[GitHub] [sling-org-apache-sling-feature-cpconverter] cziegeler commented on a change in pull request #70: SLING-10127 optionally emit converted content packages to dedicated folder

2021-04-13 Thread GitBox 


cziegeler commented on a change in pull request #70:
URL: 
https://github.com/apache/sling-org-apache-sling-feature-cpconverter/pull/70#discussion_r612944561



##
File path: 
src/main/java/org/apache/sling/feature/cpconverter/artifacts/LocalMavenRepositoryArtifactsDeployer.java
##
@@ -99,4 +92,17 @@ public void deploy(@NotNull ArtifactWriter artifactWriter, 
@NotNull ArtifactId i
 }
 }
 
+public static String getNameFromArtifactId(ArtifactId id) {
+StringBuilder nameBuilder = new StringBuilder()

Review comment:
   Why not use ArtifactId.toMvnName() ?




-- 
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.

For queries about this service, please contact Infrastructure at:
us...@infra.apache.org

Re: Release of Servlets Resolver and Scripting bundles

2021-04-13 Thread Carsten Ziegeler 

Am 14.04.2021 um 00:09 schrieb Oliver Lietz:


I don't get the eventing example. Resources are a substantial part of Sling
and defined in Sling API. Sling API bundle already contains several utils
around Resource (and HTTP Request/Response and Scripting). Resource and
Resource Type are very general and not necessarily bound to Scripting.
Eventing is optional and a complete different story.


Fair enough, eventing wasn't maybe the best example.


Again, I see a value using ResourceType when dealing with Resources in Sling
not related to Scripting.


While I agree that resource and resource type are the core concepts of 
Sling and beling in the API, the discussed ResourceType class still does 
not look like that to me. I'm still missing a use case for this.




If the intended use is Scripting only why not renaming it to ScriptType in
Scripting SPI and adding a copy as ResourceType to Sling (Resource) API...?


:) I guess the last thing we want is code duplication.


What is the real drawback of having ResourceType in Sling API?
Avoiding unnecessary dependencies, coherent apis and avoiding that they 
just get a dumping place for useful sounding things. I'm not saying that 
this is the case here, but still I fail to see why this needs to be part 
of Sling API.


For example, this class introduces a dependency on the OSGi Version 
class as part of the API - so users of the Sling API are then required 
to also have the OSGi framework api - which I think should be avoided. 
So by putting this into the Sling API all users are punished to have 
this extra dependency. And embedding that class will sooner or later 
result in problems (we had a similar situation in the feature model - 
where the dependency makes sense as the feature model is about OSGi).


How about we go with a compromise? We move that class to a separate 
package but leave it in the current bundle? If it turns out to be useful 
for each and every Sling developer, we can move the package to Sling API 
- without being incompatible.


Regards
Carsten


--
Carsten Ziegeler
Adobe Research Switzerland
cziege...@apache.org

Re: Release of Servlets Resolver and Scripting bundles

2021-04-13 Thread Oliver Lietz 
On Tuesday, 13 April 2021 15:08:25 CEST Carsten Ziegeler wrote:
> Am 13.04.2021 um 14:35 schrieb Oliver Lietz:
> > On Tuesday, 13 April 2021 08:03:02 CEST Carsten Ziegeler wrote:
> > 
> > IMHO Resource versioning is now a common practice is Sling/AEM projects.
> > I strongly suggest keeping API and helpers/utils in a single place (as we
> > have done it so far) instead of spreading it over multiple modules. Any
> > consumer of Scripting SPI is anyways depending on Sling API.
> 
> We are not putting each and every utility api into Sling API. If it is
> of general purpose *and* of interest to users of the Sling API, then
> yes, it makes sense to consider adding it there.
> 
> But for example utility api for eventing is part of the event api.
> 
> I still fail to see what a general user of the resource api can do with
> the ResourceType class?
> 
> It is scripting related, so why not have it part of scripting?

I don't get the eventing example. Resources are a substantial part of Sling 
and defined in Sling API. Sling API bundle already contains several utils 
around Resource (and HTTP Request/Response and Scripting). Resource and 
Resource Type are very general and not necessarily bound to Scripting. 
Eventing is optional and a complete different story.

Again, I see a value using ResourceType when dealing with Resources in Sling 
not related to Scripting.

If the intended use is Scripting only why not renaming it to ScriptType in 
Scripting SPI and adding a copy as ResourceType to Sling (Resource) API...?

What is the real drawback of having ResourceType in Sling API?

Thanks,
O.


> > We can easily inline org.osgi.framework.Version into the API bundle to
> > remove the dependency if required. Commons Lang3 is only used in the test
> > and was
> > already present:
> Sure we can solve the dependency problem, the important point is that we
> consider and look at this.
> 
> Regards
> Carsten
> 
> > https://github.com/apache/sling-org-apache-sling-api/commit/
> > 02cb7f1bbc4836865afd7e9964d3be1380daf734
> > 
> > Regards,
> > O.
> > 
> >> Regards
> >> Carsten
> >> 
> >> Am 12.04.2021 um 18:32 schrieb Radu Cotescu:
> >>> Hi Julian,
> >>> 
> >>> The reason for pushing back on this is that ResourceType [1] is more of
> >>> a
> >>> utility class, rather than an API one. It’s a final class, used to:
> >>> 
> >>> Generate require and provide capabilities with the help of the
> >>> scriptingbundle-maven-plugin Set up the servlets for each provided
> >>> capability in org.apache.sling.servlets.resolver
> >>> 
> >>> Granted, we can move it into a dedicated package in o.a.s.api, but I
> >>> really don’t see the value. Moving it will also make o.a.s.scripting.spi
> >>> (providing the rest of the API needed to support bundled scripts) depend
> >>> on o.a.s.api. Is it really worth it?
> >>> 
> >>> Regards,
> >>> Radu
> >>> 
> >>> [1] -
> >>> https://github.com/apache/sling-org-apache-sling-scripting-spi/blob/e14f
> >>> 6
> >>> c23df591646d01fb3aaa185e9360cadcaa0/src/main/java/org/apache/sling/scrip
> >>> ti
> >>> ng/spi/bundle/ResourceType.java#L41>
> >>> 
>  On 12 Apr 2021, at 16:57, Julian Sedding  wrote:
>  
>  Hi *
>  
>  I agree with Olli that moving ResourceType later will not happen,
>  because it causes too much disruption. I also agree that it is
>  generally useful and not inherently linked to scripting.
>  
>  Why can't we just move it now, before we make our lives harder? If
>  o.a.s.scripting.spi should not depend on o.a.s.api, then it would
>  still be possible to embed/inline a self-contained class ResourceType.
>  
>  Regards
>  Julian
>  
>  On Thu, Apr 8, 2021 at 10:56 PM Oliver Lietz 
> > 
> > wrote:
> > On Thursday, 8 April 2021 15:48:27 CEST Radu Cotescu wrote:
> >> Hi Olli,
> > 
> > Hi Radu,
> > 
> >>> On 1 Apr 2021, at 21:26, Oliver Lietz  wrote:
> >>> 
> >>> I have a use case for ResourceType not related to Scripting and
> >>> would
> >>> like
> >>> to see it in Sling API (see SLING- for reasons) where it fits
> >>> well.
> >>> 
> >>> https://github.com/apache/sling-org-apache-sling-scripting-spi/blob/
> >>> ma
> >>> ster
> >>> /
> >>>  >>> /m
> >>> ast
> >>> er/>
> >>> src/main/java/org/apache/sling/scripting/spi/bundle/ResourceType.jav
> >>> a
> >>> 
> >>> WDYT?
> >> 
> >> I’ve already replied to your concern at [0], but I don’t mind
> >> repeating
> >> what I said:
> >> 
> >> “If we really need to use the ResourceType class somewhere else, we
> >> can
> >> move it to the o.a.s.api bundle when the time comes. We can then
> >> deprecate the one from o.a.s.scripting.spi and remove it once there
> >> will be other incompatible changes added by the other interfaces.
> >> Until then, I really don't see the need to spread 5

[GitHub] [sling-org-apache-sling-feature-launcher] enapps-enorman commented on a change in pull request #24: Fixes in cli options

2021-04-13 Thread GitBox 


enapps-enorman commented on a change in pull request #24:
URL: 
https://github.com/apache/sling-org-apache-sling-feature-launcher/pull/24#discussion_r612790461



##
File path: src/main/java/org/apache/sling/feature/launcher/impl/Main.java
##
@@ -174,8 +179,9 @@ protected static void parseArgs(final LauncherConfig 
config, final String[] args
 final Option fwkProperties = Option.builder(OPT_FRAMEWORK_PROPERTIES)
 .longOpt("framework-properties")
 .desc("Set framework properties")
+.hasArg()
 .optionalArg(true)

Review comment:
   I see.  Would you be opposed to changing the Dockerfile to include the 
"-D" in the FRAMEWORK_PROPERTIES env value string before each name=value and 
separate each of those items with a space?  That might make it simpler to parse 
and avoid troubles with escaping the commas (if any) in the property name or 
value.




-- 
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.

For queries about this service, please contact Infrastructure at:
us...@infra.apache.org

[GitHub] [sling-org-apache-sling-feature-launcher] enapps-enorman commented on a change in pull request #24: Fixes in cli options

2021-04-13 Thread GitBox 


enapps-enorman commented on a change in pull request #24:
URL: 
https://github.com/apache/sling-org-apache-sling-feature-launcher/pull/24#discussion_r612785693



##
File path: src/main/java/org/apache/sling/feature/launcher/impl/Main.java
##
@@ -174,8 +179,9 @@ protected static void parseArgs(final LauncherConfig 
config, final String[] args
 final Option fwkProperties = Option.builder(OPT_FRAMEWORK_PROPERTIES)
 .longOpt("framework-properties")

Review comment:
   Ok, I now see how the Dockerfile was using those ENV configurations and 
it looks like it may be assuming that -D accepts a list of name=value 
properties?
   
