Please refer to GitHub releases for the most up-to-date release notes.
v2.0.0: Dec 10, 2019
Add TLS socket logging appender (#2317)
EmptyOptionalNoContentExceptionMapperfor returning 204 responses on empty
Add configuration for excluding mime types and paths to gzip (#2356)
Support expirable log level configurations (#2375)
Add additional syslog logging facilities (#2381)
Add opt-in logging throttling via the
messageRateconfig property (#2384)
UUIDParamsaccepting input of incorrect length (#2382)
Fix resource endpoints injected via DI not being logged on startup (#2389)
Disable protocols less secure than TLS v1.2 by default (#2417)
totalSizeCapto file log appender (#2502)
Gzipped content encoded requests and responses are compatible with Servlet 3.1 and Async IO (#2566)
Retired use of deprecated Apache
StrLookupclasses and replaced them with Apache’s
Bundlein favor of
Allow unknown JSON properties (i.e. disable
DeserializationFeature.FAIL_ON_UNKNOWN_PROPERTIES) by default (#2570)
*Paramclasses and will be removed in 3.0.0 (#2637)
Add data size class adhering to the correct SI and IEC prefixes (#2686)
Added PortDescriptor class and method in ServerLifeCycleListener to provide a list of PortDescriptors, detailing all listening information for the application (#2711)
Add support for proxy-protocol in http connector configuration (#2709)
X-Forwarded-*headers by default (#2748)
Fix typo by renaming
Adds an opt-in URI request logging filter factory (UriFilterFactory) (#2794)`
Add support for configuring Jetty’s cookie compliance (#2812)
Authorizer.authorize(principal, role)in favor of
Authorizer.authorize(principal, role, context)(#2837)
Fix undefined config environment variables with a default value causing an exception in strict mode (#2801)
@JsonPropertyto AbstractServerFactory setters
Add InjectValidatorBundle that enable context injection into validators
Add JUnit 5 Example to Testing Clients (#2367)
Add TLS socket logging appender
Add config settings for tasks and health check resources (#3037)
Add current class loader to javassist ClassPool
Add mapping for Jetty alpn-boot to Java versions (#2948)
Add missing “to” in BaseConfigurationFactory exception messages (#2869)
Add new constructors to allow specifying a response content type for Task and PostBodyTask, keeping the default as text/plain;charset=UTF-8
Add pip requirements file with Sphinx and dependencies
Add possibility to disable logging bootstrap for ResourceTestRule (#2338)
Add safe Jackson deserializers to prevent a DoS attack (#2511)
Add support for PATCH request to ResourceTestRule client (#2410)
Add support for SLF4J markers to dropwizard-json-logging (#2899)
Add support for disabled metric attributes on ConsoleReporterFa… (#2976)
Add support for logging caller data in dropwizard-json-logging
Add support for pathQuery json access log attribute
Added support for independently client-specified JCE Providers for both keystore and truststore (#2390)
Addressed ThrottlingLoggingAppenderTest issues
Adds a request logging url filter. Fixes #2794
Allow full customization of HttpClientBuilder (#2864)
Allow reporting Metrics on stop (#2558)
Allow simple logger level config to support “OFF” (#2819)
Allow to disable logging bootstrap in DAOTest
Allow to setNormalizeUri on HTTP client
Appropriately log ssl params
Avoid error message while signing artifacts
Be more precise about use of Metered and Timed annotations
Catch EofException at the jetty handler level
Checkout all freemarker templates with lf line endings
Compiler Warning Cleanup (#2466)
ConnectorProvider Not Set Silently
Convert to lazy evaluation for json event creation (#2506)
Correctly log resource paths with relative path segments (#2923)
Default values allowed on strict undefined config env vars
Dependency reorganization (#2897)
Disable Errorprone: EqualsGetClass check (#2718)
Document TeeFilter for JSON log format (#2596)
DropwizardTestSupport sets ConfigurationFactoryFactory too early (#2551)
Enable Jackson Afterburner only on Java 8 (#2966)
DropwizardResourceConfig#forTesting()is using a random port
Exclude javax.el and jakarta.el-api, using glassfish jakarta.el instead (#2750)
Explicitly create BootstrapServiceRegistry in SessionFactoryFac… (#2977)
Extend from AbstractHandlerContainer instead of AbstractHandler (#2460)
Fix Incomplete TaskServletTest Method Stubbing To Avoid NullpointerException In Tests (#3032)
Fix Integration Testing Example (#2364)
Fix Jackson (fuzzy) enum handling (#2599)
Fix date formatting pattern in test (#2585)
Fix deprecation usage of argparse4j
Fix errorpone warnings (#2399)
Fix escape signs and broken @see section (#2331)
Fix illegal reflection warning in DropwizardResourceConfig (#2964)
Fix incorrect reading of somaxconn for tcp backlog on linux (#2430)
Fix jersey attempting to resolve auth filter fields
Fix shared metrics race with multiple environments
Fix tests: Disable FAIL_ON_UNKNOWN_PROPERTIES
Fixed flaky test in CachingAuthorizer (#2683)
Improve Dropwizard test support (#2673)
Improve validation message for min/max duration
Include all Apache Tomcat JDBC ConnectionPool metrics (#2475)
Increases the values in the hibernate validator annotations to actual minimums
Let async logs finish in throttling append test
Make Duration, DataSize, and Size serializable (#2975)
Mark PermissiveEnumDeserializer as cacheable (#2446)
Merge pull request #2316 from dropwizard/move-to-junit5
Merge pull request #2320 from nickbabcock/remove-prereq-
Merge pull request #2324 from nickbabcock/jersey-resolv
Merge pull request #2325 from xiaodong-xie/upgrade-liquibase
