Roller 6.1.4 is now available for download
This release includes several updates and improvements to enhance the security, stability, and functionality of your Roller installations. Release files are now available on Apache mirrors: https://www.apache.org/dyn/closer.cgi/roller/roller-6.1/v6.1.4 ## Key Changes in Apache Roller 6.1.4 ### Safer defaults As of Roller 6.1.4, several default settings have been updated to enhance security for multi-user weblog sites: HTML content sanitization: Roller now sanitizes all HTML content by default to prevent malicious content. This is controlled by the weblogAdminsUntrusted=true property in your roller-custom.properties file. Custom themes and file-uploads disabled by default. You can enable this feature via the Server Admin page if you trust your users, as these features can pose security risks. Better CSRF and XSS protection by user-specific and one-time-use salts. ### Dependency updates Over 20 mostly minor dependency updates including Spring, Eclipse-Link JPA, Log4j, Lucene, and more. ### Bug fixes Fixed some bugs that impacted category create, update and delete
[VOTE] Release Roller 6.1.4 (rc2)
Release approved with three votes: +1 Dave +1 Greg +1 Michael I will make the announcement after release files are uploaded and web site is updated, probably tomorrow. Thanks to all who helped out with this release! Dave
Re: [VOTE] Release Roller 6.1.4 (rc2)
+1 (binding) from me! > On Oct 7, 2024, at 3:22 AM, Greg Huber wrote: > > Looks good. > > [x] +1 Release this package as Apache Roller 6.1.4 > > Observations > Blogroll page. Switch to blogroll dropdown dialog and Add blogroll dialog > get a 500 when saving, but it still creates the entries OK. > > Cheers Greg > > On 06/10/2024 22:09, Dave Johnson wrote: >> Dear Apache Roller Community, >> >> I am pleased to call for a vote on the release of Apache Roller 6.1.4 (RC2). >> This release includes several important updates and improvements, including >> enhanced security measures, dependency updates, and various code >> enhancements (change notes below). The release candidate files can be found >> at the following location: >> >> https://dist.apache.org/repos/dist/dev/roller/roller-6.1/v6.1.4/ >> >> Please review the release candidate and cast your vote: >> >> [ ] +1 Release this package as Apache Roller 6.1.4 >> [ ] 0 No opinion >> [ ] -1 Do not release this package because... >> >> The vote will be open for at least 72 hours. Please take the time to review >> the release candidate and provide your feedback. >> >> Thank you for your time and contributions to the Apache Roller project. >> >> Best regards, >> Dave >> >> >> Changes since RC1: >> * One-time salt values >> * Comprehensive tests for salt filters >> * Web analytics disabled when weblogAdminsUntrusted=true >> >> >> Key Changes in Apache Roller 6.1.4 >> >> Dependency Updates: >> * Upgraded several key libraries to their latest versions, ensuring improved >> security and stability. >> >> Code Enhancements: >> * Enhanced salt handling (user specific one-time-salts) and validation >> mechanisms. >> * Improved security settings and default configurations. >> * By default weblogAdminsUntrusted is not set to true. >> * Default settings now disable file uploads and custom themes. >> * Updated tests and documentation to ensure compatibility with new >> configurations. >> >> Detailed Change List for Apache Roller 6.1.4 >> >> Dependency Updates >> >> app/pom.xml: >> - asm.version: 9.6 -> 9.7 >> - commons-validator.version: 1.8.0 -> 1.9.0 >> - commons-codec.version: 1.16.0 -> 1.17.1 >> - commons-text.version: 1.11.0 -> 1.12.0 >> - commons-lang3.version: 3.14.0 -> 3.16.0 >> - eclipse-link.version: 4.0.2 -> 4.0.4 >> - log4j2.version: 2.22.1 -> 2.23.1 >> - lucene.version: 9.9.1 -> 9.11.1 >> - maven-surefire.version: 3.2.5 -> 3.5.0 >> - slf4j.version: 2.0.11 -> 2.0.16 >> - spring.version: 5.3.31 -> 5.3.39 >> - spring.security.version: 5.8.8 -> 5.8.14 >> - jquery-ui: 1.13.2 -> 1.13.3 >> - jquery-validation: 1.19.5 -> 1.20.0 >> - mockito-core: 5.9.0 -> 5.12.0 >> - instancio-junit: 4.0.0 -> 5.0.1 >> - selenium-java: 4.17.0 -> 4.23.1 >> - selenium-firefox-driver: 4.17.0 -> 4.23.1 >> - maven-failsafe-plugin: 3.2.5 -> 3.5.0 >> >> pom.xml: >> - jetty.plugin.version: 10.0.19 -> 10.0.23 >> - maven-compiler-plugin: 3.12.1 -> 3.13.0 >> - versions-maven-plugin: 2.16.2 -> 2.17.1 >> - junit-jupiter-engine: 5.10.1 -> 5.11.0 >> >> Code Changes >> >> - ValidateSaltFilter.java: Added RollerSession and modified salt validation >> to check against userId. >> - SaltCache.java: Changed get method return type to String and modified put >> method to accept String. >> - roller.properties: Added weblogAdminsUntrusted=true. >> - runtimeConfigDefs.xml: Changed default values of uploads.enabled and >> themes.customtheme.allowed to false. >> - MediaFileTest.java: Enabled media uploads for the test. >> - SQLScriptRunnerTest.java: Replaced assertTrue with assertEquals for >> command count check. >> - roller-install-guide.adoc: Updated security recommendations and safer >> defaults section. >> - roller-template-guide.adoc: Updated note about theme customization being >> disabled by default.theme customization being disabled by default.
[VOTE] Release Roller 6.1.4 (rc2)
Dear Apache Roller Community, I am pleased to call for a vote on the release of Apache Roller 6.1.4 (RC2). This release includes several important updates and improvements, including enhanced security measures, dependency updates, and various code enhancements (change notes below). The release candidate files can be found at the following location: https://dist.apache.org/repos/dist/dev/roller/roller-6.1/v6.1.4/ Please review the release candidate and cast your vote: [ ] +1 Release this package as Apache Roller 6.1.4 [ ] 0 No opinion [ ] -1 Do not release this package because... The vote will be open for at least 72 hours. Please take the time to review the release candidate and provide your feedback. Thank you for your time and contributions to the Apache Roller project. Best regards, Dave Changes since RC1: * One-time salt values * Comprehensive tests for salt filters * Web analytics disabled when weblogAdminsUntrusted=true Key Changes in Apache Roller 6.1.4 Dependency Updates: * Upgraded several key libraries to their latest versions, ensuring improved security and stability. Code Enhancements: * Enhanced salt handling (user specific one-time-salts) and validation mechanisms. * Improved security settings and default configurations. * By default weblogAdminsUntrusted is not set to true. * Default settings now disable file uploads and custom themes. * Updated tests and documentation to ensure compatibility with new configurations. Detailed Change List for Apache Roller 6.1.4 Dependency Updates app/pom.xml: - asm.version: 9.6 -> 9.7 - commons-validator.version: 1.8.0 -> 1.9.0 - commons-codec.version: 1.16.0 -> 1.17.1 - commons-text.version: 1.11.0 -> 1.12.0 - commons-lang3.version: 3.14.0 -> 3.16.0 - eclipse-link.version: 4.0.2 -> 4.0.4 - log4j2.version: 2.22.1 -> 2.23.1 - lucene.version: 9.9.1 -> 9.11.1 - maven-surefire.version: 3.2.5 -> 3.5.0 - slf4j.version: 2.0.11 -> 2.0.16 - spring.version: 5.3.31 -> 5.3.39 - spring.security.version: 5.8.8 -> 5.8.14 - jquery-ui: 1.13.2 -> 1.13.3 - jquery-validation: 1.19.5 -> 1.20.0 - mockito-core: 5.9.0 -> 5.12.0 - instancio-junit: 4.0.0 -> 5.0.1 - selenium-java: 4.17.0 -> 4.23.1 - selenium-firefox-driver: 4.17.0 -> 4.23.1 - maven-failsafe-plugin: 3.2.5 -> 3.5.0 pom.xml: - jetty.plugin.version: 10.0.19 -> 10.0.23 - maven-compiler-plugin: 3.12.1 -> 3.13.0 - versions-maven-plugin: 2.16.2 -> 2.17.1 - junit-jupiter-engine: 5.10.1 -> 5.11.0 Code Changes - ValidateSaltFilter.java: Added RollerSession and modified salt validation to check against userId. - SaltCache.java: Changed get method return type to String and modified put method to accept String. - roller.properties: Added weblogAdminsUntrusted=true. - runtimeConfigDefs.xml: Changed default values of uploads.enabled and themes.customtheme.allowed to false. - MediaFileTest.java: Enabled media uploads for the test. - SQLScriptRunnerTest.java: Replaced assertTrue with assertEquals for command count check. - roller-install-guide.adoc: Updated security recommendations and safer defaults section. - roller-template-guide.adoc: Updated note about theme customization being disabled by default.theme customization being disabled by default.
Re: [VOTE] Release Apache Roller 6.1.4 (RC1)
Hi Greg, I was able to reproduce this problem. It was due to Roller's Struts config that was using "chain" instead of redirecting back to the Categories page after edit, add and remove category actions. I also fixed a problem in the remove category modal. I uploaded new release files with only this change so please take a look when you can. Dave
Re: [VOTE] Release Apache Roller 6.1.4 (RC1)
Hi Greg, Thanks for pointing that out. I did some testing and found that the remove category modal is broken for categories that are in use, unless you are very quick with your mouse. This fixed it for me and I'm going to get it into the release: https://github.com/apache/roller/commit/222dae0542e03d5b782506b33ae188e2206561fc Dave On Sat, Sep 28, 2024 at 6:42 AM Greg Huber wrote: > The database upgrade completed normally. > > App seems to work OK. > > Observations: > > The edit category page/logic could do with some more testing as it seems > to go wrong after deleting a category. ie try editing/saving an entry > after deleting one. > > https://struts.apache.org/struts25-eol-announcement > > > [x] +1 Release this package as Apache Roller 6.1.4 > > > Cheers Greg > > > On 27/09/2024 23:00, Dave wrote: > > Dear Apache Roller Community, > > > > I am pleased to call for a vote on the release of Apache Roller 6.1.4 > > (RC1). This release includes several important updates and improvements, > > including enhanced security measures, dependency updates, and various > code > > enhancements (change notes below). The release candidate files can be > found > > at the following location: > > > > https://dist.apache.org/repos/dist/dev/roller/roller-6.1/v6.1.4/ > > > > Please review the release candidate and cast your vote: > > > > [ ] +1 Release this package as Apache Roller 6.1.4 > > [ ] 0 No opinion > > [ ] -1 Do not release this package because... > > > > The vote will be open for at least 72 hours. Please take the time to > review > > the release candidate and provide your feedback. > > > > Thank you for your time and contributions to the Apache Roller project. > > > > Best regards, > > Dave > > > > > > > > Key Changes in Apache Roller 6.1.4 > > > > Dependency Updates: > > * Upgraded several key libraries to their latest versions, ensuring > > improved security and stability. > > > > Code Enhancements: > > * Enhanced salt handling and validation mechanisms. > > * Improved security settings and default configurations. > > * Introduced weblogAdminsUntrusted=true property. > > * Adjusted default settings to disable file uploads and custom > themes by > > default. > > * Updated tests and documentation to ensure compatibility with new > > configurations. > > > > ## Detailed change List for Apache Roller 6.1.4 > > > > ### Dependency Updates > > > > app/pom.xml > > - asm.version: 9.6 -> 9.7 > > - commons-validator.version: 1.8.0 -> 1.9.0 > > - commons-codec.version: 1.16.0 -> 1.17.1 > > - commons-text.version: 1.11.0 -> 1.12.0 > > - commons-lang3.version: 3.14.0 -> 3.16.0 > > - eclipse-link.version: 4.0.2 -> 4.0.4 > > - log4j2.version: 2.22.1 -> 2.23.1 > > - lucene.version: 9.9.1 -> 9.11.1 > > - maven-surefire.version: 3.2.5 -> 3.5.0 > > - slf4j.version: 2.0.11 -> 2.0.16 > > - spring.version: 5.3.31 -> 5.3.39 > > - spring.security.version: 5.8.8 -> 5.8.14 > > - jquery-ui: 1.13.2 -> 1.13.3 > > - jquery-validation: 1.19.5 -> 1.20.0 > > - mockito-core: 5.9.0 -> 5.12.0 > > - instancio-junit: 4.0.0 -> 5.0.1 > > > > - selenium-java: 4.17.0 -> 4.23.1 > > - selenium-firefox-driver: 4.17.0 -> 4.23.1 > > - maven-failsafe-plugin: 3.2.5 -> 3.5.0 > > > > pom.xml > > - jetty.plugin.version: 10.0.19 -> 10.0.23 > > - maven-compiler-plugin: 3.12.1 -> 3.13.0 > > - versions-maven-plugin: 2.16.2 -> 2.17.1 > > - junit-jupiter-engine: 5.10.1 -> 5.11.0 > > > > ### Code Changes > > - **LoadSaltFilter.java**: Added RollerSession to retrieve userId and > pass > > to SaltCache. > > - **ValidateSaltFilter.java**: Added RollerSession and modified salt > > validation to check against userId. > > - **SaltCache.java**: Changed get method return type to String and > modified > > put method to accept String. > > - **roller.properties**: Added weblogAdminsUntrusted=true. > > - **runtimeConfigDefs.xml**: Changed default values of uploads.enabled > and > > themes.customtheme.allowed to false. > > - **MediaFileTest.java**: Enabled media uploads for the test. > > - **SQLScriptRunnerTest.java**: Replaced assertTrue with assertEquals for > > command count check. > > - **roller-install-guide.adoc**: Updated security recommendations and > safer > > defaults section. > > - **roller-template-guide.adoc**: Updated note about theme customization > > being disabled by default.roller-template-guide.adoc: Updated note about > > theme customization being disabled by default. > >
[VOTE] Release Apache Roller 6.1.4 (RC1)
Dear Apache Roller Community, I am pleased to call for a vote on the release of Apache Roller 6.1.4 (RC1). This release includes several important updates and improvements, including enhanced security measures, dependency updates, and various code enhancements (change notes below). The release candidate files can be found at the following location: https://dist.apache.org/repos/dist/dev/roller/roller-6.1/v6.1.4/ Please review the release candidate and cast your vote: [ ] +1 Release this package as Apache Roller 6.1.4 [ ] 0 No opinion [ ] -1 Do not release this package because... The vote will be open for at least 72 hours. Please take the time to review the release candidate and provide your feedback. Thank you for your time and contributions to the Apache Roller project. Best regards, Dave Key Changes in Apache Roller 6.1.4 Dependency Updates: * Upgraded several key libraries to their latest versions, ensuring improved security and stability. Code Enhancements: * Enhanced salt handling and validation mechanisms. * Improved security settings and default configurations. * Introduced weblogAdminsUntrusted=true property. * Adjusted default settings to disable file uploads and custom themes by default. * Updated tests and documentation to ensure compatibility with new configurations. ## Detailed change List for Apache Roller 6.1.4 ### Dependency Updates app/pom.xml - asm.version: 9.6 -> 9.7 - commons-validator.version: 1.8.0 -> 1.9.0 - commons-codec.version: 1.16.0 -> 1.17.1 - commons-text.version: 1.11.0 -> 1.12.0 - commons-lang3.version: 3.14.0 -> 3.16.0 - eclipse-link.version: 4.0.2 -> 4.0.4 - log4j2.version: 2.22.1 -> 2.23.1 - lucene.version: 9.9.1 -> 9.11.1 - maven-surefire.version: 3.2.5 -> 3.5.0 - slf4j.version: 2.0.11 -> 2.0.16 - spring.version: 5.3.31 -> 5.3.39 - spring.security.version: 5.8.8 -> 5.8.14 - jquery-ui: 1.13.2 -> 1.13.3 - jquery-validation: 1.19.5 -> 1.20.0 - mockito-core: 5.9.0 -> 5.12.0 - instancio-junit: 4.0.0 -> 5.0.1 - selenium-java: 4.17.0 -> 4.23.1 - selenium-firefox-driver: 4.17.0 -> 4.23.1 - maven-failsafe-plugin: 3.2.5 -> 3.5.0 pom.xml - jetty.plugin.version: 10.0.19 -> 10.0.23 - maven-compiler-plugin: 3.12.1 -> 3.13.0 - versions-maven-plugin: 2.16.2 -> 2.17.1 - junit-jupiter-engine: 5.10.1 -> 5.11.0 ### Code Changes - **LoadSaltFilter.java**: Added RollerSession to retrieve userId and pass to SaltCache. - **ValidateSaltFilter.java**: Added RollerSession and modified salt validation to check against userId. - **SaltCache.java**: Changed get method return type to String and modified put method to accept String. - **roller.properties**: Added weblogAdminsUntrusted=true. - **runtimeConfigDefs.xml**: Changed default values of uploads.enabled and themes.customtheme.allowed to false. - **MediaFileTest.java**: Enabled media uploads for the test. - **SQLScriptRunnerTest.java**: Replaced assertTrue with assertEquals for command count check. - **roller-install-guide.adoc**: Updated security recommendations and safer defaults section. - **roller-template-guide.adoc**: Updated note about theme customization being disabled by default.roller-template-guide.adoc: Updated note about theme customization being disabled by default.
CVE-2023-37581: Authenticated XSS Vulnerabilities in Apache Roller
The Apache Roller project would like to announce a vulnerability that may impact Roller installations that allow group blogging with untrusted users. Severity: Medium (only impacts group blogging sites with untrusted users) Description: Insufficient input validation and sanitation in Bookmark, Bookmark Folder (Blogroll), and User Profile features in all versions of Apache Roller on all platforms allows an authenticated user to perform an XSS attack. Mitigation: If you are not running a group blog, then no mitigation is needed. If you are running a group blog and you do not have Roller configured for untrusted users, then you need to do nothing because you trust your users to author raw HTML and other web content. But, if you are running a group blog and you do not trust your users to author HTML, CSS and JavaScript then you should upgrade to Roller 6.1.3. Roller 6.1.3 is available for download here: https://roller.apache.org/downloads/downloads.html Apache Roller would like to thank Jacob Hazak for reporting this vulnerability.
Apache Roller 6.1.3 release is available
The Apache Roller project is pleased to announce the availability of Roller 6.1.3, a release that includes some minor bug fixes, dependency updates and input sanitization changes. https://roller.apache.org/downloads/downloads.html You can find some more details about the release in the vote thread here: https://lists.apache.org/thread/xnnf63bdzmq7z08ptdptyg5c30rfvzq5 Thanks to all who helped out with this release! Dave
Re: [VOTE] Release Apache Roller 6.1.3 based on rc1
Release approved with three +1 votes: +1 michael +1 greg +1 dave I'm going to fix that one debug setting and start uploading release files to mirrors. Thanks, folks! Dave On Mon, Jun 3, 2024 at 4:54 PM Michael Bien wrote: > On 03.06.24 10:05, Greg Huber wrote: > > Looks great. Database upgrade no problems. > > > looks like a debug setting made it into the candidate: > > https://github.com/apache/roller/blob/f6b3aa448d7703430e11b761b703b69020ea38a7/app/src/main/resources/log4j2.xml#L73 > > this would be set to "info" normally. > > -mbien > >
[VOTE] Release Apache Roller 6.1.3 based on rc1
Hi Roller folks, I propose that we release Roller 6.1.3 based on the release candidate #1 (rc1) files already available. https://dist.apache.org/repos/dist/dev/roller/roller-6.1/v6.1.3/ This new release of Roller will add: - Input validation/sanitization for Profile full name, name, timezone and locale fields - Input sanitization for Bookmark and Bookmark folder name and description fields - Fix to embedded Jetty (used in tests and mvn jetty:run) - Many fixes for various warnings in tests - Dependency updates: - ant - asm - commons-validator - commons-codec - commons-text - commons-lang3 - guice - log4j2 - lucene - maven-war - maven-surefire - spring - spring-security - jquery - struts2-bootstrap-plugin - mokito-core - instancio-junit - maven-antrun-plugin - selenium-firefox-driver These PRs capture most if not all of the changes: https://github.com/apache/roller/pull/135 https://github.com/apache/roller/pull/134 https://github.com/apache/roller/pull/132 https://github.com/apache/roller/pull/131 Please test and review the release files if you have a chance. Please vote -1 with reasons, 0 or +1 to release. Thanks! Dave
Re: Roller 6.1.3 rc1 files available for review/testing
The release candidate files are here: https://dist.apache.org/repos/dist/dev/roller/roller-6.1/v6.1.3/ On Sat, Feb 10, 2024 at 5:59 PM Dave wrote: > Hi Roller folks, > > > I’m going to propose that we release Roller 6.1.3 based on what is > currently in Roller’s master branch. I have created release candidate files > for your review and testing. > > > This new release of Roller will add: > >- Input validation/sanitization for Profile full name, name, timezone >and locale fields >- Input sanitization for Bookmark and Bookmark folder name and >description fields >- Fix to embedded Jetty (used in tests and mvn jetty:run) >- Many fixes for various warnings in tests >- Dependency updates: > - ant > - asm > - commons-validator > - commons-codec > - commons-text > - commons-lang3 > - guice > - log4j2 > - lucene > - maven-war > - maven-surefire > - spring > - spring-security > - jquery > - struts2-bootstrap-plugin > - mokito-core > - instancio-junit > - maven-antrun-plugin > - selenium-firefox-driver > > > These PRs capture most if not all of the changes: > > https://github.com/apache/roller/pull/135 > > https://github.com/apache/roller/pull/134 > > https://github.com/apache/roller/pull/132 > > https://github.com/apache/roller/pull/131 > > > Please test and review the release files if you have a chance. > > > I plan to call a release vote shortly. > > > Thanks! > > Dave >
Roller 6.1.3 rc1 files available for review/testing
Hi Roller folks, I’m going to propose that we release Roller 6.1.3 based on what is currently in Roller’s master branch. I have created release candidate files for your review and testing. This new release of Roller will add: - Input validation/sanitization for Profile full name, name, timezone and locale fields - Input sanitization for Bookmark and Bookmark folder name and description fields - Fix to embedded Jetty (used in tests and mvn jetty:run) - Many fixes for various warnings in tests - Dependency updates: - ant - asm - commons-validator - commons-codec - commons-text - commons-lang3 - guice - log4j2 - lucene - maven-war - maven-surefire - spring - spring-security - jquery - struts2-bootstrap-plugin - mokito-core - instancio-junit - maven-antrun-plugin - selenium-firefox-driver These PRs capture most if not all of the changes: https://github.com/apache/roller/pull/135 https://github.com/apache/roller/pull/134 https://github.com/apache/roller/pull/132 https://github.com/apache/roller/pull/131 Please test and review the release files if you have a chance. I plan to call a release vote shortly. Thanks! Dave
Jira cleanup
FYI: I spent some time cleaning up Roller's Jira. I closed all tickets 10 years old or older and I closed a bunch of old feature requests that we are not likely to implement. I also attempted to set priority on the 34 remaining tickets based on what I thought was most important. You can find the resulting list of issues in priority order here: https://issues.apache.org/jira/issues/?jql=project%20%3D%20ROL%20AND%20resolution%20%3D%20Unresolved%20ORDER%20BY%20priority%20DESC%2C%20updated%20DESC I plan on reviewing and culling down the remaining issues at a later time. Please feel free to re-open any tickets you might want to work on. Cheers! Dave
CVE-2023-37581: Apache Roller: XSS vulnerability for site with untrusted users
The Apache Roller project would like to announce a vulnerability that may impact Roller installations that allow group blogging with untrusted users. Severity: Medium (only impacts group blogging sites with untrusted users) Description: Insufficient input validation and sanitation in Weblog Category name, Website About and File Upload features in all versions of Apache Roller on all platforms allows an authenticated user to perform an XSS attack. Mitigation: If you are not running a group blog, then no mitigation is needed. If you are running a group blog and you do not have Roller configured for untrusted users, then you need to do nothing because you trust your users to author raw HTML and other web content. But, if you are running a group blog and you do not trust your users to author HTML, CSS and JavaScript then you should upgrade to Roller 6.1.2 and you should disable Roller's File Upload feature. Roller 6.1.2 is available for download here: https://roller.apache.org/downloads/downloads.html Apache Roller would like to thank Srivani Reddy for reporting this vulnerability.