   I could be wrong, but I'm not seeing where Apache cli automatically handles 
a list of properties in that way.  And as far as I know, defining a system 
property with a "-D" jvm arg expects only a single name=value and not a list.




-- 
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.

For queries about this service, please contact Infrastructure at:
us...@infra.apache.org

[GitHub] [sling-org-apache-sling-feature-launcher] stbischof commented on a change in pull request #24: Fixes in cli options

2021-04-13 Thread GitBox 


stbischof commented on a change in pull request #24:
URL: 
https://github.com/apache/sling-org-apache-sling-feature-launcher/pull/24#discussion_r612749947



##
File path: src/main/java/org/apache/sling/feature/launcher/impl/Main.java
##
@@ -174,8 +179,9 @@ protected static void parseArgs(final LauncherConfig 
config, final String[] args
 final Option fwkProperties = Option.builder(OPT_FRAMEWORK_PROPERTIES)
 .longOpt("framework-properties")
 .desc("Set framework properties")
+.hasArg()
 .optionalArg(true)

Review comment:
   The optional arg is important for the docker setup. In the docker file 
we delegate every env to a option. So it could be that most Options are empty. 
And if we do not have opt arg the cliparser will fail.
   
   
https://github.com/apache/sling-org-apache-sling-feature-launcher/blob/4d667433f0e733985a8cdfe41ad6295a0486ed38/src/main/docker/Dockerfile#L55




-- 
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.

For queries about this service, please contact Infrastructure at:
us...@infra.apache.org

[GitHub] [sling-org-apache-sling-feature-launcher] stbischof commented on a change in pull request #24: Fixes in cli options

2021-04-13 Thread GitBox 


stbischof commented on a change in pull request #24:
URL: 
https://github.com/apache/sling-org-apache-sling-feature-launcher/pull/24#discussion_r612753232



##
File path: src/main/java/org/apache/sling/feature/launcher/impl/Main.java
##
@@ -174,8 +179,9 @@ protected static void parseArgs(final LauncherConfig 
config, final String[] args
 final Option fwkProperties = Option.builder(OPT_FRAMEWORK_PROPERTIES)
 .longOpt("framework-properties")

Review comment:
   But that means that we could only delegate one framework property set as 
an env param to the cli.
   
   This might be a Problem later.
   
   I also thought that the -Da=1,b=2 patternn is the default for Apache cli and 
java jvm args




-- 
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.

For queries about this service, please contact Infrastructure at:
us...@infra.apache.org

[GitHub] [sling-org-apache-sling-feature-launcher] stbischof commented on a change in pull request #24: Fixes in cli options

2021-04-13 Thread GitBox 


stbischof commented on a change in pull request #24:
URL: 
https://github.com/apache/sling-org-apache-sling-feature-launcher/pull/24#discussion_r612753232



##
File path: src/main/java/org/apache/sling/feature/launcher/impl/Main.java
##
@@ -174,8 +179,9 @@ protected static void parseArgs(final LauncherConfig 
config, final String[] args
 final Option fwkProperties = Option.builder(OPT_FRAMEWORK_PROPERTIES)
 .longOpt("framework-properties")

Review comment:
   But that means that we could only delegate one framework property set as 
an env param to the cli.
   
   This might be a Problem later.
   
   I also thought that the -Da=1,b=2 patternnis the default for Apache cli and 
java jvm args




-- 
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.

For queries about this service, please contact Infrastructure at:
us...@infra.apache.org

[GitHub] [sling-org-apache-sling-servlets-get] sonarcloud[bot] commented on pull request #6: SLING-10303 update to parent pom 41, other version updates, add testcases

2021-04-13 Thread GitBox 


sonarcloud[bot] commented on pull request #6:
URL: 
https://github.com/apache/sling-org-apache-sling-servlets-get/pull/6#issuecomment-819036352


   Kudos, SonarCloud Quality Gate passed!
   
   [](https://sonarcloud.io/project/issues?id=apache_sling-org-apache-sling-servlets-get=6=false=BUG)
 [](https://sonarcloud.io/project/issues?id=apache_sling-org-apache-sling-servlets-get=6=false=BUG)
 [0 
Bugs](https://sonarcloud.io/project/issues?id=apache_sling-org-apache-sling-servlets-get=6=false=BUG)
  
   [](https://sonarcloud.io/project/issues?id=apache_sling-org-apache-sling-servlets-get=6=false=VULNERABILITY)
 [](https://sonarcloud.io/project/issues?id=apache_sling-org-apache-sling-servlets-get=6=false=VULNERABILITY)
 [0 
Vulnerabilities](https://sonarcloud.io/project/issues?id=apache_sling-org-apache-sling-servlets-get=6=false=VULNERABILITY)
  
   [](https://sonarcloud.io/project/security_hotspots?id=apache_sling-org-apache-sling-servlets-get=6=false=SECURITY_HOTSPOT)
 [](https://sonarcloud.io/project/security_hotspots?id=apache_sling-org-apache-sling-servlets-get=6=false=SECURITY_HOTSPOT)
 [0 Security 
Hotspots](https://sonarcloud.io/project/security_hotspots?id=apache_sling-org-apache-sling-servlets-get=6=false=SECURITY_HOTSPOT)
  
   [](https://sonarcloud.io/project/issues?id=apache_sling-org-apache-sling-servlets-get=6=false=CODE_SMELL)
 [](https://sonarcloud.io/project/issues?id=apache_sling-org-apache-sling-servlets-get=6=false=CODE_SMELL)
 [1 Code 
Smell](https://sonarcloud.io/project/issues?id=apache_sling-org-apache-sling-servlets-get=6=false=CODE_SMELL)
   
   [](https://sonarcloud.io/component_measures?id=apache_sling-org-apache-sling-servlets-get=6=coverage=list)
 No Coverage information  
   [](https://sonarcloud.io/component_measures?id=apache_sling-org-apache-sling-servlets-get=6=new_duplicated_lines_density=list)
 [0.0% 
Duplication](https://sonarcloud.io/component_measures?id=apache_sling-org-apache-sling-servlets-get=6=new_duplicated_lines_density=list)
   
   


-- 
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.

For queries about this service, please contact Infrastructure at:
us...@infra.apache.org

[jira] [Updated] (SLING-10303) Improve test coverage of StreamRenderer

2021-04-13 Thread Joerg Hoh (Jira) 


 [ 
https://issues.apache.org/jira/browse/SLING-10303?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel
 ]

Joerg Hoh updated SLING-10303:
--
Description: 
* Add some test coverage to the StreamRenderer
* Update dependencies

https://github.com/apache/sling-org-apache-sling-servlets-get/pull/6

> Improve test coverage of StreamRenderer
> ---
>
> Key: SLING-10303
> URL: https://issues.apache.org/jira/browse/SLING-10303
> Project: Sling
>  Issue Type: Improvement
>  Components: Servlets
>Affects Versions: Servlets Get 2.1.40
>Reporter: Joerg Hoh
>Assignee: Joerg Hoh
>Priority: Major
> Fix For: Servlets Get 2.1.42
>
>  Time Spent: 10m
>  Remaining Estimate: 0h
>
> * Add some test coverage to the StreamRenderer
> * Update dependencies
> https://github.com/apache/sling-org-apache-sling-servlets-get/pull/6



--
This message was sent by Atlassian Jira
(v8.3.4#803005)

[GitHub] [sling-org-apache-sling-feature-launcher] stbischof commented on a change in pull request #24: Fixes in cli options

2021-04-13 Thread GitBox 


stbischof commented on a change in pull request #24:
URL: 
https://github.com/apache/sling-org-apache-sling-feature-launcher/pull/24#discussion_r612753232



##
File path: src/main/java/org/apache/sling/feature/launcher/impl/Main.java
##
@@ -174,8 +179,9 @@ protected static void parseArgs(final LauncherConfig 
config, final String[] args
 final Option fwkProperties = Option.builder(OPT_FRAMEWORK_PROPERTIES)
 .longOpt("framework-properties")

Review comment:
   But that means that we could only delegate one framework property set as 
an env param to the cli.
   
   This might be a Problem later.




-- 
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.

For queries about this service, please contact Infrastructure at:
us...@infra.apache.org

[jira] [Resolved] (SLING-10295) Unclosed inpustreams with DefaultGetServlet

2021-04-13 Thread Joerg Hoh (Jira) 


 [ 
https://issues.apache.org/jira/browse/SLING-10295?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel
 ]

Joerg Hoh resolved SLING-10295.
---
Resolution: Resolved

> Unclosed inpustreams with DefaultGetServlet
> ---
>
> Key: SLING-10295
> URL: https://issues.apache.org/jira/browse/SLING-10295
> Project: Sling
>  Issue Type: Bug
>  Components: Servlets
>Affects Versions: Servlets Get 2.1.40
>Reporter: Joerg Hoh
>Assignee: Joerg Hoh
>Priority: Major
> Fix For: Servlets Get 2.1.42
>
>  Time Spent: 1h 10m
>  Remaining Estimate: 0h
>
> The DefaultGetServlet has codepaths with unclosed inputstreams.
> See https://github.com/apache/sling-org-apache-sling-servlets-get/pull/5



--
This message was sent by Atlassian Jira
(v8.3.4#803005)

[GitHub] [sling-org-apache-sling-servlets-get] joerghoh merged pull request #5: SLING-10295 fix stream leaks in StreamRenderer

2021-04-13 Thread GitBox 


joerghoh merged pull request #5:
URL: https://github.com/apache/sling-org-apache-sling-servlets-get/pull/5


   


-- 
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.

