Update dependency io.rest-assured:rest-assured to v5

[renovate]

This PR contains the following updates:

Package	Change	Age	Confidence
io.rest-assured:rest-assured (source)	3.0.0 -> 5.5.6

---

Release Notes

rest-assured/rest-assured (io.rest-assured:rest-assured)

v5.5.6

• Remove deprecated constructors in multipart handling (#​1827) (thanks to Tobias Unger for PR)
• Fix NPE in RequestSpecificationImpl #​1830 (thanks to Boyarshinov Alexander for PR)
• Bump commons-lang3 from 3.16.0 to 3.18.0 (thanks to Ash Skelton for PR)

v5.5.5

• The rest-assured-bom project is back and works

v5.5.4

• The rest-assured-bom project is back

v5.5.3

• Greatly improved csrf support. When applying csrf, it'll automatically forward the cookies to returns from the GET request to the csrf token and apply it to the actual request. These cookies will also be applied to the CookieFilter automatically (if configured) and SessionFilter (if configured). For example:
  given().
  csrf("/login").
  formParam("name", "My New Name").
  when().
  post("/users/123").
  then().
  statusCode(200);

  Now the cookies returned from the GET request to login will be automatically applied to the POST to "/users/123".

  If you have a CookieFilter defined for multiple requests, the cookies returned by GET to /login will be automatically stored in the CookieFilter and used in the second request.

    var cookieFilter = new CookieFilter()
    given().filter(cookieFilter).csrf("/login").formParam("name", "My New Name").when().post("/users/123").then().statusCode(200);
    given().filter(cookieFilter).when().get("/users/123").then().statusCode(200);
  

  You can disable this behavior by setting automaticallyApplyCookies to false the csrf config:
  given().
  config(config().csrfConfig(csrfConfig().automaticallyApplyCookies(false))).
  csrf("/login").
  when().
  ...

v5.5.2

• CookieFilter now supports setting cookies correctly when Apache HTTP Client does internal redirects (when redirects().follow(true) is set).
• Upgrading kotlin module to use Kotlin 2.2.1
• Downgrading scale module to version 3.3.3 (LTS version) (thanks for Carlos Eduardo for PR)

v5.5.1

• Use Long in maxAge(Matcher<? super Integer> maxAgeMatcher) (thanks to julianladisch for PR)
• Fix so that GZIP doesn't become gzıp for Turkish environments (thanks to rdmrtn for PR)
• Upgraded jakarta.jakartaee-web-api to version 10.0.0 (#​1800)

v5.5.0

• Removing custom validation of pathParams in the mock-mvc module and instead rely on the Spring implementation(issue 1782) (thanks to taeyeon-Kim for pull request)

• Fixing "Error java.lang.NoSuchMethodError for HttpMethod.resolve()" in mock-mvc module (issue 1760) (thanks to d0vi for pull request)

• Fix #​1707: SVG file upload - fatal error :1:1: content is not allowed in prolog (#​1777) (thanks to Byounghee kim for pull request)

• Fix #​1773: Remove check for response HTTP status code. (thanks to macmon for pull request)

• Introducing the "scala-extensions" module for Scala 3 (#​1770). This means that you can write tests like this in Scala 3:

  @​Test
  def extraction with rest assured scala extensions: Unit =
  val message: String = Given(req =>
  req.port(7000)
  req.header("Header", "Header")
  req.body("hello")
  )
  .When(
  _.put("/the/path")
  )
  .Extract(
  _.path("message")
  )
  assertThat(message).isEqualTo("Hello World")
  (thanks to Carlos Eduardo for pull request)

• Remove deprecated Content-Transfer-Encoding from multipart post headers (#​1762) (thanks to Michal Trna for pull request)

• Fixed pathParams double encoding in mock-mvd module (#​1756) (thanks to Dmitry Kaukov for pull request)

• Upgraded Groovy from version 4.0.16 to 4.0.22

• Upgraded Jackson from version 2.14.3 to 2.17.1

• Upgraded kotlin extension module to use Kotlin 2.0.0 (previously 1.9.20 was used)

• Upgraded Guava library from 32.0.1-jre to 33.2.1-jre

v5.4.0

• Properly parse primitive JSON values (thanks to Jörg Eichhorn for pull request)
• Upgraded Groovy from 4.0.10 to 4.0.16
• Introduce spring-web-test-client-kotlin-extensions (#​1731) (thanks for TheDevLuffy for pull request). This means that if you depend on: org.restassured:spring-web-test-client-kotlin-extensions:<version> you can write code like this for Spring WebTest client:
  val id: Int =
  Given {
  webTestClient(webTestClient)
  param("name", "Johan")
  } When {
  get("/greeting")
  } Then {
  body(
  "id", Matchers.equalTo(1),
  "content", Matchers.equalTo("Hello, Johan!")
  )
  } Extract {
  path("id")
  }
• Fix 1746: JsonPath: wrong result and exception when jsonPath partly evaluates to string/boolean/number (#​1747) (thanks to Oleksandr Kulychok for pull request)
• Add support for negative indexes in JsonPath (thanks to Oleksandr Kulychok for pull request). This means that you can now do e.g. String object = JsonPath.from("").getString("[-1].email");
• Upgraded Kotlin from 1.9.10 to 1.9.21