Merge pull request #2339 from nickbabcock/argparse4j
Merge pull request #2341 from nickbabcock/freemarker-attributes
Merge pull request #2342 from nickbabcock/env-metric-race
Merge pull request #2344 from manuel-hegner/feature/improve_self_validation
Merge pull request #2349 from nickbabcock/fix-javadoc-errors
Merge pull request #2404 from nickbabcock/cleanup-params-test
Merge pull request #2405 from nickbabcock/log-ssl
Merge pull request #2409 from nickbabcock/inclusive
Merge pull request #2414 from tsundberg/timed-and-meterd-cannot-be-used-at-the-same-time
Merge pull request #2448 from dropwizard/resource-config-random-port
Merge pull request #2487 from zmarois/patch-1
Merge pull request #2509 from mattnelson/json_uri_query
Merge pull request #2514 from bennyz/redundant-the
Merge pull request #2519 from dropwizard/dependency-updates
Merge pull request #2522 from alex-shpak/feature/inject-validator-2
Merge pull request #2541 from shail/eofExceptionIssue
Merge pull request #2549 from minisu/patch-3
Merge pull request #2573 from isaki/throttle_revisit
Merge pull request #2575 from isaki/cache_auth_test_fix
Merge pull request #2576 from sergioescala/removing_unnecessary_import
Merge pull request #2578 from nickbabcock/cve-suppress
Merge pull request #2600 from dropwizard/issue-2539
Merge pull request #2643 from nickbabcock/before-after
Merge pull request #2659 from dropwizard/errorprone-nullaway
Merge pull request #2665 from nickbabcock/sona-example
Merge pull request #2675 from dennyac/dropwizard-jersey-metrics-documentation
Merge pull request #2684 from nickbabcock/logging-docs
Merge pull request #2692 from FredDeschenes/2.0-release-notes-abstractbinder
Merge pull request #2693 from dropwizard/remove-checkstyle
Merge pull request #2703 from slivkamiro/feature/validation-query
Merge pull request #2722 from dropwizard/issue-2721
Merge pull request #2741 from davnicwil/specify-task-response-type
Merge pull request #2760 from dropwizard/issue-2759
Merge pull request #2764 from tristanbuckner/reset_closed_client
Merge pull request #2767 from nickbabcock/test-bind
Merge pull request #2775 from nickbabcock/remove-doc
Merge pull request #2786 from josephlbarnett/javassist-classpath
Merge pull request #2803 from koraytugay/patch-1
Merge pull request #2804 from stevenbenitez/fix/caching-authenticator-doc
Merge pull request #2805 from mzamani1/fix-conscrypt-docs
Merge pull request #2811 from cyberdelia/normalize-uri
Merge pull request #2854 from toadzky/fix-hibernate-validator-values-on-server-factory
Merge pull request #2874 from jamesalfei/master
Merge pull request #2883 from dropwizard/dependency-cleanup
Merge pull request #2919 from alexey-wg2/remove-duplicated-service-entry
Merge pull request #2940 from msymons/master
Merge pull request #2943 from gisripa/requestAttrs_json_logging
Merge pull request #3021 from cjhawley/patch-1
Migrate jetty min data rates to Sizes
Migrate tests to JUnit 5.4.0 (#2493)
Migrate to jetty-only gzip handler (#2566)
Move ResilientSocketOutputStream into io.dropwizard.logging (#2925)
Nested calls to
@UnitOfWorkmethods cause inconsistent behaviour (#2913)
Only override ConfigurationSourceProvider if explicitly provided (#2720)
Overhaul logging resource endpoints
Refactor inject validator bundle to use resourceContext directly
Register HK2 AbstractBinder with Jersey (#3000)
Remove metrics-ganglia completely (#2310)
Remove restrictions on generic type for ConfiguredBundle
Replace InjectValidatorBundle with feature and register by default
Replace JSON string asserts in MultipleContentTypeTest (#3056)
Replace ThrottlingAppenderWrapper with external version
Replace livereload and Guard with sphinx-autobuild
Replace remaining use of Hamcrest with AssertJ (#2444)
Request Uri event should not contain params in tests (#2504)
Return 404 for POST /admin/tasks (#2627)
Rework resource config test for resilient CI
Rewrite of throttling logging appender testing (#2458)
Satisfy optional check before unwrap analyses (#2644)
Simplify SelfValidatingValidator (#2413)
Support URL encoded entry names in
Support configuration of exception details with JSON logging (#2501)
Support custom request executor in HttpClientBuilder (#2959)
Support dumping Jetty config on start/stop (#2743)
Support for requestAttributes in Json access log
Support handling failed commands via
Support nested JUnit 5 tests with
Surround bootclasspath in quotes for special characters in user home
Test deserializing config without JsonAutoDetect
Test support cleanup on before exceptions
UUID param to length check input
Use AtomicReference in LogConfigurationTask for timer
Use Dropwizard’s CharStreams class in DefaultServerFactoryTest
Use Java Stream API in DbDumpCommandTest (#2326)
Use commons-text native undef var detection (#2829)
Use correct property for Dropwizard versions in dropwizard-bom
Use custom public and secret keyrings when signing
Use instrumented thread factory (#2649)
Use strict illegal-access policy on Java 9 and later (#2965)
Allowing validation query to be null #2702
make it possible to created subclass of apache http builder (#2958)
Update JdbiFactory to use metrics’ InstrumentedSqlLogger (#2682)
Bump commons-lang3 to 3.9 (#2732)
Bump Mustache compiler to 0.9.6 (#2616)
Bump Freemarker to 2.3.29 (#2887)
Bump jakarta.el to 3.0.3 (#2912)
Bump JAXB API to 2.3.1 (#2608)
Bump logback-throttling-appender to 1.1.0 (#2928)
Bump Objenesis to 3.1 (#2968)
Bump hsqldb to 2.5.0 (#2788)
v1.3.16: Oct 20, 2019
Upgrade to Jackson 220.127.116.1191020 to address CVE-2019-16942, CVE-2019-16943, and CVE-2019-17531 (#2988)