For queries about this service, please contact Infrastructure at:
us...@infra.apache.org

[GitHub] [sling-org-apache-sling-feature-launcher] stbischof commented on a change in pull request #24: Fixes in cli options

2021-04-13 Thread GitBox 


stbischof commented on a change in pull request #24:
URL: 
https://github.com/apache/sling-org-apache-sling-feature-launcher/pull/24#discussion_r612751774



##
File path: src/main/java/org/apache/sling/feature/launcher/impl/Main.java
##
@@ -264,20 +270,23 @@ protected static void parseArgs(final LauncherConfig 
config, final String[] args
 config.getConfigClashOverrides().put(name, 
cfgCProps.getProperty(name));
 }
 
-Properties fwProps = 
cl.getOptionProperties(OPT_FRAMEWORK_PROPERTIES);
-for (final String name : fwProps.stringPropertyNames()) {
-config.getInstallation()
-.getFrameworkProperties()
-.put(name, fwProps.getProperty(name));
-}
+extractValuesFromOption(cl, 
OPT_FRAMEWORK_PROPERTIES).orElseGet(ArrayList::new)
+.forEach(value -> {
+final String[] keyVal = split(value);
+
config.getInstallation().getFrameworkProperties().put(keyVal[0], keyVal[1]);
+});
 
 Properties varProps = cl.getOptionProperties(OPT_VARIABLE_VALUES);
 for (final String name : varProps.stringPropertyNames()) {
 config.getVariables().put(name, varProps.getProperty(name));
 }
 
-extractValueFromOption(cl, OPT_VERBOSE, "debug").ifPresent(
-value -> 
System.setProperty("org.slf4j.simpleLogger.defaultLogLevel", value));
+if (cl.hasOption(OPT_VERBOSE)) {
+extractValueFromOption(cl, OPT_VERBOSE, 
"debug").ifPresent(value -> System
+.setProperty("org.slf4j.simpleLogger.defaultLogLevel", 
value));
+} else {
+System.setProperty("org.slf4j.simpleLogger.defaultLogLevel", 
"info");

Review comment:
   Ok will change it and cover it up with a test




-- 
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.

For queries about this service, please contact Infrastructure at:
us...@infra.apache.org

[GitHub] [sling-org-apache-sling-feature-launcher] stbischof commented on a change in pull request #24: Fixes in cli options

2021-04-13 Thread GitBox 


stbischof commented on a change in pull request #24:
URL: 
https://github.com/apache/sling-org-apache-sling-feature-launcher/pull/24#discussion_r612751195



##
File path: src/main/java/org/apache/sling/feature/launcher/impl/Main.java
##
@@ -264,20 +270,23 @@ protected static void parseArgs(final LauncherConfig 
config, final String[] args
 config.getConfigClashOverrides().put(name, 
cfgCProps.getProperty(name));
 }
 
-Properties fwProps = 
cl.getOptionProperties(OPT_FRAMEWORK_PROPERTIES);
-for (final String name : fwProps.stringPropertyNames()) {
-config.getInstallation()
-.getFrameworkProperties()
-.put(name, fwProps.getProperty(name));
-}
+extractValuesFromOption(cl, 
OPT_FRAMEWORK_PROPERTIES).orElseGet(ArrayList::new)
+.forEach(value -> {
+final String[] keyVal = split(value);
+
config.getInstallation().getFrameworkProperties().put(keyVal[0], keyVal[1]);
+});
 
 Properties varProps = cl.getOptionProperties(OPT_VARIABLE_VALUES);
 for (final String name : varProps.stringPropertyNames()) {
 config.getVariables().put(name, varProps.getProperty(name));
 }
 
-extractValueFromOption(cl, OPT_VERBOSE, "debug").ifPresent(
-value -> 
System.setProperty("org.slf4j.simpleLogger.defaultLogLevel", value));
+if (cl.hasOption(OPT_VERBOSE)) {
+extractValueFromOption(cl, OPT_VERBOSE, 
"debug").ifPresent(value -> System

Review comment:
   Sure.




-- 
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.

For queries about this service, please contact Infrastructure at:
us...@infra.apache.org

[GitHub] [sling-org-apache-sling-feature-launcher] stbischof commented on a change in pull request #24: Fixes in cli options

2021-04-13 Thread GitBox 


stbischof commented on a change in pull request #24:
URL: 
https://github.com/apache/sling-org-apache-sling-feature-launcher/pull/24#discussion_r612750717



##
File path: src/main/java/org/apache/sling/feature/launcher/impl/Main.java
##
@@ -174,8 +179,9 @@ protected static void parseArgs(final LauncherConfig 
config, final String[] args
 final Option fwkProperties = Option.builder(OPT_FRAMEWORK_PROPERTIES)
 .longOpt("framework-properties")

Review comment:
   If it is really just one property than it in right. Will fix tomorrow




-- 
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.

For queries about this service, please contact Infrastructure at:
us...@infra.apache.org

[GitHub] [sling-org-apache-sling-feature-launcher] stbischof commented on a change in pull request #24: Fixes in cli options

2021-04-13 Thread GitBox 


stbischof commented on a change in pull request #24:
URL: 
https://github.com/apache/sling-org-apache-sling-feature-launcher/pull/24#discussion_r612749947



##
File path: src/main/java/org/apache/sling/feature/launcher/impl/Main.java
##
@@ -174,8 +179,9 @@ protected static void parseArgs(final LauncherConfig 
config, final String[] args
 final Option fwkProperties = Option.builder(OPT_FRAMEWORK_PROPERTIES)
 .longOpt("framework-properties")
 .desc("Set framework properties")
+.hasArg()
 .optionalArg(true)

Review comment:
   The optional arg is important for the docker setup. In the docker file 
we delegate every env to a option. So it could be that most Options are empty. 
And if we do jott have opt arg the cliparser will fail.




-- 
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.

For queries about this service, please contact Infrastructure at:
us...@infra.apache.org

[GitHub] [sling-org-apache-sling-feature-launcher] enapps-enorman commented on a change in pull request #24: Fixes in cli options

2021-04-13 Thread GitBox 


enapps-enorman commented on a change in pull request #24:
URL: 
https://github.com/apache/sling-org-apache-sling-feature-launcher/pull/24#discussion_r612720295



##
File path: src/main/java/org/apache/sling/feature/launcher/impl/Main.java
##
@@ -264,20 +270,23 @@ protected static void parseArgs(final LauncherConfig 
config, final String[] args
 config.getConfigClashOverrides().put(name, 
cfgCProps.getProperty(name));
 }
 
-Properties fwProps = 
cl.getOptionProperties(OPT_FRAMEWORK_PROPERTIES);
-for (final String name : fwProps.stringPropertyNames()) {
-config.getInstallation()
-.getFrameworkProperties()
-.put(name, fwProps.getProperty(name));
-}
+extractValuesFromOption(cl, 
OPT_FRAMEWORK_PROPERTIES).orElseGet(ArrayList::new)
+.forEach(value -> {
+final String[] keyVal = split(value);
+
config.getInstallation().getFrameworkProperties().put(keyVal[0], keyVal[1]);
+});
 
 Properties varProps = cl.getOptionProperties(OPT_VARIABLE_VALUES);
 for (final String name : varProps.stringPropertyNames()) {
 config.getVariables().put(name, varProps.getProperty(name));
 }
 
-extractValueFromOption(cl, OPT_VERBOSE, "debug").ifPresent(
-value -> 
System.setProperty("org.slf4j.simpleLogger.defaultLogLevel", value));
+if (cl.hasOption(OPT_VERBOSE)) {
+extractValueFromOption(cl, OPT_VERBOSE, 
"debug").ifPresent(value -> System

Review comment:
   This should validate that the supplied verbose option is a valid log 
level.  It must be one of ("trace", "debug", "info", "warn", "error" or "off"). 
 Any other value should report an error.




-- 
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.

For queries about this service, please contact Infrastructure at:
us...@infra.apache.org

Re: [VOTE] Release Apache Sling Resource Resolver 1.7.4

2021-04-13 Thread Jörg Hoh 
Thanks Stefan!

+1

Jörg

Am Mo., 12. Apr. 2021 um 22:22 Uhr schrieb Stefan Seifert
:

> Hi,
>
> Resource Resolver 1.7.4  (3 issues)
> https://issues.apache.org/jira/browse/SLING/fixforversion/12349581
>
> Staging repository:
> https://repository.apache.org/content/repositories/orgapachesling-2428/
>
> You can use this UNIX script to download the release and verify the
> signatures:
>
> https://gitbox.apache.org/repos/asf?p=sling-tooling-release.git;a=blob;f=check_staged_release.sh;hb=HEAD
>
> Usage:
> sh check_staged_release.sh 2428 /tmp/sling-staging
>
> Please vote to approve this release:
>
>   [ ] +1 Approve the release
>   [ ]  0 Don't care
>   [ ] -1 Don't release, because ...
>
> This majority vote is open for at least 72 hours.
>
> stefan
>


-- 
Cheers,
Jörg Hoh,

https://cqdump.joerghoh.de
Twitter: @joerghoh

Re: [VOTE] Release Apache Sling Event Support 4.2.18

2021-04-13 Thread Jörg Hoh 
+1

Jörg

Am Di., 13. Apr. 2021 um 15:45 Uhr schrieb Stefan Egli <
stefane...@apache.org>:

> Hi,
>
> We solved 4 issues in this release:
> https://issues.apache.org/jira/projects/SLING/versions/12350074
>
> Staging repository:
> https://repository.apache.org/content/repositories/orgapachesling-2429/
>
> You can use this UNIX script to download the release and verify the
> signatures:
>
> https://gitbox.apache.org/repos/asf?p=sling-tooling-release.git;a=blob;f=check_staged_release.sh;hb=HEAD
>
> Usage:
> sh check_staged_release.sh 2429 /tmp/sling-staging
>
> Please vote to approve this release:
>
>   [ ] +1 Approve the release
>   [ ]  0 Don't care
>   [ ] -1 Don't release, because ...
>
> This majority vote is open for at least 72 hours.
>
> Cheers,
> Stefan
>


-- 
Cheers,
Jörg Hoh,

https://cqdump.joerghoh.de
Twitter: @joerghoh

[GitHub] [sling-org-apache-sling-feature-launcher] enapps-enorman commented on a change in pull request #24: Fixes in cli options

2021-04-13 Thread GitBox 


enapps-enorman commented on a change in pull request #24:
URL: 
https://github.com/apache/sling-org-apache-sling-feature-launcher/pull/24#discussion_r612721284



##
File path: src/main/java/org/apache/sling/feature/launcher/impl/Main.java
##
@@ -174,8 +179,9 @@ protected static void parseArgs(final LauncherConfig 
config, final String[] args
 final Option fwkProperties = Option.builder(OPT_FRAMEWORK_PROPERTIES)
 .longOpt("framework-properties")

Review comment:
   Perhaps this name (and description) should be changed to 
"framework-property" since each instance of the arg supplies just one 
name=value pair?




