Upgraded to JasperStarter 3.6.2

composer.json

@@ -21,5 +21,10 @@
         "psr-0": {
             "JasperPHP": "src/"
         }
+    },
+    "extra": {
+        "branch-alias" : {
+            "master" : "2.9.1"
+        }
     }
 }

src/JasperPHP/JasperPHP.php

@@ -141,6 +141,9 @@ public function process($input_file, $output_file = false, $format = array("pdf"
 
         }
 
+
+        $command .= " --out-field-del \"`\"";
+
         $this->redirect_output  = $redirect_output;
         $this->background       = $background;
         $this->the_command      = escapeshellcmd($command);

src/JasperStarter/CHANGES

@@ -2,6 +2,144 @@
 JasperStarter - Running JasperReports from command line
 ========================================================
 
+Release notes - JasperStarter - Version 3.6.2
+---------------------------------------------
+
+** Bug
+    * JAS-161 CVE-2021-44832 in log4j-2.17.0
+
+
+Release notes - JasperStarter - Version 3.6.1
+---------------------------------------------
+
+** Bug
+    * JAS-160 log4j 2.16.0 is vulnerable to CVE-2021-45105
+
+
+Release notes - JasperStarter - Version 3.6.0
+---------------------------------------------
+
+** Bug
+    * CVE-2019-17571 - Included in Log4j 1.2 is a SocketServer class that is
+      vulnerable to deserialization of untrusted data which can be exploited to
+      remotely execute arbitrary code when combined with a deserialization
+      gadget when listening to untrusted network traffic for log data. This
+      affects Log4j versions up to 1.2 up to 1.2.17.
+
+    * [JAS-158] Jasperstarter contains an old log4j-1.2.17 which is affected by CVE-2019-17571
+    * [JAS-146] mvn: Could not resolve dependencies \(...\) from/to jaspersoft.artifactoryonline.com
+    * [JAS-142] Failed to generate qrcode - zxing library missing
+
+** Improvement
+    * [JAS-156] Is JasperStarter vulnerable to CVE-2021-44228
+
+** Task
+    * [JAS-157] Include JasperReports 6.18.1
+
+
+Release notes - JasperStarter - Version 3.5.0
+---------------------------------------------
+
+** Bug
+    * [JAS-134] - "InterruptedException" should not be ignored in App.java
+    * [JAS-135] - comparisons between unrelated types in Config.java
+
+** New Feature
+    * [JAS-131] - Jasperstarter does not provide a way to use the query string saved in the report itself
+
+** Task
+    * [JAS-133] - Release Pipeline takes longer than before
+    * [JAS-136] - Throwable.printStackTrace(...) should not be called in Report.java setLookAndFeel()
+    * [JAS-137] - Do not use a bitwise operator with a Boolean-like operand in ParameterPanel.java
+    * [JAS-138] - Do not use a bitwise operator with a Boolean-like operand in ParameterPrompt.java
+
+
+Release notes - JasperStarter - Version 3.4.1
+---------------------------------------------
+
+** Bug
+    * [JAS-132] - Security alert on org.springframework:spring-core
+                  Updated springframework to 4.3.21
+
+    CVE-2016-5007 - moderate severity - Vulnerable versions: < 4.3.1
+    CVE-2018-1275 - high severity - Vulnerable versions: < 4.3.16
+    CVE-2018-1272 - moderate severity - Vulnerable versions: < 4.3.15
+    CVE-2018-1271 - moderate severity - Vulnerable versions: < 4.3.15
+    CVE-2018-1270 - high severity - Vulnerable versions: < 4.3.16
+    CVE-2018-1257 - moderate severity - Vulnerable versions: < 4.3.17
+
+
+Release notes - JasperStarter - Version 3.4.0
+---------------------------------------------
+
+  JasperStarter-3.2.0 silently dropped Java7 support by using the
+  latest available JasperReports Library.
+  JasperReports-6.4.0 is the last release which works with Java7 so
+  JasperStarter-3.1.0 was the latest release supporting Java7.
+
+  Now JasperStarter needs Java8 at a minimum and is manually tested
+  with OpenJDK-8, OpenJDK-10, OpenJDK-11. Automatic testing is on the
+  way (see JAS-128).
+  There will be a special release supporting Java7.
+
+  "Diskless" operation using stdin and stdout for input data and
+  output is now complete. See ([JAS-97] and [JAS-89]).
+
+  A public API allows direct integration with Python using jpy
+  ([JAS-125]).
+
+Known bugs:
+    * [JAS-120] - JasperReports-6.7.0 Version does not match with
+                  reported version from the jar file in
+      This is an upstream error which causes JasperStarter to put out
+      a wrong JasperReports version number of 6.6.0 instead of 6.7.0
+      if you call: jasperstarter -V
+
+** Bug
+    * [JAS-111] - JRE 1.7 incompatibility - not fixed in the main
+                  release but clarified.
+    * [JAS-122] - Runtime error if a chart with "chart customizers" is
+                  used
+    * [JAS-126] - Jasperstarter does not usefully propagate
+                  compilation errors
+
+** New Feature
+    * [JAS-97] - Use stdout for the resulting PDF (so we don't have to
+                 write to the hosting server's storage)
+    * [JAS-125] - Make report fill accessible via API
+
+** Task
+    * [JAS-127] - Enable dependency caching in build pipeline
+    * [JAS-129] - Remove test dependency to font Arial
+    * [JAS-130] - launch4j-maven-plugin:1.5.2 depends on 32bit
+                  libraries
+
+
+Release notes - JasperStarter - Version 3.3.0
+---------------------------------------------
+
+Known bugs:
+    * [JAS-120] - JasperReports-6.7.0 Version does not match with reported version from the jar file in 
+      This is an upstream error which causes JasperStarter to put out
+      a wrong JasperReports version number of 6.6.0 instead of 6.7.0
+      if you call: jasperstarter -V
+
+** Bug
+    * [JAS-116] - SSL error
+    * [JAS-121] - Container 'Build' exceeded memory limit.
+    * [JAS-122] - Runtime error if a chart with "chart customizers" is used
+
+** New Feature
+    * [JAS-113] - JSONQL data source support
+
+** Task
+    * [JAS-102] - Pipeline: enable build artifact upload to download section
+    * [JAS-119] - Include JasperReports-6.7.0
+
+** Improvement
+    * [JAS-89] - Accept stdin for datafile input
+
+
 Release Notes - JasperStarter - Version 3.2.1
 ---------------------------------------------
 