v5.3.2

• Add onFailMessage into validatable response (#​1724). This means that you can use onFailMessage after then like: when().get("/somewhere").then().onFailMessage("My fail message").statusCode(200); (thanks to Ilya Koshaleu for pull request)
• Added support for path parameters methods in RestAssuredMockMvc (#​1723) (thanks to Jefersom Martins for pull request)
• Make header blacklisting case-insensitive (#​1722) (thanks to Bekh-Ivanov Aleksey for pull request)
• Blacklisted headers added to LogConfig are now case-insensitive by default
• Fixed so that testing multipart data request along with passing path parameters doesn't fail anymore in RestAssuredMockMvc (#​1673) (thanks to Andrey Demin for pull request)
• Improved compatibility issues with newer version of Spring Security
• Upgraded kotlin from 1.8.22 to 1.9.10
• Upgraded scala to 2.12.18

v5.3.1

• Upgraded Guava library to 32.0.1-jre
• Fixed "Unexpected logic in PathSupport.getPath" (issue 1682) (thanks to fucct for pull request)
• Fixed "Not able to POST xml file using Inpustream" (issue 1160) (thanks to Balasaravanan for pull request)
• Fixed "MockMvcRequestSenderImpl convertCookies function is not copying the httpOnly, sameSite and expires from the servletCookies into the cookieBuilder" (issue 1462) (thanks to Justin Tay for pull request))
• Fixed "Accept cookies that have an expiration date" (issue 1430) (thanks to Stéphane Épardaud for pull request)
• Upgraded the Kotlin extension module to use Kotlin 1.8.22
• Upgraded Groovy to 4.0.11
• Upgraded faster jackson to 2.14.3
• Upgraded Hamcrest to 2.2

v5.3.0

• Added (much) improved support for CSRF tokens when sent as a header and not in a form
• Enable the use of relaxedHTTPSValidation with two-way ssl (issue #​1631) (thanks to Mathieu Amblard for pull request)
• Lastest Spring Framework 6 is now supported again (thanks to Marcin Grzejszczak for pull request)
• Removed content assignment from asPrettyString() (thanks to Bartłomiej Chabowski for pull request)
• Allow contentType() to accept Spring MediaType in Spring MockMvc module (thanks to Hantsy Bai for pull request)
• Upgraded kotlin from 1.7.10 to 1.7.20 in the kotlin module
• Upgraded groovy from 4.0.1 to 4.0.6
• Updated jackson from version 2.13.2 to 2.13.4

v5.2.1

• Lastest Spring Framework 6 is now supported again (thanks to Marcin Grzejszczak for pull request)

v5.2.0

• Improved FilterContext used in Filters by adding the method FilterContext#hasValue(name, object). This makes it easier to check if a value exists and is equal to the expect object.

• Introducing a much improved CSRF (cross-site request forgery) support. For example:
  given().
  csrf("/users").
  formParm("firstName", "John").
  formParm("lastName", "Doe").
  when().
  post("/users").
  then().
  statusCode(200);

  This will first make a GET request to /users (due to csrf("/users")) to get an HTML page that contains the CSRF token.
  Rest Assured will then automatically try to find the input field that contains the CSRF token and include in the POST to /users.

  Here's an example of what Rest Assured expects as a response for the GET request to /users:

  <title>Add User</title>

  First Name:
  Last Name:

  The csrf input field name is called "_csrf", and it'll be automatically detected by REST Assured.

• Fixed so that form authentication takes CSRF into account. The previous form authentication CSRF implementation didn't really work (sorry!).
  Now you can combine csrf with form authentication and it actually works as expected! Note that for requests other than GET or HEAD,
  you need to specify both form authentication and csrf, e.g.

  given().
  csrf("/users").
  formParm("firstName", "John").
  formParm("lastName", "Doe").
  auth().form("j_spring_security_check", "j_username", "j_password").
  when().
  post("/users").
  then().
  statusCode(200);

  The reason for this is that the server returns a new CSRF token per request. So after the login request (with will use the CSRF token from the login page),
  REST Assured needs to make an additional GET request to /users to get a new CSRF token. This token will then finally be supplied with the "POST" request
  to "/users".

