Commit Graph

1617 Commits

Author SHA1 Message Date
Marcono1234
dc28951fa7
Change target Java version to 7 (#2043)
* Change target Java version to 7

* Document Gson requirements

* Add package-info.java for `stream` package
2021-12-31 07:20:29 -08:00
dependabot[bot]
bc8858a3d9
Bump maven-deploy-plugin from 3.0.0-M1 to 3.0.0-M2 (#2044)
Bumps [maven-deploy-plugin](https://github.com/apache/maven-deploy-plugin) from 3.0.0-M1 to 3.0.0-M2.
- [Release notes](https://github.com/apache/maven-deploy-plugin/releases)
- [Commits](https://github.com/apache/maven-deploy-plugin/compare/maven-deploy-plugin-3.0.0-M1...maven-deploy-plugin-3.0.0-M2)

---
updated-dependencies:
- dependency-name: org.apache.maven.plugins:maven-deploy-plugin
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>

Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2021-12-31 07:15:38 -08:00
Marcono1234
615c8835d3
Add GsonBuilder.disableJdkUnsafe() (#1904)
* Add GsonBuilder.disableJdkUnsafe()

* Address review feedback
2021-12-30 15:08:18 -08:00
Marcono1234
97938283a7
Remove explicit ProGuard plugin dependencies (#2041)
Explicitly specifying dependencies only seems to be necessary when using
`<proguardVersion>` config element to override version (and even that might
not be necessary; only adding explicit dependencies might suffice). However,
when omitting it, plugin uses a recent ProGuard version on its own.
2021-12-28 09:56:49 -08:00
Marcono1234
abd2191b0e
Add READMEs to Maven modules (#2039)
* Add READMEs to Maven modules

* Address feedback
2021-12-27 10:17:41 -08:00
Marcono1234
6ffcdf3029
Fix Javadoc warnings and errors (#2040) 2021-12-26 15:30:21 -08:00
dependabot[bot]
6dfbdc861f
Bump jackson-databind from 2.13.0 to 2.13.1 (#2036)
Bumps [jackson-databind](https://github.com/FasterXML/jackson) from 2.13.0 to 2.13.1.
- [Release notes](https://github.com/FasterXML/jackson/releases)
- [Commits](https://github.com/FasterXML/jackson/commits)

---
updated-dependencies:
- dependency-name: com.fasterxml.jackson.core:jackson-databind
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>

Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2021-12-20 09:38:18 -08:00
dependabot[bot]
1dd150e86f
Bump proguard-maven-plugin from 2.5.2 to 2.5.3 (#2037)
Bumps [proguard-maven-plugin](https://github.com/wvengen/proguard-maven-plugin) from 2.5.2 to 2.5.3.
- [Release notes](https://github.com/wvengen/proguard-maven-plugin/releases)
- [Changelog](https://github.com/wvengen/proguard-maven-plugin/blob/master/CHANGELOG.md)
- [Commits](https://github.com/wvengen/proguard-maven-plugin/commits)

---
updated-dependencies:
- dependency-name: com.github.wvengen:proguard-maven-plugin
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>

Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2021-12-20 09:37:56 -08:00
dependabot[bot]
631046af28
Bump maven-bundle-plugin from 5.1.2 to 5.1.3 (#2033)
Bumps maven-bundle-plugin from 5.1.2 to 5.1.3.

---
updated-dependencies:
- dependency-name: org.apache.felix:maven-bundle-plugin
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>

Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2021-12-16 14:38:48 -08:00
dependabot[bot]
4b3127f669
Bump proguard-maven-plugin from 2.5.1 to 2.5.2 (#2034)
Bumps [proguard-maven-plugin](https://github.com/wvengen/proguard-maven-plugin) from 2.5.1 to 2.5.2.
- [Release notes](https://github.com/wvengen/proguard-maven-plugin/releases)
- [Changelog](https://github.com/wvengen/proguard-maven-plugin/blob/master/CHANGELOG.md)
- [Commits](https://github.com/wvengen/proguard-maven-plugin/commits)

---
updated-dependencies:
- dependency-name: com.github.wvengen:proguard-maven-plugin
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>

Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2021-12-16 14:36:39 -08:00
dependabot[bot]
cdf8ab5213
Bump bnd-maven-plugin from 6.0.0 to 6.1.0 (#2025)
Bumps [bnd-maven-plugin](https://github.com/bndtools/bnd) from 6.0.0 to 6.1.0.
- [Release notes](https://github.com/bndtools/bnd/releases)
- [Changelog](https://github.com/bndtools/bnd/blob/master/docs/ADDING_RELEASE_DOCS.md)
- [Commits](https://github.com/bndtools/bnd/compare/6.0.0...6.1.0)