Apache Roller 6.1.2 release is available
The Apache Roller project is pleased to announce the availability of Roller 6.1.2, a release that includes some minor bug fixes and input sanitization changes. https://roller.apache.org/downloads/downloads.html You can find some more details about the release in the vote thread here: https://lists.apache.org/thread/7wq8gb0g143zzbd6ds0c1k2zm51gbv2h Thanks to all who helped out with this release! Dave
Re: [RESULT] [VOTE]: Release Roller 6.1.2
I had some issues updating the website, hope to have an announcement shortly. On Sun, Jul 30, 2023 at 10:06 AM Dave wrote: > Release vote has passed! Thanks for the reviews. > > +1 Michael B (binding) > +1 Greg H (binding) > +1 Dave J (binding) > > I will move the files to the dist directory, update the website and make > an announcement probably tomorrow morning. > > Dave > > On Sat, Jul 29, 2023 at 6:46 PM Greg Huber wrote: > >> OK on the TODO. (Seen this...possibly weblog timestamp not being >> updated?) >> >> +1 (b) >> >> On Sat, 29 Jul 2023 at 22:19, Dave wrote: >> >> > Yeah, it's a cache issue. I did some experimentation and I found this: >> > >> > - Create an entry >> > - See it on blog page >> > - Change entry to a draft >> > - It still appears on blog page >> > - Switch to a different web browser (but do not login to Roller) and see >> > that entry does not appear on blog page >> > - Login with different web browser and see that entry does appear on >> blog >> > page >> > >> > Seems like a cache invalidation problem for logged in users, but I do >> not >> > see the problem in the code. I'm glad the draft entry gets removed from >> the >> > search index tho, and thanks for testing search functionality Greg >> > because it did change recently. >> > >> > I'm +1 on this release despite this glitch. >> > >> > Dave >> > >> > >> > >> > On Sat, Jul 29, 2023 at 4:33 PM Michael Bien wrote: >> > >> > > Hi Greg, >> > > >> > > I could reproduce it, this seems to be a cache invalidation issue. >> > > >> > > the entry will disappear if you clear the cache via the Maintenance >> UI. >> > > Roller has also various cache settings which can be set in roller >> > > properties, e.g age based eviction which would further mitigate this. >> > > >> > > This is probably a bug but not a show stopper IMHO - updating entries >> > > works fine for example, >> > > >> > > best regards, >> > > michael >> > > >> > > >> > > On 24.07.23 10:55, Greg Huber wrote: >> > > > If I have a published entry, and then change the status to draft it >> > > > does not update the front page/weblog and the entry still shows. >> > > > >> > > > If I publish another entry, the draft entry now does not so. >> > > > >> > > > Also how do I get it to show other weblog entries on the front page >> > now? >> > > > >> > > > On 23/07/2023 21:10, Dave wrote: >> > > >> This release of Roller includes dependency updates, minor fixes and >> > some >> > > >> input validation fixes. This new RC removes an unnecessary Solr >> > > >> dependency, >> > > >> makes some small docs fixes and removes an unnecessary error >> message. >> > > >> Thanks for the reviews! >> > > >> >> > > >> You can find the convenience binaries and the source code of the >> > release >> > > >> here: >> > https://dist.apache.org/repos/dist/dev/roller/roller-6.1/v6.1.2/ >> > > >> >> > > >> Please take it for a spin and vote: >> > > >> +1 to release >> > > >> -1 not to release (with reasons) >> > > >> >> > > >> Thanks, >> > > >> Dave >> > > >> >> > > >> > > >> > >> >
[RESULT] [VOTE]: Release Roller 6.1.2
Release vote has passed! Thanks for the reviews. +1 Michael B (binding) +1 Greg H (binding) +1 Dave J (binding) I will move the files to the dist directory, update the website and make an announcement probably tomorrow morning. Dave On Sat, Jul 29, 2023 at 6:46 PM Greg Huber wrote: > OK on the TODO. (Seen this...possibly weblog timestamp not being updated?) > > +1 (b) > > On Sat, 29 Jul 2023 at 22:19, Dave wrote: > > > Yeah, it's a cache issue. I did some experimentation and I found this: > > > > - Create an entry > > - See it on blog page > > - Change entry to a draft > > - It still appears on blog page > > - Switch to a different web browser (but do not login to Roller) and see > > that entry does not appear on blog page > > - Login with different web browser and see that entry does appear on blog > > page > > > > Seems like a cache invalidation problem for logged in users, but I do not > > see the problem in the code. I'm glad the draft entry gets removed from > the > > search index tho, and thanks for testing search functionality Greg > > because it did change recently. > > > > I'm +1 on this release despite this glitch. > > > > Dave > > > > > > > > On Sat, Jul 29, 2023 at 4:33 PM Michael Bien wrote: > > > > > Hi Greg, > > > > > > I could reproduce it, this seems to be a cache invalidation issue. > > > > > > the entry will disappear if you clear the cache via the Maintenance UI. > > > Roller has also various cache settings which can be set in roller > > > properties, e.g age based eviction which would further mitigate this. > > > > > > This is probably a bug but not a show stopper IMHO - updating entries > > > works fine for example, > > > > > > best regards, > > > michael > > > > > > > > > On 24.07.23 10:55, Greg Huber wrote: > > > > If I have a published entry, and then change the status to draft it > > > > does not update the front page/weblog and the entry still shows. > > > > > > > > If I publish another entry, the draft entry now does not so. > > > > > > > > Also how do I get it to show other weblog entries on the front page > > now? > > > > > > > > On 23/07/2023 21:10, Dave wrote: > > > >> This release of Roller includes dependency updates, minor fixes and > > some > > > >> input validation fixes. This new RC removes an unnecessary Solr > > > >> dependency, > > > >> makes some small docs fixes and removes an unnecessary error > message. > > > >> Thanks for the reviews! > > > >> > > > >> You can find the convenience binaries and the source code of the > > release > > > >> here: > > https://dist.apache.org/repos/dist/dev/roller/roller-6.1/v6.1.2/ > > > >> > > > >> Please take it for a spin and vote: > > > >> +1 to release > > > >> -1 not to release (with reasons) > > > >> > > > >> Thanks, > > > >> Dave > > > >> > > > > > > > > >
Re: Release rc2 as Roller v6.1.2
Yeah, it's a cache issue. I did some experimentation and I found this: - Create an entry - See it on blog page - Change entry to a draft - It still appears on blog page - Switch to a different web browser (but do not login to Roller) and see that entry does not appear on blog page - Login with different web browser and see that entry does appear on blog page Seems like a cache invalidation problem for logged in users, but I do not see the problem in the code. I'm glad the draft entry gets removed from the search index tho, and thanks for testing search functionality Greg because it did change recently. I'm +1 on this release despite this glitch. Dave On Sat, Jul 29, 2023 at 4:33 PM Michael Bien wrote: > Hi Greg, > > I could reproduce it, this seems to be a cache invalidation issue. > > the entry will disappear if you clear the cache via the Maintenance UI. > Roller has also various cache settings which can be set in roller > properties, e.g age based eviction which would further mitigate this. > > This is probably a bug but not a show stopper IMHO - updating entries > works fine for example, > > best regards, > michael > > > On 24.07.23 10:55, Greg Huber wrote: > > If I have a published entry, and then change the status to draft it > > does not update the front page/weblog and the entry still shows. > > > > If I publish another entry, the draft entry now does not so. > > > > Also how do I get it to show other weblog entries on the front page now? > > > > On 23/07/2023 21:10, Dave wrote: > >> This release of Roller includes dependency updates, minor fixes and some > >> input validation fixes. This new RC removes an unnecessary Solr > >> dependency, > >> makes some small docs fixes and removes an unnecessary error message. > >> Thanks for the reviews! > >> > >> You can find the convenience binaries and the source code of the release > >> here: https://dist.apache.org/repos/dist/dev/roller/roller-6.1/v6.1.2/ > >> > >> Please take it for a spin and vote: > >> +1 to release > >> -1 not to release (with reasons) > >> > >> Thanks, > >> Dave > >> > >
Re: [VOTE] Release rc2 as Roller v6.1.2
Thanks for testing the search changes. I’m not able to reproduce yet, but I suspect there is a problem. Dave On Tue, Jul 25, 2023 at 3:13 AM Greg Huber wrote: > I was testing the search index changes. > > Add and entry, go to the Site page "All" category and do a test search. > Then click the "edit" link on the entry, then click draft. Go back to > the Site page "All" category the entry shows, but the search does not > find it any more. > > On 23/07/2023 21:10, Dave wrote: > > This release of Roller includes dependency updates, minor fixes and some > > input validation fixes. This new RC removes an unnecessary Solr > dependency, > > makes some small docs fixes and removes an unnecessary error message. > > Thanks for the reviews! > > > > You can find the convenience binaries and the source code of the release > > here: https://dist.apache.org/repos/dist/dev/roller/roller-6.1/v6.1.2/ > > > > Please take it for a spin and vote: > > +1 to release > > -1 not to release (with reasons) > > > > Thanks, > > Dave > > >
Re: [VOTE] Release rc2 as Roller v6.1.2
Hi Greg, I'm not able to reproduce the problem of publishing an entry and then changing it to a draft. When I change my published entry to a draft and then refresh the front-page, the entry is no longer shown. Maybe I'm going something different from the way you are doing it. Do you have steps to reproduce? Dave On Mon, Jul 24, 2023 at 4:55 AM Greg Huber wrote: > If I have a published entry, and then change the status to draft it does > not update the front page/weblog and the entry still shows. > > If I publish another entry, the draft entry now does not so. > > Also how do I get it to show other weblog entries on the front page now? > > On 23/07/2023 21:10, Dave wrote: > > This release of Roller includes dependency updates, minor fixes and some > > input validation fixes. This new RC removes an unnecessary Solr > dependency, > > makes some small docs fixes and removes an unnecessary error message. > > Thanks for the reviews! > > > > You can find the convenience binaries and the source code of the release > > here: https://dist.apache.org/repos/dist/dev/roller/roller-6.1/v6.1.2/ > > > > Please take it for a spin and vote: > > +1 to release > > -1 not to release (with reasons) > > > > Thanks, > > Dave > > >
[VOTE] Release rc2 as Roller v6.1.2
This release of Roller includes dependency updates, minor fixes and some input validation fixes. This new RC removes an unnecessary Solr dependency, makes some small docs fixes and removes an unnecessary error message. Thanks for the reviews! You can find the convenience binaries and the source code of the release here: https://dist.apache.org/repos/dist/dev/roller/roller-6.1/v6.1.2/ Please take it for a spin and vote: +1 to release -1 not to release (with reasons) Thanks, Dave
Re: Release rc1 as Roller v6.1.2
Perfect! I will include that in future release emails. Gotta love Micro$oft Github. On Thu, Jul 20, 2023 at 5:52 PM Michael Bien wrote: > we could use the github release feature, which essentially creates a PR > list between two tags and can be generated with a few clicks. > > Roller 6.1.1 tag is missing at the moment, this draft creates a list > down to 6.1.0 as demonstration: > > https://github.com/apache/roller/releases/tag/untagged-180d51f564bac392e75d > > -mbien > > On 20.07.23 23:24, Dave wrote: > > Thanks for the review, Greg. I’ll look into those issues and put > together a > > change log. > > > > Dave > > > > > > On Thu, Jul 20, 2023 at 3:57 AM Greg Huber wrote: > > > >> Is there a change log so I can test specific changes? > >> > >> From a new install everything worked well. > >> > >> Observations: > >> > >> > >> > >> From the docs is there a reason for the incorrect quote ` rather than > ' > >> as I have to change it to grant all. > >> > >> mysql> create database rollerdb DEFAULT CHARACTER SET utf8 DEFAULT > >> COLLATE utf8_general_ci; > >> mysql> grant all on rollerdb.* to scott@`%' identified by `tiger'; > >> mysql> grant all on rollerdb.* to scott@localhost identified by > `tiger'; > >> > >> > >> > >> Create weblog, possibly unnecessary log message when handle is invalid? > >> > >> http://www/roller/roller-ui/createWeblog!save.rol > >> > >>* The handle you specified is not valid > >>* Unexpected error validating weblog -- check Roller logs > >> > >> URL: http://www.devbox/roller/test-another > >> > >> org.apache.roller.weblogger.WebloggerException: Invalid handle: > >> 'test-another' > >> > >> at > >> > org.apache.roller.weblogger.business.jpa.JPAWeblogManagerImpl.getWeblogByHandle(JPAWeblogManagerImpl.java:370) > >> > >> ~[classes/:?] > >> > >> at > >> > org.apache.roller.weblogger.business.jpa.JPAWeblogManagerImpl.getWeblogByHandle(JPAWeblogManagerImpl.java:358) > >> > >> ~[classes/:?] > >> > >> at > >> > org.apache.roller.weblogger.ui.struts2.core.CreateWeblog.myValidate(CreateWeblog.java:183) > >> > >> ~[classes/:?] > >> > >> On 20/07/2023 00:45, Dave wrote: > >>> This release of Roller includes dependency updates, minor fixes and > some > >>> input validation fixes. > >>> > >>> You can find the convenience binaries and the source code of the > release > >>> here:https://dist.apache.org/repos/dist/dev/roller/roller-6.1/v6.1.2/ > >>> > >>> Please take it for a spin and vote: > >>> +1 to release > >>> -1 not to release (with reasons) > >>> > >>> Thanks, > >>> Dave > >>> > >
Re: [VOTE] Release rc1 as Roller v6.1.2
Thanks for the review, Greg. I’ll look into those issues and put together a change log. Dave On Thu, Jul 20, 2023 at 3:57 AM Greg Huber wrote: > Is there a change log so I can test specific changes? > > From a new install everything worked well. > > Observations: > > > > From the docs is there a reason for the incorrect quote ` rather than ' > as I have to change it to grant all. > > mysql> create database rollerdb DEFAULT CHARACTER SET utf8 DEFAULT > COLLATE utf8_general_ci; > mysql> grant all on rollerdb.* to scott@`%' identified by `tiger'; > mysql> grant all on rollerdb.* to scott@localhost identified by `tiger'; > > > > Create weblog, possibly unnecessary log message when handle is invalid? > > http://www/roller/roller-ui/createWeblog!save.rol > > * The handle you specified is not valid > * Unexpected error validating weblog -- check Roller logs > > URL: http://www.devbox/roller/test-another > > org.apache.roller.weblogger.WebloggerException: Invalid handle: > 'test-another' > > at > org.apache.roller.weblogger.business.jpa.JPAWeblogManagerImpl.getWeblogByHandle(JPAWeblogManagerImpl.java:370) > > ~[classes/:?] > > at > org.apache.roller.weblogger.business.jpa.JPAWeblogManagerImpl.getWeblogByHandle(JPAWeblogManagerImpl.java:358) > > ~[classes/:?] > > at > org.apache.roller.weblogger.ui.struts2.core.CreateWeblog.myValidate(CreateWeblog.java:183) > > ~[classes/:?] > > On 20/07/2023 00:45, Dave wrote: > > This release of Roller includes dependency updates, minor fixes and some > > input validation fixes. > > > > You can find the convenience binaries and the source code of the release > > here:https://dist.apache.org/repos/dist/dev/roller/roller-6.1/v6.1.2/ > > > > Please take it for a spin and vote: > > +1 to release > > -1 not to release (with reasons) > > > > Thanks, > > Dave > >
Re: Roller v6.1.2 rc1
Good catch. I’ll fix that in a new RC. Thanks, Dave On Thu, Jul 20, 2023 at 2:01 PM Michael Bien wrote: > Hi Dave, > > /WEB-INF/lib/ contains now Jetty 9.4 which pulled due to the new > org.apache.solr:solr-solrj dependency. > > I don't think the apache solr client is used anywhere, I removed the > dependency and build/junit/integration works with 9 MB less libs deployed. > > Would it be better to remove it again until it is actually used? > > best regards, > > michael > >
[VOTE] Release rc1 as Roller v6.1.2
This release of Roller includes dependency updates, minor fixes and some input validation fixes. You can find the convenience binaries and the source code of the release here: https://dist.apache.org/repos/dist/dev/roller/roller-6.1/v6.1.2/ Please take it for a spin and vote: +1 to release -1 not to release (with reasons) Thanks, Dave
Re: Apache tiles
After some investigation, I've found that moving Struts 6 is more work than I'm ready for right now. I think you should merge that dependency update PR as is, Michael. It looks good to me. Dave On Tue, Mar 21, 2023 at 9:53 AM Dave wrote: > I retract my statement about the IT tests passing. The tests run a lot > farther than they did but I'm still getting a failure. I've got a little > time today, so I will investigate. > > Dave > > > On Tue, Mar 21, 2023 at 9:44 AM Dave wrote: > >> Michael, I checked out your PR https://github.com/apache/roller/pull/119 >> and bumped Struts up to 6.1.2 and then saw errors when running the >> integration tests. When I upgraded Struts-Bootstrap to 5.0.0 those errors >> went away, but parts of the Roller UI look a little funky, e.g. button >> placement is off on the editor page. I'm going to do some more testing and >> fixing and see if I get that PR ready for merge. >> >> Dave >> >> >> On Tue, Mar 21, 2023 at 3:24 AM Michael Bien wrote: >> >>> roller would need some updates before it can go beyond struts 2.5.29: >>> >>> https://github.com/apache/roller/pull/119#issuecomment-1344814362 >>> >>> >>> probably easy to do but I never got to it. (bump the version and you >>> should see failing integration tests) >>> >>> the bootstrap dependency is also locked to 3.4.x AFAIR due to breaking >>> changes which may or may not prevent other updates in future. >>> >>> other then that I tried to keep the dependencies somewhat up2date, i >>> think jakarta.persistence is already in use via eclipse link etc. >>> >>> best regards, >>> >>> michael >>> >>> >>> On 21.03.23 07:58, Greg Huber wrote: >>> > Dave, >>> > >>> > BTW, Struts devs are planning to merge the tiles code base into the >>> > Struts Tiles Plugin to eliminate the dependency on the now Attic >>> project. >>> > >>> > https://github.com/apache/struts/tree/WW-5233-tiles/plugins/tiles >>> > >>> > >>> > On 20/03/2023 21:38, Dave wrote: >>> >> Hi Laurent and PJ, >>> >> >>> >> The Apache Roller project still uses Struts, Tiles and Velocity and I >>> >> would >>> >> like to see the projects continue and move into Jakarta land. I have >>> >> some >>> >> limited time to help out. What do y'all need help with? >>> >> >>> >> Dave >>> >> >>> >> On Sun, Mar 19, 2023 at 8:01 AM PJ Fanning >>> wrote: >>> >> >>> >>> Hi Laurent, >>> >>> I don't want to write off the possibility of a Jakarta variant of >>> >>> Tiles joining the Apache Incubator - but the fact that Apache Tiles >>> >>> doesn't have an active community around it is going to be a major >>> >>> impediment. For Apache projects and podlings to succeed, they need a >>> >>> number of contributors to get involved. >>> >>> Could you start by putting your code up on Github or somewhere >>> similar >>> >>> and adding documentation that highlights that you are looking for >>> >>> collaborators? Maybe there are some forums where some remaining users >>> >>> of Tiles can be contacted? >>> >>> >>> >>> There is no impediment to you simply releasing your Jakarta variant >>> of >>> >>> Tiles yourself or via some organisation that you are involved with >>> >>> (e.g. a company that you work with). If you go this route, the ASF >>> >>> would look like to see that you remove all the ASF branding and >>> >>> ideally, change the package names. >>> >>> >>> >>> If you want to avoid having to do all the branding changes and see >>> the >>> >>> new project join/rejoin the ASF, then I think that you'll need to >>> come >>> >>> back to us with more collaborators and probably some indication that >>> >>> they are bought into keeping the project going over the foreseeable >>> >>> future. >>> >>> >>> >>> Regards, >>> >>> PJ >>> >>> >>> >>> >>> >>> On Sat, 18 Mar 2023 at 06:32, Laurent Schoelens >>> >>> wrote: >>> >>>&g
Re: Apache tiles
I retract my statement about the IT tests passing. The tests run a lot farther than they did but I'm still getting a failure. I've got a little time today, so I will investigate. Dave On Tue, Mar 21, 2023 at 9:44 AM Dave wrote: > Michael, I checked out your PR https://github.com/apache/roller/pull/119 > and bumped Struts up to 6.1.2 and then saw errors when running the > integration tests. When I upgraded Struts-Bootstrap to 5.0.0 those errors > went away, but parts of the Roller UI look a little funky, e.g. button > placement is off on the editor page. I'm going to do some more testing and > fixing and see if I get that PR ready for merge. > > Dave > > > On Tue, Mar 21, 2023 at 3:24 AM Michael Bien wrote: > >> roller would need some updates before it can go beyond struts 2.5.29: >> >> https://github.com/apache/roller/pull/119#issuecomment-1344814362 >> >> >> probably easy to do but I never got to it. (bump the version and you >> should see failing integration tests) >> >> the bootstrap dependency is also locked to 3.4.x AFAIR due to breaking >> changes which may or may not prevent other updates in future. >> >> other then that I tried to keep the dependencies somewhat up2date, i >> think jakarta.persistence is already in use via eclipse link etc. >> >> best regards, >> >> michael >> >> >> On 21.03.23 07:58, Greg Huber wrote: >> > Dave, >> > >> > BTW, Struts devs are planning to merge the tiles code base into the >> > Struts Tiles Plugin to eliminate the dependency on the now Attic >> project. >> > >> > https://github.com/apache/struts/tree/WW-5233-tiles/plugins/tiles >> > >> > >> > On 20/03/2023 21:38, Dave wrote: >> >> Hi Laurent and PJ, >> >> >> >> The Apache Roller project still uses Struts, Tiles and Velocity and I >> >> would >> >> like to see the projects continue and move into Jakarta land. I have >> >> some >> >> limited time to help out. What do y'all need help with? >> >> >> >> Dave >> >> >> >> On Sun, Mar 19, 2023 at 8:01 AM PJ Fanning >> wrote: >> >> >> >>> Hi Laurent, >> >>> I don't want to write off the possibility of a Jakarta variant of >> >>> Tiles joining the Apache Incubator - but the fact that Apache Tiles >> >>> doesn't have an active community around it is going to be a major >> >>> impediment. For Apache projects and podlings to succeed, they need a >> >>> number of contributors to get involved. >> >>> Could you start by putting your code up on Github or somewhere similar >> >>> and adding documentation that highlights that you are looking for >> >>> collaborators? Maybe there are some forums where some remaining users >> >>> of Tiles can be contacted? >> >>> >> >>> There is no impediment to you simply releasing your Jakarta variant of >> >>> Tiles yourself or via some organisation that you are involved with >> >>> (e.g. a company that you work with). If you go this route, the ASF >> >>> would look like to see that you remove all the ASF branding and >> >>> ideally, change the package names. >> >>> >> >>> If you want to avoid having to do all the branding changes and see the >> >>> new project join/rejoin the ASF, then I think that you'll need to come >> >>> back to us with more collaborators and probably some indication that >> >>> they are bought into keeping the project going over the foreseeable >> >>> future. >> >>> >> >>> Regards, >> >>> PJ >> >>> >> >>> >> >>> On Sat, 18 Mar 2023 at 06:32, Laurent Schoelens >> >>> wrote: >> >>>> Hi everyone, >> >>>> >> >>>> I’m working on Apache Tiles porting to Jakarta EE (without support of >> >>> freemarker and velocity, since both of them are still going with >> >>> javax API) >> >>> and my work is going to reach it’s end – all builds are successful, >> >>> jdk17 >> >>> baseline and updated dependencies (as far as I know) – but still >> >>> uncommited >> >>> to my personal github account. >> >>>> I know Tiles is in Attic land of Apache but