• Adds support for Multipart upload via http PATCH method (thanks to Madis Liias for pull request)

• Upgraded kotlin module to using Kotlin 1.7.10 (previously 1.6.21 was used)

v5.1.1

• Added support for Spring Framework 6.0 in Spring WebClientTest module
• Overwrite responseLogDetail when merging ResponseSpecificationImpl (issue 1493) (thanks to petur for pull request)
• Fix: rootPath does not allow chaining paths with leading operators (issue 1577) (thanks to Roman Mitasov for pull request)
• Fix: body(InputStream) does not work (issue 1480) (thanks to fedinskiy for pull request)
• Fix: jsonPath - return null if list(array) does not exists in input document (issue 1544) (thanks to Oleksandr Kulychok for pull request)
• Fix: Re-added groovy package to package imports for OSGi support (issue 1567) (thanks to Steven Huypens for pull request)
• Fix: class cast exception in RequestPrinter with byte[] body (thanks to Andreas Grub for pull request)
• Upgraded gson from 2.6.2 to 2.9.0

v5.1.0

• Upgrading kotlin to 1.6.21
• Moved package io.restassured.assertion to io.restassured.internal.assertion since the classes in this package should be internal.
  Not all files have been moved yet, but refactoring will continue in the next release.
• Added support for Spring Framework 6.0 and Jakarta API's in Spring MockMvc module.

v5.0.1

• Fixed so that with RestAssuredHttpBuilder no longer requires ResponseSpecificationImpl but rather a FilterableResponseSpecification

v5.0.0

• Breaking change: REST Assured now builds on Groovy 4!
• Excluded example projects from rest assured bom file (issue 1546)
• Updated jackson from version 2.11.1 to 2.13.2 (issue 1555)

v4.5.1

• Fixed a bug in ObjectMapper that required JAXB/JakartaEE when this was not intended (issue 1542)

v4.5.0

• JAXB is now an optional dependency for XmlPath and is now longer required. Depend on 'jakarta.xml.bind:jakarta.xml.bind-api:2.3.3' and 'com.sun.xml.bind:jaxb-impl:2.3.3'

• Implemented support for serializing and deserializing with Jakarta EE 8 and 9. To use it you need to have Jakarta EE on the classpath, for example by depending on 'jakarta.xml.bind:jakarta.xml.bind-api:3.0.1' and 'org.glassfish.jaxb:jaxb-runtime:3.0.2'.

• Upgraded groovy from 3.0.8 to 3.0.9 (thanks to sullis for pull request)

• Added support for adding multiple LogDetails to the RequestLoggingFilter. You can now do e.g.:

  given().filter(RequestLoggingFilter.with(LogDetail.METHOD, LogDetail.HEADERS, LogDetail.BODY)).when(). ..

  Thanks to lucasnguyen17 for pull request.

• Fix default implementation of deprecated method detachRoot (#​1503) (thanks to Guillaume Boucherie for pull request)

• Add on fail message builder for response specification (#​1502). This means that you can no do:
  when().
  get().
  then().
  onFailMessage("Some specific message").
  statusCode(200);
  The "onFailMessage" will be shown in the error. This is good if you want to e.g. distinguish more easily between tests if they fail. (thanks to Victor Borovlev for pull request)

• Allow parsing responses with cookies that has numbers out of signed decimal range (#​1069). This is a backward incompatible change if you're using the maxAge on "DetailedCookie" which now takes a long instead of an int. (thanks to Michał Radomyski for pull request)

• Upgraded the kotlin extension module to use Kotlin 1.6.10 instead of 1.5.0

• Introduced a rest-assured bom project for maven. Depend on 'io.rest-assured:rest-assured-bom:4.5.0' to use it. The bom contains configuration details for the rest-assured project that imports the correct dependencies (and versions) and to build your project. (thanks to George Gastaldi for pull request)

• Added "noContentType()" method to RequestSpecification which allows you to remove the content-type from the request if needed. For example:
  given().
  noContentType().
  when().
  post("/somewhere").
  then().
  statusCode(200);
  (issue 1516)

• Removed accidental import of jdk.nashorn.internal.runtime.JSType.UNDEFINED_LONG from the Cookie class

v4.4.0

• Upgrading kotlin extension module to use Kotlin 1.5.0 (previously 1.4.21 was used)

• Upgrading commons-io from 2.4.0 to 2.8.0

• Apache http client is upgraded from 4.5.3 to 4.5.13 (thanks to Daniel Reissenberger for pull request)

• Improved oauth compatibility with new http client

• Fixed a bug in EncoderConfig where user configured was accidentally set to true in default constructor

• Non-backward compatible change: REST Assured will no longer add "charset=utf-8" by default to application/json content-type's since this is not recommended by RFC 7159.
  REST Assured will still automatically encode content as UTF-8, it's just that the charset is not added. To revert to the old behavior do:

  RestAssured.config(RestAssured.config().encoderConfig(EncoderConfig.encoderConfig().defaultCharsetForContentType("UTF-8", "application/json")))

  or specify the charset explicitly in the request:

  given().contentType(ContentType.JSON.withCharset(UTF_8)). ..
  (thanks to Michal Domagala for initial pull request)

• Added MULTIPART to as an option ContentType (thanks to Yusuf Tayman for pull request)

• Upgraded groovy from 3.0.7 to 3.0.8

v4.3.3

• Upgrading kotlin extension module to use Kotlin 1.4.21 (previously 1.4.10 was used)
• Upgraded groovy from 3.0.6 to 3.0.7
• Ensure subclasses of ResponseOptions do not break Prettifier (#​1425) (thanks to Sam Neirinck for PR)

v4.3.2

• Upgrade json-schema-validator to 2.2.14 (issue 1397) (thanks to Guillaume Smet for PR)

• Upgrading apache commons lang3 from 3.4 to 3.11.

