Skip to:

  1. Skip to Jira Navigation
  2. Skip to Side Navigation
  3. Skip to Main Content

Update Apache FreeMarker 2.3.31

Description

2.3.31

Page Contents * Changes on the FTL side

  • Changes on the Java side
    Release date: 2021-02-16

    CHANGES ON THE FTL SIDE

  • Added {{?eval_json}} to evaluate JSON given as flat string. This was added as {{?eval}} is routinely misused for the same purpose, which not only doesn't work for all JSON-s, but can be a security problem. See more here...

  • Added new special variable, {{time_zone}} (referred like {{.time_zone}}, like all special variables), to retrieve the current value of the {{time_zone}} setting as a string.

  • Allowed escaping {{#}} with backlash in identifier names (not in string), as it used to occur in database column names. Like if you have a column name like {{#users}}, you can refer to it as {{row.#users}}. (Alternatively, {{row['#users']}} always worked, but is often less convenient.)

  • FREEMARKER-169: Fixed bug that made {{?c}} and "computer" number format inconsistent. If incomplatible_improvements is set to 2.3.31 (or higher), when you set the {{number_format}} setting to {{computer}} (or you call {{Environment.getCNumberFormat()}}), the format now matches the behavior of {{?c}}, when formatting infinite (positive and negative), and NaN. Matching the behavior of {{?c}} was always the intent, but before this incompatible improvement, the {{computer}} format always behaved like {{?c}} before incompatible improvements 2.3.21, where instead of "INF", and "NaN", the results used Unicode characters U+221E, and U+FFFD.

  • Fixed bug where {{.globals}} weren't seen as namesapce, so something like {{<#assign _name_ = _value_ in .globals>}} failed (although you should use {{<#global _name_ = _value_>}} instead anyway).

Changes on the Java side

  • More helpful parser error messages for nesting problems (caused by missed or malformed end-tags usually).

  • Added {{DOMNodeSupport}} and {{JythonSupport}} {{boolean}} properties to {{DefaultObjectWrapper}}. This allows disabling the special wrapping of DOM nodes and Jython classes. This might be desirable for security reasons.

  • FREEMARKER-145: Fixed bug where methods with "overloaded" return type may become inaccessible on Java 9+, if some overriding subclasses are not public. (This is because {{java.beans.Introspector}} behavior has changed with Java 9.)

  • FREEMARKER-133: Fixed bug where FreeMarker sometimes tries to expose public methods that are defined or overridden in a non-public class, if the non-public class was then extended by a public class. Calling such method just ends up with {{IllegalAccessException}}, but they shouldn't be exposed on the first place. Furthermore, such a wrong method sometimes replaces the good version of the method, which would be callable. When this glitch happens is somewhat unpredictable, as it also depends on what methods {{java.beans.Introspector}} exposes (which at very least can depend on the Java version), and in what order.

  • Fixed bug where OSGi {{Bundle-RequiredExecutionEnvironment}} in {{META-INF/MANIFEST.FM}} has incorrectly contained JavaSE-1.6, J2SE-1.5

  • FREEMARKER-159: Set {{Automatic-Module-Name}} to {{freemarker}} in {{META-INF/MANIFEST.FM}}. In most cases this was the deduced Java 9 module name earlier, but that was fragile, as Java has deduced it from the jar file name.

  • FREEMARKER-165: Fixed bug where where if the namespace expression in a block assignment (like {{<#assign _x_ in _someNamespace_>...</#assign>}}) refers to a missing variable, or has the wrong type, FreeMarker has thrown {{NullPointerException}} or {{ClassCastException}}, instead of {{InvalidReferenceException}} and {{NonNamespaceException}} with proper helpful message.

  • Build related changes:

  •  

    • Simplified the way Apache Ivy is used in our Ant build. It's now used on the standard way, there's no {{ant update-deps}} anymore.

  •  

    • Test suite is now ran on ARM (64 bit) as well on CI (Travis).

  •  

    • FreeMarker Manual and web site now works much better on mobile, because of developments in the Docgen project.

  •  

    • Docgen is now a Maven project, and so a plain Maven dependency of the other projects (although, it's still only in the Apache Snapshot Repository, not in Central yet). With this we could get rid of our Ivy repository.

Activity

Show:

Andrea Schmidt January 10, 2023 at 10:55 PM

Verified on 22x: https://qa22-mysql.nightly.sakaiproject.org/, build: 587a7f99
21x: https://qa21-mysql.nightly.sakaiproject.org/, build: 632c5116

tested registered user and user added to the course with an email address

Deepthi Srinivasan1 June 11, 2021 at 9:34 AM

Tried to test on https://qa21-mysql.nightly.sakaiproject.org/portal/site/

Tried to create a user as admin and also tried to fill the  new account form as user.

email does not gets triggered.

Browser: Google Chrome

Andrea Schmidt June 3, 2021 at 6:07 PM

22x: https://trunk-mysql.nightly.sakaiproject.org/, build: ec659e9b

I tried to test this on trunk and emails do not seem to get sent when creating a new user. Since there have been issues with emails being sent to mailinator from Sakai, I used 2 Gmail test accounts I have,

1: As an admin I created a new user

2: As the user, I clicked New Account, filled it out and submitted

Neither gmail address received an email. Is there something else I need to do in order to test/verify this? 

Fixed

Details

Priority

Affects versions

Fix versions

Components

Assignee

Reporter

Created February 20, 2021 at 10:26 PM
Updated January 10, 2023 at 10:55 PM
Resolved February 23, 2021 at 9:07 AM

Flag notifications