependabot[bot]
4b3127f669
Bump proguard-maven-plugin from 2.5.1 to 2.5.2 (#2034)
Bumps [proguard-maven-plugin](https://github.com/wvengen/proguard-maven-plugin) from 2.5.1 to 2.5.2.
- [Release notes](https://github.com/wvengen/proguard-maven-plugin/releases)
- [Changelog](https://github.com/wvengen/proguard-maven-plugin/blob/master/CHANGELOG.md)
- [Commits](https://github.com/wvengen/proguard-maven-plugin/commits)

---
updated-dependencies:
- dependency-name: com.github.wvengen:proguard-maven-plugin
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>

Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2021-12-16 14:36:39 -08:00
dependabot[bot]
cdf8ab5213
Bump bnd-maven-plugin from 6.0.0 to 6.1.0 (#2025)
Bumps [bnd-maven-plugin](https://github.com/bndtools/bnd) from 6.0.0 to 6.1.0.
- [Release notes](https://github.com/bndtools/bnd/releases)
- [Changelog](https://github.com/bndtools/bnd/blob/master/docs/ADDING_RELEASE_DOCS.md)
- [Commits](https://github.com/bndtools/bnd/compare/6.0.0...6.1.0)

---
updated-dependencies:
- dependency-name: biz.aQute.bnd:bnd-maven-plugin
  dependency-type: direct:production
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>

Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2021-12-09 13:34:38 -08:00
yixingz3
eaf9a0342d
feat: added UPPER_CASE_WITH_UNDERSCORES in FieldNamingPolicy (#2024) 2021-11-28 09:33:22 -08:00
Éamonn McManus
6e06bf0d89 Fix for an ArrayIndexOutOfBoundsException.
The `fillBuffer` method changes `pos`, so it is incorrect to cache
its previous value.
2021-11-11 14:12:44 -05:00
Marcono1234
b0595c595b
Fix failing to serialize Collection or Map with inaccessible constructor (#1902)
* Remove UnsafeReflectionAccessor

Revert #1218

Usage of sun.misc.Unsafe to change internal AccessibleObject.override field
to suppress JPMS warnings goes against the intentions of the JPMS and does not
work anymore in newer versions, see #1540.
Therefore remove it and instead create a descriptive exception when making a
member accessible fails. If necessary users can also still use `java` command
line flags to open external modules.

* Fix failing to serialize Collection or Map with inaccessible constructor

Also remove tests which rely on Java implementation details.

* Don't keep reference to access exception of ConstructorConstructor

This also avoids a confusing stack trace, since the previously caught
exception might have had a complete unrelated stack trace.

* Remove Maven toolchain requirement

* Address review feedback

* Add back test for Security Manager
2021-11-09 07:16:35 -08:00
Marcono1234
ca2ed748ba
Fix warnings (#2014)
* Fix warnings

* Address review feedback
2021-11-07 08:43:49 -08:00
Marcono1234
cc505e1b9f
Convert codegen, metrics and proto to Maven submodules (#2008)
* Convert codegen, metrics and proto to Maven submodules

* Fix import order
2021-11-07 08:42:08 -08:00
Marcono1234
a92bbf849c
Improve TreeTypeAdapter thread-safety (#1976)
* Improve TreeTypeAdapter thread-safety

Gson claims to be thread-safe so TreeTypeAdapter.delegate() might be
called by multiple threads. To guarantee that each thread sees a fully
constructed `delegate`, the field has to be `volatile`.

* Improve TreeTypeAdapter thread race comment
2021-11-01 15:13:08 -07:00
Marcono1234
deaa3a6cd9
Fix Gson.newJsonWriter ignoring lenient and HTML-safe setting (#1989)
* Improve Gson newJsonWriter and newJsonReader documentation

* Consider lenient and HTML-safe setting for Gson.newJsonWriter

* Remove empty line between imports
2021-11-01 15:11:10 -07:00
Marcono1234
e0de45ff69
Delete unused LinkedHashTreeMap (#1992)
Class seems to be unused since commit f29d5bc37b.
Gson currently only uses LinkedTreeMap.
2021-11-01 15:09:14 -07:00
Marcono1234
b4dab86b10
Make default adapters stricter; improve exception messages (#2000)
* Make default adapters stricter; improve exception messages

* Reduce scope of synchronized blocks

* Improve JsonReader.getPath / getPreviousPath Javadoc
2021-11-01 15:08:04 -07:00
Marcono1234
b3188c1132
Fix FieldNamingPolicy.upperCaseFirstLetter uppercasing non-letter (#2004) 2021-11-01 15:05:04 -07:00
Éamonn McManus
031db9d473
Update CHANGELOG.md for 2.8.9. (#2005)
* Update CHANGELOG.md for 2.8.9.

* Adjust snapshot version. Gson versions have three numbers.
2021-10-29 13:41:12 -07:00
Éamonn McManus
128586847b [maven-release-plugin] prepare for next development iteration 2021-10-29 12:58:56 -07:00