-- 
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.

For queries about this service, please contact Infrastructure at:
us...@infra.apache.org

[jira] [Comment Edited] (SLING-10186) Enhance cli parsing on sling-feature-launcher

2021-04-13 Thread Eric Norman (Jira) 


[ 
https://issues.apache.org/jira/browse/SLING-10186?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel=17320503#comment-17320503
 ] 

Eric Norman edited comment on SLING-10186 at 4/13/21, 8:08 PM:
---

Below would be my preference to maintain compatibility with the 1.1.16 and 
earlier for:
{quote}Could you mark the following options with
 [*]must
 [?]could
 [!]not
{quote}
[*] -D a=1
 [*] -D a=1 -D b=2
 [!] -D a=1,b=2
 [!] -D a=1,b=2 -D c=3

[!] -Da=1
 [!] -Da=1 -D b=2
 [!] -Da=1,b=2
 [!] -Da=1,b=2 -Dc=3

[!] -Da=1 -D c=3

 

I'm not sure what the use case was to allow a csv of name=value pairs within 
the same argument.  Was this to facilitate using env vars to supply the 
configuration?  I saw some mention of using env vars for running 
sling-feature-launcher as an container, but I didn't see where those env vars 
were being read and used.  Specifically, is the FRAMEWORK_PROPERTIES env var 
supposed to be parsed and treated as a list of properties?


was (Author: enorman):
Below would be my preference to maintain compatibility with the 1.1.16 and 
earlier for:
{quote}Could you mark the following options with
[*]must
[?]could
[!]not
{quote}
[*] -D a=1
[*] -D a=1 -D b=2
[!] -D a=1,b=2
[!] -D a=1,b=2 -D c=3

[!] -Da=1
[!] -Da=1 -D b=2
[!] -Da=1,b=2
[!] -Da=1,b=2 -Dc=3

[!] -Da=1 -D c=3

 

I'm not sure what the use case was to allow a csv of name=value pairs within 
the same argument.  Was this to facilitate using env vars to supply the 
configuration?  I saw some mention of using env vars for running 
sling-feature-launcher as an container, but I didn't see where those env vars 
were being read and used.  Specifically, is the FRAMEWORK_PROPERTIES env var 
supposed to be a list of properties?

> Enhance cli parsing on sling-feature-launcher
> -
>
> Key: SLING-10186
> URL: https://issues.apache.org/jira/browse/SLING-10186
> Project: Sling
>  Issue Type: Improvement
>Reporter: Stefan Bischof
>Assignee: Robert Munteanu
>Priority: Major
> Fix For: Feature Model Launcher 1.1.18
>
>
> extract opts as Constants
>  add longOpt to Options
>  fix plural in description
>  use Builder-pattern to build Options
>  set numberOfArgs , valueSeparator(',')
>  accept (but ignore) empty options without ParsingExceptions
>  using .optionalArg(true) and Optionals
>  option to set loglevel on verbose Option
>  update common-cli version
>  use DefaultParser not deprecated BasicParser
> https://github.com/apache/sling-org-apache-sling-feature-launcher/pull/16



--
This message was sent by Atlassian Jira
(v8.3.4#803005)

[GitHub] [sling-org-apache-sling-servlets-get] sonarcloud[bot] removed a comment on pull request #5: SLING-10295 fix stream leaks in StreamRenderer

2021-04-13 Thread GitBox 


sonarcloud[bot] removed a comment on pull request #5:
URL: 
https://github.com/apache/sling-org-apache-sling-servlets-get/pull/5#issuecomment-818737715


   Kudos, SonarCloud Quality Gate passed!
   
   [](https://sonarcloud.io/project/issues?id=apache_sling-org-apache-sling-servlets-get=5=false=BUG)
 [](https://sonarcloud.io/project/issues?id=apache_sling-org-apache-sling-servlets-get=5=false=BUG)
 [0 
Bugs](https://sonarcloud.io/project/issues?id=apache_sling-org-apache-sling-servlets-get=5=false=BUG)
  
   [](https://sonarcloud.io/project/issues?id=apache_sling-org-apache-sling-servlets-get=5=false=VULNERABILITY)
 [](https://sonarcloud.io/project/issues?id=apache_sling-org-apache-sling-servlets-get=5=false=VULNERABILITY)
 [0 
Vulnerabilities](https://sonarcloud.io/project/issues?id=apache_sling-org-apache-sling-servlets-get=5=false=VULNERABILITY)
  
   [](https://sonarcloud.io/project/security_hotspots?id=apache_sling-org-apache-sling-servlets-get=5=false=SECURITY_HOTSPOT)
 [](https://sonarcloud.io/project/security_hotspots?id=apache_sling-org-apache-sling-servlets-get=5=false=SECURITY_HOTSPOT)
 [0 Security 
Hotspots](https://sonarcloud.io/project/security_hotspots?id=apache_sling-org-apache-sling-servlets-get=5=false=SECURITY_HOTSPOT)
  
   [](https://sonarcloud.io/project/issues?id=apache_sling-org-apache-sling-servlets-get=5=false=CODE_SMELL)
 [](https://sonarcloud.io/project/issues?id=apache_sling-org-apache-sling-servlets-get=5=false=CODE_SMELL)
 [1 Code 
Smell](https://sonarcloud.io/project/issues?id=apache_sling-org-apache-sling-servlets-get=5=false=CODE_SMELL)
   
   [](https://sonarcloud.io/component_measures?id=apache_sling-org-apache-sling-servlets-get=5=new_coverage=list)
 [0.0% 
Coverage](https://sonarcloud.io/component_measures?id=apache_sling-org-apache-sling-servlets-get=5=new_coverage=list)
  
   [](https://sonarcloud.io/component_measures?id=apache_sling-org-apache-sling-servlets-get=5=new_duplicated_lines_density=list)
 [0.0% 
Duplication](https://sonarcloud.io/component_measures?id=apache_sling-org-apache-sling-servlets-get=5=new_duplicated_lines_density=list)
   
   


-- 
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.

For queries about this service, please contact Infrastructure at:
us...@infra.apache.org

[GitHub] [sling-org-apache-sling-servlets-get] sonarcloud[bot] commented on pull request #5: SLING-10295 fix stream leaks in StreamRenderer

2021-04-13 Thread GitBox 


sonarcloud[bot] commented on pull request #5:
URL: 
https://github.com/apache/sling-org-apache-sling-servlets-get/pull/5#issuecomment-819015877


   Kudos, SonarCloud Quality Gate passed!
   
   [](https://sonarcloud.io/project/issues?id=apache_sling-org-apache-sling-servlets-get=5=false=BUG)
 [](https://sonarcloud.io/project/issues?id=apache_sling-org-apache-sling-servlets-get=5=false=BUG)
 [0 
Bugs](https://sonarcloud.io/project/issues?id=apache_sling-org-apache-sling-servlets-get=5=false=BUG)
  
   [](https://sonarcloud.io/project/issues?id=apache_sling-org-apache-sling-servlets-get=5=false=VULNERABILITY)
 [](https://sonarcloud.io/project/issues?id=apache_sling-org-apache-sling-servlets-get=5=false=VULNERABILITY)
 [0 
Vulnerabilities](https://sonarcloud.io/project/issues?id=apache_sling-org-apache-sling-servlets-get=5=false=VULNERABILITY)
  
   [](https://sonarcloud.io/project/security_hotspots?id=apache_sling-org-apache-sling-servlets-get=5=false=SECURITY_HOTSPOT)
 [](https://sonarcloud.io/project/security_hotspots?id=apache_sling-org-apache-sling-servlets-get=5=false=SECURITY_HOTSPOT)
 [0 Security 
Hotspots](https://sonarcloud.io/project/security_hotspots?id=apache_sling-org-apache-sling-servlets-get=5=false=SECURITY_HOTSPOT)
  
   [](https://sonarcloud.io/project/issues?id=apache_sling-org-apache-sling-servlets-get=5=false=CODE_SMELL)
 [](https://sonarcloud.io/project/issues?id=apache_sling-org-apache-sling-servlets-get=5=false=CODE_SMELL)
 [1 Code 
Smell](https://sonarcloud.io/project/issues?id=apache_sling-org-apache-sling-servlets-get=5=false=CODE_SMELL)
   
   [](https://sonarcloud.io/component_measures?id=apache_sling-org-apache-sling-servlets-get=5=new_coverage=list)
 [0.0% 
Coverage](https://sonarcloud.io/component_measures?id=apache_sling-org-apache-sling-servlets-get=5=new_coverage=list)
  
   [](https://sonarcloud.io/component_measures?id=apache_sling-org-apache-sling-servlets-get=5=new_duplicated_lines_density=list)
 [0.0% 
Duplication](https://sonarcloud.io/component_measures?id=apache_sling-org-apache-sling-servlets-get=5=new_duplicated_lines_density=list)
   
   


-- 
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.