Re: Apache tiles
Michael, I checked out your PR https://github.com/apache/roller/pull/119 and bumped Struts up to 6.1.2 and then saw errors when running the integration tests. When I upgraded Struts-Bootstrap to 5.0.0 those errors went away, but parts of the Roller UI look a little funky, e.g. button placement is off on the editor page. I'm going to do some more testing and fixing and see if I get that PR ready for merge. Dave On Tue, Mar 21, 2023 at 3:24 AM Michael Bien wrote: > roller would need some updates before it can go beyond struts 2.5.29: > > https://github.com/apache/roller/pull/119#issuecomment-1344814362 > > > probably easy to do but I never got to it. (bump the version and you > should see failing integration tests) > > the bootstrap dependency is also locked to 3.4.x AFAIR due to breaking > changes which may or may not prevent other updates in future. > > other then that I tried to keep the dependencies somewhat up2date, i > think jakarta.persistence is already in use via eclipse link etc. > > best regards, > > michael > > > On 21.03.23 07:58, Greg Huber wrote: > > Dave, > > > > BTW, Struts devs are planning to merge the tiles code base into the > > Struts Tiles Plugin to eliminate the dependency on the now Attic project. > > > > https://github.com/apache/struts/tree/WW-5233-tiles/plugins/tiles > > > > > > On 20/03/2023 21:38, Dave wrote: > >> Hi Laurent and PJ, > >> > >> The Apache Roller project still uses Struts, Tiles and Velocity and I > >> would > >> like to see the projects continue and move into Jakarta land. I have > >> some > >> limited time to help out. What do y'all need help with? > >> > >> Dave > >> > >> On Sun, Mar 19, 2023 at 8:01 AM PJ Fanning > wrote: > >> > >>> Hi Laurent, > >>> I don't want to write off the possibility of a Jakarta variant of > >>> Tiles joining the Apache Incubator - but the fact that Apache Tiles > >>> doesn't have an active community around it is going to be a major > >>> impediment. For Apache projects and podlings to succeed, they need a > >>> number of contributors to get involved. > >>> Could you start by putting your code up on Github or somewhere similar > >>> and adding documentation that highlights that you are looking for > >>> collaborators? Maybe there are some forums where some remaining users > >>> of Tiles can be contacted? > >>> > >>> There is no impediment to you simply releasing your Jakarta variant of > >>> Tiles yourself or via some organisation that you are involved with > >>> (e.g. a company that you work with). If you go this route, the ASF > >>> would look like to see that you remove all the ASF branding and > >>> ideally, change the package names. > >>> > >>> If you want to avoid having to do all the branding changes and see the > >>> new project join/rejoin the ASF, then I think that you'll need to come > >>> back to us with more collaborators and probably some indication that > >>> they are bought into keeping the project going over the foreseeable > >>> future. > >>> > >>> Regards, > >>> PJ > >>> > >>> > >>> On Sat, 18 Mar 2023 at 06:32, Laurent Schoelens > >>> wrote: > >>>> Hi everyone, > >>>> > >>>> I’m working on Apache Tiles porting to Jakarta EE (without support of > >>> freemarker and velocity, since both of them are still going with > >>> javax API) > >>> and my work is going to reach it’s end – all builds are successful, > >>> jdk17 > >>> baseline and updated dependencies (as far as I know) – but still > >>> uncommited > >>> to my personal github account. > >>>> I know Tiles is in Attic land of Apache but I’d which to make this > >>>> first > >>> step (Jakarta migration) go to open-source world, without creating new > >>> projects out of the box. > >>>> Tiles is a framework I use on a project, with Spring and since > >>>> Spring 6 > >>> has migrated to Jakarta API, I’m stuck to Spring 5.X if I stay on this. > >>> Changing technology is an option for frontend application but not > >>> until a > >>> good rework that may take months (or years, depending on time we > >>> have to do > >>> that migration). > >>>> Having a Tiles Jakarta port would be great since the technology itself > >>> is working well on my project. > >>>> Do you know what can I do to make this properly, according to Apache > >>> work ? > >>>> Thanks in advance for your help. > >>>> > >>>> Regards. > >>>> L. SCHOELENS > >>> - > >>> To unsubscribe, e-mail: general-unsubscr...@incubator.apache.org > >>> For additional commands, e-mail: general-h...@incubator.apache.org > >>> > >>> > > > - > To unsubscribe, e-mail: general-unsubscr...@incubator.apache.org > For additional commands, e-mail: general-h...@incubator.apache.org > >
Re: Apache tiles
Hi Laurent and PJ, The Apache Roller project still uses Struts, Tiles and Velocity and I would like to see the projects continue and move into Jakarta land. I have some limited time to help out. What do y'all need help with? Dave On Sun, Mar 19, 2023 at 8:01 AM PJ Fanning wrote: > Hi Laurent, > I don't want to write off the possibility of a Jakarta variant of > Tiles joining the Apache Incubator - but the fact that Apache Tiles > doesn't have an active community around it is going to be a major > impediment. For Apache projects and podlings to succeed, they need a > number of contributors to get involved. > Could you start by putting your code up on Github or somewhere similar > and adding documentation that highlights that you are looking for > collaborators? Maybe there are some forums where some remaining users > of Tiles can be contacted? > > There is no impediment to you simply releasing your Jakarta variant of > Tiles yourself or via some organisation that you are involved with > (e.g. a company that you work with). If you go this route, the ASF > would look like to see that you remove all the ASF branding and > ideally, change the package names. > > If you want to avoid having to do all the branding changes and see the > new project join/rejoin the ASF, then I think that you'll need to come > back to us with more collaborators and probably some indication that > they are bought into keeping the project going over the foreseeable > future. > > Regards, > PJ > > > On Sat, 18 Mar 2023 at 06:32, Laurent Schoelens > wrote: > > > > Hi everyone, > > > > I’m working on Apache Tiles porting to Jakarta EE (without support of > freemarker and velocity, since both of them are still going with javax API) > and my work is going to reach it’s end – all builds are successful, jdk17 > baseline and updated dependencies (as far as I know) – but still uncommited > to my personal github account. > > > > I know Tiles is in Attic land of Apache but I’d which to make this first > step (Jakarta migration) go to open-source world, without creating new > projects out of the box. > > Tiles is a framework I use on a project, with Spring and since Spring 6 > has migrated to Jakarta API, I’m stuck to Spring 5.X if I stay on this. > Changing technology is an option for frontend application but not until a > good rework that may take months (or years, depending on time we have to do > that migration). > > Having a Tiles Jakarta port would be great since the technology itself > is working well on my project. > > > > Do you know what can I do to make this properly, according to Apache > work ? > > > > Thanks in advance for your help. > > > > Regards. > > L. SCHOELENS > > - > To unsubscribe, e-mail: general-unsubscr...@incubator.apache.org > For additional commands, e-mail: general-h...@incubator.apache.org > >
Start Derby from Java for tests
Here's a PR that starts Derby for tests from Java instead using a Maven plugin. https://github.com/apache/roller/pull/121 The reason for this change is to allow tests to be run without Maven e.g. from within IntelliJ or other IDEs that do not have tight Maven integration. Any suggestions for improvement or alternative ways to enable the same behavior? Dave
[RESULT] [VOTE]: Release Roller 6.1.1
Release vote has passed! Thanks everybody. +1 Michael B (binding) +1 Yash M +1 Greg H (binding) +1 Dave J (binding) I will move the files to the dist directory, update the website and make an announcement probably tomorrow morning. Thanks for everybody's quick action on this and especially Michael B for his vigilant efforts to keep Roller's deps up to date. Dave On Mon, Apr 4, 2022 at 9:31 AM Greg Huber wrote: > Good job, on a fresh install. > > +1 b > > On 03/04/2022 14:44, Dave wrote: > > Roller 6.1.1 is a minor bug fix and dependency update release that > upgrades > > Spring, Struts, Lucene, Log4J, Guice and Bouncy Castle to the latest > > versions. > > > > A release candidate build is available here: > > https://dist.apache.org/repos/dist/dev/roller/roller-6.1/v6.1.1 > > > > Please vote to release. > > > > Thanks, > > Dave > > >
VOTE: Release Roller 6.1.1
Roller 6.1.1 is a minor bug fix and dependency update release that upgrades Spring, Struts, Lucene, Log4J, Guice and Bouncy Castle to the latest versions. A release candidate build is available here: https://dist.apache.org/repos/dist/dev/roller/roller-6.1/v6.1.1 Please vote to release. Thanks, Dave
Re: latest spring vulnerability and roller
Thanks Michael! I put together a 2nd release candidate for Roller 6.1.1 based on the current master branch. Are there any other changes we should get in before starting a vote? https://dist.apache.org/repos/dist/dev/roller/roller-6.1/v6.1.1 Dave On Fri, Apr 1, 2022 at 10:47 PM Michael Bien wrote: > Hello again, > > dev builds are now also uploaded automatically after PR integration. > > index for master builds: > > https://github.com/apache/roller/actions/workflows/main.yml?query=branch%3Amaster > > example of the most recent build (would be the first link of the index > above): > https://github.com/apache/roller/actions/runs/2080694025 > (see bottom of the page for artifacts) > > best regards, > michael > > > On 02.04.22 01:50, Michael Bien wrote: > > Hello Roller users, > > > > you probably heard of "spring shell"* by now. > > > > if you don't want to wait for a roller update release, building roller > > yourself is really easy. > > > > follow first two steps described here: > > > > https://github.com/apache/roller#quick-start-running-via-maven > > > > > > The master branch already contains the spring dependency updates which > > include the fixes for the (known) vulnerabilities. > > > > We updated a lot of code over the last ~two years, this allows making > > those dependency updates quickly without having to change anything > > code wise - the apache release process still takes time though - > > building roller yourself takes 5-10 minutes. > > > > best regards, > > > > michael > > > > > > * https://security.snyk.io/vuln/SNYK-JAVA-ORGSPRINGFRAMEWORK-2436751 > > > > ** https://github.com/apache/roller/pull/115 > > > > > >
Re: Roller 6.1.1 RC #1 to fix MySQL 5.7 upgrade problem
I don't think that is the right behavior. Dave On Mon, Dec 27, 2021 at 3:22 AM Michael Bien wrote: > I noticed when upgrading from 6.1 to 6.1.1, Roller ran the upgrade > scripts again, is that intended? > > Its probably fine to run them twice even though nothing db related > changed in the patch release - i was still wondering. > > -michael > > > On 24.12.21 23:49, Dave wrote: > > I put together a release that fixes the upgrade problem with old MySQLs: > > > > https://dist.apache.org/repos/dist/dev/roller/roller-6.1/v6.1.1 > > > > I'm not going to call a release vote yet, because I think there might be > > other fixes we want to get in. > > > > Thanks, > > Dave > > > >
Roller 6.1.1 RC #1 to fix MySQL 5.7 upgrade problem
I put together a release that fixes the upgrade problem with old MySQLs: https://dist.apache.org/repos/dist/dev/roller/roller-6.1/v6.1.1 I'm not going to call a release vote yet, because I think there might be other fixes we want to get in. Thanks, Dave
[ANNOUNCEMENT] Apache Roller 6.1.0 release is available
The Apache Roller project is pleased to announce the availability of Roller 6.1.0, a release that upgrades over a dozen dependencies (including Log4J) and includes a number of bug fixes and improvements to the code-base. The release and convenience binaries can be found on the Roller project download page here: https://roller.apache.org/downloads/downloads.html You can find some more details about the release in the vote thread here: https://lists.apache.org/thread/7334kfm8g5mlq1g0y8783ldfopdfc3sc Thanks to all who helped out with this release!
[VOTE] [RESULTS] Release RC #2 as Apache Roller 6.1.0
Greg H +1 b Kohei N +1 b Michael B +1 b Dave +1 b That is four binding votes so Roller 6.1 will be released. Thanks for everybody's quick action! Dave On Wed, Dec 22, 2021 at 3:01 AM Greg Huber wrote: > Still a +1 > > ...for some reason it does not shutdown the thread correctly, maybe its > logging something when shutdown is called? > > On 21/12/2021 22:34, Dave wrote: > > Greg, did you mean to change your vote to -1 or are you still good with > the > > release? > > > > Dave > > > > On Mon, Dec 20, 2021 at 1:05 AM Greg Huber wrote: > > > >> It was a tomcat start and stop, no deploy/redeploy. Seems to do it all > >> the time. > >> > >> On 19/12/2021 10:46, Michael Bien wrote: > >>> this looks like you redeployed or undeployed roller? > >>> > >>> App/web servers don't like it when unmanaged threads are started, > >>> AsyncAppender uses its own thread and the server noticed this i > suppose. > >>> > >>> see config: > >>> > >> > https://github.com/apache/roller/blob/master/app/src/main/resources/log4j2.xml#L62-L65 > >>> If you remove this part and replace "asyncRoller" with "roller" you > >>> shouldn't see the warning anymore. > >>> > >>> The eclipse persistence error is probably caused by the undeployment > too. > >>> > >>> This is most likely harmless, unless you want to constantly redeploy > >>> roller. Most web/app servers these days are used like a runtime in a > >>> 1:1 manner and are started/stopped with the application (in a > container). > >>> > >>> -michael > >>> > >>> > >>> On 19.12.21 10:28, Greg Huber wrote: > >>>> Although I now see this in the logs (17 was a maintenance > release?) > >>>> > >>>> > >>>> WARNING: An illegal reflective access operation has occurred > >>>> WARNING: Illegal reflective access by > >>>> org.apache.catalina.loader.WebappClassLoaderBase > >>>> (file:/../apache-tomcat-9.0.56/lib/catalina.jar) to field > >>>> java.io.ObjectStreamClass$Caches.localDescs > >>>> WARNING: Please consider reporting this to the maintainers of > >>>> org.apache.catalina.loader.WebappClassLoaderBase > >>>> WARNING: Use --illegal-access=warn to enable warnings of further > >>>> illegal reflective access operations > >>>> WARNING: All illegal access operations will be denied in a future > >>>> release > >>>> WARN 2021-12-19 09:22:36 [main] WebappClassLoaderBase - The web > >>>> application [roller] appears to have started a thread named > >>>> [Log4j2-AsyncAppenderEventDispatcher-1-asyncRoller] but has failed to > >>>> stop it. This is very likely to create a memory leak. Stack trace of > >>>> thread: > >>>> java.base@11.0.12/jdk.internal.misc.Unsafe.park(Native Method) > >>>> java.base@11.0.12 > /java.util.concurrent.locks.LockSupport.park(LockSupport.java:194) > >>>> java.base@11.0.12 > /java.util.concurrent.locks.AbstractQueuedSynchronizer$ConditionObject.await(AbstractQueuedSynchronizer.java:2081) > >>>> java.base@11.0.12 > /java.util.concurrent.ArrayBlockingQueue.take(ArrayBlockingQueue.java:417) > >>>> > >> > > org.apache.logging.log4j.core.appender.AsyncAppenderEventDispatcher.dispatchAll(AsyncAppenderEventDispatcher.java:71) > >> > >>>> > >> > > org.apache.logging.log4j.core.appender.AsyncAppenderEventDispatcher.run(AsyncAppenderEventDispatcher.java:63) > >> > >>>> WARN 2021-12-19 09:22:36 [main] WebappClassLoaderBase - The web > >>>> application [roller] appears to have started a thread named > >>>> [HttpClient-1-SelectorManager] but has failed to stop it. This is > >>>> very likely to create a memory leak. Stack trace of thread: > >>>> java.base@11.0.12/sun.nio.ch.EPoll.wait(Native Method) > >>>> java.base@11.0.12/sun.nio.ch > .EPollSelectorImpl.doSelect(EPollSelectorImpl.java:120) > >>>> java.base@11.0.12/sun.nio.ch > .SelectorImpl.lockAndDoSelect(SelectorImpl.java:124) > >>>> java.base@11.0.12/sun.nio.ch > >> .SelectorImpl.select(SelectorImpl.java:136) > >>>> platform/java.net.http@11.0.12 > /jdk.internal.net.http.HttpClientImpl$SelectorManager.run(HttpClientImpl.java:867) >
Re: VOTE: Release RC #2 as Apache Roller 6.1.0
Greg, did you mean to change your vote to -1 or are you still good with the release? Dave On Mon, Dec 20, 2021 at 1:05 AM Greg Huber wrote: > It was a tomcat start and stop, no deploy/redeploy. Seems to do it all > the time. > > On 19/12/2021 10:46, Michael Bien wrote: > > this looks like you redeployed or undeployed roller? > > > > App/web servers don't like it when unmanaged threads are started, > > AsyncAppender uses its own thread and the server noticed this i suppose. > > > > see config: > > > https://github.com/apache/roller/blob/master/app/src/main/resources/log4j2.xml#L62-L65 > > > > If you remove this part and replace "asyncRoller" with "roller" you > > shouldn't see the warning anymore. > > > > The eclipse persistence error is probably caused by the undeployment too. > > > > This is most likely harmless, unless you want to constantly redeploy > > roller. Most web/app servers these days are used like a runtime in a > > 1:1 manner and are started/stopped with the application (in a container). > > > > -michael > > > > > > On 19.12.21 10:28, Greg Huber wrote: > >> Although I now see this in the logs (17 was a maintenance release?) > >> > >> > >> WARNING: An illegal reflective access operation has occurred > >> WARNING: Illegal reflective access by > >> org.apache.catalina.loader.WebappClassLoaderBase > >> (file:/../apache-tomcat-9.0.56/lib/catalina.jar) to field > >> java.io.ObjectStreamClass$Caches.localDescs > >> WARNING: Please consider reporting this to the maintainers of > >> org.apache.catalina.loader.WebappClassLoaderBase > >> WARNING: Use --illegal-access=warn to enable warnings of further > >> illegal reflective access operations > >> WARNING: All illegal access operations will be denied in a future > >> release > >> WARN 2021-12-19 09:22:36 [main] WebappClassLoaderBase - The web > >> application [roller] appears to have started a thread named > >> [Log4j2-AsyncAppenderEventDispatcher-1-asyncRoller] but has failed to > >> stop it. This is very likely to create a memory leak. Stack trace of > >> thread: > >> java.base@11.0.12/jdk.internal.misc.Unsafe.park(Native Method) > >> > >> java.base@11.0.12/java.util.concurrent.locks.LockSupport.park(LockSupport.java:194) > > >> > >> > >> java.base@11.0.12/java.util.concurrent.locks.AbstractQueuedSynchronizer$ConditionObject.await(AbstractQueuedSynchronizer.java:2081) > > >> > >> > >> java.base@11.0.12/java.util.concurrent.ArrayBlockingQueue.take(ArrayBlockingQueue.java:417) > > >> > >> > > org.apache.logging.log4j.core.appender.AsyncAppenderEventDispatcher.dispatchAll(AsyncAppenderEventDispatcher.java:71) > > >> > >> > > org.apache.logging.log4j.core.appender.AsyncAppenderEventDispatcher.run(AsyncAppenderEventDispatcher.java:63) > > >> > >> WARN 2021-12-19 09:22:36 [main] WebappClassLoaderBase - The web > >> application [roller] appears to have started a thread named > >> [HttpClient-1-SelectorManager] but has failed to stop it. This is > >> very likely to create a memory leak. Stack trace of thread: > >> java.base@11.0.12/sun.nio.ch.EPoll.wait(Native Method) > >> > >> java.base@11.0.12/sun.nio.ch.EPollSelectorImpl.doSelect(EPollSelectorImpl.java:120) > > >> > >> > >> java.base@11.0.12/sun.nio.ch.SelectorImpl.lockAndDoSelect(SelectorImpl.java:124) > > >> > >> java.base@11.0.12/sun.nio.ch > .SelectorImpl.select(SelectorImpl.java:136) > >> > >> platform/java.net.http@11.0.12/jdk.internal.net.http.HttpClientImpl$SelectorManager.run(HttpClientImpl.java:867) > > >> > >> ERROR 2021-12-19 09:22:36 [main] WebappClassLoaderBase - The web > >> application [roller] created a ThreadLocal with key of type > >> [java.lang.ThreadLocal] (value [java.lang.ThreadLocal@1135abda]) and > >> a value of type > >> [org.eclipse.persistence.internal.jpa.EntityManagerImpl] (value > >> [org.eclipse.persistence.internal.jpa.EntityManagerImpl@74502929]) > >> but failed to remove it when the web application was stopped. Threads > >> are going to be renewed over time to try and avoid a probable memory > >> leak. > >> INFO 2021-12-19 09:22:36 [main] Http11NioProtocol - Stopping > >> ProtocolHandler ["http-nio-8080"] > >> INFO 2021-12-19 09:22:36 [main] AjpNioProtocol - Stopping > >> ProtocolHan
VOTE: Release RC #2 as Apache Roller 6.1.0
I propose that we release Roller v6.1.0 based on the code that is currently in the master branch. I have prepared a release candidate and some release notes, below. Please vote in the next 72 hours to approve this release. +1 to release -1 not to release (with reasons) Thanks to Michael Bien for all his work since the 6.0.1 release on bug fixes, general improvements and dependency updates like the important one he made today to upgrade Log4j to 2.17.0. The release candidate files are here: https://dist.apache.org/repos/dist/dev/roller/roller-6.1/v6.1.0/ Release notes This is a bug fix and dependency update release that includes all changes made to the master branch since August 16, 2021. It also includes the new patched Log4j release. This release should be a drop-in replacement of the previous v6.0.2 release. Here is a summary of the changes. All Pull Requests that were merged since August 16, 2021 https://github.com/apache/roller/pulls?q=is%3Apr+is%3Aclosed+is%3Amerged Bug resolved since August 16, 2021 https://issues.apache.org/jira/issues/?jql=project%20%3D%20ROL%20AND%20status%20in%20(Resolved%2C%20Closed)%20AND%20resolutiondate%20%3E%20%272019%2F12%2F27%27 And there is one database change: in the weblog table, the column blacklist has been renamed to bannedwordslist.