v1.3.15: Sep 25, 2019
Upgrade to Jackson 2.9.10 to address multiple security issues (#2939)
v1.3.14: Aug 7, 2019
Upgrade to Jackson 18.104.22.16890807 to address multiple security issues (#2871)
v1.3.13: July 16, 2019
v1.3.11: May 9, 2019
Upgrade Jetty to 9.4.18.v20190429
v1.3.10: Apr 29, 2019
Upgrade Jetty to 9.4.17.v20190418
Upgrade commons-lang3 to 3.8.1 to make BOM compatible with Java 11 (#2679)
v1.3.9: Feb 24, 2019
Remove prerequisites from archetype-generated POM (#2320)
Upgrade to Jackson 2.9.8, addressing various CVEs (#2591)
Upgrade JDBI3 to 3.5.1 (#2593)
Upgrade Dropwizard Metrics to 4.0.5 (#2594)
Upgrade Jetty to 9.4.14.v20181114 (#2592)
Update dependencies to latest patch versions (#2628) * Joda-Time 2.10.1 * Apache HttpClient 4.5.7 * Apache Tomcat JDBC Pool: 9.0.14 * Hibernate ORM 5.2.18.Final * Liquibase 3.6.3 * Freemarker 2.3.28 * Mustache 0.9.6 * Javassist 3.24.1-GA * Classmate 1.4.0 * HSQLDB 2.4.1 * Mockito 2.24.0
Upgrade to SLF4J 1.7.26 (CVE-2018-8088)
Upgrade to Tomcat JDBC Connection Pool 9.0.16
Upgrade to Hibernate Validator 5.4.3.Final
v1.3.8: Jan 2, 2019
Fix CVE-2018-10237 by upgrading Guava to 24.1.1 (#2587)
v1.3.7: Oct 2, 2018
Fix incorrect reading of
somaxconnfor TCP backlog on Linux (#2430)
v1.3.6: Oct 1, 2018
v1.3.5: Jun 25, 2018
Upgrade to Jetty 9.4.11.v20180605 to address various security issues
v1.2.8: Jun 25, 2018
Upgrade to Jetty 9.4.11.v20180605 to address various security issues
v1.1.8: Jun 25, 2018
Upgrade to Jetty 9.4.11.v20180605 to address various security issues
v1.3.4: Jun 14, 2018
v1.2.7: Jun 14, 2018
v1.3.3: Jun 6, 2018
v1.3.2: May 11, 2018
v1.2.6: May 11, 2018
v1.3.1: Apr 4, 2018
Upgrade to Jackson 2.9.5 (CVE-2018-7489)
v1.2.5: Apr 4, 2018
Upgrade to Jackson 2.9.5 (CVE-2018-7489)
v1.3.0: Mar 14, 2018
Add Dropwizard testing module for JUnit 5 #2166
Support for building and running Dropwizard on JDK9 #2197
Support for running Dropwizard with native SSL via Conscrypt #2230
Add support for JSON logs in Dropwizard #2232
Add a TCP and UDP log appenders to Dropwizard #2291
Add support for providing a custom logging layout during logging bootstrap #2260
Add context path to logged endpoints #2254
Support multiple extensions for views (breaking change) #2213
Enable auto escaping of strings in Freemarker templates #2251
Allow dynamic constraint validation messages #2246
@SelfValidationannotation as a powerful alternative to
Set a minimal duration for
Migrate deprecated classes from commons-lang to commons-text #2208
Support for setting the
immediateFlushoption for file logging #2193
InstrumentedQueuedThreadPoolfor admin endpoint #2186
Add support for configuring
ServiceUnavailableRetryStrategyfor HTTP clients #2185
Add possibility to configure Jetty’s
Add exclusive mode to
Content-Lengthheader after decompressing HTTP requests #2271
Add support for providing a custom layout during logging bootstrap #2260
Add support for PATCH request to Jersey test client #2288
Add configuration option to
EventJsonLayoutBaseFactoryto flatten MDC #2293
Allow to use custom security provider in HTTP client #2299
Allow lazy initialization of resources in
Make sure Jersey test client uses Dropwizard’s
Allow customizing Hibernate Configuration in
Upgrade to Apache Commons Lang3 3.7
Upgrade to Apache Commons Text 1.2
Upgrade to Apache HttpClient 4.5.5
Upgrade to Apache Tomcat JDBC 9.0.5
Upgrade to Argparse4j 0.8.1
Upgrade to AssertJ 3.9.1
Upgrade to Dropwizard Metrics 4.0.2
Upgrade to Error Prone 2.2.0
Upgrade to Guava 24.0-jre
Upgrade to Hibernate 5.2.15.Final
Upgrade to Jackson 2.9.4
Upgrade Jadira to 7.0.0-rc1 #2272
Upgrade to Jdbi 3.1.0 #2289
Upgrade to JUnit 5.0.3
Upgrade to Mockito 2.15.0
Upgrade to NullAway 0.3.2
v1.2.4: Feb 23, 2018
Upgrade Jackson to 2.9.4 in 1.2.* to address a CVE #2269
v1.2.3: Jan 24, 2018
Enable auto escaping of strings in Freemarker templates #2251
v1.2.2: Nov 27, 2017
Don’t shut down asynchronous executor in Jersey #2221
Add possibility to possibility to extend DropwizardApacheConnector #2220
v1.2.1: Nov 22, 2017
v1.1.6: Nov 2, 2017
Support fromString in FuzzyEnumParamConverter #2161
v1.1.5: Oct 17, 2017
Correctly set up SO_LINGER for the HTTP connector #2176
v1.2.0: Oct 6 2017
Support configuring FileAppender#bufferSize #1951
Improve error handling of @FormParam resources #1982
Add JDBC interceptors through configuration #2030
Support Dropwizard applications without logback #1900
Replace deprecated SizeAndTimeBasedFNATP with SizeAndTimeBasedRollingPolicy #2010
Decrease allowable tomcat jdbc validation interval to 50ms #2051
Add support for setting several cipher suites for HTTP/2 #2119
Remove Dropwizard’s Jackson dependency on Logback #2112
Handle badly formed “Accept-Language” headers #2103
Use LoadingCache in CachingAuthorizer #2096
Client NTLM Authentication #2091
Add optional Jersey filters #1948
Upgrade to Apache commons-lang3 3.6
Upgrade to AssertJ 3.8.0
Upgrade to classmate 1.3.4
Upgrade to Guava 23.1
Upgrade to H2 1.4.196
Upgrade to Hibernate 5.2.11.Final
Upgrade to Hibernate Validator 5.4.1.Final
Upgrade to HSQLDB 2.4.0
Upgrade to Jackson 2.9.1
Upgrade to Jetty 9.4.7.v20170914
Upgrade to JMH 1.19
Upgrade to Joda-Time 2.9.9
Upgrade to Logback 1.2.3
Upgrade to Metrics 3.2.5
Upgrade to Mockito 2.10.0
Upgrade to Mustache.java 0.9.5
Upgrade to Objenesis 2.6
Upgrade to SLF4J 1.7.25
Upgrade to tomcat-jdbc 8.5.23
v1.1.3: Jul 31 2017
v1.1.2 June 27 2017
v1.0.8 June 27 2017
v1.1.1 May 19 2017
Set the console logging context after a reset #1973
Set logging context for file appenders before setting the buffer size #1975
