diff --git a/.github/workflows/codeql.yml b/.github/workflows/codeql.yml
index 09ecffa63..1fa1ba22b 100644
--- a/.github/workflows/codeql.yml
+++ b/.github/workflows/codeql.yml
@@ -40,7 +40,7 @@ jobs:
# Initializes the CodeQL tools for scanning.
- name: Initialize CodeQL
- uses: github/codeql-action/init@ea9e4e37992a54ee68a9622e985e60c8e8f12d9f # v3.27.4
+ uses: github/codeql-action/init@f09c1c0a94de965c15400f5634aa42fac8fb8f88 # v3.27.5
with:
languages: ${{ matrix.language }}
# If you wish to specify custom queries, you can do so here or in a config file.
@@ -59,6 +59,6 @@ jobs:
./mvnw --batch-mode clean install -Padoptium,-adoptopenjdk
- name: Perform CodeQL Analysis
- uses: github/codeql-action/analyze@ea9e4e37992a54ee68a9622e985e60c8e8f12d9f # v3.27.4
+ uses: github/codeql-action/analyze@f09c1c0a94de965c15400f5634aa42fac8fb8f88 # v3.27.5
with:
category: "/language:${{matrix.language}}"
diff --git a/adoptium-api-versions/pom.xml b/adoptium-api-versions/pom.xml
index e4c01df47..d309a586f 100644
--- a/adoptium-api-versions/pom.xml
+++ b/adoptium-api-versions/pom.xml
@@ -20,7 +20,7 @@
3.8.0
UTF-8
UTF-8
- 3.16.3
+ 3.17.0
5.5.0
diff --git a/adoptium-frontend-parent/adoptium-api-v3-frontend/src/main/kotlin/net/adoptium/api/v3/CacheControlService.kt b/adoptium-frontend-parent/adoptium-api-v3-frontend/src/main/kotlin/net/adoptium/api/v3/CacheControlService.kt
index e26371ab6..6f473ecc6 100644
--- a/adoptium-frontend-parent/adoptium-api-v3-frontend/src/main/kotlin/net/adoptium/api/v3/CacheControlService.kt
+++ b/adoptium-frontend-parent/adoptium-api-v3-frontend/src/main/kotlin/net/adoptium/api/v3/CacheControlService.kt
@@ -11,6 +11,9 @@ import net.adoptium.api.v3.dataSources.APIDataStore
import org.jboss.resteasy.reactive.common.headers.CacheControlDelegate
import org.jboss.resteasy.reactive.common.util.ExtendedCacheControl
import org.jboss.resteasy.reactive.server.ServerResponseFilter
+import java.math.BigInteger
+import java.security.MessageDigest
+import java.util.*
@Provider
@@ -28,9 +31,19 @@ class CacheControlService @Inject constructor(private var apiDataStore: APIDataS
return CACHE_CONTROLLED_PATHS.any { path.startsWith(it) }
}
+ private fun calculateEtag(requestContext: ContainerRequestContext): String {
+ val md = MessageDigest.getInstance("SHA1")
+ if (apiDataStore.getUpdateInfo().hexChecksum != null) {
+ md.update(HexFormat.of().parseHex(apiDataStore.getUpdateInfo().hexChecksum))
+ }
+ md.update(requestContext.uriInfo.requestUri.toString().toByteArray())
+ return BigInteger(1, md.digest()).toString(16)
+ }
+
override fun filter(requestContext: ContainerRequestContext?) {
if (isCacheControlledPath(requestContext)) {
- val etag = apiDataStore.getUpdateInfo().hexChecksum
+ val etag = calculateEtag(requestContext!!)
+
val lastModified = apiDataStore.getUpdateInfo().lastModified
if (lastModified == null || etag == null) {
@@ -51,6 +64,7 @@ class CacheControlService @Inject constructor(private var apiDataStore: APIDataS
@ServerResponseFilter
fun responseFilter(requestContext: ContainerRequestContext?, responseContext: ContainerResponseContext?) {
if (isCacheControlledPath(requestContext)) {
+
val ecc = ExtendedCacheControl();
ecc.isPublic = true
ecc.maxAge = MAX_CACHE_AGE_IN_SEC
@@ -61,7 +75,9 @@ class CacheControlService @Inject constructor(private var apiDataStore: APIDataS
return
}
- responseContext?.headers?.add("ETag", apiDataStore.getUpdateInfo().hexChecksum)
+ val etag = calculateEtag(requestContext!!)
