Special Thanks to the following Eclipse Jetty community members

• @prenagha (Padraic Renaghan)

Changelog

• #6883 - Welcome file redirects do not honor the relativeRedirectAllowed option
• #6870 - Encode control characters in URIUtil.encodePath
• #6869 - Correct Content-Type within HTML error pages
• #6868 - _uriCompliance attribute has been forgotten in the HttpConfiguration constructor from another configuration
• #6860 - IPv6 format
• #6752 - DefaultSessionCache more extensible using ConcurrentMap (@prenagha)
• #6735 - infinispan-embedded-query and infinispan-remote-query modules broken
• #6696 - High WebSocket memory usage in Jetty 10
• #6693 - FastCGI review
• #6681 - Alternate Alias checkers
• #6661 - Some SocketOptions not supported on Windows
• #6654 - ServerUpgradeRequest.getCookies() can throws NullPointerException
• #6642 - WebSocket handling of Connection: upgrade,close.
• #6624 - Fix non-domain SNI on Java17
• #6618 - ID token azp claim should not be required if aud is single value array
• #6617 - Add basic auth support for OpenId token endpoint (client_secret_basic)
• #6603 - HTTP/2 max local stream count exceeded
• #6602 - SessionTracker memory leak on WebSockets that close immediately
• #6601 - jetty-websocket-core not usable standalone, only with websocket-javax-server or websocket-jetty-server
• #6586 - Remove some unnecessary dependencies
• #6565 - Improve deployment of symlinked webapplications
• #6562 - HttpOutput.write(ByteBuffer buffer)
• #6559 - Non blocking ReservedThreadExecutor (#6535)
• #6556 - MemcachedSessionDataMap needs to set the context classloader before serialization/deseriazliation.
• #6554 - Allow creation of DefaultIdentityService without realmName.
• #6553 - Review usage of Authentication.UNAUTHENTICATED in SecurityHandler
• #6544 - Using jetty.gzip.excludedMimeTypeList property results in an error
• #6520 - Error page has HTML error when writePoweredBy is enabled.
• #6494 - Reduce header cache memory usage on non persistent requests
• #6489 - Some URI valid compliance modes cannot be set in .ini file.
• #6487 - Expose ServletHolder getter in ServletHandler$ChainEnd for auditing libraries to use
• #6476 - Show message if JVM args are present but new JVM is spawned based on active modules
• #6406 - Jetty Jaspi module not compatible with Jakarta EE 9 (Jakarta Authentication)
• #6372 - Review socket options configuration
• #6322 - Use RetainableByteBuffer in HttpConnection
• #6043 - Reimplement UnixSocket support based on Java 16
• #5229 - Update WebSocket documentation in Jetty 10

Dependency Updates

• #6935 - Bump guava from 30.1.1-jre to 31.0.1-jre
• #6921 - Bump hawtio-default from 2.13.6 to 2.14.0
• #6914 - Bump grpc-core from 1.40.1 to 1.41.0
• #6913 - Bump logback-core from 1.3.0-alpha9 to 1.3.0-alpha10
• #6912 - Bump log4j-api from 2.14.0 to 2.14.1
• #6911 - Bump hawtio-default from 2.13.5 to 2.13.6
• #6910 - Bump jakarta.inject-api from 1.0 to 1.0.3
• #6904 - Bump jamon.version from 2.81 to 2.82
• #6901 - Bump google-cloud-datastore from 2.1.0 to 2.1.2
• #6863 - Bump jnr-unixsocket from 0.38.10 to 0.38.11
• #6845 - Bump org.eclipse.osgi.util from 3.6.0 to 3.6.100
• #6843 - Bump org.eclipse.osgi.services from 3.10.100 to 3.10.200
• #6842 - Bump org.eclipse.osgi from 3.16.300 to 3.17.0
• #6840 - Bump jakarta.transaction-api from 1.3.2 to 1.3.3
• #6830 - Bump jaxws-rt from 2.3.3 to 2.3.5
• #6824 - Bump cdi-api from 1.2 to 2.0
• #6809 - Bump bouncycastle.version from 1.62 to 1.69
• #6807 - Bump tycho-version from 2.1.0 to 2.3.0
• #6772 - Update to asm 9.2
• #6763 - Bump json-smart from 2.3 to 2.4.7
• #6762 - Bump google-cloud-datastore from 1.105.0 to 2.1.0
• #6751 - Bump jnr-unixsocket from 0.38.3 to 0.38.10 (#6712)
• #6732 - Bump hazelcast.version from 4.1 to 4.2.2
• #6721 - Bump gson from 2.8.6 to 2.8.8
• #6710 - Bump xmemcached from 2.4.6 to 2.4.7
• #6707 - Bump org.apache.felix.framework from 6.0.3 to 7.0.1
• #6703 - Bump jnr-constants from 0.10.0 to 0.10.2
• #6684 - Bump slf4j to 2.0.0-alpha5
• #6677 - Update to apache jasper 9.0.52