• Added asPrettyString method to ResponseBody (issue 1395) (thanks to GithubMood for PR)

• Describe non matching actual method with Hamcrest matcher format (issue 1387) (thanks for Ivo Šmíd for PR)
  Before you could run into cryptic error messages such as:

  JSON path values.pi doesn't match.
  Expected: <3.14>
  Actual: 3.14
  

  Now, you see this instead:

  JSON path values.pi doesn't match.
  Expected: <3.14>
  Actual: <3.14F>
  

• Upgraded groovy from 3.0.3 to 3.0.6

• Upgrading Kotlin extension module to use Kotlin 1.4.10 (previously 1.3.72 was used)

v4.3.1

• Upgrading Kotlin extension module to use Kotlin 1.3.72 (previously 1.3.70 was used)
• Upgraded Groovy from 3.0.2 to 3.0.3
• Upgraded spring-security-core from 4.2.13.RELEASE to 4.2.17.RELEASE
• Fixed content type name before charset recognition (issue 1341) (thanks to jekanik for pull request)
• Removes dependencies javax.activation, com.sun.activation and org.apache.sling.javax.activation in favor of jakarta.activation (thanks to Geoffrey De Smet for pull request)
• Upgraded jackson-module-kotlin and jackson-core from 2.10.2 to 2.11.1

v4.3.0

• Upgraded from Groovy 2.5.7 to Groovy 3.0.2
• Upgrading Kotlin extension module to use Kotlin 1.3.70 (previously 1.3.50 was used)
• Fixed so that DecoderConfig is properly set and used in the response in the Spring MockMvc module (thanks to dawiking for pull request)
• Fix jsonb serialization method in JsonbMapper (issue 1274) (thanks to Matthias for pull request)
• Fixed so that the predefined ResponseAwareMatchers "endsWithPath" and "startsWithPath" supports checking number properties
• Allow multipart uploads using PUT with Spring MockMvc (thanks to Ankit Tomar for pull request)
• Allow configuring CookieFilter (by using a new overloaded constructor) whether or not it should be allowed to specify multiple cookies with the same name (thanks to Ivo Šmíd for pull request)

v4.2.1

• Backport of: Fix content type name before charset recognition (#​1341)

v4.2.0

• Jakarta EE API: switch from javax.xml.bind:jaxb-api to jakarta.xml.bind:jakarta.xml.bind-api (issue 1228) (thanks to Sanne Grinovero for pull request)

• Ignore unsupported by scripbejava verbs (thanks to Corneliu Duplachi for pull request)

• Add support for SameSite in Cookie (issue 1255) (thanks to Andreas Jonsson for pull request)

• Upgrading jackson2 from version 2.10.0 to 2.10.2

• Introduced the spring-mock-mvc-kotlin-extensions project which allows a nicer experience for Kotlin developers using the spring-mock-mvc module. This allows one to write tests like this:

  class RestAssuredMockMvcKotlinExtensionsTest {

    @​Test
    fun example() {
        val mockMvc =
            MockMvcBuilders.standaloneSetup(GreetingController())
                .build()
  
        val id: Int =
        Given {
            mockMvc(mockMvc)
            param("name", "Johan")
        } When {
            get("/greeting")
        } Then {
            body(
                "id", Matchers.equalTo(1),
                "content", Matchers.equalTo("Hello, Johan!")
            )
        } Extract {
            path("id")
        }
  
        assertThat(id).isEqualTo(1)
  

  }

  (thanks to Myeonghyeon-Lee for pull request)

• Added a new object mapper type that supports the Jakarta EE JSON Binding (JSON-B) specification. By default it will use Eclipse Yasson as the JSON-B implementation. To use it simply include

  org.eclipse yasson ${yasson.version}

  in your classpath and then configure REST Assured to use it as its default ObjectMapperType:

  RestAssured.config = RestAssured.config.objectMapperConfig(ObjectMapperConfig.objectMapperConfig().defaultObjectMapperType(ObjectMapperType.JSONB));

  (thanks to Andrew Guibert for pull request)

• Added ability to blacklist headers so that they are not shown in the request or response log. Instead the header value will be replaced with "[ BLACKLISTED ]". You can enable this per header basis using the LogConfig:

  given().config(config().logConfig(logConfig().blacklistHeader("Accept"))). ..