VOTE CANCELLED: Release Roller v6.1.0
Thanks everybody for your quick action in voting, but we need to spin a new release candidate. Dave On Sat, Dec 18, 2021 at 1:06 AM Michael Bien wrote: > log4j2 2.17 is (almost) released. > > > https://mail-archives.apache.org/mod_mbox/logging-dev/202112.mbox/%3C66E7128B-B0FC-47AF-ABB3-BB360B40FAB6%40dslextreme.com%3E > > should we bump the dependencies again, add the CommentServlet PR and > spin another rc? > > -michael > > > On 14.12.21 23:09, Dave wrote: > > I propose that we release Roller v6.1.0 based on the code that is > currently > > in the master branch. I have prepared a release candidate and some > release > > notes, below. > > > > Please vote in the next 72 hours to approve this release. > > +1 to release > > -1 not to release (with reasons) > > > > Thanks to Michael Bien for all his work since the 6.0.1 release on bug > > fixes, general improvements and dependency updates like the important one > > he made today to upgrade Log4j. > > > > The release candidate files are here: > > https://dist.apache.org/repos/dist/dev/roller/roller-6.1/v6.1.0/ > > > > Release notes > > > > This is a bug fix and dependency update release that includes all changes > > made to the master branch since Dev 27, 2019. It also includes the new > > patched Log4j release. This release should be a drop-in replacement of > the > > previous v6.0.1 release. > > > > Here is a summary of the changes. > > > > All Pull Requests that were merged since Dec 27, 2019 > > https://github.com/apache/roller/pulls?q=is%3Apr+is%3Aclosed+is%3Amerged > > > > Bug resolved since Dec 27, 2019 > > > https://issues.apache.org/jira/issues/?jql=project%20%3D%20ROL%20AND%20status%20in%20(Resolved%2C%20Closed)%20AND%20resolutiondate%20%3E%20%272019%2F12%2F27%27 > > > > And there is one database change: in the weblog table, the column > blacklist > > has been renamed to bannedwordslist. > > > >
VOTE: Release Roller v6.1.0
I propose that we release Roller v6.1.0 based on the code that is currently in the master branch. I have prepared a release candidate and some release notes, below. Please vote in the next 72 hours to approve this release. +1 to release -1 not to release (with reasons) Thanks to Michael Bien for all his work since the 6.0.1 release on bug fixes, general improvements and dependency updates like the important one he made today to upgrade Log4j. The release candidate files are here: https://dist.apache.org/repos/dist/dev/roller/roller-6.1/v6.1.0/ Release notes This is a bug fix and dependency update release that includes all changes made to the master branch since Dev 27, 2019. It also includes the new patched Log4j release. This release should be a drop-in replacement of the previous v6.0.1 release. Here is a summary of the changes. All Pull Requests that were merged since Dec 27, 2019 https://github.com/apache/roller/pulls?q=is%3Apr+is%3Aclosed+is%3Amerged Bug resolved since Dec 27, 2019 https://issues.apache.org/jira/issues/?jql=project%20%3D%20ROL%20AND%20status%20in%20(Resolved%2C%20Closed)%20AND%20resolutiondate%20%3E%20%272019%2F12%2F27%27 And there is one database change: in the weblog table, the column blacklist has been renamed to bannedwordslist.
Re: next roller release
Yes, I agree. I will put together a release candidate today. Dave On Sat, Dec 11, 2021 at 5:15 PM Michael Bien wrote: > agreed. I think going right to 6.1 would be the preferable path since I > think enough happened that it warrants a larger increment while the changes > itself are small enough to not cause trouble during upgrade. > > I would try to avoid branching into two releases if somehow possible > unless it is motivated by breaking changes or difficult upgrades. Having to > pick what to backport is extra work and not always easy. > > michael > > > On 11.12.21 22:54, Dave wrote: > > Yes, indeed! Thanks for pushing on this Michael. I was thinking that we > should do both a 6.0.x release and something called 6.1 (from master), but > now I'm thinking we should just do one 6.1 release and encourage folks to > upgrade to that. Thoughts? > > Dave > > > On Sat, Dec 11, 2021 at 4:32 PM Michael Bien wrote: > >> all PRs are integrated, would be good timing for 6.1 :) >> >> -michael >> >> >> On 18.09.21 03:19, Dave wrote: >> > I think that's a great idea. There have been a lot of changes since our >> > last release from master. >> > >> > I'd be happy to manage a release, or help somebody else to do it if >> they'd >> > like to go through and learn the process. >> > >> > Dave >> > >> > >> > On Thu, Sep 16, 2021 at 1:36 AM Michael Bien wrote: >> > >> >> Hello Everyone, >> >> >> >> now that JDK 17 is out I was wondering if apache roller should get an >> >> update release too. The master branch was compatible with Java 17 for a >> >> while already. My blog container is also using early access builds of >> >> Java 17 for months without problems. >> >> >> >> maybe in next month or two, doesn't have to be soon. >> >> >> >> what do you think? >> >> >> >> best regards, >> >> >> >> michael >> >> >> >> >> >> >
Re: heads up when running roller from master branch
Nice! I did not remember that 6.0.2 still used Log4j 1. On Sat, Dec 11, 2021 at 4:20 PM Michael Bien wrote: > Hello Everyone, > > Just a heads up in case you are building and running apache roller from > master, please rebuild your instance with the latest changes. > > It contains an important dependency update > (https://github.com/apache/roller/pull/106) for log4j 2 which suffered > from a RCE security vulnerability, which was fixed in the latest version. > > Apache Roller 6.0.2 (latest release) should not be affected by this > particular vulnerability since it still uses the old log4j 1 library. > > best regards, > > michael > >
Re: next roller release
Yes, indeed! Thanks for pushing on this Michael. I was thinking that we should do both a 6.0.x release and something called 6.1 (from master), but now I'm thinking we should just do one 6.1 release and encourage folks to upgrade to that. Thoughts? Dave On Sat, Dec 11, 2021 at 4:32 PM Michael Bien wrote: > all PRs are integrated, would be good timing for 6.1 :) > > -michael > > > On 18.09.21 03:19, Dave wrote: > > I think that's a great idea. There have been a lot of changes since our > > last release from master. > > > > I'd be happy to manage a release, or help somebody else to do it if > they'd > > like to go through and learn the process. > > > > Dave > > > > > > On Thu, Sep 16, 2021 at 1:36 AM Michael Bien wrote: > > > >> Hello Everyone, > >> > >> now that JDK 17 is out I was wondering if apache roller should get an > >> update release too. The master branch was compatible with Java 17 for a > >> while already. My blog container is also using early access builds of > >> Java 17 for months without problems. > >> > >> maybe in next month or two, doesn't have to be soon. > >> > >> what do you think? > >> > >> best regards, > >> > >> michael > >> > >> > >
rollerweblogger.org
Just FYI, I'm working on bringing rollerweblogger.org back up. Running a blog-site on Kubernetes is total overkill, so of course, that is exactly what I am doing and now it's time to pay the cost. It's Kubernetes upgrade time. Dave
Re: next roller release
I think that's a great idea. There have been a lot of changes since our last release from master. I'd be happy to manage a release, or help somebody else to do it if they'd like to go through and learn the process. Dave On Thu, Sep 16, 2021 at 1:36 AM Michael Bien wrote: > Hello Everyone, > > now that JDK 17 is out I was wondering if apache roller should get an > update release too. The master branch was compatible with Java 17 for a > while already. My blog container is also using early access builds of > Java 17 for months without problems. > > maybe in next month or two, doesn't have to be soon. > > what do you think? > > best regards, > > michael > >
Apache Roller 6.0.2 release available now
The Roller PMC has approved the release of Apache Roller 6.0.2, a minor bug fix release. You can download the release via Apache mirrors link here: http://roller.apache.org/downloads/downloads.html Roller 6.0.2 includes the fixes listed below: Parse referrer URL instead of using string value directly https://github.com/apache/roller/pull/90 Improved: the UI for the blog entries page https://github.com/apache/roller/pull/87 Improved: tooltip content on the registration form https://github.com/apache/roller/pull/89 Updated: the main menu to have proper space when displaying permission message https://github.com/apache/roller/pull/95 Updated: the header to show the tagline only when it's available https://github.com/apache/roller/pull/99 UI fixes are thanks to new contributor Yash Maheshwari. On behalf of the Roller PMC, Thanks!
Re: [roller-website] branch asf-site updated: Roller 6.0.2 release
Nevermind, I figured it out 😐
On Mon, Aug 16, 2021 at 6:50 PM Dave wrote:
> I've updated the Roller website for the 6.0.2 release via the "asf-site"
> branch, but I'm not seeing updates at
> https://roller.apache.org/downloads/downloads.html
>
> Before I assault Infra folks, any clues what I'm doing wrong?
>
> Thanks,
> Dave
>
>
>
> On Mon, Aug 16, 2021 at 6:38 PM wrote:
>
>> This is an automated email from the ASF dual-hosted git repository.
>>
>> snoopdave pushed a commit to branch asf-site
>> in repository https://gitbox.apache.org/repos/asf/roller-website.git
>>
>>
>> The following commit(s) were added to refs/heads/asf-site by this push:
>> new 96eb3db Roller 6.0.2 release
>> 96eb3db is described below
>>
>> commit 96eb3db52d35cb7bc1b5d5b589b8add844bb33ef
>> Author: Dave Johnson
>> AuthorDate: Mon Aug 16 18:38:39 2021 -0400
>>
>> Roller 6.0.2 release
>> ---
>> content/downloads/downloads.html | 2 +-
>> sources/src/main/jbake/content/downloads/downloads.md | 2 +-
>> 2 files changed, 2 insertions(+), 2 deletions(-)
>>
>> diff --git a/content/downloads/downloads.html
>> b/content/downloads/downloads.html
>> index a7586eb..1b10af4 100644
>> --- a/content/downloads/downloads.html
>> +++ b/content/downloads/downloads.html
>> @@ -87,7 +87,7 @@
>> Apache Roller Releases
>> Releases of the Apache Roller blog server are made available to the
>> general public at no charge, under the http://apache.org/licenses/";>Apache License, in both binary and
>> source distributions.
>> General Availability (GA) Releases - Ready for Prime
>> Time!
>> -http://www.apache.org/dyn/closer.cgi/roller/roller-6.0/v6.0.1";>Roller
>> 6.0.1 ("best available")
>> +http://www.apache.org/dyn/closer.cgi/roller/roller-6.0/v6.0.2";>Roller
>> 6.0.2 ("best available")
>> Previous source and binary distributions, including documentation,
>> are available in the http://archive.apache.org/dist/roller/";>Apache archives.
>> Project releases are approved by vote of the Apache Roller Project
>> Management Committee (PMC). Support for a release is provided by project
>> volunteers on the project https://cwiki.apache.org/confluence/display/ROLLER/How+to+ask+for+help";>mailing
>> lists. Bugs found in a release may be discussed on the list and
>> reported through the > href="https://issues.apache.org/jira/browse/ROL";>issue
>> tracker. The user mailing list and issue tracker are the
>> only supp [...]
>> Note: When downloading from a mirror, be sure to verify that
>> checksums and/or signatures are correct. To do so, use the checksum and
>> signature files from the main Apache site at http://www.apache.org/dist/roller/";>http://www.apache.org/dist/roller/";>http://www.apache.org/dist/roller/
>> .
>> diff --git a/sources/src/main/jbake/content/downloads/downloads.md
>> b/sources/src/main/jbake/content/downloads/downloads.md
>> index b5598ab..9630dd2 100644
>> --- a/sources/src/main/jbake/content/downloads/downloads.md
>> +++ b/sources/src/main/jbake/content/downloads/downloads.md
>> @@ -8,7 +8,7 @@ type=page
>> Releases of the Apache Roller blog server are made available to the
>> general public at no charge, under the http://apache.org/licenses/";>Apache License, in both binary and
>> source distributions.
>>
>> ### General Availability (GA) Releases - Ready for Prime
>> Time!
>> -__> href="http://www.apache.org/dyn/closer.cgi/roller/roller-6.0/v6.0.1";>Roller
>> 6.0.1 ("best available")__
>> +__> href="http://www.apache.org/dyn/closer.cgi/roller/roller-6.0/v6.0.2";>Roller
>> 6.0.2 ("best available")__
>>
>> Previous source and binary distributions, including documentation, are
>> available in the http://archive.apache.org/dist/roller/";>Apache archives.
>>
>>
Re: [roller-website] branch asf-site updated: Roller 6.0.2 release
I've updated the Roller website for the 6.0.2 release via the "asf-site"
branch, but I'm not seeing updates at
https://roller.apache.org/downloads/downloads.html
Before I assault Infra folks, any clues what I'm doing wrong?
Thanks,
Dave
On Mon, Aug 16, 2021 at 6:38 PM wrote:
> This is an automated email from the ASF dual-hosted git repository.
>
> snoopdave pushed a commit to branch asf-site
> in repository https://gitbox.apache.org/repos/asf/roller-website.git
>
>
> The following commit(s) were added to refs/heads/asf-site by this push:
> new 96eb3db Roller 6.0.2 release
> 96eb3db is described below
>
> commit 96eb3db52d35cb7bc1b5d5b589b8add844bb33ef
> Author: Dave Johnson
> AuthorDate: Mon Aug 16 18:38:39 2021 -0400
>
> Roller 6.0.2 release
> ---
> content/downloads/downloads.html | 2 +-
> sources/src/main/jbake/content/downloads/downloads.md | 2 +-
> 2 files changed, 2 insertions(+), 2 deletions(-)
>
> diff --git a/content/downloads/downloads.html
> b/content/downloads/downloads.html
> index a7586eb..1b10af4 100644
> --- a/content/downloads/downloads.html
> +++ b/content/downloads/downloads.html
> @@ -87,7 +87,7 @@
> Apache Roller Releases
> Releases of the Apache Roller blog server are made available to the
> general public at no charge, under the http://apache.org/licenses/";>Apache License, in both binary and
> source distributions.
> General Availability (GA) Releases - Ready for Prime
> Time!
> -http://www.apache.org/dyn/closer.cgi/roller/roller-6.0/v6.0.1";>Roller
> 6.0.1 ("best available")
> +http://www.apache.org/dyn/closer.cgi/roller/roller-6.0/v6.0.2";>Roller
> 6.0.2 ("best available")
> Previous source and binary distributions, including documentation, are
> available in the http://archive.apache.org/dist/roller/";>Apache archives.
> Project releases are approved by vote of the Apache Roller Project
> Management Committee (PMC). Support for a release is provided by project
> volunteers on the project https://cwiki.apache.org/confluence/display/ROLLER/How+to+ask+for+help";>mailing
> lists. Bugs found in a release may be discussed on the list and
> reported through the https://issues.apache.org/jira/browse/ROL";>issue
> tracker. The user mailing list and issue tracker are the
> only supp [...]
> Note: When downloading from a mirror, be sure to verify that checksums
> and/or signatures are correct. To do so, use the checksum and signature
> files from the main Apache site at http://www.apache.org/dist/roller/";>http://www.apache.org/dist/roller/";>http://www.apache.org/dist/roller/
> .
> diff --git a/sources/src/main/jbake/content/downloads/downloads.md
> b/sources/src/main/jbake/content/downloads/downloads.md
> index b5598ab..9630dd2 100644
> --- a/sources/src/main/jbake/content/downloads/downloads.md
> +++ b/sources/src/main/jbake/content/downloads/downloads.md
> @@ -8,7 +8,7 @@ type=page
> Releases of the Apache Roller blog server are made available to the
> general public at no charge, under the http://apache.org/licenses/";>Apache License, in both binary and
> source distributions.
>
> ### General Availability (GA) Releases - Ready for Prime
> Time!
> -__ href="http://www.apache.org/dyn/closer.cgi/roller/roller-6.0/v6.0.1";>Roller
> 6.0.1 ("best available")__
> +__ href="http://www.apache.org/dyn/closer.cgi/roller/roller-6.0/v6.0.2";>Roller
> 6.0.2 ("best available")__
>
> Previous source and binary distributions, including documentation, are
> available in the http://archive.apache.org/dist/roller/";>Apache archives.
