chore(deps): bump io.ktor:ktor-server-sessions-jvm from 2.3.5 to 3.0.1

[dependabot]

Bumps io.ktor:ktor-server-sessions-jvm from 2.3.5 to 3.0.1.

Release notes

Sourced from io.ktor:ktor-server-sessions-jvm's releases.

3.0.1

Published 29 October 2024

Bugfixes

• Remove space from the default client user agent (KTOR-7655)
• Url.segments throws on URLs with root path (KTOR-7625)
• Digest Auth does not implement nc parameter correctly according to RFC 7616 (KTOR-4318)
• about:blank URL should be parsed correctly as about:blank (KTOR-7410)
• ByteReadChannel.{readShort/readInt/readLong} could lead to CPU-bound indefinite loop since 3.0.0 (KTOR-7571)
• CIO: Requests face connection timeouts when executed on the Android main dispatcher (KTOR-6803)
• receiveMultipart fails with "IOException: Failed to parse multipart" when content-type is capitalized (KTOR-7596)

Improvements

• WebSockets logging: The plugin calls toString() unnecessarily on transformed response body (KTOR-7623)
• INFO log message with all server interceptors on server startup (KTOR-7326)
• Digest auth: username and cnonce parameters aren't surrounded with quotes (KTOR-7561)
• ContentType.fromFilePath for newer file formats HEIC, AVIF, HEIF (KTOR-7536)
• Support missing native targets in ktor-serialization-kotlinx-xml (KTOR-7583)

3.0.0

Published 9 October 2024

Bugfixes

• Darwin: The maxFrameSize option has no effect (KTOR-6963)
• KotlinReflectionInternalError (createClientPlugin) when running release APK on Android (KTOR-7479)
• Netty: UnsupportedOperationException is thrown when responding in CallSetup and CORS plugin is installed (KTOR-4433)
• MicrometerMetrics: Prometheus meter registry 1.13.0 generates configuration warning (KTOR-7035)
• Websockets/Auth: ProtocolException when requesting protected WebSockets endpoint (KTOR-7363)
• Data truncated in receiveParameters and receiveMultipart (KTOR-7201)
• The pathSegments returns empty strings for trailing slashes (KTOR-4402)
• HttpRequestRetry: exponential delay doesn't work for delays <= 1 second (KTOR-7294)
• JS browser: "Error: HttpClientCall expected" on HTTP request when targeting es2015 (KTOR-6882)
• Incomplete write using io.ktor.util.cio.FileChannelsKt#writeChannel (KTOR-1618)
• response.content.copyAndClose(targetFile.writeChannel()) sometimes loses some bytes (KTOR-3003)
• ByteWriteChannel.flush is not Waiting Until Flushing the Internal Buffer to the Destination (KTOR-3102)
• CORS check fails when the Origin header has a value without trailing slash (KTOR-5936)
• Closing socket and selector leaks descriptor on native (KTOR-7255)
• ConnectionUtilsNative leaks descriptors on error (KTOR-6977)
• withTimeout doesn't cancel socket connection on native (KTOR-5289)
• MockEngine: the ability to set dispatcher is removed (KTOR-6417)

Improvements

• Misleading readBytes method name (KTOR-6596)
• Remove reflection utils used only on JVM target from common source set (KTOR-7540)
• Weak security algorithm (MD5) in FileCacheStorage (KTOR-6589)
• Missing constants for AcceptEncoding (KTOR-6412)
• Add respondFile overload with Path parameters (KTOR-7202)
• MalformedInputException confusingly is a Throwable but not an Exception (KTOR-7316)
• CSRF: The allowOrigin method enables the Origin Header validation (KTOR-6695)
• Auth: Drop marker interface requirements (KTOR-7323)

... (truncated)

Changelog

Sourced from io.ktor:ktor-server-sessions-jvm's changelog.

