On 4/1/20 5:39 AM, Martin Grigorov wrote:
Hi, The CHANGELOG should not contain https://issues.apache.org/jira/browse/WICKET-6750 since it is not Resolved.
I don't know how it managed to go into the CHANGELOG. I've fixed it at code base level but it requires a to start again a new release to fix also distribution archives.
Should we cancel this vote?
On Tue, Mar 31, 2020 at 9:56 PM Andrea Del Bene <[email protected]> wrote:This is a vote to release Apache Wicket 9.0.0-M5 Please download the source distributions found in our staging area linked below. I have included the signatures for both the source archives. This vote lasts for 72 hours minimum. [ ] Yes, release Apache Wicket 9.0.0-M5 [ ] No, don't release Apache Wicket 9.0.0-M5, because ... Distributions, changelog, keys and signatures can be found at: https://dist.apache.org/repos/dist/dev/wicket/9.0.0-M5 Staging repository: https://repository.apache.org/content/repositories/orgapachewicket-1140/ The binaries are available in the above link, as are a staging repository for Maven. Typically the vote is on the source, but should you find a problem with one of the binaries, please let me know, I can re-roll them some way or the other. Staging git repository data: Repository: [email protected]:bitstorm/wicket.git Branch: build/wicket-9.0.0-M5 Release tag: rel/wicket-9.0.0-M5 ======================================================================== The signatures for the source release artefacts: Signature for apache-wicket-9.0.0-M5.zip: -----BEGIN PGP SIGNATURE----- iQIzBAABCgAdFiEE0a6YZHC1pJw+aieyh48B+qjTVuEFAl6DejwACgkQh48B+qjT VuEPnQ/9Gc7bH7Y/s6PZceoLV0t9gkhtsJaC8jhuZhOWCqj1Uu/3VfJPRYma2eSs z7XpgU1+x8qTMMUm27Z0HWMjUrMOevH5B0w4z9bb3yq9kmgwHGqH0o8lenjlZBAB sKQKKNFcdEP4uzIOW5B6TWa9MHzkwQjKS2SYMSNfRsZps7p0pHylcb2S9QvEB/7R ajSaNvF8C9J1vjkm8Qcutj8SUa+CwxuySe6rhCzj4VjslNMNTxUlyZxeicTipL3K dB2UkG1ziTcHsgYLmDXOyta4eloMSGC+X/8UFNJsob7KkdQxqT64VW++8VQ166ND UOkDZBPwTRislVf6c1cnLVZg+cIdNeNK9i2KDEIIChLhPStBpA9MVnaKAQjIYC7O EZcYzliQmr1dVIx/6XakgaCsIRifkkPyEkCIdg0fnMSoaKs4qc5Q0p1IXiWO6vJP mpnrtC7WzQ9ThnvQek6A1kz3ls3QlE9fqtDUmvE+XE/9E4Xko9ufe2tscPZ4Dr1b RUCRix+hmtisRWCjcTZ9oqxtzB+vxDYsuVAo0Q1+ckSf/xSIlzrtfidtOgifft0v FMKOlplmBzSmcmZrTJ2/DgpNgvX+tJJaBIEXUrXgFyuf1bRJBiwse9x/EGpBRcjC 3HlOcXG3o/W+SrVutxez49kt3Eaksa2AI+CYUvDJjl7wgHA3J9A= =fMOR -----END PGP SIGNATURE----- Signature for apache-wicket-9.0.0-M5.tar.gz: -----BEGIN PGP SIGNATURE----- iQIzBAABCgAdFiEE0a6YZHC1pJw+aieyh48B+qjTVuEFAl6DejwACgkQh48B+qjT VuFP/A/7BPiVX8FkifrsxVMcD7jgbiCEGTxO6adDIoZNPYA9vrapE3XCEVY9qyaW vHjqs/qFRtnhZY8dLcC6GKX5nnvIP0PoFvfw48yMx6/xidNoNnNrcxDzg4fpB3uW KzaqKbHb/tH7ndTsB/EF5CRejUxuQXYqiUIYDToHQwc/XT6to7TUpPL7FM/lEfUk xSdCK4EhsD1U4XvhZYKL7R1SfhyC5tvmm609UXLxFli7DBn5Sq/mcPlbA+BWbQQF GtLxFwYTrYONPfSyABUzi7CkKgeSXoK3ffnQlDqc5L8/cUYJQurU55jP5GP39Urk