  The response log will the print:

  Request method: GET
  Request URI: http://localhost:8080/something
  Proxy:
  Request params:
  Query params:
  Form params:
  Path params:
  Headers: Accept=[ BLACKLISTED ]
  Cookies:
  Multiparts:
  Body:

  (thanks to Simone Ivan Conte for the help)

v4.1.2

• The properties in a JSON document now preserves the order in which they are received (thanks to contextshuffling for pull request).
• Added "When" method to Kotlin extensions API for consistency. This means that you can now call "When" directly without using "Given":
  When {
  get("/greeting")
  }
• Fixed so that it's possible to extract values after body validations in the Kotlin extensions API (issue 1212)
• Upgrading jackson2 from version 2.9.9 to 2.10.0
• Upgraded Groovy from version 2.5.6 to 2.5.8
• Support for Java 13 (enabled by groovy upgrade)

v4.1.1

• Upgraded jaxb-api from 2.2.12 to 2.3.1
• Upgraded jaxb-osgi from 2.2.10 to 2.3.0.1

v4.1.0

• Upgraded jackson2 from version 2.9.8 to 2.9.9 because of security issue in jackson-databind 2.9.8

• The ResponseBuilder now sets a default RestAssuredConfig instance when building responses from scratch. This is needed for example if extracting path's from the response.

• Added a Kotlin module that contains Kotlin extension functions that makes REST Assured nicer to work with from Kotlin. Depend on:

  io.rest-assured kotlin-extensions ${rest-assured.version} test

  and then import "Given" from the "io.restassured.module.kotlin.extensions" package. You can then use it like this:

  val message: String =
  Given {
  port(7000)
  header("Header", "Header")
  body("hello")
  } When {
  put("/the/path")
  } Then {
  statusCode(200)
  body("message", equalTo("Another World"))
  } Extract {
  path("message")
  }

  Besides a more pleasing API for Kotlin developers it also has a couple of major benefits to the Java API:

  1. All failed expectations are reported at the same time
  2. Formatting the code in your IDE won't mess up indentation

  (issue 609)

• No longer depending on hamcrest-core or hamcrest-library, instead the hamcrest module is used directly.

• The scala support module has been upgraded to use Scala 2.13.0 (previously 2.12.7 was used)

• RequestSpecBuilder no longer sets 8080 port for non localhost uri (issue #​1197) (thanks to dr29bart for pull request)

v4.0.0

• Fix duplication of content type in the Spring MockMvc module (thanks to Gemini Kim for pull request)
• Fixed issue with overwriting FailureConfig on settings other configs (#​1127) (thanks to Victor Orlovsky for pull request)
• Added version range for the Groovy dependency for the osgi module to be between 2.4 and less than 2.5. This is because the API has changed in Groovy 2.5. (thanks to Rikske54 for pull request)
• Fixed so that using a ResponseSpecBuilder doesn't overwrite the configured config implicitly (issue 1128)
• Add Apache Johnzon object mapper support (thanks to Andriy Redko for pull request)
• Add support for MatcherConfig in RestAssuredMockMvcConfig (#​1071) (thanks to Jurriaan Pruijs for pull request)
• Supported for logging when assertion errors thrown from internal matcher #​1129 (thanks to Gemini Kim for pull request)
• Fixed so that there no longer are multiple versions of org.springframework:spring-web:jar, leading to inconsistent semantic behaviors (#​1143) (thanks to HelloCoCooo for pull request)
• Fixed issues with the use of maven-bundle-plugin which created duplicate classes in the distributed jar-files (#​1117) (big thanks to Milen Dyankov, Steven Huypens and Mark Kolich for the help!)
• Breaking changes introduced when solving #​1117:
  • io.restassured.mapper.TypeRef has been moved to io.restassured.common.mapper.TypeRef
  • io.restassured.mapper.DataToDeserialize has been moved to io.restassured.common.mapper.DataToDeserialize
  • io.restassured.mapper.ObjectDeserializationContext has been moved to io.restassured.common.mapper.ObjectDeserializationContext
  • io.restassured.mapper.factory.GsonObjectMapperFactory has been moved to io.restassured.path.json.mapper.factory.GsonObjectMapperFactory
  • io.restassured.mapper.factory.Jackson1ObjectMapperFactory has been moved to io.restassured.path.json.mapper.factory.Jackson1ObjectMapperFactory
  • io.restassured.mapper.factory.Jackson2ObjectMapperFactory has been moved to io.restassured.path.json.mapper.factory.Jackson2ObjectMapperFactory
  • io.restassured.mapper.factory.DefaultGsonObjectMapperFactory has been moved to io.restassured.path.json.mapper.factory.DefaultGsonObjectMapperFactory
  • io.restassured.mapper.factory.DefaultJackson1ObjectMapperFactory has been moved to io.restassured.path.json.mapper.factory.DefaultJackson1ObjectMapperFactory
  • io.restassured.mapper.factory.DefaultJackson2ObjectMapperFactory has been moved to io.restassured.path.json.mapper.factory.DefaultJackson2ObjectMapperFactory
  • io.restassured.mapper.resolver.ObjectMapperResolver has been moved to io.restassured.common.mapper.resolver.ObjectMapperResolver
  • io.restassured.exception.PathException has been moved to io.restassured.common.exception.PathException
• Removed deprecated methods:
  • io.restassured.RestAssured
    • withArguments
    • withNoArguments
  • io.restassured.builder.ResponseSpecBuilder
    • expectContent
  • io.restassured.builder.RequestSpecBuilder
    • setContent
    • addParameters
    • addParameter
    • addQueryParameters
    • addQueryParameter
    • addFormParameters
    • addFormParameter
    • addPathParameter
    • addPathParameters
    • setAuthentication
  • io.restassured.specification.ResponseSpecification
    • content
    • specification
  • io.restassured.specification.RequestSpecification
    • content
    • formParameters
    • formParameter
    • pathParameter
    • pathParameters
    • authentication
    • specification
    • parameters
    • parameter
    • queryParameter
    • queryParameters
• Deprecations
  • Deprecated all short versions of "root", for example "root(..)", "appendRoot(..)", "detachRoot(..)". Use "rootPath(..)", "appendRootPath(..)", "detachRootPath(..)" instead. This was introduced for better consistency and clearer intention..
  • JsonPath#setRoot(..) - Use JsonPath#setRootPath(..) instead
  • XmlPath#setRoot(..) - Use XmlPath#setRootPath(..) instead
• Rest Assured now requires Java 8 (previously Java 6 was required)
• Removed io.restassured.function.RestAssuredFunction - use java.util.function.Function instead
• Made io.restassured.matcher.ResponseAwareMatcher a proper annotated functional interface
• Made io.restassured.filter.Filter a proper annotated functional interface
• Made io.restassured.listener.ResponseValidationFailureListener a proper annotated functional interface
• Made io.restassured.module.mockmvc.intercept.MockHttpServletRequestBuilderInterceptor a proper annotated functional interface
• Made io.restassured.path.json.mapping.JsonPathObjectDeserializer a proper annotated functional interface
• Upgraded Groovy dependency from 2.4.15 to 2.5.6
• Removed io.restassured.response.ValidatableResponseOptions#specification(..), use io.restassured.response.ValidatableResponseOptions#spec instead
• Removed io.restassured.response.ValidatableResponseOptions#content(..), use io.restassured.response.ValidatableResponseOptions#body(..) instead
• Upgraded Hamcrest from version 1.3 to 2.1
• Made it possible to specify a multi-expectation body with arguments. For example:
  when().
  get("/jsonStore").
  then().
  rootPath("store.book.find { it.author == '%s' }").
  body(
  "price", withArgs("Nigel Rees"), is(8.95f),
  "price", withArgs("Evelyn Waugh"), is(12.99f)
  );
  (issue #​1154)
• MockMvc module now supports using MediaType for Accept header value (issue #​1142). Thanks to Gemini Kim for pull request.
• Support for using "HttpStatus" when validating response status when using MockMvc module. Thanks to Gemini Kim for pull request.
• MockMvc module now supports using MediaType for Accept header in WebTestClientRequest. Thanks to Gemini Kim for pull request.
• Upgraded spring-webmvc dependency from version 4.3.19.RELEASE to 4.3.23.RELEASE (issue #​1161)