>
>
[VOTE RESULT] Release Apache Roller 6.0.2
The release vote passed with 4 binding votes: Aditya +1 Greg +1 Michael +1 Dave +1 I start the process of copying the release files to ASF mirrors and will announce the release once that is done. Thanks everybody! Dave On Wed, Aug 11, 2021 at 1:57 AM Aditya Sharma wrote: > +1 > > Thanks and Regards, > Aditya Sharma > > On Mon, 9 Aug 2021 at 01:27, Dave wrote: > > > Please vote to release the release candidate (RC2) at the link below as > > Apache Roller 6.0.2 > > The release candidate is here > > https://dist.apache.org/repos/dist/dev/roller/roller-6.0/v6.0.2/ > > > > Please vote +1 to release or -1 with reasons not to release. > > > > > > This release includes the minor changes listed below: > > > > Parse referrer URL instead of using string value directly > > https://github.com/apache/roller/pull/90 > > > > Improved: the UI for the blog entries page > > https://github.com/apache/roller/pull/87 > > > > Improved: tooltip content on the registration form > > https://github.com/apache/roller/pull/89 > > > > Updated: the main menu to have proper space when displaying permission > > message > > https://github.com/apache/roller/pull/95 > > > > Updated: the header to show the tagline only when it's available > > https://github.com/apache/roller/pull/99 > > > > > > UI fixes are thanks to new contributor Yash Maheshwari. > > > > Best regards, > > Dave > > >
Board report coming up
I typed up a draft of the report in the Reporter tool, which you can find here: https://reporter.apache.org/wizard/?roller PMC members please review if you have a chance and feel free to make edits. I will submit the report Tuesday. Thanks, Dave
VOTE: Release Apache Roller 6.0.2
Please vote to release the release candidate (RC2) at the link below as Apache Roller 6.0.2 The release candidate is here https://dist.apache.org/repos/dist/dev/roller/roller-6.0/v6.0.2/ Please vote +1 to release or -1 with reasons not to release. This release includes the minor changes listed below: Parse referrer URL instead of using string value directly https://github.com/apache/roller/pull/90 Improved: the UI for the blog entries page https://github.com/apache/roller/pull/87 Improved: tooltip content on the registration form https://github.com/apache/roller/pull/89 Updated: the main menu to have proper space when displaying permission message https://github.com/apache/roller/pull/95 Updated: the header to show the tagline only when it's available https://github.com/apache/roller/pull/99 UI fixes are thanks to new contributor Yash Maheshwari. Best regards, Dave
Preparing for a minor release Roller 6.0.2
I've created a release candidate for Roller 6.0.2, which is to be a minor release with one small fix that you can see here: https://github.com/apache/roller/pull/90 Before I call a vote I was wondering if there might be some other small fixes that could be "cherry picked" from master and into a 6.0.2 release. I see some small UI improvements that might be good. Does anybody have other suggestions? Thanks, Dave P.S. release candidate is here https://dist.apache.org/repos/dist/dev/roller/roller-6.0/v6.0.2/
Re: CodeQL & Roller
There is a CodeQL CLI, but I've never used it https://codeql.github.com/docs/codeql-cli/#codeql-cli Dave On Sun, Jul 18, 2021 at 7:02 AM Michael Bien wrote: > Hello, > > does anyone know if there is a way to run the github CodeQL scan > locally? I was about to abuse a PR for that but then i thought there > must be a better way. > > regards, > > michael > >
Re: 500 error when inviting new blog admin
Part of the typical Roller installation process is adding mail.jar and activation.jar to the Tomcat classpath. It appears that perhaps those files have been deleted from the Roller setup. I'm pretty sure this was working before on blogs.apache.org. Maybe Christ T or Gavin M would be able to comment so I added them to the CC. Dave On Wed, Mar 17, 2021 at 11:58 AM Rich Bowen wrote: > Um ... sorry ... my mistake, the second invite immediately after the first > *did* result in a 500 this time, but this time for a different reason: > > Caused by: java.lang.NoClassDefFoundError: javax/activation/DataSource > at > org.apache.roller.weblogger.util.MailUtil.sendMessage(MailUtil.java:577) > ~[classes/:?] > > However, that appears to be a configuration problem - ie, no mail server > designated. So probably unrelated. > > > On 2021/03/17 15:54:41, Rich Bowen wrote: > > Hi, folks, > > > > I have just added some people to the Conferences section of > blogs.apache.org, as authors. Each time, the server returns a 500 error, > but the user is successfully added. > > > > The error message, which is extremely lengthy, starts with: > > > > 15:45:43.850 [http-nio-8080-exec-747] ERROR > org.apache.struts2.dispatcher.DefaultDispatcherErrorHandler - Exception > occurred during processing request: Method "save" failed for object > org.apache.roller.weblogger.ui.struts2.editor.MembersInvite@51d2271 > > ognl.MethodFailedException: Method "save" failed for object > org.apache.roller.weblogger.ui.struts2.editor.MembersInvite@51d2271 > > at ognl.OgnlRuntime.callAppropriateMethod(OgnlRuntime.java:1932) > ~[ognl-3.1.26.jar:?] > > at > ognl.ObjectMethodAccessor.callMethod(ObjectMethodAccessor.java:68) > ~[ognl-3.1.26.jar:?] > > at > com.opensymphony.xwork2.ognl.accessor.XWorkMethodAccessor.callMethodWithDebugInfo(XWorkMethodAccessor.java:98) > ~[struts2-core-2.5.22.jar:2.5.22] > > > > > > This is apparently caused by ... > > > > > > Caused by: java.lang.ClassNotFoundException: javax.activation.DataSource > > > > > > Infra can provide the whole error message if that would be at all > helpful. > > > > This appears to happen when the server has been idle for a very long > time. ie, if I invite someone, this happens, but if I do a second one right > away, I do not get the 500 error. Trying again the next morning, I get the > 500 error again. This seems to suggest some kind of data connection timeout? > > > > Anyways, thanks, as always, for a great tool, and let me know if I can > provide any further information. > > > > >
Re: StylesheetEdit.jsp never receives custom stylesheets
Yes, master is now up-dated with the latest from the 6.0.x branch. And, your stylesheet fix looks good. Thanks! Dave On Sun, Aug 23, 2020 at 8:00 AM Michael Bien wrote: > ping > > > On 06.08.20 14:48, Michael Bien wrote: > > Hello, > > > > is the master branch currently up2date? > > > > > > if yes then i might have just fixed a bug: > > > > StylesheetEdit only sets the stylesheet if it is shared, never when > > its a custom theme. This causes the Design/Stylesheet page to think > > that the theme doesn't have a stylesheet. > > > > the file in roller master: > > > > > https://github.com/apache/roller/blob/master/app/src/main/java/org/apache/roller/weblogger/ui/struts2/editor/StylesheetEdit.java#L72 > > > > > > the fix in my wip branch: > > > > > https://github.com/mbien/roller/commit/1b5ecf896368f8e49d8f0a928da3ed827991cc10 > > > > > > > > best regards, > > > > michael > > > >
Re: a few things i was working on
Hi Michael, Answers inline below: On Fri, Jul 17, 2020 at 2:22 AM Michael Bien wrote: > On 16.07.20 15:49, Dave wrote: > > Wow, these sound great! Please create some PRs, break them up and order > > them as you wish. > > > > Dave > > Hello Dave, > > a few questions: > > 1) I submitted the ICLA but I can't find me on the committer-index yet - > not sure if that is a problem. > Your ICLA is on file according to this page: http://people.apache.org/unlistedclas.html > 2) which branch should the PRs target? roller-6.0.x is up-to-date and my > wip branch is based on it, but this might be the wrong branch for larger > changes. Maybe fork roller-6.0.x into the next version or a fresh master > (current master had some commits missing which caused me to fix things > which were not broken https://github.com/apache/roller/pull/58 ) > I would recommend targeting the master branch. Any changes in roller-6.0.x should be merged to master. I think your changes should go into the next non-patch release, i.e. 6.1.0. > 3) roller currently supports having log4j1 configuration in > roller.properties + roller-custom.properties and merges them to directly > initialize log4j1 (breaking through the commons.logging layer). This > won't work anymore once roller moved to log4j2. The way it would work is > to have a default log4j2.xml in the war, which can be copied and > overwritten by putting it in the classpath of the server. Would this be ok? > I'm OK with that change. Anybody else want to comment? Dave
Re: a few things i was working on
Wow, these sound great! Please create some PRs, break them up and order them as you wish. Dave On Mon, Jul 13, 2020 at 5:55 AM Michael Bien wrote: > Hello Rollers, > > i just pushed a few commits i had locally to a my wip branch > (https://github.com/mbien/roller/commits/wip ). Please don't pull from > my WIP branch to a non-wip branch since i might sometimes -f push into it. > > a few highlights: > > - spring now at v5.x (it was at 2 before I started :) ) > > - velocity at v2.x > > - integration tests are fixed > > - up2date password encoders for the db usecase, including upgrade logic > from old to new encodings > > details in the commit msgs. > > > some collateral damage: > > When I updated velocity i didn't update the GeneratePlanetTask util, > since i wasn't quite sure what it is supposed to do. It uses the texen > generator class directly which is part of an ant task which has been > removed after velocity 1.6. The build-time db script generation does > also still use 1.6 for the same reason, but it is a plugin dependency > now - so that it won't end up in the roller distribution. > > I only manually tested the pw-in-db usecase with the new encoders. I am > not sure if LDAP logins still work (but they should). I also haven't > tested any of the blogging API functionality since it is also something > i don't personally use. RollerAtomHandler has also some user auth code - > I don't even know how to test that, but if it worked before it might > still now - whatever the usecase is :) > > > Things i have still locally is an update from log4j1 (which is also EOL) > to log4j2 and some JFR integration, both is already running on my own > blog instance. If there is interest i could contribute that too. > > Let me know what you think and if/when i should create PRs. I wanted to > wait at least until the Lucene PR is closed before opening new PRs from > separate branches. > > best regards, > > michael > >
Re: Apache Roller 6.0.1 release now available
Thanks for your attention to detail Justin. Truly appreciated. We should remove that notice. Dave On Thu, May 28, 2020 at 6:37 PM Justin Mclean wrote: > Hi, > > Only stuff that is in the distributions needs to be mentioned [1] (see > guiding principle). If it not in the release artefact and just a dependancy > then it should VM n't be mentioned. > > Thanks, > Justin > > 1. https://www.apache.org/dev/licensing-howto.html >
Re: Apache Roller 6.0.1 release now available
Also, the Roller source release does not include CDDL code. It is brought in at build time via a Maven dependency. If that is the case, do we need that notice? Dave On Thu, May 28, 2020 at 5:00 AM Aditya Sharma wrote: > Thanks for the heads up Justin! > > As far as I know, Apache Roller uses Java Mail API[1] as a dependency[2] > which is CDDL licensed. As per the commit[3] in Notice file, it has been > added long back in 2015. > > 1. https://javaee.github.io/javamail/ > 2. https://github.com/apache/roller/blob/master/app/pom.xml#L94 > 3. https://svn.apache.org/viewvc?view=revision&revision=1704453 > > Thanks and Regards, > Aditya Sharma > > On Wed, 20 May 2020 at 14:33, Justin Mclean wrote: > > > Hi, > > > > I was taking a look at your release and noticed the NOTICE file mentions > > it contains some CDDL licensed code. CDDL is Category B [1] and as such > > can't be included in a source release. Just wondering the history of this > > statement and if this licensed code is included in the source release. > > > > Kind Regards, > > Justin > > > > 1. https://www.apache.org/legal/resolved.html#weak-copyleft-licenses > > >
Re: ROL-2048 - Roller needs a new logo
How do others feel about this? Nitin put in a fair amount of work on this and we now have some nice logo designs. Should we pursue this a 99designs logo or should we go with one of Nitin's designs? I would love to hear other folks opinions about this. There are a couple of bugs that I'd like to fix for a Roller 6.0.2 release so we could switch to a new logo at that point, though maybe that is too soon because there are some things we need to think about before going to a new logo. For example: - What color scheme do we want for the logo? - Where would the new logo be used in the UI? - How do we use the logo in the favicon? - How would the logo be used on the website and would we want to change to color scheme of the site as well? Dave On Wed, May 13, 2020 at 8:30 PM Dave wrote: > I'm not opposed to that idea and I am also willing to donate funds. What > do others think, and do we know if paying for a logo is something that > other projects have done? Is there a precedent for this? One concern is: > would we be able to offer the logo image in accordance with the Apache > license? > > Dave > > > On Wed, May 13, 2020 at 10:40 AM Matt Raible > wrote: > >> Since this logo will likely be with us for a while, maybe we should use >> something like https://99designs.com/ <https://99designs.com/> to get >> ideas? I think it costs $300, but I’d be willing to donate some funds for >> it. >> >> Cheers, >> >> Matt >> >> > On May 13, 2020, at 4:52 AM, Aditya Sharma >> wrote: >> > >> > Thanks everyone for the inputs. >> > >> >>> I like concept #3 too, not sure about the colors though; I guess I >> like the >> >>> purple/orange/blue theme. >> > Not sure how we should do it. Maybe we can first decide upon the >> > concept and take inputs about the colors with additional feedback. >> > >> >>> I wonder how we should integrate the new logo into Roller. Seems like >> it >> >>> should replace the stream roller logo everywhere, but how does it >> integrate >> >>> into Roller? I think it should replace the ASF feather in the web UI >> and we >> >>> should use the wheel portion of the logo as the favicon for Roller. >> What >> >>> are other's thoughts? >> > +1 >> > >> > Updated the form with the logo suggested by Matt >> > https://forms.gle/ab2beutiuwnoRRpb6 < >> https://forms.gle/ab2beutiuwnoRRpb6> >> > >> > >> > Thanks and regards, >> > Aditya Sharma >> > >> > On Wed, 13 May 2020 at 06:41, Nitin Lokhande >> wrote: >> >> >> >> How about rotating e 90 degree left and making overall logo like a >> school >> >> bus. Then bus inside Octagon shape of stop sign. >> >> So stop sign shape can be used at other places as secondary >> sign/logo/icon >> >> without words/bus. >> >> >> >> 3rd and 4th looks cool. Noticed 4th is like Target logo in Orange. >> >> >> >> On Tue, May 12, 2020 at 4:32 AM Nitin Tiwari < >> hellonitintiw...@gmail.com> >> >> wrote: >> >> >> >>> Hi Matt, >> >>> >> >>> Thank you so much for your inputs. >> >>> >> >>> I've prepared something based on your inputs, please access theme >> here: >> >>> https://drive.google.com/open?id=1HUFlhYFgcHZ8a-5o7oS3x1yjjHbBV-bq >> >>> >> >>> Please take a look, I hope this represents your thoughts, visually >> and as >> >>> intended. >> >>> >> >>> Thank you, >> >>> >> >>> Best, >> >>> Nitin >> >>> >> >>> On Mon, May 11, 2020 at 8:57 PM Matt Raible >> >>> wrote: >> >>> >> >>>> I like the first one the most, but I think it’s because of the font >> and >> >>>> color. >> >>>> >> >>>> I’m a big fan of cars. I like how #3 has a “mag wheel” of sorts. The >> >>>> favicon for Roller is a purple square with a white R. Maybe something >> >>> like >> >>>> the first one with a chrome mag wheel and the font in a darker >> purple? >> >>>> >> >>>> Feel free to ignore this suggestion. ;) >> >>>> >> >>>> Cheers, >> >>>> >> >>>> Matt >> >>>> >> >>>>> On May 11,
Re: ROL-2048 - Roller needs a new logo
I'm not opposed to that idea and I am also willing to donate funds. What do others think, and do we know if paying for a logo is something that other projects have done? Is there a precedent for this? One concern is: would we be able to offer the logo image in accordance with the Apache license? Dave On Wed, May 13, 2020 at 10:40 AM Matt Raible wrote: > Since this logo will likely be with us for a while, maybe we should use > something like https://99designs.com/ <https://99designs.com/> to get > ideas? I think it costs $300, but I’d be willing to donate some funds for > it. > > Cheers, > > Matt > > > On May 13, 2020, at 4:52 AM, Aditya Sharma > wrote: > > > > Thanks everyone for the inputs. > > > >>> I like concept #3 too, not sure about the colors though; I guess I > like the > >>> purple/orange/blue theme. > > Not sure how we should do it. Maybe we can first decide upon the > > concept and take inputs about the colors with additional feedback. > > > >>> I wonder how we should integrate the new logo into Roller. Seems like > it > >>> should replace the stream roller logo everywhere, but how does it > integrate > >>> into Roller? I think it should replace the ASF feather in the web UI > and we > >>> should use the wheel portion of the logo as the favicon for Roller. > What > >>> are other's thoughts? > > +1 > > > > Updated the form with the logo suggested by Matt > > https://forms.gle/ab2beutiuwnoRRpb6 <https://forms.gle/ab2beutiuwnoRRpb6 > > > > > > > > Thanks and regards, > > Aditya Sharma > > > > On Wed, 13 May 2020 at 06:41, Nitin Lokhande > wrote: > >> > >> How about rotating e 90 degree left and making overall logo like a > school > >> bus. Then bus inside Octagon shape of stop sign. > >> So stop sign shape can be used at other places as secondary > sign/logo/icon > >> without words/bus. > >> > >> 3rd and 4th looks cool. Noticed 4th is like Target logo in Orange. > >> > >> On Tue, May 12, 2020 at 4:32 AM Nitin Tiwari < > hellonitintiw...@gmail.com> > >> wrote: > >> > >>> Hi Matt, > >>> > >>> Thank you so much for your inputs. > >>> > >>> I've prepared something based on your inputs, please access theme here: > >>> https://drive.google.com/open?id=1HUFlhYFgcHZ8a-5o7oS3x1yjjHbBV-bq > >>> > >>> Please take a look, I hope this represents your thoughts, visually and > as > >>> intended. > >>> > >>> Thank you, > >>> > >>> Best, > >>> Nitin > >>> > >>> On Mon, May 11, 2020 at 8:57 PM Matt Raible > >>> wrote: > >>> > >>>> I like the first one the most, but I think it’s because of the font > and > >>>> color. > >>>> > >>>> I’m a big fan of cars. I like how #3 has a “mag wheel” of sorts. The > >>>> favicon for Roller is a purple square with a white R. Maybe something > >>> like > >>>> the first one with a chrome mag wheel and the font in a darker purple? > >>>> > >>>> Feel free to ignore this suggestion. ;) > >>>> > >>>> Cheers, > >>>> > >>>> Matt > >>>> > >>>>> On May 11, 2020, at 12:40 AM, Aditya Sharma > > >>>> wrote: > >>>>> > >>>>> Hi team, > >>>>> > >>>>> I have created another survey form using Google forms this time. > >>>>> > >>>>> Here is the link: > >>>>> https://forms.gle/ab2beutiuwnoRRpb6 < > >>> https://forms.gle/ab2beutiuwnoRRpb6 > >>>>> > >>>>> > >>>>> Please review it. If all looks good I will proceed further in a day. > >>>>> > >>>>> Thanks and Regards, > >>>>> Aditya Sharma > >>>>> > >>>>> On Mon, 10 Feb 2020 at 11:16, Aditya Sharma > > >>>> wrote: > >>>>>> > >>>>>> Hi Saurabh, > >>>>>> > >>>>>> Any update on this? > >>>>>> > >>>>>> I will pick this up in a day if without a response. > >>>>>> > >>>>>> Thanks and regards, > >>>>>> Aditya Sharma > >>>>>
Re: ROL-2048 - Roller needs a new logo
I like concept #3 too, not sure about the colors though; I guess I like the purple/orange/blue theme. I wonder how we should integrate the new logo into Roller. Seems like it should replace the stream roller logo everywhere, but how does it integrate into Roller? I think it should replace the ASF feather in the web UI and we should use the wheel portion of the logo as the favicon for Roller. What are other's thoughts? Dave On Tue, May 12, 2020 at 5:32 AM Nitin Tiwari wrote: > Hi Matt, > > Thank you so much for your inputs. > > I've prepared something based on your inputs, please access theme here: > https://drive.google.com/open?id=1HUFlhYFgcHZ8a-5o7oS3x1yjjHbBV-bq > > Please take a look, I hope this represents your thoughts, visually and as > intended. > > Thank you, > > Best, > Nitin > > On Mon, May 11, 2020 at 8:57 PM Matt Raible > wrote: > > > I like the first one the most, but I think it’s because of the font and > > color. > > > > I’m a big fan of cars. I like how #3 has a “mag wheel” of sorts. The > > favicon for Roller is a purple square with a white R. Maybe something > like > > the first one with a chrome mag wheel and the font in a darker purple? > > > > Feel free to ignore this suggestion. ;) > > > > Cheers, > > > > Matt > > > > > On May 11, 2020, at 12:40 AM, Aditya Sharma > > wrote: > > > > > > Hi team, > > > > > > I have created another survey form using Google forms this time. > > > > > > Here is the link: > > > https://forms.gle/ab2beutiuwnoRRpb6 < > https://forms.gle/ab2beutiuwnoRRpb6 > > > > > > > > > Please review it. If all looks good I will proceed further in a day. > > > > > > Thanks and Regards, > > > Aditya Sharma > > > > > > On Mon, 10 Feb 2020 at 11:16, Aditya Sharma > > wrote: > > >> > > >> Hi Saurabh, > > >> > > >> Any update on this? > > >> > > >> I will pick this up in a day if without a response. > > >> > > >> Thanks and regards, > > >> Aditya Sharma > > >> > > >> > > >> On Sun, 2 Feb 2020 at 18:29, Swapnil M Mane > > wrote: > > >>> > > >>> Hi Saurabh, > > >>> Hope you are doing well. > > >>> If you need any help in proceeding further on this please let us > know. > > >>> We will be happy to assist you. > > >>> > > >>> > > >>> Best regards, > > >>> Swapnil M Mane, > > >>> www.apache.org > > >>> > > >>> On Thu, Dec 19, 2019 at 10:49 AM Nitin Tiwari > > >>> wrote: > > >>>> > > >>>> All right Aditya will add the concept 3. > > >>>> > > >>>> @Saurabh if you need any help in preparing the images please let me > > know. > > >>>> > > >>>> Cheers, > > >>>> Nitin > > >>>> > > >>>> On Thu, Dec 19, 2019, 10:47 AM Aditya Sharma < > adityasha...@apache.org > > > > > >>>> wrote: > > >>>> > > >>>>>> Maybe just reduce it to one color choice instead of 6? > > >>>>> +1 > > >>>>> > > >>>>> @Nitin Tiwari > > >>>>> Thanks for sharing the drive link > > >>>>> > > >>>>> > > > https://drive.google.com/drive/u/1/folders/1-h7Bf4Y8b86TtMDExEGXn7zDmI3Of04E > > >>>>> I think Concept 3 seems to be missing. > > >>>>> > > >>>>> @Saurabh > > >>>>> Could you please update the rest images from the link shared by > > Nitin? > > >>>>> > > >>>>> Thanks and regards, > > >>>>> Aditya Sharma > > >>>>> > > >>>>> > > >>>>> On Wed, 18 Dec 2019 at 23:33, Matt Raible > > wrote: > > >>>>> > > >>>>>> Even on desktop, the images in “concept 1” and “concept 2” are > > taller and > > >>>>>> thinner. Maybe just reduce it to one color choice instead of 6? > > >>>>>> > > >>>>>>> On Dec 18, 2019, at 6:14 AM, Aditya Sharma < > > adityasha...@apache.org> > > >>>>>> wrote: > > >>>>>>> > > >
Board report due
I created a draft board report in the Reporter app: https://reporter.apache.org/wizard/?roller Please edit if you have additions, corrections or improvements. We need to sent it to the board by tomorrow. Thanks, Dave
[VOTE CORRECTION] Release rc-2 as Roller 6.0.1
