Re: build-dev Digest, Vol 161, Issue 61

2020-09-26 Thread Moshe Zuisman
>Date: Sat, 26 Sep 2020 00:13:06 +1000
> > From: David Holmes 
> > To: Moshe Zuisman 
> > Cc: build-dev@openjdk.java.net
> > Subject: Re: cve-2014-3566 cve-2014-6593 in OPEN JDK 8
> > Message-ID: <63142641-ca33-8ed5-6da6-9c8bbb2c5...@oracle.com>
> > Content-Type: text/plain; charset=utf-8; format=flowed
>
> > On 25/09/2020 10:28 pm, Moshe Zuisman wrote:
> > > Hi David. Do this Vulnerability group have some their own forum, mail
> > > list or other place - they can be contacted?
>
> > I assumed they did have but it seems not :(
>
> > https://openjdk.java.net/groups/vulnerability/
> 
>
> > The only mailing list they have that you can post to is for
> > vulnerability reports.
>
> > I suspect you have to pick an OpenJDK distributor and then ask them
> > about this, rather than trying to find out generically what "version of
> > OpenJDK" contains a given fix. I'm pretty sure that we don't record CVE
> > details when such fixes get integrated.
>
> > David
> > -
>
> Hi David. Thanks for your help!


Re: RFR: 8253424: Add support for running pre-submit testing using GitHub Actions [v6]

2020-09-26 Thread Robin Westberg
> A few days ago I posted an initial version of the necessary configuration 
> required to run pre-submit build and tests
> for JDK main-line contributions using GitHub Actions [2] and the free tier 
> [3] available to everyone working with open
> source repositories. I've incorporated the feedback into an updated version 
> that I believe is ready to be integrated.
> If this is integrated into the `master` branch, future branches created and 
> updated in personal forks will build and
> run the basic tier 1 tests as described in this configuration, on Linux, 
> Windows and macOS (all on x64). It's of course
> possible for any contributor to opt out fully or partially of these automatic 
> runs in a few different ways.  To opt out
> completely, a contributor can simply disable GitHub Actions on their personal 
> fork, and no further jobs will be
> executed. Another option is to add a repository secret [4] with the name 
> `JDK_SUBMIT_FILTER` set to any value. If this
> is set, only branches prefixed with `submit/` will be subject to automatic 
> build and test. This can also be further
> refined by adding a repository secret named `JDK_SUBMIT_PLATFORMS` with a 
> value such as `Linux x64, Windows x64` to
> limit automatic build and test to these two platforms. It will still be 
> possible to run the tests on any branch and/or
> platform by manually triggering the workflow.  To see what this looks like in 
> practice, an example run can be found
> here: https://github.com/rwestberg/jdk/actions/runs/265131985 (note that 
> there is currently a failing test on Windows
> which is tracked by JDK-8249095, which should probably be resolved before 
> this change is integrated).  Best regards,
> Robin  [1] 
> https://mail.openjdk.java.net/pipermail/jdk-dev/2020-September/004736.html [2]
> https://github.com/features/actions [3]
> https://docs.github.com/en/actions/getting-started-with-github-actions/about-github-actions#usage-limits
>  [4]
> https://docs.github.com/en/actions/reference/encrypted-secrets

Robin Westberg has updated the pull request incrementally with one additional 
commit since the last revision:

  Ensure that test logs are always collected, regardless of test job outcome

-

Changes:
  - all: https://git.openjdk.java.net/jdk/pull/284/files
  - new: https://git.openjdk.java.net/jdk/pull/284/files/441a18b7..22336eba

Webrevs:
 - full: https://webrevs.openjdk.java.net/?repo=jdk&pr=284&range=05
 - incr: https://webrevs.openjdk.java.net/?repo=jdk&pr=284&range=04-05

  Stats: 3 lines in 1 file changed: 3 ins; 0 del; 0 mod
  Patch: https://git.openjdk.java.net/jdk/pull/284.diff
  Fetch: git fetch https://git.openjdk.java.net/jdk pull/284/head:pull/284

PR: https://git.openjdk.java.net/jdk/pull/284