The use of this HashMap looks very spooky, but let's at least use
finalize when cleaning them up on destruction to make things slightly
less dangerous looking.
Instead of clamping to the limits allowed by ISOYearMonthWithinLimits,
clamp to the limits allowed by the type we are converting to (i32). This
allows some callers to then reject years outside that range.
In the UTF-8 implementation, this prevents out-of-bounds access of the
underlying text data, as the ICU macro would essentially do something
akin to `text[text.length()]`.
The UTF-16 implementation already checks for out-of-bounds, but would
previously return 0. We now return an empty Optional in both impls. This
doesn't affect LibJS (the user of the UTF-16 impl), as it already does
bounds checking before invoking LibUnicode APIs.
While investigating an issue with Unicode::Segmenter (the result of
which is passed to functions in this file), this missing include was
causing clangd to be unable to find non-virtual implementations.
This commit begins to implement the track processing model. When the
`src` attribute is updated, we now fetch the given source file.
Currently, we always fire an `error` event once fetching is completed,
as we don't support processing the fetched data.
Invalidation for adopted style sheets was broken because we had an
assumption that "active" style sheet is always attached to
StyleSheetList which is not true for adopted style sheets. This change
addresses that by keeping track of all documents/shadow roots that own
a style sheet and notifying them about invalidation instead of going
through the StyleSheetList.
This replaces the old `OAEP` implementation with one backed by OpenSSL.
The changes also include some added modularity to the RSA class by
making the `RSA_EME` and `RSA_EMSE` for encryption/decryption and
signing/verifying respectively.
This commit replaces the old implementation of `EMSA_PKCS1_V1_5` with
one backed by OpenSSL. In doing so, the `sign` and `verify` methods of
RSA have been modified to behave like expected and not just be
encryption and decryption.
I was not able to split this commit because the changes to `verify` and
`sign` break pretty much everything.
It used to be that the caller would supply a buffer to write the output
to. This created an anti-pattern in multiple places where the caller
would allocate a `ByteBuffer` and then use `.bytes()` to provide it to
the `PKSystem` method. Then the callee would resize the output buffer
and reassign it, but because the resize was on `Bytes` and not on
`ByteBuffer`, the caller using the latter would cause a bug.
Additionally, in pretty much all cases the buffer was pre-allocated
shortly before.
Originally we used the `paths-ignore` feature to skip the Lagom jobs if
no source code was changed. Afterwards, we enabled the 'required checks'
feature to prevent merging pull requests that have failing checks.
Unfortunately, marking a check as required means it always needs to be
successfully executed, even if a conditional caused it to be skipped.
By using the `paths-filter` action we were able to add the conditional
to the job instead, theoretically causing the 'required checks' feature
to start working again for documentation-only changes. As it turns out,
not the job, but the steps should get the new conditionals.
As that requires adding an `if` to every individual step and the
conditional execution has caused enough headaches since its
introduction, let's remove it for now and take the unfortunate execution
of CI jobs for granted.
