Releases: quickfix-j/quickfixj
3.0.1
QuickFIX/J 3.0.1
This release includes bug fixes, dependency and build-tool updates, test stabilization improvements, documentation updates, and project maintenance changes.
Dependency and build updates
Maven ecosystem
-
org.apache.maven.plugins:maven-shade-plugin updated from 3.6.1 to 3.6.2
PR #1155 by @dependabot[bot] -
org.apache.maven.plugins:maven-resources-plugin updated from 3.4.0 to 3.5.0
PR #1154 by @dependabot[bot] -
org.apache.maven:maven-plugin-api updated in three consecutive steps:
- 3.9.12 → 3.9.13 in PR #1157 by @dependabot[bot]
- 3.9.13 → 3.9.14 in PR #1161 by @dependabot[bot]
- 3.9.14 → 3.9.15 in PR #1187 by @dependabot[bot]
-
org.apache.maven.plugins:maven-invoker-plugin updated from 3.9.1 to 3.10.0
PR #1197 by @dependabot[bot]
Build automation and workflow dependencies
-
SmartsquareGmbH/delete-old-packages updated from 0.8.1 to 1.0.0
PR #1165 by @dependabot[bot] -
peter-evans/create-pull-request updated from 7 to 8
PR #1192 by @dependabot[bot]
Library updates
-
io.netty:netty-example updated from 4.2.10.Final to 4.2.12.Final
PR #1176 by @dependabot[bot] -
org.codehaus.plexus:plexus-utils updated from 4.0.2 to 4.0.3
PR #1177 by @dependabot[bot] -
jaxen:jaxen updated from 2.0.0 to 2.0.1
PR #1186 by @dependabot[bot] -
commons-io:commons-io updated from 2.21.0 to 2.22.0
PR #1193 by @dependabot[bot] -
junit.jupiter.version updated from 5.14.3 to 5.14.4
PR #1196 by @dependabot[bot] -
Apache MINA updated to 2.2.7 to unblock Dependabot security updates and remove a stale config-level ignore
PR #1217 by @Copilot
Maven Wrapper and release automation
-
Added a scheduled workflow to automatically update the Maven Wrapper and Maven distribution
PR #1188 by @Copilot -
Fixed version detection so the latest stable Maven version is derived from
<version>entries instead of the<release>tag
PR #1189 by @Copilot -
Updated the Maven Wrapper to 3.9.15
PR #1190 by @github-actions[bot] -
Adjusted the cron schedule and PR commit message for Maven Wrapper update automation
PR #1191 by @chrjohn
Bug fixes and stability improvements
-
Trimmed oversized
Message StringBuilderinstances to page size
PR #1159 by @the-thing -
Suppressed noisy
WriteToClosedSessionExceptionerrors
PR #1166 by @the-thing -
Improved
SSLFiltersocket linger handling
PR #1178 by @the-thing -
Reset disabled sessions per
SessionScheduleto avoid message loss on Logon
PR #1181 by @Ra9huvansh -
Fixed a compiler warning in
SSLCertificateTest.parameters()
PR #1213 by @Copilot -
Stabilized external-DTD dictionary loading in
MessageTestusing shorter timeouts and bounded retries
PR #1220 by @Copilot -
Added per-test logging to
SocksProxyTestto improve diagnosis of test behavior
PR #1222 by @Copilot -
Improved proxy-related test coverage with HTTP proxy tests
PR #1152 by @the-thing -
Included a collection of static inner class cleanups, autoboxing improvements, and typo fixes
PR #1057 by @abhishekraha
Documentation improvements
-
Updated the Maven Central badge to Sonatype Central
PR #1153 by @chrjohn -
Added the FixMock library link to the README
PR #1162 by @chrjohn -
Updated supported versions in
SECURITY.md
PR #1163 by @chrjohn -
Converted configuration options to Markdown
PR #1160 by @chrjohn -
Fixed spelling and grammar in
configuration.md
PR #1168 by @chrjohn -
Fixed non-self-closing
<br>tags inconfiguration.md
PR #1169 by @Copilot -
Updated links and descriptions in
configuration.md
PR #1170 by @chrjohn -
