Skip to content

jackson 2.16 support#564

Merged
pjfanning merged 12 commits intoapache:mainfrom
pjfanning:jackson-2.15
Jan 6, 2024
Merged

jackson 2.16 support#564
pjfanning merged 12 commits intoapache:mainfrom
pjfanning:jackson-2.15

Conversation

@pjfanning
Copy link
Member

@pjfanning pjfanning commented Aug 12, 2023
edited
Loading

@pjfanning pjfanning marked this pull request as draft August 12, 2023 13:15
@pjfanning pjfanning mentioned this pull request Oct 15, 2023
Closed
@pjfanning pjfanning changed the title [DRAFT] jackson 2.15 support jackson 2.15 support Oct 21, 2023
@pjfanning pjfanning marked this pull request as ready for review October 21, 2023 02:00
He-Pin
He-Pin reviewed Oct 21, 2023
View reviewed changes
serialization-jackson/src/main/resources/reference.conf
# these defaults are the same as the defaults in `StreamReadConstraints`
max-nesting-depth = 1000
max-number-length = 1000
max-string-length = 20000000
Copy link
Member

@He-Pin He-Pin Oct 21, 2023
edited
Loading

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more. 

read.constraints {
    max-nesting-depth = 1000
    max-number-length = 1000
    max-string-length = 20000000
}

Seems more clear

Copy link
Member Author

@pjfanning pjfanning Oct 23, 2023

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

I honestly don't think adding the word constraints to the config names here makes them any clearer. Config names need to balance descriptiveness with conciseness.

@pjfanning pjfanning added this to the 1.1.0 milestone Nov 10, 2023
@pjfanning
Copy link
Member Author

pjfanning commented Nov 10, 2023

jackson 2.16.0 should be out soon and it has some more constraints - I will repurpose this PR to further update to jackson 2.16.0 and support the extra constraints

@pjfanning pjfanning changed the title jackson 2.15 support jackson 2.16 support Nov 20, 2023
laglangyue
laglangyue reviewed Dec 25, 2023
View reviewed changes
...kson/src/main/scala/org/apache/pekko/serialization/jackson/JacksonObjectMapperProvider.scala
.maxNumberLength(config.getInt("read.max-number-length"))
.maxStringLength(config.getInt("read.max-string-length"))
.maxNameLength(config.getInt("read.max-name-length"))
.maxDocumentLength(config.getLong("read.max-document-length"))
Copy link
Contributor

@laglangyue laglangyue Dec 25, 2023

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Do these configurations have default values, or users must specify the configuration?

Copy link
Member Author

@pjfanning pjfanning Dec 25, 2023

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

We ship reference conf with the defaults. Users can override the values by setting them in their own application.conf or application.json.

Copy link
Member Author

@pjfanning pjfanning Dec 25, 2023

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

This is how Akka/Pekko has always worked.

@pjfanning
Copy link
Member Author

pjfanning commented Dec 29, 2023

@He-Pin @mdedetrich is this something we can merge into main branch? Jackson 2.16 has quite a bit of security hardening.

@pjfanning
Copy link
Member Author

pjfanning commented Jan 6, 2024

@mdedetrich if we are getting close to creating an RC for the M1 of pekko 1.1.0, I would like to get this merged.

@mdedetrich
Copy link
Contributor

mdedetrich commented Jan 6, 2024

Okay ill look at it in more detail tomorrow

nvollmar
nvollmar approved these changes Jan 6, 2024
View reviewed changes
Copy link
Contributor

@nvollmar nvollmar left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

lgtm

He-Pin
He-Pin approved these changes Jan 6, 2024
View reviewed changes
Copy link
Member

@He-Pin He-Pin left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Lgtm

serialization-jackson/src/main/resources/reference.conf
max-name-length = 50000
# max-document-length of -1 means unlimited
max-document-length = -1
}
Copy link
Member

@He-Pin He-Pin Jan 6, 2024

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Add a blank line here

@pjfanning pjfanning merged commit 3f97d9f into apache:main Jan 6, 2024
@pjfanning pjfanning deleted the jackson-2.15 branch January 6, 2024 19:07
This was referenced Feb 29, 2024
Closed
Closed
@pjfanning pjfanning mentioned this pull request Jul 8, 2024
Closed
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

@laglangyue laglangyue laglangyue left review comments

@He-Pin He-Pin He-Pin approved these changes

@nvollmar nvollmar nvollmar approved these changes

@mdedetrich mdedetrich Awaiting requested review from mdedetrich

@jrudolph jrudolph Awaiting requested review from jrudolph

@gmethvin gmethvin Awaiting requested review from gmethvin

Assignees

No one assigned

Labels

None yet

Projects

None yet

Milestone

1.1.0-M1

Development

Successfully merging this pull request may close these issues.

5 participants

@pjfanning @mdedetrich @He-Pin @nvollmar @laglangyue