For queries about this service, please contact Infrastructure at:
us...@infra.apache.org

[jira] [Commented] (SLING-10186) Enhance cli parsing on sling-feature-launcher

2021-04-13 Thread Eric Norman (Jira) 


[ 
https://issues.apache.org/jira/browse/SLING-10186?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel=17320503#comment-17320503
 ] 

Eric Norman commented on SLING-10186:
-

Below would be my preference to maintain compatibility with the 1.1.16 and 
earlier for:
{quote}Could you mark the following options with
[*]must
[?]could
[!]not
{quote}
[*] -D a=1
[*] -D a=1 -D b=2
[!] -D a=1,b=2
[!] -D a=1,b=2 -D c=3

[!] -Da=1
[!] -Da=1 -D b=2
[!] -Da=1,b=2
[!] -Da=1,b=2 -Dc=3

[!] -Da=1 -D c=3

 

I'm not sure what the use case was to allow a csv of name=value pairs within 
the same argument.  Was this to facilitate using env vars to supply the 
configuration?  I saw some mention of using env vars for running 
sling-feature-launcher as an container, but I didn't see where those env vars 
were being read and used.  Specifically, is the FRAMEWORK_PROPERTIES env var 
supposed to be a list of properties?

> Enhance cli parsing on sling-feature-launcher
> -
>
> Key: SLING-10186
> URL: https://issues.apache.org/jira/browse/SLING-10186
> Project: Sling
>  Issue Type: Improvement
>Reporter: Stefan Bischof
>Assignee: Robert Munteanu
>Priority: Major
> Fix For: Feature Model Launcher 1.1.18
>
>
> extract opts as Constants
>  add longOpt to Options
>  fix plural in description
>  use Builder-pattern to build Options
>  set numberOfArgs , valueSeparator(',')
>  accept (but ignore) empty options without ParsingExceptions
>  using .optionalArg(true) and Optionals
>  option to set loglevel on verbose Option
>  update common-cli version
>  use DefaultParser not deprecated BasicParser
> https://github.com/apache/sling-org-apache-sling-feature-launcher/pull/16



--
This message was sent by Atlassian Jira
(v8.3.4#803005)

[GitHub] [sling-org-apache-sling-feature-launcher] enapps-enorman commented on a change in pull request #24: Fixes in cli options

2021-04-13 Thread GitBox 


enapps-enorman commented on a change in pull request #24:
URL: 
https://github.com/apache/sling-org-apache-sling-feature-launcher/pull/24#discussion_r612718849



##
File path: src/main/java/org/apache/sling/feature/launcher/impl/Main.java
##
@@ -264,20 +270,23 @@ protected static void parseArgs(final LauncherConfig 
config, final String[] args
 config.getConfigClashOverrides().put(name, 
cfgCProps.getProperty(name));
 }
 
-Properties fwProps = 
cl.getOptionProperties(OPT_FRAMEWORK_PROPERTIES);
-for (final String name : fwProps.stringPropertyNames()) {
-config.getInstallation()
-.getFrameworkProperties()
-.put(name, fwProps.getProperty(name));
-}
+extractValuesFromOption(cl, 
OPT_FRAMEWORK_PROPERTIES).orElseGet(ArrayList::new)
+.forEach(value -> {
+final String[] keyVal = split(value);
+
config.getInstallation().getFrameworkProperties().put(keyVal[0], keyVal[1]);
+});
 
 Properties varProps = cl.getOptionProperties(OPT_VARIABLE_VALUES);
 for (final String name : varProps.stringPropertyNames()) {
 config.getVariables().put(name, varProps.getProperty(name));
 }
 
-extractValueFromOption(cl, OPT_VERBOSE, "debug").ifPresent(
-value -> 
System.setProperty("org.slf4j.simpleLogger.defaultLogLevel", value));
+if (cl.hasOption(OPT_VERBOSE)) {
+extractValueFromOption(cl, OPT_VERBOSE, 
"debug").ifPresent(value -> System
+.setProperty("org.slf4j.simpleLogger.defaultLogLevel", 
value));
+} else {
+System.setProperty("org.slf4j.simpleLogger.defaultLogLevel", 
"info");

Review comment:
   I believe that "info" is already the default log level for the 
simplelogger when there is no "org.slf4j.simpleLogger.defaultLogLevel" system 
property, so this else block shouldn't be necessary.

##
File path: src/main/java/org/apache/sling/feature/launcher/impl/Main.java
##
@@ -264,20 +270,23 @@ protected static void parseArgs(final LauncherConfig 
config, final String[] args
 config.getConfigClashOverrides().put(name, 
cfgCProps.getProperty(name));
 }
 
-Properties fwProps = 
cl.getOptionProperties(OPT_FRAMEWORK_PROPERTIES);
-for (final String name : fwProps.stringPropertyNames()) {
-config.getInstallation()
-.getFrameworkProperties()
-.put(name, fwProps.getProperty(name));
-}
+extractValuesFromOption(cl, 
OPT_FRAMEWORK_PROPERTIES).orElseGet(ArrayList::new)
+.forEach(value -> {
+final String[] keyVal = split(value);
+
config.getInstallation().getFrameworkProperties().put(keyVal[0], keyVal[1]);
+});
 
 Properties varProps = cl.getOptionProperties(OPT_VARIABLE_VALUES);
 for (final String name : varProps.stringPropertyNames()) {
 config.getVariables().put(name, varProps.getProperty(name));
 }
 
-extractValueFromOption(cl, OPT_VERBOSE, "debug").ifPresent(
-value -> 
System.setProperty("org.slf4j.simpleLogger.defaultLogLevel", value));
+if (cl.hasOption(OPT_VERBOSE)) {
+extractValueFromOption(cl, OPT_VERBOSE, 
"debug").ifPresent(value -> System

Review comment:
   This should validate that the supplied verbose option is a valid log 
level.  It must be one of ("trace", "debug", "info", "warn", "error" or "off"). 
 Any other value should report an error and exit.

##
File path: src/main/java/org/apache/sling/feature/launcher/impl/Main.java
##
@@ -174,8 +179,9 @@ protected static void parseArgs(final LauncherConfig 
config, final String[] args
 final Option fwkProperties = Option.builder(OPT_FRAMEWORK_PROPERTIES)
 .longOpt("framework-properties")

Review comment:
   Perhaps this name (and description) should be changed to 
"framework-property" since each instance of the arg supplies just one 
= pair?

##
File path: src/main/java/org/apache/sling/feature/launcher/impl/Main.java
##
@@ -174,8 +179,9 @@ protected static void parseArgs(final LauncherConfig 
config, final String[] args
 final Option fwkProperties = Option.builder(OPT_FRAMEWORK_PROPERTIES)
 .longOpt("framework-properties")
 .desc("Set framework properties")
+.hasArg()
 .optionalArg(true)

Review comment:
   I don't believe it makes sense for the arg to be optional here, so maybe 
remove this line?




-- 
This is an automated message from the Apache Git Service.
To respond to the message,

[GitHub] [sling-org-apache-sling-servlets-get] joerghoh opened a new pull request #6: SLING-10303 update to parent pom 41, other version updates, add testcases

2021-04-13 Thread GitBox 


joerghoh opened a new pull request #6:
URL: https://github.com/apache/sling-org-apache-sling-servlets-get/pull/6


   


-- 
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.

For queries about this service, please contact Infrastructure at:
us...@infra.apache.org

Re: [VOTE] Release Apache Sling Resource Resolver 1.7.4

2021-04-13 Thread Eric Norman 
+1

On Mon, Apr 12, 2021 at 1:22 PM Stefan Seifert
 wrote:

> Hi,
>
> Resource Resolver 1.7.4  (3 issues)
> https://issues.apache.org/jira/browse/SLING/fixforversion/12349581
>
> Staging repository:
> https://repository.apache.org/content/repositories/orgapachesling-2428/
>
> You can use this UNIX script to download the release and verify the
> signatures:
>
> https://gitbox.apache.org/repos/asf?p=sling-tooling-release.git;a=blob;f=check_staged_release.sh;hb=HEAD
>
> Usage:
> sh check_staged_release.sh 2428 /tmp/sling-staging
>
> Please vote to approve this release:
>
>   [ ] +1 Approve the release
>   [ ]  0 Don't care
>   [ ] -1 Don't release, because ...
>
> This majority vote is open for at least 72 hours.
>
> stefan
>

Re: [VOTE] Release Apache Sling Event Support 4.2.18

2021-04-13 Thread Eric Norman 
+1

On Tue, Apr 13, 2021 at 6:45 AM Stefan Egli  wrote:

> Hi,
>
> We solved 4 issues in this release:
> https://issues.apache.org/jira/projects/SLING/versions/12350074
>
> Staging repository:
> https://repository.apache.org/content/repositories/orgapachesling-2429/
>
> You can use this UNIX script to download the release and verify the
> signatures:
>
> https://gitbox.apache.org/repos/asf?p=sling-tooling-release.git;a=blob;f=check_staged_release.sh;hb=HEAD
>
> Usage:
> sh check_staged_release.sh 2429 /tmp/sling-staging
>
> Please vote to approve this release:
>
>   [ ] +1 Approve the release
>   [ ]  0 Don't care
>   [ ] -1 Don't release, because ...
>
> This majority vote is open for at least 72 hours.
>
> Cheers,
> Stefan
>

[jira] [Resolved] (SLING-10294) Committer CLI - Return Codes

2021-04-13 Thread Dan Klco (Jira) 


 [ 
https://issues.apache.org/jira/browse/SLING-10294?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel
 ]

Dan Klco resolved SLING-10294.
--
Resolution: Fixed

Fixed in ecbe0d7aef0c6a15a1f1a5b9bda144d18473801e

> Committer CLI - Return Codes
> 
>
> Key: SLING-10294
> URL: https://issues.apache.org/jira/browse/SLING-10294
> Project: Sling
>  Issue Type: Improvement
>Reporter: Dan Klco
>Assignee: Dan Klco
>Priority: Minor
>
> The Committer CLI doesn't return a status code from any of the commands which 
> doesn't allow for chaining or easily detecting errors without looking at the 
> output. 
> We should update the Command interface to implement Callable instead 
> of Runnable to enable the commands to return a status code to the shell. 



