Changes log  

- 2.2.3 (11/27/2014)
    - Bugs fixed
      - Fixed potential NPE in odata extension when schema ComplexType in a 
        document does not declare a schema attribute (issue #932).
      - Uncaught exceptions may cause LogFilter to fail, with dire consequences.
        Issue #931. Reported and contributed by Tal Liron.
      - The Restlet internal connector only serves from one thread (issue #937).
      - Securing JaxRepresentation by default (issue #785).
        Reported by Jim Trainor.
      - OData Edm.DateTime properties are sometimes parsed as null (issue #946).
        Reported and contributed by Emmanuel Liossis.

    - Enhancements
      - Added targetRef support to templates, allow reference variables to 
        resolve to the full reference (issue #935).
        Contributed by Jeremy Gustie.
      - Fixed log level (issue #777). Reported by marcus-nl.

- 2.2.2 (08/05/2014)
    - Bugs fixed
      - Fixed generation of Android edition.
    - Enhancements
      - Updated agent.properties file with recent Opera user agent signature.

- 2.2.1 (05/06/2014)
    - Bugs fixed
      - Fixed missing internal FTP client connector registration.
      - Fixed missing internal HTTPS server isn't properly registered.
        Reported by Roy Olsen.
      - Fixed forgotten traces to the console #911, #905, #904.
        Reported by Emanuele Massara.
      - Fixed missing default values for DefaultSslContextFactory attributes, issue #903.
      - Removed unecessary ".properties" files from the distributions, issue #892.
      - Prevented NPE in org.httpclient.internal.HttpMethodCall.getStatusCode, issue #871.
        Reported by Claus Ibsen.
      - Fixed CompositeHelper.handle fails when Component has no inbound filters. Issue #865.
        Reported and contributed by Jeremy Gustie.
      - Stabilized Swagger documentation for JAX-RS applications. Issue #827.

- 2.2.0 (03/27/2014)
    - Enhancements
      - Integration of new Guice extension, issue #489.
        Reported and contributed by Tim Peierls.
      - Reverted Swagger extension to version 2.9,
        supporting only JAX-RS API. Issue #827.
    - Bugs fixed
      - Fixed user agent product parsing. Issues #878 and 879.
        Contributed by Jeremy Gustie.
      - Fixed usage of client connector in GAE edition, issue #876.
        Reported by Alex Harvey.
    - Misc
      - Fixed many links and updated content of the User Guide

- 2.2 Release Candidate 4 (03/18/2014)
    - Enhancements
      - Updated Swagger extension based on Swagger 2.10 version, issue #827.
    - Bugs fixed
      - ServerResource doesn't throw away empty response entities anymore, issue #848.
        Reported by Arjohn Kampman and Marcel Hellkamp.
      - DefaultSslContextFactory doesn't handle
        enabledCipherSuites/enabledProtocols parameters properly, issue #853.
        Reported and contributed by Jonathan Keljo.
      - Android NIO server SSL handshake hangs, issue #851.
        Reported and contributed by Jonathan Keljo.
      - NIO SSL server infinite loops on close-notify, issue #862.
        Reported and contributed by Jonathan Keljo.
    - Misc
      - Automatic build using Travis

- 2.2 Release Candidate 3 (03/04/2014)
    - Enhancements
      - Add JSON media types. Reported and contributed by Jack Jones.
      - Moved all the remaining NIO logic from previous internal HTTP connector to the
        org.restlet.ext.nio. This will help reduce the org.restlet.jar file size.
    - Bugs fixed
      - Issue #818: Call.isBroken does not detect Tomcat ClientAbortException.
        Reported and contributed by Jeremy Gustie.
      - Issue #847: DELETE responses send 200 status without any entity, whereas it 
        should be 204.
      - Issue #805: The NioUtils.copy(..) logic that sometimes created Cyclic barrier 
        exceptions has been moved as well and replaced with the older and more stable 
        logic that was in place in version 2.1.0 and older releases.
        Reported by Wim Jongman.

- 2.2 Release Candidate 2 (02/18/2014)
    - Enhancements
      - Allow Delete methods with entities, issue #841.
      - Allow configuring HttpClient's HostnameVerifier, issue #246.
        Reported and contributed by Philippe Laflamme.
      - Short term fix for XStream - remote code execution due to insecure XML deserialization, issue #835.
        Reported by David Jorm.

- 2.2 Release Candidate 1 (02/09/2014)
    - Enhancements
      - Added Javadocs artefacts for Maven repository, issue #811.
        Suggested by David Roussel.
      - Added Thymeleaf extension, issue #824.
        Reported and contributed by Grzegorz Godlewski.
      - Improved ServerServlet.createComponent() to address issues #766 and #767: 
        allowed to specify a custom Component class and configure it using xml file.
        Reported and contributed by Jason Guild.
      - Added Swagger extension, currently with JAX-RS API support only. Issue #595.
        Reported and contributed by Grzegorz Godlewski.