v3.3.0

• Upgraded json-schema-validator from version 2.2.6 to 2.2.10 (thanks to thorin for pull request)

• Added io.restassured.mapper.TypeRef class that allows you to deserialize the response to a container with generic type. For example:
  List<Map<String, Object>> products = get("/products").as(new TypeRef<List<Map<String, Object>>>() {});
  Currently this only works for JSON :(

• Add logging functionality to the ResponseSpecBuilder, i.e. you can now do:
  ResponseSpecification spec = new ResponseSpecBuilder().log(LogDetail.ALL).build();
  (issue 579). Thanks to Aleksandr Podkutin for pull request!

• httpmime dependency is updated to version 4.5.3 and is now consistent with httpclient (thanks to Rüdiger Herrmann for pull request).

• Updated commons-fileupload from 1.3.1 to 1.3.3 to fix security issues

• Added a new artifact, rest-assured-all, which you can depend on instead of rest-assured to avoid split packages in Java 9+. (thanks to Tomasz Gaweda for pull request)

• Introduces custom listeners on test validation failures. This makes it possible to hook into Rest Assured and get a callback when the test fails with full access to the request/response specification
  as well as the response. You can do this by implementing the "io.restassured.listener.ResponseValidationFailureListener" and add it to the new "FailureConfig". For example:

  given().config(RestAssured.config().failureConfig(failureConfig().with().failureListeners((requestSpec, responseSpec, response) -> log.info("Rest Assured validation failed!")).when(). ..
  

