Re: Any plans to release DBUtils anytime soon?
And for the curious my plan for a release train is: BCEL, Net, Crypto, CSV, Pool, DBCP, Configuration. Gary On Tue, Nov 8, 2022, 12:27 Gary Gregory wrote: > I can only give the usual response: We are unpaid volunteers with limited > time and priorities that may not align with what you might be specifically > looking for. > > Gary > > On Tue, Nov 8, 2022, 11:45 mkpaz wrote: > >> Hello! >> >> It's been awhile since DBUtils last release in 2017. There was a lot of >> good work done. Could you please share why it's >> not getting updates. Any blocking issues? >> >> Mike. >> >> >> - >> To unsubscribe, e-mail: dev-unsubscr...@commons.apache.org >> For additional commands, e-mail: dev-h...@commons.apache.org >> >>
Re: Any plans to release DBUtils anytime soon?
I can only give the usual response: We are unpaid volunteers with limited time and priorities that may not align with what you might be specifically looking for. Gary On Tue, Nov 8, 2022, 11:45 mkpaz wrote: > Hello! > > It's been awhile since DBUtils last release in 2017. There was a lot of > good work done. Could you please share why it's > not getting updates. Any blocking issues? > > Mike. > > > - > To unsubscribe, e-mail: dev-unsubscr...@commons.apache.org > For additional commands, e-mail: dev-h...@commons.apache.org > >
Re: Correctly configuring Apache Commons components for oss-fuzz
Thanks for the update. I'll wait for that PR to be resolved before taking any further action. Mark On 08/11/2022 16:42, Roman Wagner wrote: Hi Mark, there is a PR open in oss-fuzz https://github.com/google/oss-fuzz/pull/8933 . Best regards Roman On Tue, Nov 8, 2022 at 4:15 PM Gary Gregory wrote: Sounds good. Gary On Tue, Nov 8, 2022, 10:07 Mark Thomas wrote: There has been no response to this email from anyone from Code Intelligence. Unless there are objections from the Apache Commons Community my next step will be to submit a PR to have the following modules removed from oss-fuzz: apache-commons-bcel apache-commons-beanutils apache-commons-cli apache-commons-codec apache-commons-collections apache-commons-configuration apache-commons-io apache-commons-jxpath apache-commons-lang apache-commons-logging Code Intelligence (or anyone else) will remain free to add them back in the right place - under apache-commons should they wish to do so. Mark On 19/10/2022 10:56, Mark Thomas wrote: Hi, You are receiving this email as you are currently configured as the recipients for oss-fuzz reports for Apache Commons JXPath. As per the discussion on the Apache Commons dev list[1], please make the following configuration changes to the oss-fuzz integrations with immediate effect: - Move all oss-fuzz integrations added for *ALL* Apache Commons components to the oss-fuzz module for Apache-Commons: https://github.com/google/oss-fuzz/tree/master/projects/apache-commons There should *NOT* be separate oss-fuzz modules for each component - Add the Google account for "secur...@commons.apache.org" to - the notifications for these issues - the ACL to enable this account to access the details for each report Please notify dev@commons.apache.org and secur...@commons.apache.org when these changes have been completed. Thanks, Mark [1] https://lists.apache.org/thread/53vwy3g8w3f8nydz7jvxm8snrqx7msln - To unsubscribe, e-mail: dev-unsubscr...@commons.apache.org For additional commands, e-mail: dev-h...@commons.apache.org - To unsubscribe, e-mail: dev-unsubscr...@commons.apache.org For additional commands, e-mail: dev-h...@commons.apache.org - To unsubscribe, e-mail: dev-unsubscr...@commons.apache.org For additional commands, e-mail: dev-h...@commons.apache.org
Re: Correctly configuring Apache Commons components for oss-fuzz
Hi Mark, there is a PR open in oss-fuzz https://github.com/google/oss-fuzz/pull/8933 . Best regards Roman On Tue, Nov 8, 2022 at 4:15 PM Gary Gregory wrote: > Sounds good. > > Gary > > On Tue, Nov 8, 2022, 10:07 Mark Thomas wrote: > >> There has been no response to this email from anyone from Code >> Intelligence. >> >> Unless there are objections from the Apache Commons Community my next >> step will be to submit a PR to have the following modules removed from >> oss-fuzz: >> >> apache-commons-bcel >> apache-commons-beanutils >> apache-commons-cli >> apache-commons-codec >> apache-commons-collections >> apache-commons-configuration >> apache-commons-io >> apache-commons-jxpath >> apache-commons-lang >> apache-commons-logging >> >> Code Intelligence (or anyone else) will remain free to add them back in >> the right place - under apache-commons should they wish to do so. >> >> Mark >> >> >> >> On 19/10/2022 10:56, Mark Thomas wrote: >> > Hi, >> > >> > You are receiving this email as you are currently configured as the >> > recipients for oss-fuzz reports for Apache Commons JXPath. >> > >> > As per the discussion on the Apache Commons dev list[1], please make >> the >> > following configuration changes to the oss-fuzz integrations with >> > immediate effect: >> > >> > - Move all oss-fuzz integrations added for *ALL* Apache Commons >> >components to the oss-fuzz module for Apache-Commons: >> > >> > >> https://github.com/google/oss-fuzz/tree/master/projects/apache-commons >> > >> >There should *NOT* be separate oss-fuzz modules for each component >> > >> > >> > - Add the Google account for "secur...@commons.apache.org" to >> >- the notifications for these issues >> >- the ACL to enable this account to access the details for each >> report >> > >> > >> > Please notify dev@commons.apache.org and secur...@commons.apache.org >> > when these changes have been completed. >> > >> > Thanks, >> > >> > Mark >> > >> > >> > >> > [1] https://lists.apache.org/thread/53vwy3g8w3f8nydz7jvxm8snrqx7msln >> > >> > - >> > To unsubscribe, e-mail: dev-unsubscr...@commons.apache.org >> > For additional commands, e-mail: dev-h...@commons.apache.org >> > >> >> - >> To unsubscribe, e-mail: dev-unsubscr...@commons.apache.org >> For additional commands, e-mail: dev-h...@commons.apache.org >> >> -- Roman Wagner Application Security Engineer Code Intelligence Rheinwerkallee 6 53227 Bonn Amtsgericht Bonn HRB 23408 Geschäftsführer: Sergej Dechand, Dr. Khaled Yakdan