Updated a section title from “QuickFIX” to “QuickFIX/J”
PR #1174 by @chrjohn -
Added documentation for the threading model
PR #1180 by @Copilot
Project maintenance and repository cleanup
-
Updated the deployment step to include a retry mechanism
PR #1182 by @chrjohn -
Extracted
quickfixj-class-pruner-maven-plugininto a standalone repository
PR #1184 by @Copilot -
Deleted the
quickfixj-class-pruner-maven-plugindirectory after extraction
PR #1209 by @chrjohn -
Cleaned up the POM after
class-prunerwas moved to its own repository
PR #1210 by @Copilot -
Updated
dependabot.ymlto ignore a specific Maven dependency
PR #1216 by @chrjohn
New Contributors
- @abhishekraha made their first contribution in PR #1057
- @github-actions[bot] made their first contribution in PR #1190
- @Ra9huvansh made their first contribution in PR #1181
Full Changelog: QFJ_RELEASE_3_0_0...QFJ_RELEASE_3_0_1
Contributors
Assets 2
3.0.0
Release notes: https://github.com/quickfix-j/quickfixj/wiki/QFJ-3.0.0-release-notes
Full Changelog: QFJ_RELEASE_2_3_2...QFJ_RELEASE_3_0_0
New Contributors
- @zhaojunmo made their first contribution in #404
- @esanchezros made their first contribution in #395
- @fillreject made their first contribution in #352
- @dparui made their first contribution in #316
- @JKlmrk made their first contribution in #489
- @raipc made their first contribution in #462
- @korzha made their first contribution in #380
- @harinda05 made their first contribution in #549
- @stasal made their first contribution in #451
- @busy-spin made their first contribution in #573
- @vinipx made their first contribution in #575
- @jacques0803 made their first contribution in #481
- @andreasbuechel made their first contribution in #649
- @msmat0 made their first contribution in #658
- @ChoiJunsik made their first contribution in #750
- @spoerri made their first contribution in #767
- @wajncn made their first contribution in #775
- @gbirchmeier made their first contribution in #889
- @andreydp made their first contribution in #674
- @frankk-d made their first contribution in #957
- @krisbanas made their first contribution in #950
- @jetbrains-junie[bot] made their first contribution in #982
- @Ramonster1 made their first contribution in #988
- @wilson-zh made their first contribution in #1083
- @Copilot made their first contribution in #1094
- @ishabandi67 made their first contribution in #819
Contributors
Assets 2
2.3.2
This is a bug fix release. It contains only few bug fixes and upgrades the MINA library to 2.2.4 since prior versions are vulnerable to RCE: https://www.cve.org/CVERecord?id=CVE-2024-52046 . However, QFJ is not directly affected by this since it does not use the affected ObjectSerializationCodecFactory.
https://github.com/quickfix-j/quickfixj/wiki/QuickFIX-J-2.3.2-release-notes
2.3.1
This is a bug fix release. It contains a fix for an issue which could lead to an infinite loop and/or out-of-memory condition on reception of a malformed message, hence rendering the application unusable. All QFJ versions below 2.2.1 and 2.3.1 are affected by this bug.
https://github.com/quickfix-j/quickfixj/wiki/QFJ-2.2.1-and-2.3.1-release-notes
2.2.1
This is a bug fix release. It contains a fix for an issue which could lead to an infinite loop and/or out-of-memory condition on reception of a malformed message, hence rendering the application unusable. All QFJ versions below 2.2.1 and 2.3.1 are affected by this bug.
https://github.com/quickfix-j/quickfixj/wiki/QFJ-2.2.1-and-2.3.1-release-notes