Remove javax.el from jersey-bean-validation #1976
Exclude duplicated JTA 1.1 from dropwizard-hibernate dependencies #1977
Add missing @UnwrapValidatedValue annotations #1993
Fix HttpSessionListener.sessionDestroyed is not being called #2032
Add flag to make ThreadNameFilter optional #2014
v1.1.0: Mar 21 2017
Upgraded to Hibernate ORM 5.2.7, introducing a series of deprecations and API changes in preparation for Hibernate ORM 6 #1871
Add runtime certificate reload via admin task #1799
List available tasks lexically via admin task #1939
Add support for optional resource protection #1931
Invalid enum request parameters result in 400 response with possible choices #1734
Enum request parameters are deserialized in the same fuzzy manner, as the request body #1734
Request parameter name displayed in response to parse failure #1734
DurationParamas a possible request parameter #1734
SizeParamas a possible request parameter #1751
Allow overriding of a default
ExceptionMapperwithout re-registering all other defaults #1768
Allow overriding of default
Finer-grain control of exception behaviour in view renderers #1820
WebApplicationExceptionhandler preserves exception HTTP headers #1912
JerseyClientBuilder can create rx-capable client #1721
Configurable response for empty
Optionalreturn values #1784
Add web test container agnostic way of invoking requests in
Remove OptionalValidatedValueUnwrapper #1583
Allow constraints to be applied to type #1586
Use LoadingCache in CachingAuthenticator #1615
Switch cert and peer validation to false by default #1855
Introduce CachingAuthorizer #1639
Enhance logging of registered endpoints #1804
Flush loggers on command exit instead of destroying logging #1947
Add support for neverBlock on AsyncAppenders #1917
Allow to disable caching of Mustache views #1289
httpComplianceoption to the HTTP configuration #1825
blockingTimeoutoption to the HTTP configuration #1795
GZipHandlersync-flush configurable #1685
Register Jackson parameter-names modules #1908
Native Jackson deserialization of enums when Jackson annotations are present #1909
JsonConfigurationFactoryfor first-class support of the JSON configuration #1897
Support disabled and enabled attributes for metrics #1957
@UnitOfWorkin sub-resources #1959
Upgraded to Jackson 2.8.7
Upgraded to Hibernate Validator 5.3.4.Final
Upgraded to Hibernate ORM 5.2.8.Final
Upgraded to Jetty 9.4.2.v20170220
Upgraded to tomcat-jdbc 8.5.9
Upgraded to Objenesis 2.5.1
Upgraded to AssertJ 3.6.2
Upgraded to classmate 1.3.3
Upgraded to Metrics 3.2.2 #1970
Upgraded to Mustache 0.9.4 #1766
Upgraded to Mockito 2.7.12
Upgraded to Liquibase 3.5.3
Upgraded to Logback 1.2.1 #1918
Upgraded to JDBI 2.78
Upgraded to Jersey 2.25.1
Upgraded to javassist 3.21.0-GA
Upgraded to Guava 21.0
Upgraded to SLF4J 1.7.24
Upgraded to H2 1.4.193
Upgraded to Joda-Time 2.9.7
Upgraded to commons-lang3 3.5
Upgraded to Apache HTTP Client 4.5.3
Upgraded to Jadira Usertype Core 6.0.1.GA
v1.0.6 Jan 30 2017
v1.0.5 Nov 18 2016
Fix request logs with request parameter in layout pattern #1828
v1.0.4 Nov 14 2016
v1.0.3: Oct 28 2016
v1.0.2: Sep 23 2016
Fix absence of request logs in Dropwizard 1.0.1 #1737
v1.0.1: Sep 21 2016
Allow use of custom HostnameVerifier on clients #1664
Allow to configure failing on unknown properties in the Dropwizard configuration #1677
Fix request attribute-related race condition in Logback request logging #1678
Log Jetty initialized SSLContext not the Default #1698
Fix NPE of non-resource sub-resource methods #1718
v1.0.0: Jul 26 2016
Using Java 8 as baseline
dropwizard-java8bundle merged into mainline #1365
HTTP/2 and server push support #1349
dropwizard-spdymodule is removed in favor of
logback-accessfor HTTP request logging #1415
Support for validating return values in JAX-RS resources #1251
Consistent handling null entities in JAX-RS resources #1251
Support for validating bean members in JAX-RS resources #1572
Returning an HTTP 500 error for entities that can’t be serialized #1347
Support serialisation of lazy loaded POJOs in Hibernate #1466
Support fallback to the
toStringmethod during deserializing enum values from JSON #1340
Support for setting default headers in Apache HTTP client #1354
Printing help once on invalid command line arguments #1376
Support for case insensitive and all single letter
Added a development profile to the build #1364
All the default exception mappers in
ResourceTestRuleare registered by default #1387
Allow DB minSize and initialSize to be zero for lazy connections #1517
Ability to provide own
Support for authentication by polymorphic principals #1392
Support for configuring Jetty’s
Support for using
DropwizardAppRuleat the suite level #1411
Support for adding multiple
Support for obtaining server context paths in the
Support for unlimited log files for file appender #1549
Support for log file names determined by logging policy #1561
Default Graphite reporter port changed from 8080 to 2003 #1538
Upgraded to Apache HTTP Client 4.5.2
Upgraded to argparse4j 0.7.0
Upgraded to Guava 19.0
Upgraded to H2 1.4.192
Upgraded to Hibernate 5.1.0 #1429
Upgraded to Hibernate Validator 5.2.4.Final
Upgraded to HSQLDB 2.3.4
Upgraded to Jadira Usertype Core 5.0.0.GA
Upgraded to Jackson 2.7.6
Upgraded to JDBI 2.73 #1358
Upgraded to Jersey 2.23.1
Upgraded to Jetty 9.3.9.v20160517 #1330
Upgraded to JMH 1.12
Upgraded to Joda-Time 2.9.4
Upgraded to Liquibase 3.5.1
Upgraded to liquibase-slf4j 2.0.0
Upgraded to Logback 1.1.7
Upgraded to Mustache 0.9.2
Upgraded to SLF4J 1.7.21
Upgraded to tomcat-jdbc 8.5.3
Upgraded to Objenesis 2.3