--
This message was sent by Atlassian Jira
(v8.3.4#803005)

[jira] [Closed] (SLING-10294) Committer CLI - Return Codes

2021-04-13 Thread Dan Klco (Jira) 


 [ 
https://issues.apache.org/jira/browse/SLING-10294?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel
 ]

Dan Klco closed SLING-10294.


> Committer CLI - Return Codes
> 
>
> Key: SLING-10294
> URL: https://issues.apache.org/jira/browse/SLING-10294
> Project: Sling
>  Issue Type: Improvement
>Reporter: Dan Klco
>Assignee: Dan Klco
>Priority: Minor
>
> The Committer CLI doesn't return a status code from any of the commands which 
> doesn't allow for chaining or easily detecting errors without looking at the 
> output. 
> We should update the Command interface to implement Callable instead 
> of Runnable to enable the commands to return a status code to the shell. 



--
This message was sent by Atlassian Jira
(v8.3.4#803005)

[GitHub] [sling-org-apache-sling-feature-cpconverter] kwin commented on pull request #70: SLING-10127 optionally emit converted content packages to dedicated folder

2021-04-13 Thread GitBox 


kwin commented on pull request #70:
URL: 
https://github.com/apache/sling-org-apache-sling-feature-cpconverter/pull/70#issuecomment-818872856


   I exposed now three options for the `contenttypepackagepolicy` in 
https://github.com/apache/sling-org-apache-sling-feature-cpconverter/pull/70/commits/9674b0a3f684f1fca98d7bb7e23868e5631f8af0:
 `DROP` (deprecated, default behaviour), `REFERENCE` and 
`PUT_IN_DEDICATED_FOLDER`. WDYT?
   


-- 
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.

For queries about this service, please contact Infrastructure at:
us...@infra.apache.org

[GitHub] [sling-org-apache-sling-feature-cpconverter] sonarcloud[bot] removed a comment on pull request #70: SLING-10127 optionally emit converted content packages to dedicated folder

2021-04-13 Thread GitBox 


sonarcloud[bot] removed a comment on pull request #70:
URL: 
https://github.com/apache/sling-org-apache-sling-feature-cpconverter/pull/70#issuecomment-818516185


   SonarCloud Quality Gate failed.
   
   [](https://sonarcloud.io/project/issues?id=apache_sling-org-apache-sling-feature-cpconverter=70=false=BUG)
 [](https://sonarcloud.io/project/issues?id=apache_sling-org-apache-sling-feature-cpconverter=70=false=BUG)
 [0 
Bugs](https://sonarcloud.io/project/issues?id=apache_sling-org-apache-sling-feature-cpconverter=70=false=BUG)
  
   [](https://sonarcloud.io/project/issues?id=apache_sling-org-apache-sling-feature-cpconverter=70=false=VULNERABILITY)
 [](https://sonarcloud.io/project/issues?id=apache_sling-org-apache-sling-feature-cpconverter=70=false=VULNERABILITY)
 [0 
Vulnerabilities](https://sonarcloud.io/project/issues?id=apache_sling-org-apache-sling-feature-cpconverter=70=false=VULNERABILITY)
  
   [](https://sonarcloud.io/project/security_hotspots?id=apache_sling-org-apache-sling-feature-cpconverter=70=false=SECURITY_HOTSPOT)
 [](https://sonarcloud.io/project/security_hotspots?id=apache_sling-org-apache-sling-feature-cpconverter=70=false=SECURITY_HOTSPOT)
 [0 Security 
Hotspots](https://sonarcloud.io/project/security_hotspots?id=apache_sling-org-apache-sling-feature-cpconverter=70=false=SECURITY_HOTSPOT)
  
   [](https://sonarcloud.io/project/issues?id=apache_sling-org-apache-sling-feature-cpconverter=70=false=CODE_SMELL)
 [](https://sonarcloud.io/project/issues?id=apache_sling-org-apache-sling-feature-cpconverter=70=false=CODE_SMELL)
 [0 Code 
Smells](https://sonarcloud.io/project/issues?id=apache_sling-org-apache-sling-feature-cpconverter=70=false=CODE_SMELL)
   
   [](https://sonarcloud.io/component_measures?id=apache_sling-org-apache-sling-feature-cpconverter=70=new_coverage=list)
 [75.0% 
Coverage](https://sonarcloud.io/component_measures?id=apache_sling-org-apache-sling-feature-cpconverter=70=new_coverage=list)
  
   [](https://sonarcloud.io/component_measures?id=apache_sling-org-apache-sling-feature-cpconverter=70=new_duplicated_lines_density=list)
 [0.0% 
Duplication](https://sonarcloud.io/component_measures?id=apache_sling-org-apache-sling-feature-cpconverter=70=new_duplicated_lines_density=list)
   
   


-- 
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.

For queries about this service, please contact Infrastructure at:
us...@infra.apache.org

[GitHub] [sling-org-apache-sling-feature-cpconverter] sonarcloud[bot] commented on pull request #70: SLING-10127 optionally emit converted content packages to dedicated folder

2021-04-13 Thread GitBox 


sonarcloud[bot] commented on pull request #70:
URL: 
https://github.com/apache/sling-org-apache-sling-feature-cpconverter/pull/70#issuecomment-818872564


   Kudos, SonarCloud Quality Gate passed!
   
   [](https://sonarcloud.io/project/issues?id=apache_sling-org-apache-sling-feature-cpconverter=70=false=BUG)
 [](https://sonarcloud.io/project/issues?id=apache_sling-org-apache-sling-feature-cpconverter=70=false=BUG)
 [0 
Bugs](https://sonarcloud.io/project/issues?id=apache_sling-org-apache-sling-feature-cpconverter=70=false=BUG)
  
   [](https://sonarcloud.io/project/issues?id=apache_sling-org-apache-sling-feature-cpconverter=70=false=VULNERABILITY)
 [](https://sonarcloud.io/project/issues?id=apache_sling-org-apache-sling-feature-cpconverter=70=false=VULNERABILITY)
 [0 
Vulnerabilities](https://sonarcloud.io/project/issues?id=apache_sling-org-apache-sling-feature-cpconverter=70=false=VULNERABILITY)
  
   [](https://sonarcloud.io/project/security_hotspots?id=apache_sling-org-apache-sling-feature-cpconverter=70=false=SECURITY_HOTSPOT)
 [](https://sonarcloud.io/project/security_hotspots?id=apache_sling-org-apache-sling-feature-cpconverter=70=false=SECURITY_HOTSPOT)
 [0 Security 
Hotspots](https://sonarcloud.io/project/security_hotspots?id=apache_sling-org-apache-sling-feature-cpconverter=70=false=SECURITY_HOTSPOT)
  
   [](https://sonarcloud.io/project/issues?id=apache_sling-org-apache-sling-feature-cpconverter=70=false=CODE_SMELL)
 [](https://sonarcloud.io/project/issues?id=apache_sling-org-apache-sling-feature-cpconverter=70=false=CODE_SMELL)
 [2 Code 
Smells](https://sonarcloud.io/project/issues?id=apache_sling-org-apache-sling-feature-cpconverter=70=false=CODE_SMELL)
   
   [](https://sonarcloud.io/component_measures?id=apache_sling-org-apache-sling-feature-cpconverter=70=new_coverage=list)
 [82.4% 
Coverage](https://sonarcloud.io/component_measures?id=apache_sling-org-apache-sling-feature-cpconverter=70=new_coverage=list)
  
   [](https://sonarcloud.io/component_measures?id=apache_sling-org-apache-sling-feature-cpconverter=70=new_duplicated_lines_density=list)
 [0.0% 
Duplication](https://sonarcloud.io/component_measures?id=apache_sling-org-apache-sling-feature-cpconverter=70=new_duplicated_lines_density=list)
   
   


-- 
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.