    - API changes
      - Moved org.restlet.ext.net HTTP/HTTPS/FTP client connectors into the core
        org.restlet module (org.restlet.engine.net package) as the new internal
        client connectors.
      - Moved NIO-based internal connector to new org.restlet.ext.nio extension.
        Marked as "developer preview" state.
      - Added new internal HTTP/HTTPS server connectors based on the 
        com.sun.net.httpserver package available in JDK 6. Issue #381.
      - Moved org.restlet.ext.ssl into core org.restlet.engine.ssl package except
        classes related to the jSSLutils library now part of new org.restlet.ext.jsslutils
        extension and for CertificateAuthenticator class now in org.restlet.security.
        Solves issue #803 reported by Tal Liron.
      - XEE injection security fix (Issue #826). As a side effect, the XML parsers adopt a more 
        defensive strategy and prevent by default loading of external entities, validation of DTD,
        and turn on secure processing for SAX parsers.
      - Deprecated MediaType#APPLICATION_RDF_TURTLE and added TEXT_TURTLE constant.
        Suggested by Peter Ansell. Issue #730.

    - Bugs fixed
      - Fixed issue #823: Service-Component header missing in manifest.mf for servlet extension.
        Reported by Ioan Lupu.
      - XEE injection security fix. Issue #826. Reported by Alvaro Munoz.
      - OData not passing null when property not marked nullable, issue #663.
        Reported by Carl J. Mosca and contributed by Luke Adams.
      - Android ICS: needs fixing for HttpUrlConnectionCall.getResponseHeaders, issue #548.
        Reported by Bobby Sawhney.
      - @Patch annotation is ignored, issue #747.
        Reported by Ralph van Etten.

    - Misc
      - Updated Jetty to version 8.1.14.
      - Updated XStream to version 1.4.6.
      - Updated NekoHTML to version 1.9.19.
      - Updated Apache commons logging to version 1.1.3.
      - Updated Apache Log4j to version 1.2.17.
      - Updated Jettison to version 1.3.5.
      - Updated Freemarker to version 2.3.20.
      - Updated JiBX to version 1.2.5.
      - Updated Jackson to version 2.2.3.
      - Updated Guice to version 3.0.
      - Updated Google Protobuf to version 2.5.
      - Updated Apache Commons fileupload to version 1.3.
      - Updated Apache HTTP Client to version 4.3.2.
      - Updated Apache HTTP Core to version 4.3.2.
      - Updated Apache HTTP MIME to version 4.3.2.
      - Updated Mime4j to version 0.7.
      - Updated Lucene to version 4.6.
      - Updated Solr to version 4.6.
      - Updated Tika to version 1.4.
      - Updated Velocity to version 1.7.
      - Updated Woodstox to version 4.2.4.
      - Updated Joda time to version 2.3.
      - Updated JUnit to version 4.11.
      - Updated MongoDB to version 2.11.3.
      - Updated Simple Framework to version 5.1.6.
      - Updated Spring Framework to version 3.2.6.
      - Updated TestNG to version 6.8.7.
      - Updated SnakeYAML to version 1.13.

- 2.2 Milestone 6 (12/05/2013)
    - Enhancements
      - Added a Message#bufferEntity() method to facilitate buffering of request and response
        entities/representations when they are transient but need to be consumed multiple times.
        Note that if not used properly, it can easily drain JVM memory.
      - Moved BufferingRepresentation from Engine to org.restlet.representation package.
      - Added client support for HTTP OAuth MAC authentication.
      - Added support of nowrap "deflater" (support of GZIP compatible compression), issue #786.
        Reported and contributed by Tal Liron.
    - Bugs fixed
      - Fixed issue #789, declaration of gson's maven artifact identifier.
        Reported by mafuba.

- 2.2 Milestone 5 (09/07/2013)
    - Bugs fixed
       - Fixed issues #774, #778 - Removed default support of JavaBeans XML-deserialization, 
         binary-deserialization on ObjectRepresentation class.
         Reported by David Jorm.

- 2.2 Milestone 4 (08/23/2013)
    - Enhancements
       - Added GSON extension (#586). Contributed by Neal Mi.
       - OAuth extension has been upgraded to support final OAuth 2.0 specification.
         Contributed by Shotaro Uchida.
    - Bugs fixed
       - Fixed issue #739 - Copy extension headers from JAX-RS API to Restlet response.
         Reported by Mark Kharitonov.
       - Fixed issue #774 - Removed default support of JavaBeans XML-serialization.
         Reported by David Jorm, Dinis Cruz, Abraham Kang and Alvaro Munoz.
       - Fixed issue #778 - Removed default support of JavaBeans binary-serialization.
         Reported by David Jorm.

- 2.2 Milestone 3 (03/07/2013)
    - Bugs fixed
       - Fixed issue #737 - ExecutorService not set when calling WriterRepresentation#write.
         Reported by Tim Peierls.
       - Fixed issue #734 - Implementations of XmlHttpRequest in IE versions prior to IE10 turn 
         204 status into 1223. Reported by Koen Maes.