Upgraded to AssertJ 3.4.1
Upgraded to Mockito 2.0.54-beta
v0.9.2: Jan 20 2016
Support @UnitOfWork annotation outside of Jersey resources #1361
v0.9.1: Nov 3 2015
ConfigurationSourceProviderfor reading resources from classpath #1314
Fix serialization of default configuration for
nullvalues in JAX-RS resource method parameters of type
Optional<T>as absent value after conversion #1323
v0.9.0: Oct 28 2015
Various documentation fixes and improvements
Fixed a security bug in
CachingAuthenticatorwith caching results of failed authentication attempts #1082
Correct handling misconfigured context paths in
Returning descriptive constraint violation messages #1039,
Trace logging of failed constraint violations #992
Returning correct HTTP status codes for constraint violations #993
Fixed possible XSS in constraint violations #892
Support for including caller data in appenders #995
Support for defining custom logging factories (e.g. native Logback) #996
Support for defining the maximum log file size in
Support for fixed window rolling policy in
Support for individual logger appenders #1092
Support for disabling logger additivity #1215
Sorting endpoints in the application startup log #1002
Dynamic DNS resolution in the Graphite metric reporter #1004
Support for defining a custom
MetricRegistryduring bootstrap (e.g. with HdrHistogram) #1015
Support for defining a custom
ObjectMapperduring bootstrap. #1112
Added facility to plug-in custom DB connection pools (e.g. HikariCP) #1030
Support for setting a custom DB pool connection validator #1113
Support for enabling of removing abandoned DB pool connections #1264
Support for credentials in a DB data source URL #1260
Support for simultaneous work of several Hibernate bundles #1276
HTTP(S) proxy support for Dropwizard HTTP client #657
Support external configuration of TLS properties for Dropwizard HTTP client #1224
Support for not accepting GZIP-compressed responses in HTTP clients #1270
Support for setting a custom redirect strategy in HTTP clients #1281
Apache and Jersey clients are now managed by the application environment #1061
Support for request-scoped configuration for Jersey client #939
Respecting Jackson feature for deserializing enums using
Support for passing explicit
Configurationvia test rules #1131
On view template error, return a generic error page instead of template not found #1178
In some cases an instance of Jersey HTTP client could be abruptly closed during the application lifetime #1232
Improved build time build by running tests in parallel #1032
Added JMH benchmarks #990
Allow customization of Hibernate
Removed javax.el-2.x in favour of javax.el-3.0
Upgraded to argparse4j 0.6.0
Upgrade to AssertJ 2.2.0
Upgraded to JDBI 2.63.1
Upgraded to Apache HTTP Client 4.5.1
Upgraded to Dropwizard Metrics 3.1.2
Upgraded to Freemarker 2.3.23
Upgraded to H2 1.4.190
Upgraded to Hibernate 4.3.11.Final
Upgraded to Jackson 2.6.3
Upgraded to Jadira Usertype Core 4.0.0.GA
Upgraded to Jersey 2.22.1
Upgraded to Jetty 9.2.13.v20150730
Upgraded to Joda-Time 2.9
Upgraded to JSR305 annotations 3.0.1
Upgraded to Hibernate Validator 5.2.2.Final
Upgraded to Jetty ALPN boot 7.1.3.v20150130
Upgraded to Jetty SetUID support 1.0.3
Upgraded to Liquibase 3.4.1
Upgraded to Logback 1.1.3
Upgraded to Metrics 3.1.2
Upgraded to Mockito 1.10.19
Upgraded to SLF4J 1.7.12
Upgraded to commons-lang3 3.4
Upgraded to tomcat-jdbc 8.0.28
v0.8.5: Nov 3 2015
nullvalues in JAX-RS resource method parameters of type
Optional<T>as absent value after conversion #1323
v0.8.4: Aug 26 2015
Upgrade to Apache HTTP Client 4.5
Upgrade to Jersey 2.21
Fixed user-agent shadowing in Jersey HTTP Client #1198
v0.8.3: Aug 24 2015
Fixed an issue with closing the HTTP client connection pool after a full GC #1160
v0.8.2: Jul 6 2015
v0.8.1: Apr 7 2015
Fixed transaction committing lifecycle for
Fixed noisy Logback messages on startup (#902)
Ability to use providers in TestRule, allows testing of auth & views (#513, #922)
Custom ExceptionMapper not invoked when Hibernate rollback (#949)
Support for setting a time bound on DBI and Hibernate health checks
Default configuration for views
Ensure that JerseyRequest scoped ClientConfig gets propagated to HttpUriRequest
More example tests
Fixed security issue where info is leaked during validation of unauthenticated resources(#768)
v0.8.0: Mar 5 2015
dropwizard-spdyfrom NPN to ALPN
Dropped support for deprecated SPDY/2 in
Upgrade to argparse4j 0.4.4
Upgrade to commons-lang3 3.3.2
Upgrade to Guava 18.0
Upgrade to H2 1.4.185
Upgrade to Hibernate 4.3.5.Final
Upgrade to Hibernate Validator 5.1.3.Final
Upgrade to Jackson 2.5.1
Upgrade to JDBI 2.59
Upgrade to Jersey 2.16
Upgrade to Jetty 9.2.9.v20150224
Upgrade to Joda-Time 2.7
Upgrade to Liquibase 3.3.2
Upgrade to Mustache 0.8.16
Upgrade to SLF4J 1.7.10
Upgrade to tomcat-jdbc 8.0.18
Upgrade to JSR305 annotations 3.0.0
Upgrade to Junit 4.12
Upgrade to AssertJ 1.7.1
Upgrade to Mockito 1.10.17
Support for range headers
Ability to use Apache client configuration for Jersey client
Warning when maximum pool size and unbounded queues are combined
Fixed connection leak in CloseableLiquibase
Support ScheduledExecutorService with daemon thread
Better connection pool metrics
Removed final modifier from Application#run
Fixed gzip encoding to support Jersey 2.x
Configuration to toggle regex [in/ex]clusion for Metrics
Configuration to disable default exception mappers
Configuration support for disabling chunked encoding
Documentation fixes and upgrades
v0.7.1: Jun 18 2014
Added instrumentation to
Task, using metrics annotations.