@@ -256,7 +394,7 @@ JasperStarter is now able to prompt for report parameters.
           jrxml    - compiles implicit
           jrprint  - print, view or export previously filled reports.
         New output type: jrprint. This makes --keep obsolete.
-        New parameter -w writes compiled file to imput dir if jrxml is
+        New parameter -w writes compiled file to input dir if jrxml is
         processed.
         Parameter -t defaults to "none" and can therefore be omited if no
         database is needed.

src/JasperStarter/README.md

@@ -7,9 +7,15 @@ JasperStarter is an opensource command line launcher and batch compiler for
 
 The official homepage is [jasperstater.cenote.de][].
 
+**JasperStarter is not vulnerable to [CVE-2021-44228](https://nvd.nist.gov/vuln/detail/CVE-2021-44228).**
+
+**But all releases including 3.5.0 contain log4j-1.2.17 which is affected by
+[CVE-2019-17571](https://nvd.nist.gov/vuln/detail/CVE-2019-17571).** I cannot say if it is possible to
+exploit this with JasperStarter but in any case you should update to a newer version of JasperStarter.
+
 It has the following features:
 
-  * Run any JasperReport that needs a jdbc, csv, xml, json or empty datasource
+  * Run any JasperReport that needs a jdbc, csv, xml, json, jsonql or empty datasource
   * Use with any database for which a jdbc driver is available
   * Run reports with subreports
   * Execute reports that need runtime parameters. Any parameter whose class has
@@ -29,10 +35,11 @@ It has the following features:
   * Integrate in non Java applications (for example PHP, Python)
   * Binary executable on Windows
   * Includes JasperReports so this is the only tool you need to install
+  * "Diskless" operation using stdin and stdout for input data and output.
 
