Bump jetty-http from 11.0.0 to 11.0.5

[dependabot]

Bumps jetty-http from 11.0.0 to 11.0.5.

Release notes

Sourced from jetty-http's releases.

11.0.5

Changelog

• #6392 - Review accidental xml config changes
• #6379 - Reduce contention in all ByteBufferPool implementations
• #6354 - org.slfj dependency imports packages at 2.0
• #6329 - Regression on graceful shutdown default in Jetty 10
• #6302 - Treat empty path segments are ambiguous.
• #4772 - Jetty WebSocket API onMessage annotation does not support partial messages.

11.0.4

Special Thanks to the following Eclipse Jetty community members

• @​tjwatson (Thomas Watson)

Changelog

• #6354 - org.slfj dependency imports packages at 2.0 (@​tjwatson)
• #6347 - session-store-gcloud module broken logging dependency
• #6330 - CustomRequestLog is missing HTTP version format option
• #6305 - Optimise ContextHandler.isProtectedTarget
• #6285 - HTTP2 client: IllegalStateException: Cannot release an already released entry
• #6276 - Support non-standard domains in SNI and X509
• #6268 - Warnings about "unable to parse form content" are not helpful for troubleshooting
• #6118 - Display a warning when Hazelcast configuration does not contain Jetty session serializer
• #6114 - Jetty Deploy scan / symlink behavior is broken
• #6112 - Jetty logging service file leaking to web applications

11.0.3

Changelog

• This release resolves CVE-2021-28169
• #3764 DeprecationWarning Decorator
• #5684 Review disabled tests
• #5798 jetty-runner startup error with jetty-10
• #5817 Provide more filtering for CustomRequestLog
• #6049 Default provider [files] section always executed
• #6084 GzipHandler: NPE in setDeflaterPoolCapacity and setInflaterPoolCapacity
• #6098 jetty-cdi is missing from jetty-bom
• #6099 Cipher preference may break SNI if certificates have different key types
• #6105 HttpConnection.getBytesIn() incorrect for requests with chunked content
• #6106 WebSocket/CDI integration is broken in Jetty 10
• #6125 Do not allow override of jakarta.* container classes by webapps per Servlet 5.0 Section 15.2.1
• #6132 Ambiguous segment in URI in DELETE /a/projects/foo/branches/refs%2Fheads%2Ftest request after upgrade from 10.0.0 to 10.0.2
• #6153 jetty-maven-plugin does not correctly pass JVM arguments for external deployMode
• #6159 Jetty with Conscrypt unable to handle any HTTPS requests when connected by IP rather than hostname.
• #6166 WebSocket MessageInputStream.read() spends a lot of time in ByteBuffer.compact()
• #6205 OpenIdAuthenticator may use incorrect redirect
• #6208 HTTP/2 max local stream count exceeded
• #6224 make jetty-jspc-maven-plugin @threadsafe

... (truncated)

Commits

• 50df216 Updating to version 11.0.5
• d8d7b95 Merged branch 'jetty-10.0.x' into 'jetty-11.0.x'.
• 8774cca Merged branch 'jetty-10.0.x' into 'jetty-11.0.x'.
• 1223bb5 Issue #6354 - fix bad slf4j reference in jetty-osgi-boot-jsp
• 6dea025 Issue #4772 - support partial messages for Jetty WS API annotations (#6357)
• d997a11 Issue #6354 - OSGI manifest for slf4j-api packages lower limit should be 1.7 ...
• 61a30e3 Merge remote-tracking branch 'origin/jetty-10.0.x' into jetty-11.0.x
• 33c1b14 #6379: requeue at the tail to reduce contention + use a simpler concurrent qu...
• b4d7e51 Issue #6302 - Treat empty path segments as ambiguous. (#6304)
• 3648b39 Merge remote-tracking branch 'origin/jetty-10.0.x' into jetty-11.0.x
• Additional commits viewable in compare view

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

---

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

• @dependabot rebase will rebase this PR
• @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
• @dependabot merge will merge this PR after your CI passes on it
• @dependabot squash and merge will squash and merge this PR after your CI passes on it
• @dependabot cancel merge will cancel a previously requested merge and block automerging
• @dependabot reopen will reopen this PR if it is closed
• @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
• @dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
• @dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
• @dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)

[dependabot]

Superseded by #105.