Łukasz, That will probably work.
What happens when a dependency gets updated multiple times in a release? Will it be listed multiple times (since it shows all issues with that type)? My reasoning was: * When you need to do a quick upgrade due to a fixed vulnerability you just want a quick checklist of the things that need to be changed/checked * At that time the developer doesn't realy care for the other improvements/upgrades (which are already listed now, and can be checked by anyone interested) * When a dependency gets updated multiple times, the only version of interest is the one used in the release. Regards, Stefaan Dutry (sdutry) 2017-07-14 8:20 GMT+02:00 Lukasz Lenart <lukaszlen...@apache.org>: > 2017-07-13 21:28 GMT+02:00 Stefaan Dutry <sdu...@apache.org>: >> Łukasz, >> >> You are right, the issue mentioning about the change to commons-lang3 >> version 3.6 is in the issue list. >> This is also where we found what needed to be done. >> >> This is the list where we looked when something was wrong, >> unfortunately for us, we spotted a different issue first: >> * [WW-4748] - Upgrade commons-lang3 to 3.5 >> >> The only idea i can come up with so far would be to add a miniature >> upgrade guide section (from the previous version to this one). >> Something as small as 2 bullet points, for example: >> >> Upgrade guide (2.5.10.1 -> 2.5.12) >> * upgrade struts libraries to the new version (2.5.12) >> * struts2 now requires at least commons-lang3 version 3.6 (transitive >> dependency) >> >> Technicaly we should have just spotted it by listing the dependencies >> of the project. >> So, it's nothing important, it's just an idea. > > I see your point, maybe we should introduce a new type of Issue - > "Dependency" which will clear indicates that this changes dependency > of the framework and it will be listed in its own section on the > Version Notes. wdyt? > > > Regards > -- > Łukasz > + 48 606 323 122 http://www.lenart.org.pl/ > > --------------------------------------------------------------------- > To unsubscribe, e-mail: dev-unsubscr...@struts.apache.org > For additional commands, e-mail: dev-h...@struts.apache.org > --------------------------------------------------------------------- To unsubscribe, e-mail: dev-unsubscr...@struts.apache.org For additional commands, e-mail: dev-h...@struts.apache.org