 Requirements:
 
-  * Java 1.6 or higher
+  * Java 1.8
   * A JDBC 2.1 driver for your database
 
 
@@ -67,6 +74,43 @@ Example with hsql using database type generic:
 For more information take a look in the docs directory of the distibution
 archive or read the [Usage][] page online.
 
+### Python Integration using public API
+
+JasperStarter exposes an API which can be used with [jpy][] to
+provide direct access from Python:
+
+    #
+    # Load the JVM. See the jpy docs for details.
+    #
+    import jpyutil
+    jpyutil.init_jvm(jvm_maxmem='512M', jvm_classpath=['.../jasperstarter.jar'])
+    #
+    # Load the Java types needed.
+    #
+    import jpy
+    Arrays = jpy.get_type('java.util.Arrays')
+    File = jpy.get_type('java.io.File')
+    Report = jpy.get_type('de.cenote.jasperstarter.Report')
+    Config = jpy.get_type('de.cenote.jasperstarter.Config')
+    DsType = jpy.get_type('de.cenote.jasperstarter.types.DsType')
+    #
+    # Create the JasperStarter configuration. See Config.java for details.
+    #
+    config = Config()
+    config.setInput('jsonql.jrxml')
+    config.setOutput('contacts.pdf')
+    config.setDbType(DsType.json)
+    config.setDataFile(File('contacts.json'))
+    config.setJsonQuery('contacts.person')
+    config.setOutputFormats(Arrays.asList([]))
+    #
+    # Run the report. See Report.java for details.
+    #
+    instance = Report(config, File(config.getInput()))
+    instance.fill()
+    instance.exportPdf()
+
+See the examples/python directory for a fuller example.
 
 ### Release Notes
 
@@ -88,23 +132,26 @@ and create a bug or feature request.
 If you like the software you can write a [review][] :-)
 
 
-### Developement
+### Development
 
 The sourcecode is available at [bitbucket.org/cenote/jasperstarter][], the
 project website is hosted at [Sourceforge][].
 
 JasperStarter is build with [Maven][]. 
 
-On Linux 64 bit the launch4j-maven-plugin may fail. You need the folloing libs in a 32 bit version:
+On Linux 64 bit the launch4j-maven-plugin may fail. In this case, may you need the following libs in a 32 bit version:
 
   * z1
   * ncurses5
   * bz2-1.0
 
-On Ubuntu 14.04 for example use this command:
+Install on Ubuntu 14.04 or above:
 
     $ sudo apt-get install lib32z1 lib32ncurses5 lib32bz2-1.0
 
+Install on Fedora 27 or above:
+
+    $sudo dnf install ncurses-compat-libs.i686
 
 To get a distribution package run:
 
@@ -162,7 +209,7 @@ JasperStarter from within your IDE to call up a database based report.
 
 ### License
 
-Copyright 2012-2015 Cenote GmbH.
+Copyright 2012-2022 Cenote GmbH.
 
 Licensed under the Apache License, Version 2.0 (the "License");
 you may not use this file except in compliance with the License.
@@ -187,3 +234,4 @@ limitations under the License.
 [Usage]:http://jasperstarter.sourceforge.net/usage.html
 [Issues]:https://cenote-issues.atlassian.net/browse/JAS
 [Changes]:changes.html
+[jpy]:https://github.com/bcdev/jpy

src/JasperStarter/bin/jasperstarter

@@ -23,4 +23,4 @@ else
 fi
 
 #SCRIPTPATH="$(dirname $0)"
-java -jar "$HOME_FOLDER/lib/jasperstarter.jar" "$@"
+java -jar "$HOME_FOLDER/lib/jasperstarter.jar" "$@"