- 2.2 Milestone 2 (02/28/2013)
    - Enhancements
       - Upgraded Servlet API to version 3.0.1.
       - Updated Simple HTTP server library to version 5.0.4.
       - Added a JSONP filter that can automatically wrap JSON representations.
         Contributed by Mark Kharitonov and Cyril Lakech.
    - API changes
       - Refactored the OAuth extension to prevent the 
         org.restlet.ext.oauth.security subpackage.
       - Refactored the JacksonRepresentation to merge the 
         JacksonSmileRepresentation back into the 
         JacksonRepresentation. Also improved extensibility
         and default behavior of the CSV serialization format.
       - Added Request/Response.flushBuffers() method to attempt
         to force network buffers to be flushed out.
         Suggested by Yan Pujante.
       - Removed all code deprecated in branch 2.1.
       - Added patch-related methods to the ConverterService:
         applyPatch(Representation original, Representation patch) : Representation
         revertPatch(Representation modified, Representation patch) : Representation
         createPatch(Representation original, Representation modified) : Representation
       - Added patch(..) methods to ClientResource. Suggested by Brian Sletten.
       - Added patch(..) to ServerResource relying by default on the 
         ConverterService and on the put(..) methods. Suggested by Brian Sletten.
       - Added ClientInfo.acceptedPatches property and HTTP header writing/reading
         logic for "Accept-Patch".
       - Added IOException declaration to all the ConverterService methods.
       - Restored Role.equals(..) and hashCode(..) methods so that two roles with the
         same parent application, name and child roles are equals.
       - Added Role.application property to make it more explicit what is required
         for role equality and to make the MemoryRealm class less ambiguous.
         Reported by Tim Peierls, Martin Svensson, Peter Ansell and others.
       - Deprecated Role.ALL constant which wasn't compatible with the fact that 
         roles have specific applications as parent.
       - Deprecated constructors Role(String) and Role(String, String) and added 
         Role(Application, String) and Role(Application, String, String) as 
         replacements, using Application.getCurrent() to workaround the lack of 
         Application parameter in deprecated constructors.
       - Added findRoles/map/unmap methods with an Application argument to the
         MemoryRealm class for conveniency.
       - Added static get(...) methods to Role.
       - Added getRole(String) method to ServerResource.
       - Refactored GaeEnroler constructors to require proper Role instances or 
         parent Application.
       - Added Component.taskService property and deprecated+disabled the 
         Application.taskService. The same task service/thread pool can then be shared 
         by multiple applications inside the same component/JVM.
       - Added Context.executorService property to be able to invoke the parent task
         service without actually being able to control it (start/stop).
       - Added JaxRsApplication(Context, Application) constructor.
    - Bugs fixed
       - The same ones as in version 2.1.2.
    - Misc
       - Updated the links to the user guide in the wiki.

- 2.2 Milestone 1 (12/24/2012)
    - Enhancements
       - Upgraded Jetty to version 8.1.5.
       - Upgraded JAX-RS to version 1.1.1.
       - Upgraded Servlet API to version 3.0.
       - Upgraded Jackson to version 2.1.0 and Woodstox to 4.1.4.
         Now supporting JSON binary (Smile), XML, YAML and CSV
         serialization format based on the media type.
       - Added OBAP (OSGi Bundle Access Protocol) client connector
         to allow access to resources from other OSGi bundles.
         Use "obap://{bundleSymbolicName}/{pathToResource}"
         Added to the "org.restlet.ext.osgi" extension (OSGi edition).
       - Added additional content type mappings to the JAX-RS module client.
       - OAuth extension has been upgraded to support OAuth 2.0 draft 30
         specification. Contributed by Shotaro Uchida.
    - API changes
       - Added a resource client to the JAX-RS extension.
         Contributed by Shaun Elliott.
       - Added an optional namespace prefix mapper for JAXB representations 
         when marshalling Java content into XML.
         Contributed by Emanuele Ziglioli.
       - Added support of the Jackson Smile format.
         Suggested by Tim Peierls.
       - Added conveniency add(...) method signature without Reference 
         parameters in RdfClientResource.
       - Added Method.PATCH constant and @Patch annotation based on RFC 5789.
         Suggested by Brian Sletten.
       - Added MediaType.APPLICATION_JSON_PATCH constant based on internet
         draft for "application/json-patch" media type.
       - Added ChallengeScheme.HTTP_OAUTH_BEARER and HTTP_OAUTH_MAC constants
         to support the final OAuth 2.0 RFC.
    - Bugs fixed
       - The same ones as in version 2.1.1.
    - Misc
       - Updated Eclipse projects to use JavaSE 6.0 and simple Java 
         build rather than PDE/OSGi (removed manifest.mf files) or 
         Maven (removed pom.xml files).
       - Of course, Maven is still supported via our Maven repository,
         the previous change is only for Restlet committers.