Re: Correctly configuring Apache Commons components for oss-fuzz
Sounds good. Gary On Tue, Nov 8, 2022, 10:07 Mark Thomas wrote: > There has been no response to this email from anyone from Code > Intelligence. > > Unless there are objections from the Apache Commons Community my next > step will be to submit a PR to have the following modules removed from > oss-fuzz: > > apache-commons-bcel > apache-commons-beanutils > apache-commons-cli > apache-commons-codec > apache-commons-collections > apache-commons-configuration > apache-commons-io > apache-commons-jxpath > apache-commons-lang > apache-commons-logging > > Code Intelligence (or anyone else) will remain free to add them back in > the right place - under apache-commons should they wish to do so. > > Mark > > > > On 19/10/2022 10:56, Mark Thomas wrote: > > Hi, > > > > You are receiving this email as you are currently configured as the > > recipients for oss-fuzz reports for Apache Commons JXPath. > > > > As per the discussion on the Apache Commons dev list[1], please make the > > following configuration changes to the oss-fuzz integrations with > > immediate effect: > > > > - Move all oss-fuzz integrations added for *ALL* Apache Commons > >components to the oss-fuzz module for Apache-Commons: > > > > > https://github.com/google/oss-fuzz/tree/master/projects/apache-commons > > > >There should *NOT* be separate oss-fuzz modules for each component > > > > > > - Add the Google account for "secur...@commons.apache.org" to > >- the notifications for these issues > >- the ACL to enable this account to access the details for each report > > > > > > Please notify dev@commons.apache.org and secur...@commons.apache.org > > when these changes have been completed. > > > > Thanks, > > > > Mark > > > > > > > > [1] https://lists.apache.org/thread/53vwy3g8w3f8nydz7jvxm8snrqx7msln > > > > - > > To unsubscribe, e-mail: dev-unsubscr...@commons.apache.org > > For additional commands, e-mail: dev-h...@commons.apache.org > > > > - > To unsubscribe, e-mail: dev-unsubscr...@commons.apache.org > For additional commands, e-mail: dev-h...@commons.apache.org > >
Re: Correctly configuring Apache Commons components for oss-fuzz
There has been no response to this email from anyone from Code Intelligence. Unless there are objections from the Apache Commons Community my next step will be to submit a PR to have the following modules removed from oss-fuzz: apache-commons-bcel apache-commons-beanutils apache-commons-cli apache-commons-codec apache-commons-collections apache-commons-configuration apache-commons-io apache-commons-jxpath apache-commons-lang apache-commons-logging Code Intelligence (or anyone else) will remain free to add them back in the right place - under apache-commons should they wish to do so. Mark On 19/10/2022 10:56, Mark Thomas wrote: Hi, You are receiving this email as you are currently configured as the recipients for oss-fuzz reports for Apache Commons JXPath. As per the discussion on the Apache Commons dev list[1], please make the following configuration changes to the oss-fuzz integrations with immediate effect: - Move all oss-fuzz integrations added for *ALL* Apache Commons components to the oss-fuzz module for Apache-Commons: https://github.com/google/oss-fuzz/tree/master/projects/apache-commons There should *NOT* be separate oss-fuzz modules for each component - Add the Google account for "secur...@commons.apache.org" to - the notifications for these issues - the ACL to enable this account to access the details for each report Please notify dev@commons.apache.org and secur...@commons.apache.org when these changes have been completed. Thanks, Mark [1] https://lists.apache.org/thread/53vwy3g8w3f8nydz7jvxm8snrqx7msln - To unsubscribe, e-mail: dev-unsubscr...@commons.apache.org For additional commands, e-mail: dev-h...@commons.apache.org - To unsubscribe, e-mail: dev-unsubscr...@commons.apache.org For additional commands, e-mail: dev-h...@commons.apache.org
Re: [BCEL] low test coverage
Hello All, Recent PRs have brought up the coverage to 52% as you can see from the badge on https://github.com/apache/commons-bcel pointing to https://app.codecov.io/gh/apache/commons-bcel/tree/master Thank you to those who pitched in. You can also run 'mvn clean package site' locally and look at the JaCoCo report in target/site/ in the report section of the site. I think the component could benefit from more tests. If anyone has apps that use BCEL that have bits that can be turned into tests, that would give us more real-world test cases. TY, Gary On 2022/10/27 11:22:13 Gary Gregory wrote: > BCEL currently stands at 44% code coverage from tests, which needs > improvement obviously. Any help would be appreciated. > > Gary > - To unsubscribe, e-mail: dev-unsubscr...@commons.apache.org For additional commands, e-mail: dev-h...@commons.apache.org