3.0.1

Published 29 October 2024

Bugfixes

• Remove space from the default client user agent (KTOR-7655)
• Url.segments throws on URLs with root path (KTOR-7625)
• Digest Auth does not implement nc parameter correctly according to RFC 7616 (KTOR-4318)
• about:blank URL should be parsed correctly as about:blank (KTOR-7410)
• ByteReadChannel.{readShort/readInt/readLong} could lead to CPU-bound indefinite loop since 3.0.0 (KTOR-7571)
• CIO: Requests face connection timeouts when executed on the Android main dispatcher (KTOR-6803)
• receiveMultipart fails with "IOException: Failed to parse multipart" when content-type is capitalized (KTOR-7596)

Improvements

• WebSockets logging: The plugin calls toString() unnecessarily on transformed response body (KTOR-7623)
• INFO log message with all server interceptors on server startup (KTOR-7326)
• Digest auth: username and cnonce parameters aren't surrounded with quotes (KTOR-7561)
• ContentType.fromFilePath for newer file formats HEIC, AVIF, HEIF (KTOR-7536)
• Support missing native targets in ktor-serialization-kotlinx-xml (KTOR-7583)

3.0.0

Published 9 October 2024

Bugfixes

• Darwin: The maxFrameSize option has no effect (KTOR-6963)
• KotlinReflectionInternalError (createClientPlugin) when running release APK on Android (KTOR-7479)
• Netty: UnsupportedOperationException is thrown when responding in CallSetup and CORS plugin is installed (KTOR-4433)
• MicrometerMetrics: Prometheus meter registry 1.13.0 generates configuration warning (KTOR-7035)
• Websockets/Auth: ProtocolException when requesting protected WebSockets endpoint (KTOR-7363)
• Data truncated in receiveParameters and receiveMultipart (KTOR-7201)
• The pathSegments returns empty strings for trailing slashes (KTOR-4402)
• HttpRequestRetry: exponential delay doesn't work for delays <= 1 second (KTOR-7294)
• JS browser: "Error: HttpClientCall expected" on HTTP request when targeting es2015 (KTOR-6882)
• Incomplete write using io.ktor.util.cio.FileChannelsKt#writeChannel (KTOR-1618)
• response.content.copyAndClose(targetFile.writeChannel()) sometimes loses some bytes (KTOR-3003)
• ByteWriteChannel.flush is not Waiting Until Flushing the Internal Buffer to the Destination (KTOR-3102)
• CORS check fails when the Origin header has a value without trailing slash (KTOR-5936)
• Closing socket and selector leaks descriptor on native (KTOR-7255)
• ConnectionUtilsNative leaks descriptors on error (KTOR-6977)
• withTimeout doesn't cancel socket connection on native (KTOR-5289)
• MockEngine: the ability to set dispatcher is removed (KTOR-6417)

Improvements

• Misleading readBytes method name (KTOR-6596)
• Remove reflection utils used only on JVM target from common source set (KTOR-7540)
• Weak security algorithm (MD5) in FileCacheStorage (KTOR-6589)
• Missing constants for AcceptEncoding (KTOR-6412)
• Add respondFile overload with Path parameters (KTOR-7202)
• MalformedInputException confusingly is a Throwable but not an Exception (KTOR-7316)
• CSRF: The allowOrigin method enables the Origin Header validation (KTOR-6695)

... (truncated)

Commits

• 205479f Release 3.0.1 (#4432)
• e5e8ae7 KTOR-6158 JS. Remove redundant require calls (#4422)
• 8c271cb KTOR-7596 Make multipart Content-Type check case-insensitive (#4413)
• 5a7bf7f KTOR-7623 Evaluate trace logs lazily in WebSockets client plugin (#4429)
• 0ae547f KTOR-7326 Remove debug implementation of Pipeline.toString (#4419)
• 4f45166 Update ktor monorepo to v3.0.1-eap-1122 (#4415)
• 451f664 KTOR-7625: Url.segments parsing fix
• 95426ce chore: remove redundant backticks (#4425)
• 3d71a28 Update dependency org.apache.velocity:velocity-engine-core to v2.4.1 (#4416)
• caceb62 Update dependency org.junit.jupiter:junit-jupiter to v5.11.3 (#4417)
• Additional commits viewable in compare view

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

---

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

• @dependabot rebase will rebase this PR
• @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
• @dependabot merge will merge this PR after your CI passes on it
• @dependabot squash and merge will squash and merge this PR after your CI passes on it
• @dependabot cancel merge will cancel a previously requested merge and block automerging
• @dependabot reopen will reopen this PR if it is closed
• @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
• @dependabot show <dependency name> ignore conditions will show all of the ignore conditions of the specified dependency
• @dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
• @dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
• @dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)