+1 Am Di., 2. Apr. 2024 um 15:08 Uhr schrieb Markus Jung <ju...@apache.org>:
> +1 (non binding) > > > Did some testing with our real apps (Java 17, GNU/Linux x86-64), including: > - CDI > - JSF > - JPA (using hibernate 6.4) > - Jakarta Security (custom HttpAuthenticationMechanism) > - JSON-P/JSON-B > - Microprofile: OpenAPI, Config, Health > - tomee-embedded-maven-plugin and tomee-microprofile standalone > > > Everything looks good, awesome work! > > > > On 02.04.24 14:45, Frank Jung wrote: > > +1 > > > > Thank you! > > Frankie > >> -----Ursprüngliche Nachricht----- > >> Von: Richard Zowalla <r...@apache.org> > >> Gesendet: Dienstag, 2. April 2024 09:47 > >> An: dev@tomee.apache.org > >> Betreff: [VOTE] Apache TomEE 10.0.0-M1 > >> > >> Hello everyone, > >> > >> This is a vote for the release of Apache TomEE 10.0.0-M1. > >> > >> It is a first milestone release of TomEE 10 targeting JakartaEE 10. > >> Thanks to everyone who contributed code to make this happen. > >> I would like to emphasise and give a shout out to all our volunteers > who have > >> done the hard work for EE10, which is also done in all our upstream > >> dependencies like Tomcat, OWB, CXF, MyFaces, etc. > >> > >> This milestone release is not fully compliant with JakartaEE 10 as we > are > >> missing some EE10 compatible versions of our dependencies (most notably > >> CXF 4.1.x which isn't available yet). > >> We do not pass the TCK, nor do we have a fully working TCK setup at the > >> moment. However, our own full build is green [1] and so I am happy to > call > >> for a vote to release a first milestone of TomEE 10. > >> > >> Here are the hard facts: > >> > >> ############### > >> > >> Maven Repo: > >> https://repository.apache.org/content/repositories/orgapachetomee-1226/ > >> > >> <repositories> > >> <repository> > >> <id>tomee-10.0.0-M1-rc1</id> > >> <name>Testing TomEE 10.0.0-M1</name> > >> <url> > >> https://repository.apache.org/content/repositories/orgapachetomee-1226/ > >> </url> > >> </repository> > >> </repositories> > >> > >> ############### > >> > >> Binaries & Source: > >> > >> https://dist.apache.org/repos/dist/dev/tomee/staging-1226/tomee-10.0.0- > >> M1/ > >> > >> ############### > >> > >> Tag: > >> > >> https://github.com/apache/tomee/releases/tag/tomee-project-10.0.0-M1 > >> > >> > >> ############### > >> > >> Release notes: > >> > >> > https://issues.apache.org/jira/secure/ReleaseNote.jspa?projectId=12312320 > >> &version=12352714 > >> > >> ############### > >> > >> Here is an adoc generated version of the changelog as well: > >> > >> == Dependency upgrade > >> > >> [.compact] > >> - link:https://issues.apache.org/jira/browse/TOMEE-4266[TOMEE-4266] > >> ActiveMQ 5.16.7 / 5.18.3 > >> - link:https://issues.apache.org/jira/browse/TOMEE-4217[TOMEE-4217] > >> Arquillian 1.7.0.Final > >> - link:https://issues.apache.org/jira/browse/TOMEE-4307[TOMEE-4307] > >> BatchEE 1.0.4 > >> - link:https://issues.apache.org/jira/browse/TOMEE-4235[TOMEE-4235] > >> Bouncy Castle 1.75 > >> - link:https://issues.apache.org/jira/browse/TOMEE-4243[TOMEE-4243] > >> Bouncy Castle 1.76 > >> - link:https://issues.apache.org/jira/browse/TOMEE-4278[TOMEE-4278] > >> Commons