  (issue 1093) (thanks to Daniel Dyląg for pull request).

v3.2.0

• Added OSGi support (thanks to ponziani for pull request)
• Make it clear that junit is only a test scope dependency (thanks to Eric Pabst for pull request)
• Changed MockMvcParamConfig.attributeUpdateStrategy() to actually return the attributeUpdateStrategy and not the formParamsUpdateStrategy.
• Added a spring-web-test-client module which let's you unit test Spring Webflux Controllers using the REST Assured DSL. Depend on artifact id "spring-web-test-client" using group id "io.rest-assured" from Maven to use it. Then use io.restassured.module.webtestclient.RestAssuredWebTestClient to get started (thanks to Olga Maciaszek-Sharma for pull request)
• Upgraded to from Groovy 2.4.12 to 2.4.15
• Upgraded Scala from version 2.11.12 to 2.12.7, this also means that the Scala support module now requires Java 8.
• Rest Assured now requires Java 6 (previously Java 5 was required).
• Moved XmlAssertion from io.restassured.assertion package to io.restassured.internal.path.xml since it's an internal class (issue 1051)

v3.1.1

• Ensure RequestSpecBuilder picks up static config (issue 1012). (thanks to Peter Major for pull request)
• Support multiple 'Set-Cookie' headers in a response (issue 1016). (thanks to runtarinn for pull request)
• Fixed OAuth 1 for GET requests (thanks to Corneliu Duplachi for pull request)
• Add detailed cookie matching to RequestSpecBuilder (thanks to Peter Major for pull request)
• Add File Size to InputStreamEntity (issue 988) (thanks to vjykumar for pull request)
• Properly encodes JSON from InputStream (issue 1040) (thanks to Maksymilian Pawlak for pull request)
• Implemented ability to add headers to a multipart using the MultiPartSpecBuilder

v3.1.0

• Fixed generics handling of the detailed cookie matcher (thanks to Rafał Siwiec for pull request)

• Now using Type instead of Class in the API for mapping to Java Objects. For users of the REST Assured API the change is most prominent in the
  "ResponseBodyExtractionOptions" interface where the "as" method now takes a "java.lang.Type" instead of "java.lang.Class". This should not cause
  any backward incompatibilities. However this change also applies to ObjectMapperFactory's where there is a chance of backward incompatibilities
  to arise. For example if you previously had a custom JAXBObjectMapperFactory that looked like this:

  public class MyJAXBObjectMapperFactory implements JAXBObjectMapperFactory {
  public JAXBContext create(Class cls, String charset) {
  ...
  }
  }

  you now need to change it to:

  public class MyJAXBObjectMapperFactory implements JAXBObjectMapperFactory {
  public JAXBContext create(Type cls, String charset) {
  ...
  }
  }

  (note the change from Class to Type). This was needed for swagger integration (issue 980). (thanks to Victor Orlovsky for pull request)

• Add better integration for standard HTTP methods with Apache HttpClient which also solves an issue content-type header being generated for empty GET requests (issue 974) (thanks to Daniel Dyląg for pull request)

• No longer using DEF_CONTENT_CHARSET from Apache HttpClient since it caused compatibility issues (issue 757)

• Fix for #​979 Removing Authorization header when setting auth().none() (issue 979) (thanks to jovanovicivan for pull request)

• Fixed so that header equals is case-insensitive (issue 999) (thanks to Todd Bradley for pull request)

• Allow querying (extracting values out of) a request specification using the io.restassured.specification.SpecificationQuerier. For example:
  RequestSpecification spec = ...
  QueryableRequestSpecification queryable = SpecificationQuerier.query(spec);
  String headerValue = queryable.getHeaders().getValue("header");
  String param = queryable.getFormParams().get("someparam");

• Fixed so that it's possible to specify arguments to root paths in multi expectation blocks such as:
  get("/jsonStore").then()
  .root("store.book.find { it.author == '%s' }.price")
  .body(
  withArgs("Nigel Rees"), is(8.95f),
  withArgs("Evelyn Waugh"), is(12.99f),
  withArgs("Herman Melville"), is(8.99f),
  withArgs("J. R. R. Tolkien"), is(22.99f)
  );

• It's now possible to automatically include additional input fields when using form authentication. Just use the FormAuthConfig and specify the additional values to include using:
  given().auth().form("username", "password", formAuthConfig().withAdditionalFields("firstInputField", "secondInputField"). ..
  REST Assured will automatically parse the HTML page, find the values for the additional fields and include them as form parameters in the login request.

v3.0.7

• CookieFilter now conforms to RFC6265 standard by only copying expected cookies instead of all (thanks to Maciej Ciszewski for pull request) (issue 956).
• Prettifier can now prettify empty xml body (issue 960)
• Introduced a "detailed cookie matcher" that allows you to verify more detailed aspects of a cookie, for example:
  given().
  get("/multiCookie").
  then()
  cookie("cookie1", detailedCookie().maxAge(1234567));
  (thanks to Rafał Siwiec for pull request)

v3.0.6

• Upgraded to Groovy 2.4.12
• REST Assured now works on Java 9

v3.0.5

• Reverted the API to take String instead of CharSequence again since this change introduced an accidental breaking change by not being binary compatible (only source compatible).