---
updated-dependencies:
- dependency-name: biz.aQute.bnd:bnd-maven-plugin
  dependency-type: direct:production
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>

Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2021-12-09 13:34:38 -08:00
DavidKorczynski
4a99674994
cifuzz: add integration (#2027) 2021-12-02 10:57:19 -08:00
yixingz3
eaf9a0342d
feat: added UPPER_CASE_WITH_UNDERSCORES in FieldNamingPolicy (#2024) 2021-11-28 09:33:22 -08:00
Marcono1234
16b42ff580
Update Caliper dependency; disable automatic result upload (#2019) 2021-11-22 10:01:26 -08:00
XinyuLiu5566
0313de8206
Some code suggestion from CodeGuru (#1988)
* change %s to %d

* secusity issue, add try-finally block

Co-authored-by: liuxinyu <xinyu6@illinois.edu>
2021-11-15 15:08:13 -08:00
Éamonn McManus
6e06bf0d89 Fix for an ArrayIndexOutOfBoundsException.
The `fillBuffer` method changes `pos`, so it is incorrect to cache
its previous value.
2021-11-11 14:12:44 -05:00
Marcono1234
b0595c595b
Fix failing to serialize Collection or Map with inaccessible constructor (#1902)
* Remove UnsafeReflectionAccessor

Revert #1218

Usage of sun.misc.Unsafe to change internal AccessibleObject.override field
to suppress JPMS warnings goes against the intentions of the JPMS and does not
work anymore in newer versions, see #1540.
Therefore remove it and instead create a descriptive exception when making a
member accessible fails. If necessary users can also still use `java` command
line flags to open external modules.

* Fix failing to serialize Collection or Map with inaccessible constructor

Also remove tests which rely on Java implementation details.

* Don't keep reference to access exception of ConstructorConstructor

This also avoids a confusing stack trace, since the previously caught
exception might have had a complete unrelated stack trace.

* Remove Maven toolchain requirement

* Address review feedback

* Add back test for Security Manager
2021-11-09 07:16:35 -08:00
dependabot[bot]
0d9f6b677a
Bump guava from 30.1.1-jre to 31.0.1-jre (#2016)
Bumps [guava](https://github.com/google/guava) from 30.1.1-jre to 31.0.1-jre.
- [Release notes](https://github.com/google/guava/releases)
- [Commits](https://github.com/google/guava/commits)

---
updated-dependencies:
- dependency-name: com.google.guava:guava
  dependency-type: direct:production
  update-type: version-update:semver-major
...

Signed-off-by: dependabot[bot] <support@github.com>

Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2021-11-08 08:43:47 -08:00
Marcono1234
ca2ed748ba
Fix warnings (#2014)
* Fix warnings

* Address review feedback
2021-11-07 08:43:49 -08:00
Marcono1234
cc505e1b9f
Convert codegen, metrics and proto to Maven submodules (#2008)
* Convert codegen, metrics and proto to Maven submodules

* Fix import order
2021-11-07 08:42:08 -08:00
Marcono1234
a92bbf849c
Improve TreeTypeAdapter thread-safety (#1976)
* Improve TreeTypeAdapter thread-safety

Gson claims to be thread-safe so TreeTypeAdapter.delegate() might be
called by multiple threads. To guarantee that each thread sees a fully
constructed `delegate`, the field has to be `volatile`.

* Improve TreeTypeAdapter thread race comment
2021-11-01 15:13:08 -07:00
Marcono1234
deaa3a6cd9
Fix Gson.newJsonWriter ignoring lenient and HTML-safe setting (#1989)
* Improve Gson newJsonWriter and newJsonReader documentation

* Consider lenient and HTML-safe setting for Gson.newJsonWriter

* Remove empty line between imports
2021-11-01 15:11:10 -07:00
Marcono1234
e0de45ff69
Delete unused LinkedHashTreeMap (#1992)
Class seems to be unused since commit f29d5bc37b.
Gson currently only uses LinkedTreeMap.
2021-11-01 15:09:14 -07:00
Marcono1234
b4dab86b10
Make default adapters stricter; improve exception messages (#2000)
* Make default adapters stricter; improve exception messages