For queries about this service, please contact Infrastructure at:
us...@infra.apache.org

Re: [git] New git repository - org-apache-sling-auth-saml2

2021-04-13 Thread Cris Rockwell 
Thank you, Robert. 
I look forward to the new repo, and discussing the project’s use 
of the Shibboleth repository and it’s dependencies.
Cris


> On Apr 13, 2021, at 6:40 AM, Robert Munteanu  wrote:
> 
> Hi Cris,
> 
> Overall this looks good, I'll create a repo later this week unless
> someone objects.
> 
> Note that we still need to clarify the status of the additional Maven
> artifact repository [1] and probably need to review the deps (there are
> lots of them) before starting a release. But that's for later.
> 
> Thanks,
> Robert
> 
> [1]: 
> https://github.com/apache/sling-whiteboard/blob/44f4dd89be83f786d6e7e25c4427e19cac71a0e1/saml-handler/pom.xml#L404-L412
> 
> On Mon, 2021-04-12 at 16:27 -0400, Cris Rockwell wrote:
>> Hi Robert
>> 
>> The whiteboard PR is merged. Let me know if you have other questions
>> about creating the repository.
>> 
>> Thanks 
>> Cris
>> 
>> 
>> 
>>> On Apr 8, 2021, at 12:14 PM, Cris Rockwell 
>>> wrote:
>>> 
>>> Hi,
>>> 
>>> Currently org-apache-sling-auth-saml2 build runs about 65 seconds on
>>> my local workstation, 
>>> and several minuted in the Jenkins CI pipeline. 
>>> My understanding is that projects in the Sling Whiteboard repo should
>>> be moved to another repo 
>>> before releasing to Maven Central.
>>> 
>>> Therefore, I'd like to create a new repo for the code currently
>>> living in the
>>> whiteboard at [0]. 
>>> 
>>> Proposed repository name:  org-apache-sling-auth-saml2
>>> Artifact id: org.apache.sling.auth.saml2
>>> 
>>> The resulting jar file will be a java OSGi bundle that when
>>> configured is used to 
>>> authenticate external users using SAML 2.0 protocols.
>>> 
>>> The README [1] has more details on requirements, supported features
>>> and
>>> usage.
>>> 
>>> Thoughts?
>>> Cris Rockwell
>>> Application Architect Senior
>>> University of Michigan | College of Literature, Science, and the Arts
>>> LSA Technology Services | Web & Application Development Services
>>> 
>>> [0]: 
>>> https://github.com/apache/sling-whiteboard/pull/69
>>> 
>>> [1]: 
>>> https://github.com/apache/sling-whiteboard/tree/SLING-9397/update-removed-saml-config-service/saml-handler#readme
>>> 
>> 
> 
>

[jira] [Created] (SLING-10304) Missing documentation for delete user and delete service user

2021-04-13 Thread Angela Schreiber (Jira) 
Angela Schreiber created SLING-10304:


 Summary: Missing documentation for delete user and delete service 
user
 Key: SLING-10304
 URL: https://issues.apache.org/jira/browse/SLING-10304
 Project: Sling
  Issue Type: Bug
  Components: Repoinit
Reporter: Angela Schreiber


according to tests in repoinit-parser (and the implementation for JCR 
repositories) repo-init supports the removal of users and service users. 
however, the documentation at 
https://sling.apache.org/documentation/bundles/repository-initialization.html 
only documents the removal of groups.



--
This message was sent by Atlassian Jira
(v8.3.4#803005)

RE: [VOTE] Release Apache Sling JUnit Core 1.1.2

2021-04-13 Thread Stefan Seifert 

>As per the Release Management doc [0], any PMC member is requested to
>kindly copy this release to the Sling dist directory
>and promote the artifacts to the central Maven repository.

sling dist updated with rev. 47038
you can continue with the other steps (including promotion to maven central).

stefan

Re: [VOTE] Release Apache Sling JUnit Core 1.1.2

2021-04-13 Thread Cris Rockwell 
Hi,

The vote has passed with the following result :

+1 (binding): 
Dan Klco
Stefan Seifert
Robert Munteanu

+1 (non binding):
Andreas Schaefer
Henry Saginor


As per the Release Management doc [0], any PMC member is requested to kindly 
copy this release to the Sling dist directory 
and promote the artifacts to the central Maven repository. 

Let me know if there’s anything else required from me.

Thanks
Cris 

[0] 
https://sling.apache.org/documentation/development/release-management.html#promoting-the-release


> On Apr 13, 2021, at 6:31 AM, Robert Munteanu  wrote:
> 
> On Fri, 2021-04-09 at 12:12 -0400, Cris Rockwell wrote:
>> Please vote to approve these releases:
> 
> +1
> Robert

Re: [VOTE] Release Apache Sling Event Support 4.2.18

2021-04-13 Thread Carsten Ziegeler 

+1

Carsten

Am 13.04.2021 um 15:45 schrieb Stefan Egli:

Hi,

We solved 4 issues in this release:
https://issues.apache.org/jira/projects/SLING/versions/12350074

Staging repository:
https://repository.apache.org/content/repositories/orgapachesling-2429/

You can use this UNIX script to download the release and verify the
signatures:
https://gitbox.apache.org/repos/asf?p=sling-tooling-release.git;a=blob;f=check_staged_release.sh;hb=HEAD 



Usage:
sh check_staged_release.sh 2429 /tmp/sling-staging

Please vote to approve this release:

[ ] +1 Approve the release
[ ]  0 Don't care
[ ] -1 Don't release, because ...

This majority vote is open for at least 72 hours.

Cheers,
Stefan


--
--
Carsten Ziegeler
Adobe Research Switzerland
cziege...@apache.org

RE: [VOTE] Release Apache Sling Event Support 4.2.18

2021-04-13 Thread Stefan Seifert 
+1

stefan

[VOTE] Release Apache Sling Event Support 4.2.18

2021-04-13 Thread Stefan Egli 

Hi,

We solved 4 issues in this release:
https://issues.apache.org/jira/projects/SLING/versions/12350074

Staging repository:
https://repository.apache.org/content/repositories/orgapachesling-2429/

You can use this UNIX script to download the release and verify the
signatures:
https://gitbox.apache.org/repos/asf?p=sling-tooling-release.git;a=blob;f=check_staged_release.sh;hb=HEAD

Usage:
sh check_staged_release.sh 2429 /tmp/sling-staging

Please vote to approve this release:

 [ ] +1 Approve the release
 [ ]  0 Don't care
 [ ] -1 Don't release, because ...

This majority vote is open for at least 72 hours.

Cheers,
Stefan

[jira] [Updated] (SLING-10120) Upgrade event to parent 41 [was: Upgrade event to parent 40]

2021-04-13 Thread Stefan Egli (Jira) 


 [ 
https://issues.apache.org/jira/browse/SLING-10120?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel
 ]

Stefan Egli updated SLING-10120:

Fix Version/s: (was: Event 4.2.16)
   Event 4.2.18

> Upgrade event to parent 41 [was: Upgrade event to parent 40]
> 
>
> Key: SLING-10120
> URL: https://issues.apache.org/jira/browse/SLING-10120
> Project: Sling
>  Issue Type: Sub-task
>  Components: Event
>Reporter: Robert Munteanu
>Assignee: Stefan Egli
>Priority: Major
> Fix For: Event 4.2.18
>
>  Time Spent: 5h
>  Remaining Estimate: 0h
>




--
This message was sent by Atlassian Jira
(v8.3.4#803005)

[jira] [Updated] (SLING-9906) Avoid retrying to load jobs if classes are missing

2021-04-13 Thread Stefan Egli (Jira) 


 [ 
https://issues.apache.org/jira/browse/SLING-9906?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel
 ]

Stefan Egli updated SLING-9906:
---
Fix Version/s: (was: Event 4.2.16)
   Event 4.2.18

> Avoid retrying to load jobs if classes are missing
> --
>
> Key: SLING-9906
> URL: https://issues.apache.org/jira/browse/SLING-9906
> Project: Sling
>  Issue Type: Improvement
>  Components: Event
>Reporter: Carsten Ziegeler
>Assignee: Stefan Egli
>Priority: Major
> Fix For: Event 4.2.18
>
>  Time Spent: 1h
>  Remaining Estimate: 0h
>
> When a Sling job is tried to be loaded, it might reference public api classes 
> provided by bundles - although that is a bad pattern that should be avoid, 
> sometimes this is used.
> While the job engine does not try to reload those jobs for execution - unless 
> such a new job is created (which is unlikely as the class is missing), the 
> re-assigning of jobs from a removed instance to a new one suffers from the 
> same problem. And that is retried over and over again.
> So there are probably several possible improvements:
> - make sure that jobs are not reloaded when public classes are missing during 
> job execution (unless bundles have changed)
> - reduce log output to a log statement (except of stack trace) if 
> classloading for jobs fails
> - change re-assigning of jobs to not require classes to be available. This 
> can probably be solved by using ResourceResolver.move



--
This message was sent by Atlassian Jira
(v8.3.4#803005)

[jira] [Updated] (SLING-7756) Improve logging for Job retries

2021-04-13 Thread Stefan Egli (Jira) 


 [ 
https://issues.apache.org/jira/browse/SLING-7756?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel
 ]

Stefan Egli updated SLING-7756:
---
Fix Version/s: (was: Event 4.2.16)
   Event 4.2.18

> Improve logging for Job retries
> ---
>
> Key: SLING-7756
> URL: https://issues.apache.org/jira/browse/SLING-7756
> Project: Sling
>  Issue Type: Improvement
>  Components: Event
>Affects Versions: Event 4.2.10
>Reporter: Konrad Windszus
>Assignee: Konrad Windszus
>Priority: Major
> Fix For: Event 4.2.18
>
>  Time Spent: 0.5h
>  Remaining Estimate: 0h
>
> Currently a {{JobConsumer}} returning {{JobResult.FAILED}} is usually retried 
> (https://sling.apache.org/documentation/bundles/apache-sling-eventing-and-job-handling.html).
>  Unfortunately this is not exposed in the logs, so in case a JobConsumer logs 
> an error before returning {{JobResult.FAILED}} the job is silently retried 
> without any particular log message. I think each failed job should lead to a 
> WARN in the log (in case the job is retried) with the attempt number and 
> outstanding attempts in the log message. In case a job is not retried, an 
> ERROR should be emitted to the log for every failed job.



--
This message was sent by Atlassian Jira
(v8.3.4#803005)

[jira] [Updated] (SLING-8295) Enable CodeCoverage extraction form pax exam ITs in sling.event

2021-04-13 Thread Stefan Egli (Jira) 


 [ 
https://issues.apache.org/jira/browse/SLING-8295?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel
 ]

Stefan Egli updated SLING-8295:
---
Fix Version/s: (was: Event 4.2.18)
   Event 4.2.20

> Enable CodeCoverage extraction form pax exam ITs in sling.event
> ---
>
> Key: SLING-8295
> URL: https://issues.apache.org/jira/browse/SLING-8295
> Project: Sling
>  Issue Type: Improvement
>  Components: Event
>Reporter: Dominik Süß
>Priority: Major
> Fix For: Event 4.2.20
>
>  Time Spent: 1h
>  Remaining Estimate: 0h
>
> The current setup doesn't allow to run the jacoco-report profile with IT 
> extraction as defined in the parent. This is due to the coveragecommand 
> (prepared agent) not being injected into pax exam vm options.