I incorrectly announced the release of 6.0.1 on Friday without three PMC votes so now with Aditya's +1 the release is official. Release is approved, corrected vote count: Swapnil M +1 Greg H +1 (b) Dave J +1 (b) Aditya S +1 (b) Dave On Sun, May 10, 2020 at 10:18 AM Aditya Sharma wrote: > +1 Thanks Dave! > > > Thanks and Regards, > Aditya Sharma > > > On Fri, May 8, 2020, 10:59 PM Dave wrote: > > > Release is approved, vote: > > Swapnil M +1 > > Greg H +1 > > Dave J +1 > > > > Thanks everybody! > > > > I will prepare an announcement and move the file to the mirrors. > > > > Dave > > > > On Fri, May 8, 2020 at 3:56 AM Greg Huber wrote: > > > > > +1 (b) > > > > > > Cheers Greg > > > > > > ## > > > > > > For page : > > > > > > > > > http://127.0.0.1:8080/roller/roller-ui/admin/globalCommentManagement!update.rol > > > > > > it might be worth adding the ajax comment edit from main weblog? ( > > > http://127.0.0.1:8080/roller/roller-ui/authoring/comments.rol ) > > > > > > On 03/05/2020 21:16, Dave wrote: > > > > Roller 6.0.1 is a bug fix release that fixes bugs in the Server > Admin, > > > > Create New User, Weblog Config and comments pages. > > > > > > > > Thanks to all who helped out with 6.0. Also, thanks to the work of > > > Swapnil > > > > Mane, all of the Roller docs have now been updated for the new > Roller 6 > > > UI > > > > and converted to AsciiDoc. They are included in the binary release as > > > PDFs. > > > > > > > > Release candidate files are here: > > > > https://dist.apache.org/repos/dist/dev/roller/roller-6.0/v6.0.1 > > > > > > > > Release Notes - Apache Roller - Version 6.0.1 > > > > ** Bug > > > > * [ROL-2160] - Server admin page fails to display properly > > > > * [ROL-2161] - Create New user error > > > > * [ROL-2164] - Incorrect key`createWebsite.timeZone` in > > > WeblogConfig.jsp > > > > * [ROL-2165] - Fix poor formatting caused by word-wrapping in > > > > CommentDataServlet.java > > > > > > > > Please vote to release Roller 6.0.1. > > > > > > > > Thanks, > > > > Dave > > > > > > > > > >
Re: Docs on roller.apache.org
Dang-it. It still does! Thanks for catching that. I will fix shortly. Dave On Fri, May 8, 2020 at 3:04 PM Matt Raible wrote: > Happy Friday, y’all! Does the main site need updating to reference the > AsciiDoc files? It seems to still reference ODT. > > http://roller.apache.org/index.html > > The button says ODT and links to > https://github.com/apache/roller/tree/roller-5.2.0/docs. > >
Apache Roller 6.0.1 release now available
The Roller PMC has approved the release of Apache Roller 6.0.1, a minor bug fix release that includes an updated version of the Roller User Guide. All of the Roller docs have now been converted to AsciiDocs for easier maintenance and SCM management, Release Notes - Apache Roller - Version 6.0.1 ** Bug * [ROL-2160] - Server admin page fails to display properly * [ROL-2161] - Create New user error * [ROL-2164] - Incorrect key`createWebsite.timeZone` in WeblogConfig.jsp * [ROL-2165] - Fix poor formatting caused by word-wrapping in CommentDataServlet.java You can download the release via Apache mirrors link here: http://roller.apache.org/downloads/downloads.html Enjoy! Roller PMC
[VOTE RESULT] Release rc-2 as Roller 6.0.1
Release is approved, vote: Swapnil M +1 Greg H +1 Dave J +1 Thanks everybody! I will prepare an announcement and move the file to the mirrors. Dave On Fri, May 8, 2020 at 3:56 AM Greg Huber wrote: > +1 (b) > > Cheers Greg > > ## > > For page : > > http://127.0.0.1:8080/roller/roller-ui/admin/globalCommentManagement!update.rol > > it might be worth adding the ajax comment edit from main weblog? ( > http://127.0.0.1:8080/roller/roller-ui/authoring/comments.rol ) > > On 03/05/2020 21:16, Dave wrote: > > Roller 6.0.1 is a bug fix release that fixes bugs in the Server Admin, > > Create New User, Weblog Config and comments pages. > > > > Thanks to all who helped out with 6.0. Also, thanks to the work of > Swapnil > > Mane, all of the Roller docs have now been updated for the new Roller 6 > UI > > and converted to AsciiDoc. They are included in the binary release as > PDFs. > > > > Release candidate files are here: > > https://dist.apache.org/repos/dist/dev/roller/roller-6.0/v6.0.1 > > > > Release Notes - Apache Roller - Version 6.0.1 > > ** Bug > > * [ROL-2160] - Server admin page fails to display properly > > * [ROL-2161] - Create New user error > > * [ROL-2164] - Incorrect key`createWebsite.timeZone` in > WeblogConfig.jsp > > * [ROL-2165] - Fix poor formatting caused by word-wrapping in > > CommentDataServlet.java > > > > Please vote to release Roller 6.0.1. > > > > Thanks, > > Dave > > >
[VOTE] Release rc-2 as Roller 6.0.1
Roller 6.0.1 is a bug fix release that fixes bugs in the Server Admin, Create New User, Weblog Config and comments pages. Thanks to all who helped out with 6.0. Also, thanks to the work of Swapnil Mane, all of the Roller docs have now been updated for the new Roller 6 UI and converted to AsciiDoc. They are included in the binary release as PDFs. Release candidate files are here: https://dist.apache.org/repos/dist/dev/roller/roller-6.0/v6.0.1 Release Notes - Apache Roller - Version 6.0.1 ** Bug * [ROL-2160] - Server admin page fails to display properly * [ROL-2161] - Create New user error * [ROL-2164] - Incorrect key`createWebsite.timeZone` in WeblogConfig.jsp * [ROL-2165] - Fix poor formatting caused by word-wrapping in CommentDataServlet.java Please vote to release Roller 6.0.1. Thanks, Dave
Re: Roller Documentation from ODT to md (markdown)
Wow! this is a great contribution. Thank you so much for updating the docs for the new Roller 6 UI and converting them to a source-code control friendly format. I plan to have a new release candidate ready tomorrow. Dave On Sat, May 2, 2020 at 2:01 PM Swapnil M Mane wrote: > Forgot to add the link, > Here is the exiting ODT version of User Guide, which is converted to > AsciiDoc > > [1] > https://github.com/apache/roller/blob/master/docs/roller-user-guide.odt > > AsciiDoc version - > https://github.com/apache/roller/blob/master/docs/roller-user-guide.adoc > > Best regards, > Swapnil M Mane, > www.apache.org > > On Sat, May 2, 2020 at 11:23 PM Swapnil M Mane > wrote: > > > > Hello team, > > Here is the translation of the 'User Guide' document [1] from ODT to > AsciiDoc. > > It can be referred at > > https://github.com/apache/roller/blob/master/docs/roller-user-guide.adoc > > > > This includes the screenshot of our *new* design and theme for Roller UI > :) > > > > With this translation, all our ODT documents are converted to AsciiDoc. > > > > Here is the ticket, we used for this translation, > > https://issues.apache.org/jira/browse/ROL-2151 > > If you found any issue or improvement in this translation, please feel > > free to report at ROL-2151. > > > > Thanks so much, everyone for your support on this. > > > > Best regards, > > Swapnil M Mane, > > www.apache.org > > > > On Mon, Mar 2, 2020 at 10:32 AM Swapnil M Mane > wrote: > > > > > > Thank you Dave! :) > > > > > > Hi Team, > > > The translation of 'Template Guide' document [1] from ODT to AsciiDoc > > > is committed in the Roller 'master' branch at following MR > > > https://github.com/apache/roller/pull/56 > > > and can be referred at > > > > https://github.com/apache/roller/blob/master/docs/roller-template-guide.adoc > > > > > > Best regards, > > > Swapnil M Mane, > > > www.apache.org > > > On Sun, Mar 1, 2020 at 11:53 PM Dave wrote: > > > > > > > > Swapnil, > > > > > > > > This looks great, and with updated screenshots! Thanks for doing > this work. > > > > It looks nicer and is so much better than having to deal with ODT. > > > > > > > > Dave > > > > > > > > On Sat, Feb 22, 2020 at 8:41 AM Swapnil M Mane < > swapnilmm...@apache.org> > > > > wrote: > > > > > > > > > Hello team, > > > > > > > > > > Here is the translation of 'Template Guide' document [1] from ODT > to > > > > > AsciiDoc. > > > > > It can be referred at > > > > > > > > > > > https://github.com/swapnilmmane/roller/blob/master/docs/roller-template-guide.adoc > > > > > > > > > > This time, it was completely manual work, automation didn't worked > > > > > because it has various tables and other formatting issues. > > > > > > > > > > I have done the following changes in the new document: > > > > > 1.) Updated the images are per our new Roller UI. > > > > > 2.) Since the UI workflow and options of customizing theme and > > > > > templated are changed in our new Roller UI, thus updated the > content > > > > > as per the new workflow. The updated content can be referred at > > > > > https://s.apache.org/g0m8y > > > > > > > > > > Kindly have a look and help us in reviewing, I am planning to > commit > > > > > at the end of next week. > > > > > > > > > > [1] > > > > > > https://github.com/apache/roller/blob/master/docs/roller-template-guide.odt > > > > > > > > > > > > > > > Best regards, > > > > > Swapnil M Mane, > > > > > www.apache.org > > > > > On Mon, Sep 23, 2019 at 3:27 PM Swapnil M Mane < > swapnilmm...@apache.org> > > > > > wrote: > > > > > > > > > > > > Thanks Dave, it's automated + manual work :) > > > > > > > > > > > > 1. First I convert ODT to md using > > > > > > https://www.privatedaddy.com/convert_odt_to_md > > > > > > > > > > > > 2. Convert md file to as AsciiDoc using Pandoc. > > > > > > > > > > > > 3. The above process introduced various spe
Re: [VOTE] Release rc-1 as Roller 6.0.1
Hi Swapnil, Yes, that's a great reason to wait a bit. Thanks! Dave On Mon, Apr 20, 2020 at 1:10 AM Swapnil M Mane wrote: > Thank you Dave, > As we have canceled this Vote thread, can you please give me this week > time to wrap the ASCII doc thing, > (I am planning to work on this task this weekend). > and after this, we can have vote for the new release, thoughts? > > Best regards, > Swapnil M Mane, > www.apache.org > > On Sat, Apr 18, 2020 at 8:57 PM Dave wrote: > > > > Hi Greg, > > > > I fixed a couple of these and have questions about the others. See inline > > below: > > > > > > On Mon, Apr 13, 2020 at 4:07 AM Greg Huber wrote: > > > > > > > > ## > > > > > > > http://127.0.0.1:8080/roller/roller-ui/authoring/weblogConfig.rol?weblog=testuser > > > Missing value for createWebsite.timeZone > > > > > > > Fixed. > > > > > > > ## > > > Remember me seems to have gone? > > > > > > > Remember Me is working for me. You do now have to specify a > rememberme.key > > that is NOT "springRocks" because that is the old default, but I think > that > > was in 6.0.0 already. You want something unique and secret. > > > > > > > > > ## > > > http://127.0.0.1:8080/roller/roller-ui/admin/globalConfig.rol > > > Editor Pages are these still valid? > > > Editor Pages : editor-text.jsp,editor-rte.jsp,editor-xinha.jsp > > > > > > > I'm not sure why you are seeing this. The default in > runtimeConfigDefs.xml > > is "editor-text.jsp,editor-summernote.jsp" which is correct. The RTE and > > Xinha editors are gone. Are you using an existing database for your > testing > > of 6.0.1 rc1? > > > > > > > > > ## > > > Duplicate /n when editing a comment > > > org.apache.roller.weblogger.ui.struts2.ajax.CommentDataServlet > > > String content = Utilities.escapeHTML(c.getContent()); > > > content = WordUtils.wrap(content, 72); > > > content = StringEscapeUtils.escapeEcmaScript(content); > > > It would be better to leave the wrapping to the ui. ie remove > > > WordUtils.wrap(content, 72); > > > > > > > Fixed. > > > > Thanks for the review Greg. > > > > Dave > > > > > > > > > > > On 10/04/2020 21:42, Dave wrote: > > > > I have prepared a release candidate for a Roller 6.0.1 release based > on > > > > latest code in the roller-6.0.x branch. This release will be a > minor bug > > > > fix release. It fixes two bugs, which you can see here: > > > > > > > > https://issues.apache.org/jira/projects/ROL/versions/12347761 > > > > > > > > A release candidate files for this release are available here: > > > > > > > > https://dist.apache.org/repos/dist/dev/roller/roller-6.0/v6.0.1/ > > > > > > > > Please vote +1 to release or -1 with reason(s) not to release. > > > > > > > > I plan to leave this vote open until April 19 to allow folks time to > > > test. > > > > > > > > Thanks, > > > > Dave > > > > > > > >
Re: [VOTE] Release rc-1 as Roller 6.0.1
Hi Greg, I fixed a couple of these and have questions about the others. See inline below: On Mon, Apr 13, 2020 at 4:07 AM Greg Huber wrote: > > ## > > http://127.0.0.1:8080/roller/roller-ui/authoring/weblogConfig.rol?weblog=testuser > Missing value for createWebsite.timeZone > Fixed. > ## > Remember me seems to have gone? > Remember Me is working for me. You do now have to specify a rememberme.key that is NOT "springRocks" because that is the old default, but I think that was in 6.0.0 already. You want something unique and secret. > ## > http://127.0.0.1:8080/roller/roller-ui/admin/globalConfig.rol > Editor Pages are these still valid? > Editor Pages : editor-text.jsp,editor-rte.jsp,editor-xinha.jsp > I'm not sure why you are seeing this. The default in runtimeConfigDefs.xml is "editor-text.jsp,editor-summernote.jsp" which is correct. The RTE and Xinha editors are gone. Are you using an existing database for your testing of 6.0.1 rc1? > ## > Duplicate /n when editing a comment > org.apache.roller.weblogger.ui.struts2.ajax.CommentDataServlet > String content = Utilities.escapeHTML(c.getContent()); > content = WordUtils.wrap(content, 72); > content = StringEscapeUtils.escapeEcmaScript(content); > It would be better to leave the wrapping to the ui. ie remove > WordUtils.wrap(content, 72); > Fixed. Thanks for the review Greg. Dave > On 10/04/2020 21:42, Dave wrote: > > I have prepared a release candidate for a Roller 6.0.1 release based on > > latest code in the roller-6.0.x branch. This release will be a minor bug > > fix release. It fixes two bugs, which you can see here: > > > > https://issues.apache.org/jira/projects/ROL/versions/12347761 > > > > A release candidate files for this release are available here: > > > > https://dist.apache.org/repos/dist/dev/roller/roller-6.0/v6.0.1/ > > > > Please vote +1 to release or -1 with reason(s) not to release. > > > > I plan to leave this vote open until April 19 to allow folks time to > test. > > > > Thanks, > > Dave > > >
Re: [VOTE] Release rc-1 as Roller 6.0.1
Thanks Greg. I'm going to cancel this vote and look into the issues you've raised. Dave On Mon, Apr 13, 2020 at 4:07 AM Greg Huber wrote: > +1 with some notes below. > > Cheers Greg > > ## > > > http://127.0.0.1:8080/roller/roller-ui/authoring/weblogConfig.rol?weblog=testuser > > Missing value for createWebsite.timeZone > > ## > > Remember me seems to have gone? > > ## > > http://127.0.0.1:8080/roller/roller-ui/admin/globalConfig.rol > > Editor Pages are these still valid? > > Editor Pages : editor-text.jsp,editor-rte.jsp,editor-xinha.jsp > > ## > > Duplicate /n when editing a comment > > org.apache.roller.weblogger.ui.struts2.ajax.CommentDataServlet > > String content = Utilities.escapeHTML(c.getContent()); > content = WordUtils.wrap(content, 72); > content = StringEscapeUtils.escapeEcmaScript(content); > > It would be better to leave the wrapping to the ui. ie remove > WordUtils.wrap(content, 72); > > > On 10/04/2020 21:42, Dave wrote: > > I have prepared a release candidate for a Roller 6.0.1 release based on > > latest code in the roller-6.0.x branch. This release will be a minor bug > > fix release. It fixes two bugs, which you can see here: > > > > https://issues.apache.org/jira/projects/ROL/versions/12347761 > > > > A release candidate files for this release are available here: > > > > https://dist.apache.org/repos/dist/dev/roller/roller-6.0/v6.0.1/ > > > > Please vote +1 to release or -1 with reason(s) not to release. > > > > I plan to leave this vote open until April 19 to allow folks time to > test. > > > > Thanks, > > Dave > > >
[VOTE] Release rc-1 as Roller 6.0.1
I have prepared a release candidate for a Roller 6.0.1 release based on latest code in the roller-6.0.x branch. This release will be a minor bug fix release. It fixes two bugs, which you can see here: https://issues.apache.org/jira/projects/ROL/versions/12347761 A release candidate files for this release are available here: https://dist.apache.org/repos/dist/dev/roller/roller-6.0/v6.0.1/ Please vote +1 to release or -1 with reason(s) not to release. I plan to leave this vote open until April 19 to allow folks time to test. Thanks, Dave
Re: [roller] branch master updated: Switch to AsciiDoc version of install guide in standard release bundle.
Sorry for the late reply.
I can't remember if there was a reason that I moved them from 'docs' to
'docs/adoc'.
I think 'docs' is better.
Dave
On Sun, Mar 15, 2020 at 3:39 AM Swapnil M Mane
wrote:
> Hello Dave,
> Hope are doing well.
> Any update on this.
>
>
> Best regards,
> Swapnil M Mane,
> www.apache.org
>
> On Mon, Mar 2, 2020 at 10:51 AM Swapnil M Mane
> wrote:
> >
> > Hello Dave,
> >
> > While working on the translation of 'Template Guide' document from ODT
> > to AsciiDoc.
> > I found, here we have moved roller-install-guide.adoc from 'docs' to
> > 'docs/adoc'.
> >
> > Just need your kind thoughts on finalizing the file location of these
> > files in the master branch,
> > should we keep the AsciiDoc file at 'docs' directory or at 'docs/adoc'
> > directory.
> >
> >
> > Best regards,
> > Swapnil M Mane,
> > www.apache.org
> >
> > On Mon, Dec 2, 2019 at 4:57 AM wrote:
> > >
> > > This is an automated email from the ASF dual-hosted git repository.
> > >
> > > snoopdave pushed a commit to branch master
> > > in repository https://gitbox.apache.org/repos/asf/roller.git
> > >
> > >
> > > The following commit(s) were added to refs/heads/master by this push:
> > > new 8cb3da1 Switch to AsciiDoc version of install guide in
> standard release bundle.
> > > 8cb3da1 is described below
> > >
> > > commit 8cb3da13831485886d9905fee45ddb5d89e680a6
> > > Author: David M. Johnson
> > > AuthorDate: Sun Dec 1 18:27:03 2019 -0500
> > >
> > > Switch to AsciiDoc version of install guide in standard release
> bundle.
> > > ---
> > > assembly-release/pom.xml| 48
> +
> > > assembly-release/src/main/assembly/standard.xml | 14 +---
> > > docs/{ => adoc}/roller-install-guide.adoc | 0
> > > 3 files changed, 49 insertions(+), 13 deletions(-)
> > >
> > > diff --git a/assembly-release/pom.xml b/assembly-release/pom.xml
> > > index 98fc5fc..d91550d 100644
> > > --- a/assembly-release/pom.xml
> > > +++ b/assembly-release/pom.xml
> > > @@ -32,12 +32,20 @@
> > > Roller Release Assembly
> > > Assembles Roller into a distribution
> package
> > >
> > > +
> > > +
> 2.0.0-RC.1
> > > +
> 1.5.0-beta.6
> > > +2.1.0
> > > +9.2.8.0
> > > +
> > > +
> > >
> > >
> > >
> > > +
> > >
> > > org.apache.maven.plugins
> > > maven-assembly-plugin
> > > @@ -58,6 +66,46 @@
> > >
> > >
> > >
> > > +
> > > +
> > > +org.asciidoctor
> > > +asciidoctor-maven-plugin
> > > +${asciidoctor.maven.plugin.version}
> > > +
> > > +
> > > +org.asciidoctor
> > > +asciidoctorj-pdf
> > > +${asciidoctorj.pdf.version}
> > > +
> > > +
> > > +
> > > +../docs/adoc
> > > +
> > > +
> ${project.build.sourceDirectory}
> > > +
> > > +
> > > +
> > > +
> > > +generate-pdf-doc
> > > +generate-resources
> > > +
> > > +process-asciidoc
> > > +
> > > +
> > > +pdf
> > > +
> coderay
> > > +
> > > +font
> > > +
> > > +
> > > +
> > > +-
> > > +
> > > +
> > > +
> > > +
> > > +
> > > +
> > >
> > >
> > &
Re: Roller Documentation from ODT to md (markdown)
Swapnil, This looks great, and with updated screenshots! Thanks for doing this work. It looks nicer and is so much better than having to deal with ODT. Dave On Sat, Feb 22, 2020 at 8:41 AM Swapnil M Mane wrote: > Hello team, > > Here is the translation of 'Template Guide' document [1] from ODT to > AsciiDoc. > It can be referred at > > https://github.com/swapnilmmane/roller/blob/master/docs/roller-template-guide.adoc > > This time, it was completely manual work, automation didn't worked > because it has various tables and other formatting issues. > > I have done the following changes in the new document: > 1.) Updated the images are per our new Roller UI. > 2.) Since the UI workflow and options of customizing theme and > templated are changed in our new Roller UI, thus updated the content > as per the new workflow. The updated content can be referred at > https://s.apache.org/g0m8y > > Kindly have a look and help us in reviewing, I am planning to commit > at the end of next week. > > [1] > https://github.com/apache/roller/blob/master/docs/roller-template-guide.odt > > > Best regards, > Swapnil M Mane, > www.apache.org > On Mon, Sep 23, 2019 at 3:27 PM Swapnil M Mane > wrote: > > > > Thanks Dave, it's automated + manual work :) > > > > 1. First I convert ODT to md using > > https://www.privatedaddy.com/convert_odt_to_md > > > > 2. Convert md file to as AsciiDoc using Pandoc. > > > > 3. The above process introduced various special characters, remove > > images, and some code snippet issues, fix them manually. > > > > 4. Then, review the existing ODT and new AsciiDoc file line by line > > and fix the issues. > > > > Best regards, > > Swapnil M Mane, > > www.apache.org > > > > On Sun, Sep 22, 2019 at 12:30 AM Dave wrote: > > > > > > Thanks for doing this work, it looks great! Are you using any tools to > > > automate the conversion? > > > > > > Dave > > > > > > > > > On Wed, Sep 18, 2019 at 8:29 AM Swapnil M Mane < > swapnilmm...@apache.org> > > > wrote: > > > > > > > Hello team, > > > > > > > > Here comes our first translation from ODT to AsciiDoc. > > > > The 'Installation Guide' document [1] is translated to AsciiDoc, it > > > > can be referred at > > > > > > > > > https://github.com/swapnilmmane/roller/blob/master/docs/roller-install-guide.adoc > > > > > > > > Before committing, I would like to get it reviewed from the > community. > > > > Please feel free to comment. > > > > > > > > P.S. I have removed the 'OpenDS project' mention from Acknowledgments > > > > section since now we have converted the document to AsciiDoc. > > > > > > > > [1] > > > > > https://github.com/apache/roller/blob/master/docs/roller-install-guide.odt > > > > > > > > > > > > Best regards, > > > > Swapnil M Mane, > > > > www.apache.org > > > > > > > > On Thu, Aug 29, 2019 at 5:44 PM Swapnil M Mane < > swapnilmm...@apache.org> > > > > wrote: > > > > > > > > > > Thank you Aditya. > > > > > > > > > > @Team, > > > > > Here is the Jira to track the progress of this effort, > > > > > https://issues.apache.org/jira/browse/ROL-2151 > > > > > > > > > > > > > > > Best regards, > > > > > Swapnil M Mane, > > > > > www.apache.org > > > > > > > > > > On Wed, Aug 28, 2019 at 12:50 PM Aditya Sharma < > adityasha...@apache.org> > > > > wrote: > > > > > > > > > > > > Big +1 for AsciiDoc > > > > > > > > > > > > Thanks and regards, > > > > > > Aditya Sharma > > > > > > > > > > > > On Tue, 27 Aug 2019 at 23:36, Swapnil M Mane < > swapnilmm...@apache.org> > > > > > > wrote: > > > > > > > > > > > > > Sure Matt, thank you for the kind note. > > > > > > > Will surely sync up with you in case of any issue. > > > > > > > I also played with Asciidoctor in past, indeed a great tool! > > > > > > > > > > > > > > > > > > > > > Best regards, > > > > > > > Swapnil M
Re: Roller 6 configuration Page struts error
I investigated this problem and here's what I found:
https://issues.apache.org/jira/browse/ROL-2160
I have also proposed a solution to this problem in the JIRA ticket. I have
tested that solution and it works, but it is really a work-around for what
I believe is a bug in Struts.