Added ability to blacklist SSL cipher suites.
@PATCHannotation for Jersey resource methods to indicate use of the HTTP
Added support for configurable request retry behavior for
Added facility to get the admin HTTP port in
ScanningHibernateBundle, which scans packages for entities, instead of requiring you to add them individually.
Added facility to invalidate credentials from the
CachingAuthenticatorthat match a specified
Added a CI build profile for JDK 8 to ensure that Dropwizard builds against the latest version of the JDK.
--schemaoptions to Liquibase.
stackTracePrefixconfiguration option to
SyslogAppenderFactoryto configure the pattern prepended to each line in the stack-trace sent to syslog. Defaults to the TAB character, “t”. Note: this is different from the bang prepended to text logs (such as “console”, and “file”), as syslog has different conventions for multi-line messages.
Added ability to validate
Optionalvalues using validation annotations. Such values require the
@UnwrapValidatedValueannotation, in addition to the validations you wish to use.
Added facility to configure the
HttpClient. Configurable via the
AllowedMethodsFilter. Configure allowed HTTP methods for both the application and admin connectors with
Added support for specifying a
CredentialProviderfor HTTP clients.
Fixed silently overriding Servlets or ServletFilters; registering a duplicate will now emit a warning.
SyslogAppenderFactoryfailing when the application name contains a PCRE reserved character (e.g.
Fixed regression causing JMX reporting of metrics to not be enabled by default.
Fixed transitive dependencies on log4j and extraneous sl4j backends bleeding in to projects. Dropwizard will now enforce that only Logback and slf4j-logback are used everywhere.
Fixed clients disconnecting before the request has been fully received causing a “500 Internal Server Error” to be generated for the request log. Such situations will now correctly generate a “400 Bad Request”, as the request is malformed. Clients will never see these responses, but they matter for logging and metrics that were previously considering this situation as a server error.
DiscoverableSubtypeResolverusing the system
ClassLoader, instead of the local one.
Fixed regression causing Liquibase
--dumpto fail to dump the database.
Fixed the CSV metrics reporter failing when the output directory doesn’t exist. It will now attempt to create the directory on startup.
Fixed global frequency for metrics reporters being permanently overridden by the default frequency for individual reporters.
Fixed tests failing on Windows due to platform-specific line separators.
DropwizardAppTestRuleso that it no longer requires a configuration path to operate. When no path is specified, it will now use the applications’ default configuration.
getMetricsFactory()may now be overridden to provide a custom instance to the framework to use.
Upgraded to Guava 17.0 Note: this addresses a bug with BloomFilters that is incompatible with pre-17.0 BloomFilters.
Upgraded to Jackson 2.3.3
Upgraded to Apache HttpClient 4.3.4
Upgraded to Metrics 3.0.2
Upgraded to Logback 1.1.2
Upgraded to h2 1.4.178
Upgraded to JDBI 2.55
Upgraded to Hibernate 4.3.5 Final
Upgraded to Hibernate Validator 5.1.1 Final
Upgraded to Mustache 0.8.15
v0.7.0: Apr 04 2014
Upgraded to Java 7.
Moved to the
io.dropwizardgroup ID and namespace.
Extracted out a number of reusable libraries:
Extracted out various elements of
Environmentto separate classes:
dropwizard-viewsjust provides infrastructure now.
dropwizard-forms, which provides support for multipart MIME entities.
AppenderFactory, allowing for arbitrary logging appenders for application and request logs.
ConnectorFactory, allowing for arbitrary Jetty connectors.
ServerFactory, with multi- and single-connector implementations.
ReporterFactory, for metrics reporters, with Graphite and Ganglia implementations.
ConfigurationSourceProviderto allow loading configuration files from sources other than the filesystem.
Added setuid support. Configure the user/group to run as and soft/hard open file limits in the
ServerFactory. To bind to privileged ports (e.g. 80), enable
group, then start your application as the root user.
Added builders for managed executors.
Added a default
checkcommand, which loads and validates the service configuration.
Added support for the Jersey HTTP client to
Added Jackson Afterburner support.
Added support for
deflate-encoded requests and responses.
Added support for HTTP Sessions. Add the annotated parameter to your resource method:
@Session HttpSession sessionto have the session context injected.
Added support for a “flash” message to be propagated across requests. Add the annotated parameter to your resource method:
@Session Flash messageto have any existing flash message injected.
Added support for deserializing Java
enumswith fuzzy matching rules (i.e., whitespace stripping,
_equivalence, case insensitivity, etc.).
HibernateBundle#configure(Configuration)for customization of Hibernate configuration.
Added support for Joda Time
DateTimearguments and results when using JDBI.
Added configuration option to include Exception stack-traces when logging to syslog. Stack traces are now excluded by default.
Added the application name and PID (if detectable) to the beginning of syslog messages, as is the convention.
--migrationscommand-line option to
migratecommand to supply the migrations file explicitly.
Validation errors are now returned as
AsyncRequestLog; now standardized on Jetty 9 NCSA format.
Changed logging to be asynchronous. Messages are now buffered and batched in-memory before being delivered to the configured appender(s).