wGv3D2/glxEIeDUN77U0PxQzHDULwCXlX2Ng+npbUTS7COc8wTSpYFH+WzeyVATU RO5WIDG0RF1/y9CWm3S0gdXfeWSO0bP1VWX7MOeefVBm1c6vgHYdHctmwiHX9owB 4wfKqT9LbKMuaMY/A9ZpGt24X6N7ujAVMEIBJ+UGF2sSCnMNJK5XCSgnUkMNZwex 6h+rM6NUMl3nc8z6FEXPLvdJDdtx73O0LtL0REV5bINlIpRmXqMvTF1RvdhKR0jl vWFH5xBzW7/sKmJ5zQkh/Nw+VG9l0qewqwBh5sOHzWZXROqsVvrDXvGwXIOJKNMW 2881MlEJLLB9V59N7PIC7shxKl300W36Z1fIRSp3c9DiEoC4Y+E= =G/ZG -----END PGP SIGNATURE----- ======================================================================== CHANGELOG for 9.0.0-M5: ** Bug * [WICKET-6715] - FileUpload class should not implement IClusterable * [WICKET-6745] - CSP: inline JS in server and client time response filters * [WICKET-6746] - HttpsMapper cannot deal with resources over websockets * [WICKET-6752] - Some dependencies contain CVEs * [WICKET-6753] - res/modal.js using aria-labelledby where it should be using aria-label * [WICKET-6754] - Iteration stops with nested containers * [WICKET-6755] - MockServletContext does not decode real path * [WICKET-6756] - Avoid URL.getFile() when actually expecting paths. * [WICKET-6757] - Avoid URL.getFile during mime type detection. * [WICKET-6758] - NPE in AbstractWebSocketProcessor after session times out ** New Feature * [WICKET-6727] - Configurable CSP * [WICKET-6729] - allow adding IHeaderResponseDecorator without replacing all others * [WICKET-6730] - Global access to secure random data ** Improvement * [WICKET-6724] - CSP: Inline Javascript in AjaxLink * [WICKET-6725] - CSP: display:none in Component.renderPlaceholderTag * [WICKET-6726] - CSP: inline styling and js in Form submitbutton handling * [WICKET-6731] - CSP: inline JS in SubmitLink * [WICKET-6732] - CSP: inline JS in Link and ExternalLink * [WICKET-6733] - CSP: enable by default * [WICKET-6735] - CSP: inline styling in FormComponentFeedbackBorder/Indicator * [WICKET-6736] - CSP: Inline styling in BrowserInfoForm * [WICKET-6737] - CSP: violations in examples * [WICKET-6738] - CSP: inline styling in UploadProgressBar * [WICKET-6739] - CSP: inline JS in Palette * [WICKET-6740] - CSP: inline JS in Button * [WICKET-6741] - CSP: inline JS in FormComponentUpdatingBehavior * [WICKET-6749] - CSP: Inline styling in ExceptionErrorPage.html * [WICKET-6750] - add capability to cancel ongoing AJAX requests from client side * [WICKET-6759] - Support disabling error notification for websockets * [WICKET-6760] - Nested Form placeholder should preserve tag name * [WICKET-6761] - Support multiple connections to the same websocket resource from a single session * [WICKET-6762] - Support manual initialization of websocket connections ** Task * [WICKET-6687] - Cleanup the code from attribute inline styles and attribute inline scripts * [WICKET-6747] - Document CSP in user guide and migration guide * [WICKET-6751] - Support creating custom page access synchronization strategies