v3.0.4

• Changed API to take CharSequence instead of String. For example the "get" method in when().get("/something").. now takes a CharSequence instead of String (issue 858) (thanks to weaselmetal for pull request)
• Fixed so that assertions on content type with a ContentType.BINARY argument don't fail for binary content (issue 861) (thanks to Grégory Fouquet for pull request)
• Fixed an issue with two-way SSL whose root cause was Apache HTTP Client v4.5.2. Upgrading to 4.5.3 solved the issue (thanks to Ryan Tighe for pull request)
• Added support for ntlm authentication (issue 869) (thanks to Pawel Cesar Sanjuan Szklarz for pull request)
• Better support for empty GZIP responses (thanks to Sergey Trasko for pull request)
• Treat text/json as JSON content type (thanks to Ionuț Păduraru for pull request)
• RestAssured.oauth2("accessToken") now uses PreemptiveOAuth2HeaderScheme instead of OAuth2Scheme
• Added body params in OAuthRequest (issue 868) (thanks to Corneliu Duplachi for pull request)
• Set authentication once to set in SecurityContextHolder and Principal in method parameter in the MockMvc module (thanks to Leonard Siu for pull request)
• Allow passing multi-parts with content-types not starting with "multipart/" but also containing "multipart+" such as "application/x-hub-multipart+xml" (issue 919)

v3.0.3

• Fixed issue with multi-word parameters that were treated as a list (issue 787) (thanks to britka for pull request)
• Merges cookies of HttpServletResponse additionally to the Set-Cookie header (issue 791) (thanks to Andreas Gerstmayr for pull request)
• Removed second negative from exception message "... no supported Content-Type was not specified... " (thanks to Mark N Broadhead for pull request)
• Fixing EOFException for empty GZIP responses (issue 814)
• Update groovy version to fix memory leaks (issue 735) (thanks to Nikolai Gladkov for pull request)
• Improved cookie expiry parsing (issue 563) (thanks to Martin Aun for pull request)
• Improved multipart log output to make it prettier (thanks to Andrey Smirnov for pull request)
• Ignores spacing between content type and charset when validating content types (issue 804)
• Allow specifying default charset (only applicable when HttpMultipartMode is not STRICT) that'll be used when sending multiparts (issue 844)

v3.0.2

• Don't join root and path with '.' if path starts with array indexing (thanks to feshbach for pull request)
• Updated SSLConfig to allow keystore and truststore passwords to differ (thanks to mike42 for pull request)
• SSLConfig#getKeyStore() was returning trustStore rather than keyStore (thanks to mike42 for pull request)
• Added ability to get Cookies as a list (using Cookies#asList)
• Added new functionality to filters that allows removing and replacing headers and cookies.
• Fixed so that form parameters (i.e. String-values) does get merged correctly with the multipart parameters (issue 762) (thanks to Klaus Dorninger for pull request)
• Fixed so that the boundary of a request is set explicitly in the "Content-Type" header of the request (issue 762) (thanks to Klaus Dorninger for pull request)
• Fixed error message thrown by RestAssuredMockMvc that hinted at using the regular RestAssured API instead of the MockMvc variant (thanks to Toshiaki Maki for pull request)
• Fixed mismatch description from Hamcrest Matcher that previously was ignored for status codes (thanks to Javier Romero for pull request)
• Added support for ordered filters. Implement the io.restassured.filter.OrderedFilter interface and specify the precedence (thanks to jcravi for initial pull request).
• Fixed so that you can download binary data with the RestAssuredMockMvc module (thanks to Sergey Bespalov for pull request)
• Improved exception message when there's no supported (de-)serialization library in classpath (issue 788)

v3.0.1

• Fixed issues with colliding keys in multi-expectations for body and header validations. For example if "/x" returns the JSON { "x" : 2 } this would (previously) not throw an assertion error:
  when().
  get("/x").
  then().
  body("x", greaterThan(1),
  "x", equalTo(5),
  "x", lessThan(3));
  The reason was the only the last first and last "x" expectation were taken into account (issue 714).
• Removed log.warn(..) messages from internal classes (issue 715)
• Cookie attributes are no longer sent in request in accordance with RFC6265. Thanks to Maciej Gawinecki for pull request. (issue 720)
• Mismatch description from TypeSafeDiagnosingMatcher is no longer ignored for when validating cookies. Thanks to Maciej Gawinecki for pull request. (issue 717)
• REST Assured no longer forces the use of the platform charset when parsing JSON as string when combined with expectations (issue 728)
• Don't append '.' to root path if given path starts with array indexing. Thanks to Tobias Johansson for pull request (issue 727).
• Removed the need for the cookie max age value to be greater than or equal to -1 (issue 732).
• Fixed memory leak in JSONAssertion. Big thanks to Andrey for pull request and investigation (issue 735).
• Releasing loaded classes in XmlAssertion after expression evaluation to reduce memory foot print.

---

Configuration

📅 Schedule: Branch creation - At any time (no schedule defined), Automerge - At any time (no schedule defined).

🚦 Automerge: Disabled by config. Please merge this manually once you are satisfied.

♻ Rebasing: Whenever PR becomes conflicted, or you tick the rebase/retry checkbox.

🔕 Ignore: Close this PR and you won't be reminded about this update again.

---

• If you want to rebase/retry this PR, check this box

---

This PR was generated by Mend Renovate. View the repository job log.