Changed handling of runtime configuration errors. Will no longer display an Exception stack-trace and will present a more useful description of the problem, including suggestions when appropriate.
Changed error handling to depend more heavily on Jersey exception mapping.
Changed default formatting when logging nested Exceptions to display the root-cause first.
ResourceTestRule, a JUnit
Dropped Scala support.
Fixed a shutdown bug in
Fixed formatting of “Caused by” lines not being prefixed when logging nested Exceptions.
Fixed not all available Jersey endpoints were being logged at startup.
Upgraded to argparse4j 0.4.3.
Upgraded to Guava 16.0.1.
Upgraded to Hibernate Validator 5.0.2.
Upgraded to Jackson 2.3.1.
Upgraded to JDBI 2.53.
Upgraded to Jetty 9.0.7.
Upgraded to Liquibase 3.1.1.
Upgraded to Logback 1.1.1.
Upgraded to Metrics 3.0.1.
Upgraded to Mustache 0.8.14.
Upgraded to SLF4J 1.7.6.
Upgraded to Jersey 1.18.
Upgraded to Apache HttpClient 4.3.2.
Upgraded to tomcat-jdbc 7.0.50.
Upgraded to Hibernate 4.3.1.Final.
v0.6.2: Mar 18 2013
Added support for non-UTF8 views.
Fixed an NPE for services in the root package.
Fixed exception handling in
Upgraded to Slf4j 1.7.4.
Upgraded to Jetty 8.1.10.
Upgraded to Jersey 1.17.1.
Upgraded to Jackson 2.1.4.
Upgraded to Logback 1.0.10.
Upgraded to Hibernate 4.1.9.
Upgraded to Hibernate Validator 4.3.1.
Upgraded to tomcat-dbcp 7.0.37.
Upgraded to Mustache.java 0.8.10.
Upgraded to Apache HttpClient 4.2.3.
Upgraded to Jackson 2.1.3.
Upgraded to argparse4j 0.4.0.
Upgraded to Guava 14.0.1.
Upgraded to Joda Time 2.2.
Fixed log formatting for extended stack traces, also now using extended stack traces as the default.
Upgraded to FEST Assert 2.0M10.
v0.6.1: Nov 28 2012
Fixed incorrect latencies in request logs on Linux.
Added ability to register multiple
v0.6.0: Nov 26 2012
Added Hibernate support in
Added Liquibase migrations in
JerseyClient. Use Jersey’s
Moved JDBI support to
Database. Use JDBI’s
Decoupled JDBI support from tomcat-dbcp.
Added group support to
Moved CLI support to argparse4j.
Fixed testing support for
Optionalresource method parameters.
Fixed Freemarker support to use its internal encoding map.
Added property support to
Fixed JDBI metrics support for raw SQL queries.
Dropped Hamcrest matchers in favor of FEST assertions in
Environment, and broke configuration of each into
ScalaService, so be sure to add
Added support for using
Dropped Jerkson in favor of Jackson’s Scala module.
Optionalsupport for JDBI.
Fixed bug in stopping
Upgraded to Metrics 2.2.0.
Upgraded to Jetty 8.1.8.
Upgraded to Mockito 1.9.5.
Upgraded to tomcat-dbcp 7.0.33.
Upgraded to Mustache 0.8.8.
Upgraded to Jersey 1.15.
Upgraded to Apache HttpClient 4.2.2.
Upgraded to JDBI 2.41.
Upgraded to Logback 1.0.7 and SLF4J 1.7.2.
Upgraded to Guava 13.0.1.
Upgraded to Jackson 2.1.1.
Added support for Joda Time.
Upgrading to 0.6.0 will require changing your code. First, your
Service subclass will
need to implement both
#run(T, Environment). What used to be in
initialize should be moved to
Second, your representation classes need to be migrated to Jackson 2. For the most part,
this is just changing imports to
com.fasterxml.jackson.annotation.*, but there are
some subtler changes in functionality.
Finally, references to 0.5.x’s
JDBI classes should be
changed to Jackon’s
Client, and JDBI’s
v0.5.1: Aug 06 2012
Fixed logging of managed objects.
Fixed default file logging configuration.
Added FEST-Assert as a
Added support for Mustache templates (
Added support for arbitrary view renderers.
Fixed command-line overrides when no configuration file is present.
Added support for arbitrary
Upgraded to Guava 13.0 final.
Fixed task path bugs.
Upgraded to Metrics 2.1.3.
JerseyClientConfiguration#compressRequestEntityfor disabling the compression of request entities.
Environment#scanPackagesForResourcesAndProvidersfor automatically detecting Jersey providers and resources.
v0.5.0: Jul 30 2012
Upgraded to JDBI 2.38.1.
Upgraded to Jackson 1.9.9.
Upgraded to Jersey 1.13.
Upgraded to Guava 13.0-rc2.
Upgraded to HttpClient 4.2.1.
Upgraded to tomcat-dbcp 7.0.29.
Upgraded to Jetty 8.1.5.
More general asset specification.
Default filename is now configurable.
Now based on Jackson’s JAX-RS support.
Doesn’t read or write types annotated with
Fixed race conditions in Logback initialization routines.
TaskServletproblems with custom context paths.
jersey-text-framework-coreas an explicit dependency of
dropwizard-testing. This helps out some non-Maven build frameworks with bugs in dependency processing.
NullPointerExceptionproblems with anonymous health check classes.
Added support for serializing/deserializing
ByteBufferinstances as JSON.
supportedProtocolsto SSL configuration, and disabled SSLv2 by default.
Added support for
Optional<Integer>query parameters and others.
Fixed missing thread contexts in logging statements.
Made the configuration file argument for the
Added support for disabling log rotation.
Added support for arbitrary KeyStore types.
Made explicit service names optional.
v0.4.4: Jul 24 2012
Added support for
v0.4.3: Jun 22 2012
Re-enable immediate flushing for file and console logging appenders.
v0.4.2: Jun 20 2012
JsonProcessingExceptionMapper. Now returns human-readable error messages for malformed or invalid JSON as a
400 Bad Request. Also handles problems with JSON generation and object mapping in a developer-friendly way.
v0.4.1: Jun 19 2012
Fixed type parameter resolution in for subclasses of subclasses of
Upgraded to Jackson 1.9.7.
