Compatibility with previous release
Version 3.5 is source and binary compatible with 3.4.
Compatibility with older releases (< 3.3, 2.x)
Since 3.3 release, the default setting for permissions that determine which packages, classes and methods are
accessible to scripts has been reduced to a very narrow set. When migrating from previous version of JEXL,
this may result in breaking your application behavior ; this breaking change requires remediation in your code.
Despite the obvious inconvenience - our sincere apologies on the matter -, how much functional and semantic
power is accessible through scripts has a real impact on your application security and stability ;
that potential risk requires an informed review and conscious choice on your end.
To mitigate the change, you can revert to the previous behavior with one line of code
(see JexlPermissions,
JexlBuilder
and
JexlScriptEngine
) or use this
opportunity to reduce exposure. Whether Files, URLs, networking, processes, class-loaders or reflection classes
or whether loops or side effects are accessible are part of your choice to make.
What's new in 3.5:
A feature that captures variables as references allowing side effect from a lambda to its
outer scope; this is mimicking JavaScript scoping rule (JEXL-426).
New Features in 3.5:
| JEXL-438: |
Allow parser factory specification. |
| JEXL-428: |
Make Comparable object high priority while comparing. |
| JEXL-427: |
Avoid coercing logical expressions to boolean. |
| JEXL-426: |
Enable pass-by-reference for Captured Variables |
Bugs Fixed in 3.5:
| JEXL-436: |
The increment (decrement) operator does not check for null operand. |
| JEXL-435: |
Changed behavior of empty operator overloading action. |
| JEXL-434: |
The safe-access array operator is not safe. |
| JEXL-433: |
Debugger does not accept empty return statement. |
| JEXL-432: |
Namespace functors are not cleared when the classloader is updated. |
| JEXL-431: |
Parse error with variables declared in a catch clause. |
| JEXL-429: |
Ternary expression regression. |
| JEXL-425: |
Multiline format literals does not always return string. |
What was new in 3.4:
Features and permissions are easier to define through new methods.
Some new syntaxes are introduced ; try/catch/finally (including with resources),
an array-access safe navigation ((x?[y]), strict equality/inequality operators (===, !==),
instanceof/!instanceof operators and more permissive structured literals.
New Features in 3.4:
| JEXL-423: |
Add support for instanceof / !instanceof |
| JEXL-422: |
Add strict equality (===) and inequality (!==) operators |
| JEXL-421: |
ArrayBuilder: array type should reflect common class of its entries |
| JEXL-419: |
Add permission syntax to allow class/method/field |
| JEXL-418: |
Add try-catch-finally support |
| JEXL-408: |
Using JexlFeatures is tedious |
| JEXL-404: |
Support array-access safe navigation (x?[y]) |
| JEXL-401: |
Captured variables should be read-only |
| JEXL-398: |
Allow 'trailing commas' or ellipsis while defining array, map and set literals |
Bugs Fixed in 3.4:
| JEXL-420: |
Error while comparing float and string value |
| JEXL-417: |
JexlArithmetic looses precision during arithmetic operator execution |
| JEXL-416: |
Null-valued pragma throws NPE in 3.3 |
| JEXL-415: |
Incorrect template eval result |
| JEXL-414: |
SoftCache may suffer from race conditions |
| JEXL-412: |
Ambiguous syntax between namespace function call and map object definition. |
| JEXL-410: |
JexlFeatures: ctor does not enable all features |
| JEXL-409: |
Disable LEXICAL should disable LEXICAL_SHADE |
| JEXL-405: |
Recursive functions corrupt evaluation frame if reassigned |
| JEXL-403: |
Exception while evaluating template literal used in array assignment in loop. |
| JEXL-402: |
parse failed with empty return value. |
|