Here's a PR with the fix: https://github.com/apache/roller/pull/55
Thanks,
Dave
On Fri, Feb 28, 2020 at 7:08 PM Naren wrote:
> Dave,
>
>Thanks again for fixing it in advance and also I have few
> suggestions that might be useful for folks using Roller.
>
>
> 1) For installing this behind firewall with internet restrictions in DMZ:
> Packaging the required libraries will help, for example when I installed
> Roller 5.2.4 I had to download tiles-config_3_0.dtd
> and refer it like locally. /WEB-INF/lib/tiles-config_3_0.dtd"
>
> 2) /webapps//WEB-INF/classes/struts.xml which was part of the 5.2.4 Global
> allowed methods didnt work and I had to add them to
>as allowed-methods for each action. I see it has been fixed in roller
> 6.0
>
> 3) I saw another issue with database connectivity, it works fine with both
> Tomcat/MySQL on the same server and with
>multiple Tomcat and MySQL servers sitting on separate servers under load
> balancer it wont update the content to all servers
> under load balancer, any server that user get in that session under
> load balancer can see updates happening on just server and
>I figured out that eclipse cache and persistence was causing that. To
> overcome that issue
>I had to add eclipselink.cache.shared.default=false and
> eclipselink.persistence-context.flush-mode=commit to
>roller-custom.properties
> 4) I would like to see options that will turn off the notification emails
> Roller trying to send commentators to blog posts.
> Word press has an option in configuration screen to turn it off or on
> and it would be useful for Roller users.
> In roller roller-custom.properties we should be able to add something
> like this--> users.comments.emailnotify=false
>
> code has the following and there are no options to turn it off:
>// if required, send notification for all comments changed
> if (MailUtil.isMailConfigured()) {
> I18nMessages resources = I18nMessages
>
> .getMessages(getActionWeblog().getLocaleInstance());
> MailUtil.sendEmailApprovalNotifications(approvedComments,
> resources);
> }
>
> Hope these are some useful suggestions.
>
> Thanks
> Naren
>
> On Fri, Feb 28, 2020 at 6:18 PM Dave wrote:
>
> > I can now reproduce the issue locally and hope to have a fix this
> weekend,
> > probably a test build to be followed by a Roller 6.0.1 release. Thanks
> for
> > reporting this issue.
> >
> > Dave
> >
> >
> > On Tue, Feb 25, 2020 at 7:51 PM Naren wrote:
> >
> > > Dave,
> > >
> > > Thanks for getting back to me. Please let me know if its going to
> > be
> > > patch or code base update.
> > >
> > > Thanks again for your help
> > > Naren
> > >
> > > On Tue, Feb 25, 2020 at 6:34 PM Dave wrote:
> > >
> > > > Hi Naren,
> > > >
> > > > I was able to reproduce your issue on my personal site (which runs
> JDK
> > 11
> > > > and Tomcat 9), which means that I should be able to fix it. Oddly, I
> do
> > > not
> > > > see this error when I run Roller locally on the same setup.
> > > >
> > > > Thanks,
> > > > Dave
> > > >
> > > >
> > > > On Mon, Feb 17, 2020 at 6:42 PM Naren wrote:
> > > >
> > > > > Dave?, thanks unfortunately, I will not be able to update Tomcat as
> > > its a
> > > > > big change in my organization.
> > > > >
> > > > > valueKey" is null but this is a value passed from outside to
> Struts'
> > > > > getText function.
> > > > >
> > > > > Please let me know when u test with Tomcat7 next week
> > > > >
> > > > > Thanks again for your help
> > > > >
> > > > > Naren
> > > > >
> > > > > On Mon, Feb 17, 2020 at 6:22 PM Dave wrote:
> > > > >
> > > > > > I'm not able to reproduce this error and I may not have time to
> > check
> > > > > that
> > > > > > until this weekend. Can you try a newer version of Tomcat? I'm
> > > pretty
> > > > > sure
> &g
Roller board report draft
I put together a draft here: https://reporter.apache.org/wizard/?roller. Please edit if you have some things to add or corrections to make. We need to submit this by Wednesday the 12th. Thanks, Dave
Fwd: [jira] [Created] (INFRA-19714) Upgrade blogs to Roller 6
FYI... -- Forwarded message - From: David M. Johnson (Jira) Date: Mon, Jan 13, 2020 at 6:52 PM Subject: [jira] [Created] (INFRA-19714) Upgrade blogs to Roller 6 To: David M. Johnson created INFRA-19714: Summary: Upgrade blogs to Roller 6 Key: INFRA-19714 URL: https://issues.apache.org/jira/browse/INFRA-19714 Project: Infrastructure Issue Type: Task Components: Blogs Reporter: David M. Johnson Apache Roller 6 is now available and features a modernized UI and updated dependencies. There are no database changes so it should be easy to roll-back if things go wrong. The only possible is that 6 requires Java 11. I'm happy to help with the roll-out and fixing any bugs that users might find via hot fix and new release if necessary. -- This message was sent by Atlassian Jira (v8.3.4#803005)
Re: [VOTE] to release candidate #3 as Apache Roller 6.0.0
Done. Thanks for the reminder! Dave On Thu, Dec 26, 2019 at 4:50 AM Swapnil M Mane wrote: > Thank you Dave for the release announcement. > It will be great if we send the release update on annou...@apache.org > list as well. > > Purpose: > 1. Wider audience reach > The general ASF announce@a.o list is the ASF's official notification > mailing list and has more than 5,000 recipients. > > 2. We publish a weekly foundation blog (Apache News Round-up) which > includes details about the ASF activities of the past week. This blog > also includes the details of the project's release updates of the past > week (this information is fetched from annou...@apache.org list). > > > *Note*: To post on annou...@apache.org list please use your apache.org > mail address, because this list rejects mails from the non apache.org > mail Ids. For more information please refer [1]. > > [1] http://www.apache.org/legal/release-policy.html#release-announcements > > HTH! > > P.S. Please ignore my mail if you have already sent the mail on > announce and it in moderation. > > Best regards, > Swapnil M Mane, > www.apache.org > > On Wed, Dec 25, 2019 at 8:55 PM Dave wrote: > > > > Apache Roller 6.0.0 release has been approved by vote of the PMC. > > > > +1 Greg H > > +1 Aditya S > > +1 Dave J > > +1 Michael B > > > > Thanks to all who contributed to the release. I will move the binaries to > > the mirrored repo and make the release announcement today. > > > > Dave > > > > > > > > On Sun, Dec 15, 2019 at 1:23 PM Dave wrote: > > > > > I made fixes for the problems identified in the previous release > candidate > > > (JavaScript length instead of size and the template remove breakage). > Now > > > would like to call a vote to release candidate #3 as Roller 6.0.0. > > > Release candidate files are here: > > > > > > https://dist.apache.org/repos/dist/dev/roller/roller-6.0/v6.0.0/ > > > > > > Please vote +1 to release or -1 with reason(s) not to release. > > > > > > Thanks, > > > Dave > > > > > > Below are the proposed release notes (thanks to Swapnil for the edits): > > > > > > = > > > The Apache Roller community is pleased to announce the release for > > > Apache Roller 6.0.0. > > > > > > Apache Roller is a Java-based, full-featured, multi-user and > > > group-blog server suitable for blog sites large and small. > > > > > > "Apache Roller 6.0.0" is the latest and greatest release of Roller; for > > > more details of the changes introduced with this new version please > refer > > > to > > > > > > > https://issues.apache.org/jira/secure/ReleaseNote.jspa?projectId=12310906&version=12344884 > > > > > > Apache Roller is available on the download page: > > > https://roller.apache.org/downloads/downloads.html > > > > > > In summary, Roller 6 is a new version of Roller with these features: > > > * Web interface has been rewritten to use Twitter bootstrap > > > via the Struts 2 Bootstrap tags. > > > * Most dependencies have been upgraded to the latest version. > > > * Compiled with Java 11 and requires Java 11. > > > * The installation guide has been converted from OpenOffice to > AsciiDocs. > > > > > > It should be relatively easy to upgrade from Roller 5.2.4 to Roller 6 > > > because there are no changes to the database schema (that means you can > > > easily roll back if you find problems). The user interface is > different and > > > we hope you'll find it better, easier to use, more intuitive and with a > > > more modern feel. > > > > > > Thanks to the many contributors to Roller for this new release. > > > We hope you'll enjoy and find it useful. > > > > > > For more information on Apache Roller, visit the project website: > > > https://roller.apache.org/ > > > > > > >
[ANN] Apache Roller 6.0.0 released
The Apache Roller community is pleased to announce the release for Apache Roller 6.0.0. Apache Roller is a Java-based, full-featured, multi-user and group-blog server suitable for blog sites large and small. "Apache Roller 6.0.0" is the latest and greatest release of Roller; for more details of the changes introduced with this new version please refer to https://issues.apache.org/jira/secure/ReleaseNote.jspa?projectId=12310906&version=12344884 Apache Roller is available on the download page: https://roller.apache.org/downloads/downloads.html In summary, Roller 6 is a new version of Roller with these features: * Web interface has been rewritten to use Twitter bootstrap via the Struts 2 Bootstrap tags. * Most dependencies have been upgraded to the latest version. * Compiled with Java 11 and requires Java 11. * The installation guide has been converted from OpenOffice to AsciiDocs. It should be relatively easy to upgrade from Roller 5.2.4 to Roller 6 because there are no changes to the database schema (that means you can easily roll back if you find problems). The user interface is different and we hope you'll find it better, easier to use, more intuitive and with a more modern feel. Thanks to the many contributors to Roller for this new release. We hope you'll enjoy and find it useful. For more information on Apache Roller, visit the project website: https://roller.apache.org/
Re: [VOTE] to release candidate #3 as Apache Roller 6.0.0
Apache Roller 6.0.0 release has been approved by vote of the PMC. +1 Greg H +1 Aditya S +1 Dave J +1 Michael B Thanks to all who contributed to the release. I will move the binaries to the mirrored repo and make the release announcement today. Dave On Sun, Dec 15, 2019 at 1:23 PM Dave wrote: > I made fixes for the problems identified in the previous release candidate > (JavaScript length instead of size and the template remove breakage). Now > would like to call a vote to release candidate #3 as Roller 6.0.0. > Release candidate files are here: > > https://dist.apache.org/repos/dist/dev/roller/roller-6.0/v6.0.0/ > > Please vote +1 to release or -1 with reason(s) not to release. > > Thanks, > Dave > > Below are the proposed release notes (thanks to Swapnil for the edits): > > = > The Apache Roller community is pleased to announce the release for > Apache Roller 6.0.0. > > Apache Roller is a Java-based, full-featured, multi-user and > group-blog server suitable for blog sites large and small. > > "Apache Roller 6.0.0" is the latest and greatest release of Roller; for > more details of the changes introduced with this new version please refer > to > > https://issues.apache.org/jira/secure/ReleaseNote.jspa?projectId=12310906&version=12344884 > > Apache Roller is available on the download page: > https://roller.apache.org/downloads/downloads.html > > In summary, Roller 6 is a new version of Roller with these features: > * Web interface has been rewritten to use Twitter bootstrap > via the Struts 2 Bootstrap tags. > * Most dependencies have been upgraded to the latest version. > * Compiled with Java 11 and requires Java 11. > * The installation guide has been converted from OpenOffice to AsciiDocs. > > It should be relatively easy to upgrade from Roller 5.2.4 to Roller 6 > because there are no changes to the database schema (that means you can > easily roll back if you find problems). The user interface is different and > we hope you'll find it better, easier to use, more intuitive and with a > more modern feel. > > Thanks to the many contributors to Roller for this new release. > We hope you'll enjoy and find it useful. > > For more information on Apache Roller, visit the project website: > https://roller.apache.org/ > >
Re: [VOTE] to release candidate #3 as Apache Roller 6.0.0
I'm going to leave voting open through the weekend to give folks time to review/test the RC. Thanks, Dave On Wed, Dec 18, 2019 at 8:11 AM Aditya Sharma wrote: > +1 > Thanks Dave! > > Thanks and Regards, > Aditya Sharma > > On Wed, 18 Dec 2019 at 17:22, Swapnil M Mane > wrote: > > > +1, thank you so much Dave. > > > > P.S. As mentioned in annoucement mail, hope we will add the link to > > download Apache Roller 6.0.0 > > on https://roller.apache.org/downloads/downloads.html after successful > > vote completion. > > > > Best regards, > > Swapnil M Mane, > > www.apache.org > > > > > > On Sun, Dec 15, 2019 at 10:54 PM Dave wrote: > > > > > > I made fixes for the problems identified in the previous release > > candidate > > > (JavaScript length instead of size and the template remove breakage). > Now > > > would like to call a vote to release candidate #3 as Roller 6.0.0. > > > Release candidate files are here: > > > > > > https://dist.apache.org/repos/dist/dev/roller/roller-6.0/v6.0.0/ > > > > > > Please vote +1 to release or -1 with reason(s) not to release. > > > > > > Thanks, > > > Dave > > > > > > Below are the proposed release notes (thanks to Swapnil for the edits): > > > > > > = > > > The Apache Roller community is pleased to announce the release for > > > Apache Roller 6.0.0. > > > > > > Apache Roller is a Java-based, full-featured, multi-user and > > > group-blog server suitable for blog sites large and small. > > > > > > "Apache Roller 6.0.0" is the latest and greatest release of Roller; for > > > more details of the changes introduced with this new version please > > refer to > > > > > > https://issues.apache.org/jira/secure/ReleaseNote.jspa?projectId=12310906&version=12344884 > > > > > > Apache Roller is available on the download page: > > > https://roller.apache.org/downloads/downloads.html > > > > > > In summary, Roller 6 is a new version of Roller with these features: > > > * Web interface has been rewritten to use Twitter bootstrap > > > via the Struts 2 Bootstrap tags. > > > * Most dependencies have been upgraded to the latest version. > > > * Compiled with Java 11 and requires Java 11. > > > * The installation guide has been converted from OpenOffice to > AsciiDocs. > > > > > > It should be relatively easy to upgrade from Roller 5.2.4 to Roller 6 > > > because there are no changes to the database schema (that means you can > > > easily roll back if you find problems). The user interface is different > > and > > > we hope you'll find it better, easier to use, more intuitive and with a > > > more modern feel. > > > > > > Thanks to the many contributors to Roller for this new release. > > > We hope you'll enjoy and find it useful. > > > > > > For more information on Apache Roller, visit the project website: > > > https://roller.apache.org/ > > > > > >
[VOTE] to release candidate #3 as Apache Roller 6.0.0
I made fixes for the problems identified in the previous release candidate (JavaScript length instead of size and the template remove breakage). Now would like to call a vote to release candidate #3 as Roller 6.0.0. Release candidate files are here: https://dist.apache.org/repos/dist/dev/roller/roller-6.0/v6.0.0/ Please vote +1 to release or -1 with reason(s) not to release. Thanks, Dave Below are the proposed release notes (thanks to Swapnil for the edits): = The Apache Roller community is pleased to announce the release for Apache Roller 6.0.0. Apache Roller is a Java-based, full-featured, multi-user and group-blog server suitable for blog sites large and small. "Apache Roller 6.0.0" is the latest and greatest release of Roller; for more details of the changes introduced with this new version please refer to https://issues.apache.org/jira/secure/ReleaseNote.jspa?projectId=12310906&version=12344884 Apache Roller is available on the download page: https://roller.apache.org/downloads/downloads.html In summary, Roller 6 is a new version of Roller with these features: * Web interface has been rewritten to use Twitter bootstrap via the Struts 2 Bootstrap tags. * Most dependencies have been upgraded to the latest version. * Compiled with Java 11 and requires Java 11. * The installation guide has been converted from OpenOffice to AsciiDocs. It should be relatively easy to upgrade from Roller 5.2.4 to Roller 6 because there are no changes to the database schema (that means you can easily roll back if you find problems). The user interface is different and we hope you'll find it better, easier to use, more intuitive and with a more modern feel. Thanks to the many contributors to Roller for this new release. We hope you'll enjoy and find it useful. For more information on Apache Roller, visit the project website: https://roller.apache.org/
Cancelled - Re: [VOTE] Release Apache Roller 6.0.0
I will re-open voting once I have RC3 ready. Dave On Tue, Dec 10, 2019 at 6:37 PM Dave wrote: > Thanks for the feedback folks! I'm going to create a new RC once I work > through the changes suggested by Greg and others. > > Dave > > > On Tue, Dec 10, 2019 at 8:22 AM Swapnil M Mane > wrote: > >> +1, thank you Dave. >> >> I am sure the new web interface will be loved by our users. :) >> >> Thank you for writing the proposed release announcement. >> I have made a few changes: >> -- Made the slight changes in some statements. >> -- Added one-liner detail about the Roller project and project website >> link. >> -- Fixed some typos. >> -- Also to access this link >> https://issues.apache.org/jira/projects/ROL/versions/12344884 user >> should be logged in to Jira, can we instead use this link >> >> https://issues.apache.org/jira/secure/ReleaseNote.jspa?projectId=12310906&version=12344884 >> (other projects also follow the similar link). >> -- Added the Roller download page link (We should update this website >> page i.e. adding Roller 6 download link, prior to sending announcing >> mail). >> >> Please have a look and feel free to only keep the suggestions you >> found acceptable. >> Thanks again for your kind efforts. >> >> = >> The Apache Roller community is pleased to announce the release for >> Apache Roller 6.0.0. >> >> Apache Roller is a Java-based, full-featured, multi-user and >> group-blog server suitable for blog sites large and small. >> >> "Apache Roller 6.0.0" is the latest and greatest release of Roller; for >> more details of the changes introduced with this new version please refer >> to >> >> https://issues.apache.org/jira/secure/ReleaseNote.jspa?projectId=12310906&version=12344884 >> >> Apache Roller is available on the download page: >> https://roller.apache.org/downloads/downloads.html >> >> In summary, Roller 6 is a new version of Roller with these features: >> * Web interface has been rewritten to use Twitter bootstrap >> via the Struts 2 Bootstrap tags. >> * Most dependencies have been upgraded to the latest version. >> * Compiled with Java 11 and requires Java 11. >> * The installation guide has been converted from OpenOffice to AsciiDocs. >> >> It should be relatively easy to upgrade from Roller 5.2.4 to Roller 6 >> because there are no changes to the database schema (that means you can >> easily roll back if you find problems). The user interface is different >> and >> we hope you'll find it better, easier to use, more intuitive and with a >> more modern feel. >> >> Thanks to the many contributors to Roller for this new release. >> We hope you'll enjoy and find it useful. >> >> For more information on Apache Roller, visit the project website: >> https://roller.apache.org/ >> >> >> >> Best regards, >> Swapnil M Mane, >> www.apache.org >> >> >> >> On Tue, Dec 10, 2019 at 5:19 AM Dave wrote: >> > >> > Please vote to release RC2 as Apache Roller 6.0.0. Release candidate >> files >> > are here: >> > https://dist.apache.org/repos/dist/dev/roller/roller-6.0/v6.0.0/ >> > >> > Please vote +1 to release or -1 with reason(s) not to release. >> > >> > Thanks, >> > Dave >> > >> > >> > PS. This is the proposed release announcement: >> > >> > The Apache Roller project is pleased to announce the release of Roller >> > 6.0.0. >> > >> > You can find a list of the issues resolved in Roller 6 here: >> > https://issues.apache.org/jira/projects/ROL/versions/12344884 >> > >> > In summary, Roller 6 is a new version of Roller with these features: >> > * Web interface has been rewritten to use Twitter bootstrap via the >> Struts >> > 2 Bootstrap tags. >> > * Most dependencies have been upgraded to latest version. >> > * Compiled with Java 11 and requires Java 11. >> > * The installation giude has been converted from OpenOffice to >> AsciiDocs. >> > >> > It should be relatively easy to ugrade from Roller 5.2.4 to Roller 6 >> > because there are no changes to the database schema (that means you can >> > easily roll back if you find problems). The user interface is different >> and >> > we hope you'll find it better, easier to use, more intuitive and with a >> > more modern feel. >> > >> > Thanks to the many contributors to Roller for this new release. We hope >> > you'll enjoy and find it useful. >> >
Re: [VOTE] Release Apache Roller 6.0.0
Thanks for the feedback folks! I'm going to create a new RC once I work through the changes suggested by Greg and others. Dave On Tue, Dec 10, 2019 at 8:22 AM Swapnil M Mane wrote: > +1, thank you Dave. > > I am sure the new web interface will be loved by our users. :) > > Thank you for writing the proposed release announcement. > I have made a few changes: > -- Made the slight changes in some statements. > -- Added one-liner detail about the Roller project and project website > link. > -- Fixed some typos. > -- Also to access this link > https://issues.apache.org/jira/projects/ROL/versions/12344884 user > should be logged in to Jira, can we instead use this link > > https://issues.apache.org/jira/secure/ReleaseNote.jspa?projectId=12310906&version=12344884 > (other projects also follow the similar link). > -- Added the Roller download page link (We should update this website > page i.e. adding Roller 6 download link, prior to sending announcing > mail). > > Please have a look and feel free to only keep the suggestions you > found acceptable. > Thanks again for your kind efforts. > > = > The Apache Roller community is pleased to announce the release for > Apache Roller 6.0.0. > > Apache Roller is a Java-based, full-featured, multi-user and > group-blog server suitable for blog sites large and small. > > "Apache Roller 6.0.0" is the latest and greatest release of Roller; for > more details of the changes introduced with this new version please refer > to > > https://issues.apache.org/jira/secure/ReleaseNote.jspa?projectId=12310906&version=12344884 > > Apache Roller is available on the download page: > https://roller.apache.org/downloads/downloads.html > > In summary, Roller 6 is a new version of Roller with these features: > * Web interface has been rewritten to use Twitter bootstrap > via the Struts 2 Bootstrap tags. > * Most dependencies have been upgraded to the latest version. > * Compiled with Java 11 and requires Java 11. > * The installation guide has been converted from OpenOffice to AsciiDocs. > > It should be relatively easy to upgrade from Roller 5.2.4 to Roller 6 > because there are no changes to the database schema (that means you can > easily roll back if you find problems). The user interface is different and > we hope you'll find it better, easier to use, more intuitive and with a > more modern feel. > > Thanks to the many contributors to Roller for this new release. > We hope you'll enjoy and find it useful. > > For more information on Apache Roller, visit the project website: > https://roller.apache.org/ > > > > Best regards, > Swapnil M Mane, > www.apache.org > > > > On Tue, Dec 10, 2019 at 5:19 AM Dave wrote: > > > > Please vote to release RC2 as Apache Roller 6.0.0. Release candidate > files > > are here: > > https://dist.apache.org/repos/dist/dev/roller/roller-6.0/v6.0.0/ > > > > Please vote +1 to release or -1 with reason(s) not to release. > > > > Thanks, > > Dave > > > > > > PS. This is the proposed release announcement: > > > > The Apache Roller project is pleased to announce the release of Roller > > 6.0.0. > > > > You can find a list of the issues resolved in Roller 6 here: > > https://issues.apache.org/jira/projects/ROL/versions/12344884 > > > > In summary, Roller 6 is a new version of Roller with these features: > > * Web interface has been rewritten to use Twitter bootstrap via the > Struts > > 2 Bootstrap tags. > > * Most dependencies have been upgraded to latest version. > > * Compiled with Java 11 and requires Java 11. > > * The installation giude has been converted from OpenOffice to AsciiDocs. > > > > It should be relatively easy to ugrade from Roller 5.2.4 to Roller 6 > > because there are no changes to the database schema (that means you can > > easily roll back if you find problems). The user interface is different > and > > we hope you'll find it better, easier to use, more intuitive and with a > > more modern feel. > > > > Thanks to the many contributors to Roller for this new release. We hope > > you'll enjoy and find it useful. >
[VOTE] Release Apache Roller 6.0.0
Please vote to release RC2 as Apache Roller 6.0.0. Release candidate files are here: https://dist.apache.org/repos/dist/dev/roller/roller-6.0/v6.0.0/ Please vote +1 to release or -1 with reason(s) not to release. Thanks, Dave PS. This is the proposed release announcement: The Apache Roller project is pleased to announce the release of Roller 6.0.0. You can find a list of the issues resolved in Roller 6 here: https://issues.apache.org/jira/projects/ROL/versions/12344884 In summary, Roller 6 is a new version of Roller with these features: * Web interface has been rewritten to use Twitter bootstrap via the Struts 2 Bootstrap tags. * Most dependencies have been upgraded to latest version. * Compiled with Java 11 and requires Java 11. * The installation giude has been converted from OpenOffice to AsciiDocs. It should be relatively easy to ugrade from Roller 5.2.4 to Roller 6 because there are no changes to the database schema (that means you can easily roll back if you find problems). The user interface is different and we hope you'll find it better, easier to use, more intuitive and with a more modern feel. Thanks to the many contributors to Roller for this new release. We hope you'll enjoy and find it useful.