Upgraded to Logback 1.0.6, with asynchronous logging.
Upgraded to Hibernate Validator 4.3.0.
Upgraded to JDBI 2.34.
Upgraded to Jetty 8.1.4.
logging.syslog.formatparameters for custom log formats.
ResourceTestto allow for enabling/disabling specific Jersey features.
Configurationserializable as JSON.
Stopped lumping command-line options in a group in
Upgraded to Apache HttpClient 4.2.
Improved performance of
ScalaServiceto enable bundle mix-ins.
Upgraded to SLF4J 1.6.6.
Enabled configuration-parameterized Jersey containers.
Upgraded to Jackson Guava 1.9.1, with support for
Fixed error message in
WebApplicationException``s being thrown by ``JerseyClient.
v0.4.0: May 1 2012
Deprecated Log4j usage.
Removed Log4j JSON support.
Switched file logging to a time-based rotation system with optional GZIP and ZIP compression.
Moved request logging to use a Logback-backed, time-based rotation system with optional GZIP and ZIP compression.
Fixed validation errors for logging configuration.
offlogging levels conflicting with YAML’s helpfulness.
Optionalsupport for some JDBC drivers.
Upgraded to Jackson 1.9.6.
Improved syslog logging.
Fixed template paths for views.
Upgraded to Guava 12.0.
Added support for deserializing
CacheBuilderSpecinstances from JSON/YAML.
AssetsBundleand servlet to using cache builder specs.
CachingAuthenticatorto using cache builder specs.
Malformed JSON request entities now produce a
400 Bad Requestinstead of a
500 Server Errorresponse.
Added support for using Guava’s
HostAndPortin configuration properties.
Upgraded to tomcat-dbcp 7.0.27.
Upgraded to JDBI 2.33.2.
Upgraded to HttpClient 4.1.3.
Upgraded to Metrics 2.1.2.
Upgraded to Jetty 8.1.3.
Added SSL support.
v0.3.1: Mar 15 2012
Fixed debug logging levels for
v0.3.0: Mar 13 2012
Upgraded to JDBI 2.31.3.
Upgraded to Jackson 1.9.5.
Upgraded to Jetty 8.1.2. (Jetty 9 is now the experimental branch. Jetty 8 is just Jetty 7 with Servlet 3.0 support.)
Fixed potential encoding bug in parsing YAML files.
NullPointerExceptionwhen getting logging levels via JMX.
Dropped support for
@CacheControlfor resource methods.
AbstractService#getJson()for full Jackson customization.
Fixed formatting of configuration file parsing errors.
ThreadNameFilteris now added by default. The thread names Jetty worker threads are set to the method and URI of the HTTP request they are currently processing.
Added command-line overriding of configuration parameters via system properties. For example,
-Ddw.http.port=8090will override the configuration file to set
ManagedCommand. It was rarely used and confusing.
http.adminPortis the same as
http.port, the admin servlet will be hosted under
/admin. This allows Dropwizard applications to be deployed to environments like Heroku, which require applications to open a single port.
http.adminPasswordto allow for Basic HTTP Authentication for the admin servlet.
Upgraded to Metrics 2.1.1.
v0.2.1: Feb 24 2012
logging.file.timeZoneto control the time zone of the timestamps in the logs. Defaults to UTC.
Upgraded to Jetty 7.6.1.
Upgraded to Jersey 1.12.
Upgraded to Guava 11.0.2.
Upgraded to SnakeYAML 1.10.
Upgraded to tomcat-dbcp 7.0.26.
Upgraded to Metrics 2.0.3.
v0.2.0: Feb 15 2012
Switched to using
jackson-datatype-guavafor JSON serialization/deserialization of Guava types.
Upgraded to Jackson 1.9.4.
Upgraded to Jetty 7.6.0 final.
Upgraded to tomcat-dbcp 7.0.25.
Improved fool-proofing for
Switched to using Jackson for configuration file parsing. SnakeYAML is used to parse YAML configuration files to a JSON intermediary form, then Jackson is used to map that to your
Configurationsubclass and its fields. Configuration files which don’t end in
.ymlare treated as JSON.
Jsonto no longer be a singleton.
dropwizard-testingto use normalized JSON strings to compare JSON.
DatabaseConfiguration. It’s no longer a map of connection names to configuration objects.
Databaseto use the validation query in
HttpConfigurationdefaults to match Jetty’s defaults.
Upgraded to JDBI 2.31.2.
Fixed JAR locations in the CLI usage screens.
Upgraded to Metrics 2.0.2.
Added support for all servlet listener types.
Service#getJerseyContainer, which allows services to fully customize the Jersey container instance.
v0.1.3: Jan 19 2012
Upgraded to Guava 11.0.1.
Fixed logging in
ServerCommand. For the last time.
Switched to using the instrumented connectors from
metrics-jetty. This allows for much lower-level metrics about your service, including whether or not your thread pools are overloaded.
Added FindBugs to the build process.
dropwizard-testing, which uses the Jersey Test Framework to provide full testing of resources.
Upgraded to Jetty 7.6.0.RC4.
Decoupled URIs and resource paths in
Configuration. It allows you to serve Jersey assets off a specific path (e.g.,
AssetServletnow looks for
index.htmwhen handling requests for the root URI.
Upgraded to Metrics 2.0.0-RC0.
v0.1.2: Jan 07 2012
All Jersey resource methods annotated with
@ExceptionMeteredare now instrumented via
Now licensed under Apache License 2.0.
Upgraded to Jetty 7.6.0.RC3.
Upgraded to Metrics 2.0.0-BETA19.
Fixed logging in
v0.1.1: Dec 28 2011
ManagedCommandto provide access to the
Environment, among other things.
JerseyClient’s thread pool managed.
Improved ease of use for
Upgraded to Mockito 1.9.0.
Upgraded to Jetty 7.6.0.RC2.
Removed single-arg constructors for
Log, a simple front-end for logging.
v0.1.0: Dec 21 2011