CLI 1.6.0 > >> - link:https://issues.apache.org/jira/browse/TOMEE-4277[TOMEE-4277] > >> Commons Codec 1.16.0 > >> - link:https://issues.apache.org/jira/browse/TOMEE-4274[TOMEE-4274] > >> Commons DBCP 2.11.0 > >> - link:https://issues.apache.org/jira/browse/TOMEE-4275[TOMEE-4275] > >> Commons Lang3 3.13.0 > >> - link:https://issues.apache.org/jira/browse/TOMEE-4310[TOMEE-4310] > >> Commons Net 3.9.0 > >> - link:https://issues.apache.org/jira/browse/TOMEE-4308[TOMEE-4308] > >> Fileupload 2 (Jakarta > >> - link:https://issues.apache.org/jira/browse/TOMEE-4218[TOMEE-4218] > >> HSQLDB 2.7.2 > >> - link:https://issues.apache.org/jira/browse/TOMEE-4221[TOMEE-4221] > >> JUnit 5.9.3 > >> - link:https://issues.apache.org/jira/browse/TOMEE-4212[TOMEE-4212] > >> Jackson 2.15.0 > >> - link:https://issues.apache.org/jira/browse/TOMEE-4216[TOMEE-4216] > >> Jackson 2.15.1 > >> - link:https://issues.apache.org/jira/browse/TOMEE-4227[TOMEE-4227] > >> Jackson 2.15.2 > >> - link:https://issues.apache.org/jira/browse/TOMEE-4276[TOMEE-4276] > >> Jackson 2.15.3 > >> - link:https://issues.apache.org/jira/browse/TOMEE-4208[TOMEE-4208] > >> Johnzon 1.2.20 > >> - link:https://issues.apache.org/jira/browse/TOMEE-4228[TOMEE-4228] > >> Johnzon 1.2.21 > >> - link:https://issues.apache.org/jira/browse/TOMEE-4205[TOMEE-4205] > >> Jose4j 0.9.3 > >> - link:https://issues.apache.org/jira/browse/TOMEE-4279[TOMEE-4279] > >> Log4J2 2.21.1 > >> - link:https://issues.apache.org/jira/browse/TOMEE-4296[TOMEE-4296] > >> MicroProfile JWT 2.1 > >> - link:https://issues.apache.org/jira/browse/TOMEE-4283[TOMEE-4283] > >> OWB 4.0.1 > >> - link:https://issues.apache.org/jira/browse/TOMEE-4282[TOMEE-4282] > >> Tomcat 10.1.16 > >> - link:https://issues.apache.org/jira/browse/TOMEE-4309[TOMEE-4309] > >> Tomcat 10.1.20 > >> - link:https://issues.apache.org/jira/browse/TOMEE-4280[TOMEE-4280] > >> WSS4J 3.0.2 > >> - link:https://issues.apache.org/jira/browse/TOMEE-4313[TOMEE-4313] > >> XBean 4.24 > >> - link:https://issues.apache.org/jira/browse/TOMEE-4232[TOMEE-4232] > >> bcprov-jdk15to18-1.74.jar > >> - link:https://issues.apache.org/jira/browse/TOMEE-4220[TOMEE-4220] > >> log4j 2.20.0 (integration) > >> - link:https://issues.apache.org/jira/browse/TOMEE-4311[TOMEE-4311] > >> log4j2 2.23.1 > >> - link:https://issues.apache.org/jira/browse/TOMEE-4312[TOMEE-4312] > >> slf4j 2.0.12 > >> - link:https://issues.apache.org/jira/browse/TOMEE-4213[TOMEE-4213] > >> snakeyaml version 2.0 mitigate CVE-2022-1471 > >> - link:https://issues.apache.org/jira/browse/TOMEE-4219[TOMEE-4219] > >> xbeans 4.23 > >> > >> == New Feature > >> > >> [.compact] > >> - link:https://issues.apache.org/jira/browse/TOMEE-4268[TOMEE-4268] > >> Create MicroProfile OpenAPI Reader exemple > >> - link:https://issues.apache.org/jira/browse/TOMEE-4281[TOMEE-4281] > >> Improve logging when failing to load a class > >> > >> == Bug > >> > >> [.compact] > >> - link:https://issues.apache.org/jira/browse/TOMEE-4222[TOMEE-4222] > >> @LoginToContinue JSR-375 (JavaEE Security API) causes > >> IllegalArgumentException > >> - link:https://issues.apache.org/jira/browse/TOMEE-4267[TOMEE-4267] > >> MicroProfile Metrics JMX Registrar must be initialized once > >> - link:https://issues.apache.org/jira/browse/TOMEE-4225[TOMEE-4225] > >> Remove commons-net from TomEE distribution > >> - link:https://issues.apache.org/jira/browse/TOMEE-4226[TOMEE-4226] > >> DataSource definition fails when @DataSourceDefinition doesn't define > url > >> property > >> - link:https://issues.apache.org/jira/browse/TOMEE-4192[TOMEE-4192] > >> ApplicationComposers do not clear GC references on release > >> - link:https://issues.apache.org/jira/browse/TOMEE-4199[TOMEE-4199] > >> jakartaee-api with tomcat classifier has too much in it > >> - link:https://issues.apache.org/jira/browse/TOMEE-4294[TOMEE-4294] > >> TomEE doesn't start in tomee-embedded-maven-plugin when mp-common is > >> present > >> - link:https://issues.apache.org/jira/browse/TOMEE-4295[TOMEE-4295] > >> tomee-embedded-maven-plugin does not register microprofile endpoints > >> > >> == Improvement > >> > >> [.compact] > >> - link:https://issues.apache.org/jira/browse/TOMEE-4269[TOMEE-4269] > >> Enable SLF4J 2.x webapps to include bindings in their WEB-INF/lib > >> - link:https://issues.apache.org/jira/browse/TOMEE-4286[TOMEE-4286] > >> Namespace error when processing web-fragment.xml > >> - link:https://issues.apache.org/jira/browse/TOMEE-4200[TOMEE-4200] > >> Use ActiveMQ client jakarta instead of shading it in TomEE > >> > >> == Task > >> > >> [.compact] > >> - link:https://issues.apache.org/jira/browse/TOMEE-4261[TOMEE-4261] > >> Upgrade to Jakarta EE 10 APIs + OWB-4 > >> - link:https://issues.apache.org/jira/browse/TOMEE-4314[TOMEE-4314] > >> Fix docker-compose.yml to build TomEE > >> - link:https://issues.apache.org/jira/browse/TOMEE-4284[TOMEE-4284] > >> Implement tomee.mp.jwt.allow.no-exp property over > >> mp.jwt.tomee.allow.no-exp > >> > >> == Wish > >> > >> [.compact] > >> - link:https://issues.apache.org/jira/browse/TOMEE-4190[TOMEE-4190] > >> RunWithApplicationComposer should support inheritance > >> > >> == Fixed Common Vulnerabilities and Exposures (CVEs) > >> > >> [.compact] > >> - link:https://issues.apache.org/jira/browse/TOMEE-4227[TOMEE-4227] > >> Jackson 2.15.2 > >> > >> ############### > >> > >> Please note: > >> > >> Grype will report a vulnerability for > >> > >> apache-mime4j-core 0.8.7 0.8.10 java-archive GHSA-jw7r-rxff- > >> gv24 Medium > >> > >> which is shaded inside of "geronimo-mail_2.1_spec-1.0.0-M1.jar". > >> > >> In it's current version, the dependency is _NOT_ used inside of geronimo > >> mail impl, so unless you are using the shaded classes yourself, we are > not > >> affected here. > >> There is also another mail thread related to mail. > >> > >> For signature verification, you can check on the example script here: > >> https://gist.github.com/rzo1/9fb1ca0d58e1fc982d596f2a94b10b32 > >> > >> ############### > >> > >> Please VOTE > >> > >> [+1] go ship it > >> [+0] meh, don't care > >> [-1] stop, there is a ${showstopper} > >> > >> The VOTE is open for 72h or as long as needed. > >> > >> Gruß > >> Richard > >> > >> [1] https://ci-builds.apache.org/job/Tomee/job/master-build-full/1337/ >