Re: Velocity Renovation
Thanks for investigating this. I hope we can address those in some post-6.0 releases. Dave On Fri, Nov 29, 2019 at 3:49 AM Michael Bien wrote: > Hello Rollers, > > just wanted to mention that before I updated roller to use latest apache > lucene, I tried to update apache velocity, but had to give up fairly > early on. > > The problem was that the build is using the texen ant task of velocity > 1.7* to generate the db scripts and velocity 2.1 doesn't provide this > package anymore. Looks like roller is stuck with 1.7 for now unless the > build is changed to use freemarker for the db scripts or some other > solution is found. > > btw spring security would need some renovating too. Its two major > versions behind. > > * > https://github.com/apache/velocity-engine/tree/1.7.x/src/java/org/apache/velocity/texen > > best regards, > > michael > >
Another release candidate for Roller 6
Now that Struts 2.5.22 is out it's time to get Roller 6 out the door. To that end, I have put together another release candidate for testing and evaluation. I'm not going to call a vote just yet because I'd like to do a little more testing on this build and update my site to use the latest from the 6.0.x branch. If you're interesting in helping out please take a look at this new build and let the list know what you think. Release candidate files are here: https://dist.apache.org/repos/dist/dev/roller/roller-6.0/v6.0.0/ Thanks, Dave On Sun, Jun 30, 2019 at 4:18 PM Dave wrote: > NOTE: this is NOT an official release, just a release candidate for your > consideration. > > I have prepared a release candidate for Roller 6, which includes a > complete rewrite and modernization of the Roller web interface using the > Twitter Bootstrap CSS, components and glyphs (via the Struts 2 Bootstrap > tags). > > Proposal for the web UI work is here: > https://cwiki.apache.org/confluence/x/bhpPBQ > > Some screenshots are here: > https://www.flickr.com/photos/snoopdave/sets/72157666773620323 > > Note that, despite the major version number change of 5 to 6, this new > version of Roller does not change the Roller database. That means you can > try Roller 6 with your existing Roller data and then roll-back if you find > problems. Also. note that this RC is compiled with Java 11 and requires > Java 11 for operation. > > If you have some time, please give Roller 6 RC 1 a try. I would like to > call a release vote in the near future and I would like to get feedback > from folks and see if any contributors want to add or fix things in the 6 > codebase before we make a release. > > Release candidate files are here: > https://dist.apache.org/repos/dist/dev/roller/roller-6.0/v6.0.0/ > > Thanks, > Dave > > >
Do we still need the ODF install guide?
Now that Swapnil has converted the Roller install guide to AsciiDoc (and it looks great!) do we still need the OpenOffice/ODF version? Dave
Re: Release 5.2.5
+1 Let me know how I can help. I would love to see you manage, sign and finalize a release. There might be some parts of the process that are not documented and I’d like to help fix that. Dave On Wed, Nov 6, 2019 at 12:04 AM Aditya Sharma wrote: > Hi team, > > I think we should plan to have a last release for 5.2.x on before we switch > to 6.x. > We will have following features with this release: > 1. Fix Js security vulnerabilities detected using retire js. > a. Upgraded JS libraries namely jQuery, jQuery UI and Xinha editor to > latest. > b. JS libraries dependencies added using webjars. > 2. Editor should confirm user before leaving for unsaved changes. > > wdyt? > > Thanks and regards, > Aditya Sharma >
Re: Struts 2.5.21 test build is ready
I just did a build of Apache Roller 6 (not yet released) using Struts 2.5.21 test bits (pulled from the staging repo) and so far, things seem to be working fine. Roller 6 requires Java 11 and with Struts 2.5.20 I was getting an irritating ERROR about "requires ASM7" but everything seemed to work fine. With 2.5.21 I do not get that error message, and things seem to work fine. I'll do more testing over the next week. Thanks! Dave On Thu, Nov 7, 2019 at 2:57 PM Lukasz Lenart wrote: > Hi, > > Please take a time and test the bits - any help is appreciated. Please > report any problems. I'll call for a vote in a few days if no problems > will be spotted. > > Staging Maven repo > https://repository.apache.org/content/groups/staging/ > > Standalone artifacts > https://dist.apache.org/repos/dist/dev/struts/2.5.21/ > > Release notes > https://cwiki.apache.org/confluence/display/WW/Version+Notes+2.5.21 > > > Kind regards > -- > Łukasz > + 48 606 323 122 http://www.lenart.org.pl/ > > - > To unsubscribe, e-mail: dev-unsubscr...@struts.apache.org > For additional commands, e-mail: dev-h...@struts.apache.org > >
Re: Move to Roller board reports to achive
+1 good idea On Tue, Nov 5, 2019 at 1:36 AM Swapnil M Mane wrote: > Thanks Aditya for raising this up. > IMHO, we should add following details on Roller board reports[1] page > instead of achieving it. > > == > The Roller project has been reporting progress since 2005 and you can > find details of all the official reports submitted by the Apache > Roller PMC to the ASF Board at the following link: > > https://whimsy.apache.org/board/minutes/Roller.html > == > > This information will help our users to look into our reports. > > [1] > https://cwiki.apache.org/confluence/display/ROLLER/Roller+board+reports > > Best regards, > Swapnil M Mane, > www.apache.org > > > On Tue, Nov 5, 2019 at 10:00 AM Aditya Sharma > wrote: > > > > Hi team, > > > > I think as we no longer maintain Roller board reports[1], we should move > it > > to Archives[2] > > > > 1. > https://cwiki.apache.org/confluence/display/ROLLER/Roller+board+reports > > 2. https://cwiki.apache.org/confluence/display/ROLLER/Archives > > > > Thanks and regards, > > Aditya Sharma >
FYI: discussion about upgrading blogs.apache.org to Roller 6 (once it is released)
FYI: https://issues.apache.org/jira/browse/INFRA-17832?focusedCommentId=16940163&page=com.atlassian.jira.plugin.system.issuetabpanels%3Acomment-tabpanel#comment-16940163
Re: Roller Documentation from ODT to md (markdown)
Thanks for doing this work, it looks great! Are you using any tools to automate the conversion? Dave On Wed, Sep 18, 2019 at 8:29 AM Swapnil M Mane wrote: > Hello team, > > Here comes our first translation from ODT to AsciiDoc. > The 'Installation Guide' document [1] is translated to AsciiDoc, it > can be referred at > > https://github.com/swapnilmmane/roller/blob/master/docs/roller-install-guide.adoc > > Before committing, I would like to get it reviewed from the community. > Please feel free to comment. > > P.S. I have removed the 'OpenDS project' mention from Acknowledgments > section since now we have converted the document to AsciiDoc. > > [1] > https://github.com/apache/roller/blob/master/docs/roller-install-guide.odt > > > Best regards, > Swapnil M Mane, > www.apache.org > > On Thu, Aug 29, 2019 at 5:44 PM Swapnil M Mane > wrote: > > > > Thank you Aditya. > > > > @Team, > > Here is the Jira to track the progress of this effort, > > https://issues.apache.org/jira/browse/ROL-2151 > > > > > > Best regards, > > Swapnil M Mane, > > www.apache.org > > > > On Wed, Aug 28, 2019 at 12:50 PM Aditya Sharma > wrote: > > > > > > Big +1 for AsciiDoc > > > > > > Thanks and regards, > > > Aditya Sharma > > > > > > On Tue, 27 Aug 2019 at 23:36, Swapnil M Mane > > > wrote: > > > > > > > Sure Matt, thank you for the kind note. > > > > Will surely sync up with you in case of any issue. > > > > I also played with Asciidoctor in past, indeed a great tool! > > > > > > > > > > > > Best regards, > > > > Swapnil M Mane, > > > > www.apache.org > > > > > > > > On Tue, Aug 27, 2019 at 11:16 PM Matt Raible > > > > > wrote: > > > > > > > > > > +1 for AsciiDoc! I have a lot of experience with Asciidoctor, so > let me > > > > know if you run into issues. > > > > > > > > > > Cheers, > > > > > > > > > > Matt > > > > > > > > > > > On Aug 27, 2019, at 11:06 AM, Swapnil M Mane < > swapnilmm...@apache.org> > > > > wrote: > > > > > > > > > > > > Great, thanks Dave. > > > > > > > > > > > > Thoughts travels, while drafting the mail, AsciiDoc was also in > my > > > > mind. > > > > > > And AsciiDoc is also having all the advantages mentioned above. > > > > > > > > > > > > After some more exploration, I am now more inclined towards > AsciiDoc. > > > > > > So, +1 for AsciiDoc. > > > > > > > > > > > > > > > > > > Best regards, > > > > > > Swapnil M Mane, > > > > > > www.apache.org > > > > > > > > > > > > On Tue, Aug 27, 2019 at 8:53 PM Dave > wrote: > > > > > >> > > > > > >> I think that's a great idea and the docs, or a least the > screenshots, > > > > need > > > > > >> update for the new Roller 6 UI. Markdown is better for this in > so many > > > > > >> ways. AsciiDoc is also a good option but I don't have a strong > > > > preference > > > > > >> on Markdown vs. AsciiDoc. > > > > > >> > > > > > >> Dave > > > > > >> > > > > > >> > > > > > >> On Tue, Aug 27, 2019 at 10:06 AM Swapnil M Mane < > > > > swapnilmm...@apache.org> > > > > > >> wrote: > > > > > >> > > > > > >>> Hello team, > > > > > >>> During my exploration for documentation, I found the > documentation > > > > > >>> link [1] on Roller home page [2] under the Documentation > section. > > > > > >>> I see, currently, we are storing the documents in odt format. > > > > > >>> > > > > > >>> I would like to know the thoughts of the community on moving > the > > > > > >>> documentation from .odt to .md > > > > > >>> > > > > > >>> We will have the following advantage if we use md format - > > > > > >>> > > > > > >>> 1. Rendering support of md file on GitHub > > > > > &
Re: Build Roller with persisting changes
The problem is that the Maven-Jetty setup uses an in memory database, you can see it in the jetty.xml file: jdbc:derby://localhost:4224/memory:rollerdb;create=true Docs for Derby's in-memory are here: https://db.apache.org/derby/docs/10.9/devguide/cdevdvlpinmemdb.html There are a variety of ways to fix this, one way is to write some code that launches and embedded Derby, then add a Jetty "plugin" to launch it when Jetty starts.That's what we used to do back in 2010 we had a DerbyLifeCycle class that do exactly that. I'm not sure why we decided to switch to an in-memory database. If we did that, we could also use the same code to launch Derby in Roller's JUnit tests. That would be better than what we do now becuase we would be able to run and debug tests from with an IDE and not just in Maven. When I do development I usually run Roller in Tomcat with a local Postgres or MySQL database and I have Tomcat configured to point to Roller in ./app/target/roller. I use IntelliJ's debugger and "attach" to that process when I need to step through something. Hope that helps. Dave On Thu, Aug 29, 2019 at 9:41 AM Swapnil M Mane wrote: > Hello team, > > I followed the steps mentioned in this document to build the Roller > https://cwiki.apache.org/confluence/display/ROLLER/How+to+build+Roller > > Thanks for the document, everything worked as expected. > > Can somebody please suggest me what is the best practice to build and > verify the changes. > > So, I have done something like this, > > 1. Start the server from command mvn jetty:run > 2. Created admin user and some content > 2. Edit the 'roller/app/src/main/webapp/themes/basic/_day.vm' file > 3. To see the changes, restart the sever run mvn jetty:run > > These steps deleted my content which I have created earlier like user, > blog, etc. > Due to this, to verify my change, I have to create the above content again. > > As mentioned in the above document, > mvn jetty:run starts with empty Roller database > > >>>> Note the blog information stored during each mvn jetty:run session > will be lost once you stop Jetty (i.e., each mvn jetty:run starts with > empty Roller database tables), > > Is there any way to persist my changes and what are the process > generally followed by developers. > > > Thanks & regards, > Swapnil M Mane, > www.apache.org >
Re: Roller Documentation from ODT to md (markdown)
I think that's a great idea and the docs, or a least the screenshots, need update for the new Roller 6 UI. Markdown is better for this in so many ways. AsciiDoc is also a good option but I don't have a strong preference on Markdown vs. AsciiDoc. Dave On Tue, Aug 27, 2019 at 10:06 AM Swapnil M Mane wrote: > Hello team, > During my exploration for documentation, I found the documentation > link [1] on Roller home page [2] under the Documentation section. > I see, currently, we are storing the documents in odt format. > > I would like to know the thoughts of the community on moving the > documentation from .odt to .md > > We will have the following advantage if we use md format - > > 1. Rendering support of md file on GitHub > The GitHub nicely render the md files, so if the files in md format, > it will be easily rendered on GitHub. > The odt files don't have any preview on GitHub and it forces the user > to download to view the content. (This is annoying for the user and > developers ;-) > e.g. > https://github.com/apache/roller/blob/master/docs/roller-template-guide.odt > > 2. Easy to maintain, the md standard is widely accepted > The md format is widely used and this will open up the opportunity for > new collaborators to participate. > > Kindly let me know if I am missing any information or history or > purpose for maintaining our docs in .odt format. > > P.S. I see we are also maintaining the pdf version of odt [3] in master > branch. > The conversion from md to pdf is also doable. > IMO, if we move our documents to md version, the pdf conversation will > be no longer required since it will be rendered on GitHub properly. > (Still, if I am missing anything, please feel free to comment :-) > > [1] https://github.com/apache/roller/tree/roller-5.2.0/docs > [2] http://roller.apache.org/ > [3] https://github.com/apache/roller/tree/master/docs > > Best regards, > Swapnil M Mane, > www.apache.org >
Re: Two branches on Roller website repository
Hi Swapnup, I think you are right, there is no benefit to maintaining a separate master branch since we have no way to stage changes before publishing. So I'm +1 on your proposed change. Thanks, Dave On Sat, Aug 24, 2019 at 12:32 AM Swapnil M Mane wrote: > Hello team, > > We have two branches master, and asf-site on Roller website repository [1] > The asf-site branch is deployed at Roller official site [2]. > > This brings us the overhead of maintaining two branches. > Most of the Apache projects [3][4] are maintaining single asf-site branch. > > It seems me, the reason for two branches are > master - default created in Git > asf-site - created for deploying official Roller site [2] > > So, to reduce the overhead of maintaining two branches, > 1. we can make master as Stale (as done for Flink[4]) and > 2. make the asf-site branch as the default branch. > > Please let me know if I am missing any information or history for > maintaining two branches. > > [1] https://github.com/apache/roller-website/ > [2] http://roller.apache.org/ > [3] https://github.com/apache/spark-website/branches > [4] https://github.com/apache/flink-web/branches > > Best regards, > Swapnil M Mane, > www.apache.org >
Re: [Proposal] - Setup demo instance for Roller
I'm not totally opposed to the idea but there are some security risks to be considered. One of Roller's biggest vulnerabilities is that users are trusted to publish any type of content and this includes JavaScript which can be used to make Cross-site scripting and request forgery attacks. You really have to trust your bloggers because the system does not sanitize user input (except for blog comments). Even if we delete the data every day bad actors could use the system to make these sorts of attacks. We could disable custom themes, but folks could still publish malicious code in blog posts. How is that handled for Kibble and OFBiz, do they sanitize all user input? Dave On Mon, Aug 19, 2019 at 9:30 AM Aditya Sharma wrote: > Indeed. > > +1 > > Thanks and Regards, > Aditya Sharma > > On Sat, 17 Aug 2019 at 18:41, Swapnil M Mane > wrote: > > > Hi team, > > > > The new adopters and users are generally looking for a demo instance of > any > > software to evaluate it. > > This brings me a thought, we should have a demo instance for the Roller. > > > > Other Apache projects are also set up the demo instance for their > project, > > like > > Apache Kibble - https://demo.kibble.apache.org/ > > Apache OFBiz - > https://demo-trunk.ofbiz.apache.org/ecommerce/control/main > > > > The demo instance will be redeployed every day with fresh data and latest > > codebase (we may set up instances for old releases, but it is not the > > priority we can do it later). > > > > We can request the infra team to set up the demo instance at > > https://demo.roller.apache.org/ > > > > Thought? > > Please let me know if I missed any existing demo instance. > > > > Best regards, > > Swapnil M Mane, > > www.apache.org > > >