+
+ responseContext?.headers?.add("ETag", etag)
responseContext?.headers?.add("Last-Modified", apiDataStore.getUpdateInfo().lastModifiedFormatted)
responseContext?.headers?.add("Cache-Control", CacheControlDelegate.INSTANCE.toString(ecc))
}
diff --git a/adoptium-frontend-parent/adoptium-api-v3-frontend/src/test/kotlin/net/adoptium/api/AssetsResourceFeatureReleasePathTest.kt b/adoptium-frontend-parent/adoptium-api-v3-frontend/src/test/kotlin/net/adoptium/api/AssetsResourceFeatureReleasePathTest.kt
index bf1ea5040..5e3adb774 100644
--- a/adoptium-frontend-parent/adoptium-api-v3-frontend/src/test/kotlin/net/adoptium/api/AssetsResourceFeatureReleasePathTest.kt
+++ b/adoptium-frontend-parent/adoptium-api-v3-frontend/src/test/kotlin/net/adoptium/api/AssetsResourceFeatureReleasePathTest.kt
@@ -250,7 +250,7 @@ class AssetsResourceFeatureReleasePathTest : AssetsPathTest() {
.statusCode(200)
.assertThat()
.header("Cache-Control", Matchers.equalTo("public, no-transform, s-maxage=120, max-age=120"))
- .header("ETag", Matchers.equalTo("d76df8e7aefcf7"))
+ .header("ETag", Matchers.equalTo("808bc9e876e1dd5e15b8eb3377618e1c1b313a1e"))
.header("Last-Modified", Matchers.notNullValue())
}
@@ -258,7 +258,7 @@ class AssetsResourceFeatureReleasePathTest : AssetsPathTest() {
fun `if none match applied`() {
RestAssured.given()
.`when`()
- .header("If-None-Match", "d76df8e7aefcf7")
+ .header("If-None-Match", "808bc9e876e1dd5e15b8eb3377618e1c1b313a1e")
.get("/v3/assets/feature_releases/8/ga")
.then()
.statusCode(304)
@@ -268,7 +268,7 @@ class AssetsResourceFeatureReleasePathTest : AssetsPathTest() {
fun `etag applied match applied`() {
RestAssured.given()
.`when`()
- .header("If-Match", "d76df8e7aefcf7")
+ .header("If-Match", "808bc9e876e1dd5e15b8eb3377618e1c1b313a1e")
.get("/v3/assets/feature_releases/8/ga")
.then()
.statusCode(200)
diff --git a/adoptium-updater-parent/adoptium-api-v3-updater/src/main/kotlin/net/adoptium/api/v3/V3Updater.kt b/adoptium-updater-parent/adoptium-api-v3-updater/src/main/kotlin/net/adoptium/api/v3/V3Updater.kt
index 1764c6ed8..1a33f7b89 100644
--- a/adoptium-updater-parent/adoptium-api-v3-updater/src/main/kotlin/net/adoptium/api/v3/V3Updater.kt
+++ b/adoptium-updater-parent/adoptium-api-v3-updater/src/main/kotlin/net/adoptium/api/v3/V3Updater.kt
@@ -55,7 +55,7 @@ class V3Updater @Inject constructor(
private val LOGGER = LoggerFactory.getLogger(this::class.java)
fun calculateChecksum(repo: AdoptRepos): String {
- val md = MessageDigest.getInstance("MD5")
+ val md = MessageDigest.getInstance("SHA256")
val outputStream = object : OutputStream() {
override fun write(b: Int) {
md.update(b.toByte())
@@ -269,6 +269,8 @@ class V3Updater @Inject constructor(
LOGGER.info("Updating Release Notes")
adoptReleaseNotes.updateReleaseNotes(repo)
+ printRepoDebugInfo(currentRepo, repo, repo)
+
LOGGER.info("Full update done")
return@runBlocking repo
}
diff --git a/adoptium-updater-parent/adoptium-api-v3-updater/src/test/kotlin/net/adoptium/api/V3UpdaterTest.kt b/adoptium-updater-parent/adoptium-api-v3-updater/src/test/kotlin/net/adoptium/api/V3UpdaterTest.kt
index 75997d588..43caf4dd5 100644
--- a/adoptium-updater-parent/adoptium-api-v3-updater/src/test/kotlin/net/adoptium/api/V3UpdaterTest.kt
+++ b/adoptium-updater-parent/adoptium-api-v3-updater/src/test/kotlin/net/adoptium/api/V3UpdaterTest.kt
@@ -25,7 +25,7 @@ class V3UpdaterTest {
fun `checksum works`() {
runBlocking {
val checksum = V3Updater.calculateChecksum(BaseTest.adoptRepos)
- assertTrue(checksum.length == 24)
+ assertTrue(checksum.length == 44)
}
}
diff --git a/pom.xml b/pom.xml
index 7371c837e..e53c1c728 100644
--- a/pom.xml
+++ b/pom.xml
@@ -57,7 +57,7 @@
3.1.2
3.6.0
2.4.0
- 7.9.0
+ 7.10.0
1.17.1
3.26.0
3.8.0
@@ -82,7 +82,7 @@
4.7.3
UTF-8
UTF-8
- 3.16.3
+ 3.17.0