src/JasperStarter/docs/apidocs/allclasses-frame.html

@@ -0,0 +1,29 @@
+<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN" "http://www.w3.org/TR/html4/loose.dtd">
+<!-- NewPage -->
+<html lang="it">
+<head>
+<!-- Generated by javadoc (1.8.0_412) on Mon Apr 29 23:51:58 CEST 2024 -->
+<meta http-equiv="Content-Type" content="text/html; charset=UTF-8">
+<title>All Classes (JasperStarter 3.7.1-SNAPSHOT API)</title>
+<meta name="date" content="2024-04-29">
+<link rel="stylesheet" type="text/css" href="stylesheet.css" title="Style">
+<script type="text/javascript" src="script.js"></script>
+</head>
+<body>
+<h1 class="bar">All&nbsp;Classes</h1>
+<div class="indexContainer">
+<ul>
+<li><a href="de/cenote/jasperstarter/App.html" title="class in de.cenote.jasperstarter" target="classFrame">App</a></li>
+<li><a href="de/cenote/jasperstarter/types/AskFilter.html" title="enum in de.cenote.jasperstarter.types" target="classFrame">AskFilter</a></li>
+<li><a href="de/cenote/jasperstarter/types/Command.html" title="enum in de.cenote.jasperstarter.types" target="classFrame">Command</a></li>
+<li><a href="de/cenote/jasperstarter/Config.html" title="class in de.cenote.jasperstarter" target="classFrame">Config</a></li>
+<li><a href="de/cenote/jasperstarter/Db.html" title="class in de.cenote.jasperstarter" target="classFrame">Db</a></li>
+<li><a href="de/cenote/jasperstarter/types/Dest.html" title="interface in de.cenote.jasperstarter.types" target="classFrame"><span class="interfaceName">Dest</span></a></li>
+<li><a href="de/cenote/jasperstarter/types/DsType.html" title="enum in de.cenote.jasperstarter.types" target="classFrame">DsType</a></li>
+<li><a href="de/cenote/jasperstarter/types/InputType.html" title="enum in de.cenote.jasperstarter.types" target="classFrame">InputType</a></li>
+<li><a href="de/cenote/jasperstarter/types/OutputFormat.html" title="enum in de.cenote.jasperstarter.types" target="classFrame">OutputFormat</a></li>
+<li><a href="de/cenote/jasperstarter/Report.html" title="class in de.cenote.jasperstarter" target="classFrame">Report</a></li>
+</ul>
+</div>
+</body>
+</html>

src/JasperStarter/docs/apidocs/allclasses-noframe.html

@@ -0,0 +1,29 @@
+<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN" "http://www.w3.org/TR/html4/loose.dtd">
+<!-- NewPage -->
+<html lang="it">
+<head>
+<!-- Generated by javadoc (1.8.0_412) on Mon Apr 29 23:51:58 CEST 2024 -->
+<meta http-equiv="Content-Type" content="text/html; charset=UTF-8">
+<title>All Classes (JasperStarter 3.7.1-SNAPSHOT API)</title>
+<meta name="date" content="2024-04-29">
+<link rel="stylesheet" type="text/css" href="stylesheet.css" title="Style">
+<script type="text/javascript" src="script.js"></script>
+</head>
+<body>
+<h1 class="bar">All&nbsp;Classes</h1>
+<div class="indexContainer">
+<ul>
+<li><a href="de/cenote/jasperstarter/App.html" title="class in de.cenote.jasperstarter">App</a></li>
+<li><a href="de/cenote/jasperstarter/types/AskFilter.html" title="enum in de.cenote.jasperstarter.types">AskFilter</a></li>
+<li><a href="de/cenote/jasperstarter/types/Command.html" title="enum in de.cenote.jasperstarter.types">Command</a></li>
+<li><a href="de/cenote/jasperstarter/Config.html" title="class in de.cenote.jasperstarter">Config</a></li>
+<li><a href="de/cenote/jasperstarter/Db.html" title="class in de.cenote.jasperstarter">Db</a></li>
+<li><a href="de/cenote/jasperstarter/types/Dest.html" title="interface in de.cenote.jasperstarter.types"><span class="interfaceName">Dest</span></a></li>
+<li><a href="de/cenote/jasperstarter/types/DsType.html" title="enum in de.cenote.jasperstarter.types">DsType</a></li>
+<li><a href="de/cenote/jasperstarter/types/InputType.html" title="enum in de.cenote.jasperstarter.types">InputType</a></li>
+<li><a href="de/cenote/jasperstarter/types/OutputFormat.html" title="enum in de.cenote.jasperstarter.types">OutputFormat</a></li>
+<li><a href="de/cenote/jasperstarter/Report.html" title="class in de.cenote.jasperstarter">Report</a></li>
+</ul>
+</div>
+</body>
+</html>