* Reduce scope of synchronized blocks

* Improve JsonReader.getPath / getPreviousPath Javadoc
2021-11-01 15:08:04 -07:00
Marcono1234
b3188c1132
Fix FieldNamingPolicy.upperCaseFirstLetter uppercasing non-letter (#2004) 2021-11-01 15:05:04 -07:00
Éamonn McManus
466ca72916 Update version number in UserGuide.md and proto/pom.xml. 2021-10-31 06:57:33 -07:00
Marcono1234
121bcede96
Update project version in README (#2006) 2021-10-31 06:52:51 -07:00
Éamonn McManus
031db9d473
Update CHANGELOG.md for 2.8.9. (#2005)
* Update CHANGELOG.md for 2.8.9.

* Adjust snapshot version. Gson versions have three numbers.
2021-10-29 13:41:12 -07:00
Éamonn McManus
128586847b [maven-release-plugin] prepare for next development iteration 2021-10-29 12:58:56 -07:00
Éamonn McManus
6a368d89da [maven-release-plugin] prepare release gson-parent-2.8.9 2021-10-29 12:58:54 -07:00
Marcono1234
ba96d53bad
Fix missing bounds checks for JsonTreeReader.getPath() (#2001)
There are situations where the stack of JsonTreeReader contains a JsonArray
or JsonObject without a subsequent Iterator, for example after calling peek()
or nextName().
When JsonTreeReader.getPath() is called afterwards it therefore must not
assume that a JsonArray or JsonObject is always followed by an Iterator.

The only reason why this never caused an ArrayIndexOutOfBoundsException in
the past is because the stack has an even default size (32) so it would just
have read the next `null`.
However, if the stack had for example the default size 31, a user created a
JsonTreeReader for 16 JSON arrays nested inside each other, then called 15
times beginArray(), followed by peek() and getPath() the exception would
occur.
2021-10-25 12:14:41 -07:00
Jaroslav Tulach
ca1df7f7e0
#1981: Optional OSGi bundle's dependency on sun.misc package (#1993)
* #1981: Avoid OSGi bundle's dependency on sun.misc package

* Specify optional dependency on sun.misc.Unsafe

* Adjusting the test to sun.misc import being optional

* Using Collections.list and for loop

* Let the fail message include name of package

Co-authored-by: Marcono1234 <Marcono1234@users.noreply.github.com>

* Closing the input stream

* Dedicated assertSubstring method

Co-authored-by: Marcono1234 <Marcono1234@users.noreply.github.com>
2021-10-25 11:32:10 -07:00
Marcono1234
c54caf308c
Deprecate Gson.excluder() exposing internal Excluder class (#1986) 2021-10-25 11:28:16 -07:00
Marcono1234
e6fae590cf
Prevent Java deserialization of internal classes (#1991)
Adversaries might be able to forge data which can be abused for DoS attacks.
These classes are already writing a replacement JDK object during serialization
for a long time, so this change should not cause any issues.
2021-10-13 10:14:57 -07:00
Marcono1234
bda2e3d16a
Improve number strategy implementation (#1987)
* Fix GsonBuilder not copying number strategies from Gson

* Improve ToNumberPolicy exception messages
2021-10-11 16:14:47 -07:00
Marcono1234
cd748df712
Fix LongSerializationPolicy null handling being inconsistent with Gson (#1990)
Gson does not actually use the specified LongSerializationPolicy but instead
uses type adapters which emulate the behavior. However, previously Gson's
implementation did not match LongSerializationPolicy regarding null handling.

Because it is rather unlikely that LongSerializationPolicy has been used on
its own, this commit adjusts its implementation to match Gson's behavior
(instead of the other way around).
2021-10-11 12:34:32 -07:00
Lyubomyr Shaydariv
fe30b85224
Support arbitrary Number implementation for Object and Number deserialization (#1290)
* Object and Number type adapters number deserialization can be configured

* Change wording of ToNumberStrategy documentation

* Use inline links in doc sparingly

If the element has already been linked before, don't create a link for
every subsequent occurrence.

See also (slightly dated)
https://www.oracle.com/technical-resources/articles/java/javadoc-tool.html#inlinelinks

* Link to default to-number policies in ToNumberStrategy doc

* Reduce code duplication for deserializing Number

* Hide default factory constants of NumberTypeAdapter and ObjectTypeAdapter

This encapsulates the logic a little bit better.
Additionally refactored factory created by NumberTypeAdapter to only create
TypeAdapter once and then have factory reuse that adapter for better
performance.

Co-authored-by: Marcono1234 <Marcono1234@users.noreply.github.com>
2021-10-08 17:09:43 -07:00
Marcono1234
1cc1627423
Fix incorrect feature request template label (#1982) 2021-10-07 10:41:44 -07:00
dependabot[bot]
7b9a283a7a
Bump bnd-maven-plugin from 5.3.0 to 6.0.0 (#1985)
Bumps [bnd-maven-plugin](https://github.com/bndtools/bnd) from 5.3.0 to 6.0.0.
- [Release notes](https://github.com/bndtools/bnd/releases)
- [Changelog](https://github.com/bndtools/bnd/blob/master/docs/ADDING_RELEASE_DOCS.md)
- [Commits](https://github.com/bndtools/bnd/commits/6.0.0)

---
updated-dependencies:
- dependency-name: biz.aQute.bnd:bnd-maven-plugin
  dependency-type: direct:production
  update-type: version-update:semver-major
...

Signed-off-by: dependabot[bot] <support@github.com>

Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2021-10-06 17:58:02 -07:00
Marcono1234
7cfdf44893
Add GitHub issue templates (#1977)
* Add GitHub issue templates

* Adjust bug report issue template
2021-09-28 16:35:55 -07:00
dependabot[bot]
b0f3237bb8
Bump proguard-maven-plugin from 2.4.0 to 2.5.1 (#1980)
Bumps [proguard-maven-plugin](https://github.com/wvengen/proguard-maven-plugin) from 2.4.0 to 2.5.1.
- [Release notes](https://github.com/wvengen/proguard-maven-plugin/releases)
- [Changelog](https://github.com/wvengen/proguard-maven-plugin/blob/master/CHANGELOG.md)
- [Commits](https://github.com/wvengen/proguard-maven-plugin/commits)

---
updated-dependencies:
- dependency-name: com.github.wvengen:proguard-maven-plugin
  dependency-type: direct:production
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>

Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2021-09-28 09:59:56 -07:00
Marcono1234
3b7835a18b
Switch to GitHub Actions (#1974) 2021-09-24 08:34:16 -07:00
Marcono1234
aa5554e69a
Don't exclude static local classes (#1969) 2021-09-17 18:12:47 -07:00
dependabot[bot]
6a5e775362
Bump maven-scm-provider-gitexe from 1.11.3 to 1.12.0 (#1967)
Bumps maven-scm-provider-gitexe from 1.11.3 to 1.12.0.

---
updated-dependencies:
- dependency-name: org.apache.maven.scm:maven-scm-provider-gitexe
  dependency-type: direct:production
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>

Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2021-09-17 17:27:30 -07:00
Marcono1234
26a1928277
Fix RuntimeTypeAdapterFactory depending on internal Streams class (#1959)
* Fix RuntimeTypeAdapterFactory depending on internal Streams class

* Clean up gson-extras project, make it Maven module of gson-parent

* Remove broken test from GraphAdapterBuilderTest
2021-09-17 17:21:37 -07:00
Marcono1234
f1f90313fc
Improve Maven build (#1964)
- Specify missing plugin versions
- Fix or suppress ProGuard notes and warnings
2021-09-17 17:19:50 -07:00
dependabot[bot]
b82c76717b
Bump maven-javadoc-plugin from 3.3.0 to 3.3.1 (#1956)
Bumps [maven-javadoc-plugin](https://github.com/apache/maven-javadoc-plugin) from 3.3.0 to 3.3.1.
- [Release notes](https://github.com/apache/maven-javadoc-plugin/releases)
- [Commits](https://github.com/apache/maven-javadoc-plugin/compare/maven-javadoc-plugin-3.3.0...maven-javadoc-plugin-3.3.1)

---
updated-dependencies:
- dependency-name: org.apache.maven.plugins:maven-javadoc-plugin
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>

Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2021-09-08 06:14:06 -07:00
Z
ebe4b581dd
update RawCollectionsExample.java (#1953)
use static method instead deprecated method
2021-09-07 08:02:04 -07:00
Z
9484297fbb
update UserGuide.md (#1954)
Id Class does not have get method, we should new a instance.
2021-09-07 08:00:11 -07:00
Nikita Novik
4f2aeaa288
Add license note to GSON POM file. (#1951)
* Add license note to GSON POM file.
2021-09-06 10:35:43 -07:00