--
This message was sent by Atlassian Jira
(v8.3.4#803005)

[jira] [Updated] (SLING-9905) Provide option to include sling instance id nodes in cleanup

2021-04-13 Thread Stefan Egli (Jira) 


 [ 
https://issues.apache.org/jira/browse/SLING-9905?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel
 ]

Stefan Egli updated SLING-9905:
---
Fix Version/s: (was: Event 4.2.18)
   Event 4.2.20

> Provide option to include sling instance id nodes in cleanup
> 
>
> Key: SLING-9905
> URL: https://issues.apache.org/jira/browse/SLING-9905
> Project: Sling
>  Issue Type: Improvement
>  Components: Event
>Reporter: Carsten Ziegeler
>Priority: Major
> Fix For: Event 4.2.20
>
>
> Currently, empty nodes for Sling job handling are removed, up to the JCR node 
> specific to a Sling instance id. That node is kept in place to avoid 
> unnecessary removal and recreation.
> This assumes that the instances are stable and do not frequently change.
> However, in volatile installations where new instances are constantly created 
> (and old ones stopped), this leads to a growing number of nodes for each id 
> ever started.
> One way would be to provide a "idle timeout" configuration - for an instance 
> id it is recorded when it was first not seen anymore and if it is not seen 
> for the configured time, these nodes get removed. For example, if the timeout 
> is set to one day, such nodes are removed approximately one day after the 
> instance was stopped.
> There are probably other ways to fix this



--
This message was sent by Atlassian Jira
(v8.3.4#803005)

[jira] [Resolved] (SLING-10300) fix maven dependencies in sling.event

2021-04-13 Thread Stefan Egli (Jira) 


 [ 
https://issues.apache.org/jira/browse/SLING-10300?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel
 ]

Stefan Egli resolved SLING-10300.
-
Resolution: Fixed

> fix maven dependencies in sling.event
> -
>
> Key: SLING-10300
> URL: https://issues.apache.org/jira/browse/SLING-10300
> Project: Sling
>  Issue Type: Task
>  Components: Event
>Reporter: Stefan Egli
>Assignee: Stefan Egli
>Priority: Major
> Fix For: Event 4.2.18
>
>  Time Spent: 1h 10m
>  Remaining Estimate: 0h
>
> The following maven dependencies when building sling.event should be fixed:
> {noformat}
> [INFO] Scanning for projects...
> [WARNING] 
> [WARNING] Some problems were encountered while building the effective model 
> for org.apache.sling:org.apache.sling.event:jar:4.2.15-SNAPSHOT
> [WARNING] 'dependencies.dependency.(groupId:artifactId:type:classifier)' must 
> be unique: org.apache.sling:org.apache.sling.serviceusermapper:jar -> version 
> 1.2.0 vs 1.4.6 @ line 357, column 21
> [WARNING] 'dependencies.dependency.(groupId:artifactId:type:classifier)' must 
> be unique: org.apache.felix:org.apache.felix.framework:jar -> version 5.6.2 
> vs 6.0.3 @ line 377, column 21
> [WARNING] 
> [WARNING] It is highly recommended to fix these problems because they 
> threaten the stability of your build.
> [WARNING] 
> [WARNING] For this reason, future Maven versions might no longer support 
> building such malformed projects.
> [WARNING] 
> {noformat}



--
This message was sent by Atlassian Jira
(v8.3.4#803005)

[GitHub] [sling-org-apache-sling-servlets-get] sonarcloud[bot] removed a comment on pull request #5: SLING-10295 fix stream leaks in StreamRenderer

2021-04-13 Thread GitBox 


sonarcloud[bot] removed a comment on pull request #5:
URL: 
https://github.com/apache/sling-org-apache-sling-servlets-get/pull/5#issuecomment-817993597


   SonarCloud Quality Gate failed.
   
   [](https://sonarcloud.io/project/issues?id=apache_sling-org-apache-sling-servlets-get=5=false=BUG)
 [](https://sonarcloud.io/project/issues?id=apache_sling-org-apache-sling-servlets-get=5=false=BUG)
 [1 
Bug](https://sonarcloud.io/project/issues?id=apache_sling-org-apache-sling-servlets-get=5=false=BUG)
  
   [](https://sonarcloud.io/project/issues?id=apache_sling-org-apache-sling-servlets-get=5=false=VULNERABILITY)
 [](https://sonarcloud.io/project/issues?id=apache_sling-org-apache-sling-servlets-get=5=false=VULNERABILITY)
 [0 
Vulnerabilities](https://sonarcloud.io/project/issues?id=apache_sling-org-apache-sling-servlets-get=5=false=VULNERABILITY)
  
   [](https://sonarcloud.io/project/security_hotspots?id=apache_sling-org-apache-sling-servlets-get=5=false=SECURITY_HOTSPOT)
 [](https://sonarcloud.io/project/security_hotspots?id=apache_sling-org-apache-sling-servlets-get=5=false=SECURITY_HOTSPOT)
 [0 Security 
Hotspots](https://sonarcloud.io/project/security_hotspots?id=apache_sling-org-apache-sling-servlets-get=5=false=SECURITY_HOTSPOT)
  
   [](https://sonarcloud.io/project/issues?id=apache_sling-org-apache-sling-servlets-get=5=false=CODE_SMELL)
 [](https://sonarcloud.io/project/issues?id=apache_sling-org-apache-sling-servlets-get=5=false=CODE_SMELL)
 [1 Code 
Smell](https://sonarcloud.io/project/issues?id=apache_sling-org-apache-sling-servlets-get=5=false=CODE_SMELL)
   
   [](https://sonarcloud.io/component_measures?id=apache_sling-org-apache-sling-servlets-get=5=new_coverage=list)
 [0.0% 
Coverage](https://sonarcloud.io/component_measures?id=apache_sling-org-apache-sling-servlets-get=5=new_coverage=list)
  
   [](https://sonarcloud.io/component_measures?id=apache_sling-org-apache-sling-servlets-get=5=new_duplicated_lines_density=list)
 [0.0% 
Duplication](https://sonarcloud.io/component_measures?id=apache_sling-org-apache-sling-servlets-get=5=new_duplicated_lines_density=list)
   
   


-- 
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.

For queries about this service, please contact Infrastructure at:
us...@infra.apache.org

[GitHub] [sling-org-apache-sling-servlets-get] sonarcloud[bot] commented on pull request #5: SLING-10295 fix stream leaks in StreamRenderer

2021-04-13 Thread GitBox 


sonarcloud[bot] commented on pull request #5:
URL: 
https://github.com/apache/sling-org-apache-sling-servlets-get/pull/5#issuecomment-818737715


   Kudos, SonarCloud Quality Gate passed!
   
   [](https://sonarcloud.io/project/issues?id=apache_sling-org-apache-sling-servlets-get=5=false=BUG)
 [](https://sonarcloud.io/project/issues?id=apache_sling-org-apache-sling-servlets-get=5=false=BUG)
 [0 
Bugs](https://sonarcloud.io/project/issues?id=apache_sling-org-apache-sling-servlets-get=5=false=BUG)
  
   [](https://sonarcloud.io/project/issues?id=apache_sling-org-apache-sling-servlets-get=5=false=VULNERABILITY)
 [](https://sonarcloud.io/project/issues?id=apache_sling-org-apache-sling-servlets-get=5=false=VULNERABILITY)
 [0 
Vulnerabilities](https://sonarcloud.io/project/issues?id=apache_sling-org-apache-sling-servlets-get=5=false=VULNERABILITY)
  
   [](https://sonarcloud.io/project/security_hotspots?id=apache_sling-org-apache-sling-servlets-get=5=false=SECURITY_HOTSPOT)
 [](https://sonarcloud.io/project/security_hotspots?id=apache_sling-org-apache-sling-servlets-get=5=false=SECURITY_HOTSPOT)
 [0 Security 
Hotspots](https://sonarcloud.io/project/security_hotspots?id=apache_sling-org-apache-sling-servlets-get=5=false=SECURITY_HOTSPOT)
  
   [](https://sonarcloud.io/project/issues?id=apache_sling-org-apache-sling-servlets-get=5=false=CODE_SMELL)
 [](https://sonarcloud.io/project/issues?id=apache_sling-org-apache-sling-servlets-get=5=false=CODE_SMELL)
 [1 Code 
Smell](https://sonarcloud.io/project/issues?id=apache_sling-org-apache-sling-servlets-get=5=false=CODE_SMELL)
   
   [](https://sonarcloud.io/component_measures?id=apache_sling-org-apache-sling-servlets-get=5=new_coverage=list)
 [0.0% 
Coverage](https://sonarcloud.io/component_measures?id=apache_sling-org-apache-sling-servlets-get=5=new_coverage=list)
  
   [](https://sonarcloud.io/component_measures?id=apache_sling-org-apache-sling-servlets-get=5=new_duplicated_lines_density=list)
 [0.0% 
Duplication](https://sonarcloud.io/component_measures?id=apache_sling-org-apache-sling-servlets-get=5=new_duplicated_lines_density=list)
   
   


-- 
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.

For queries about this service, please contact Infrastructure at:
us...@infra.apache.org

[jira] [Created] (SLING-10303) Improve test coverage of StreamRenderer

2021-04-13 Thread Joerg Hoh (Jira) 
Joerg Hoh created SLING-10303:
-

 Summary: Improve test coverage of StreamRenderer
 Key: SLING-10303
 URL: https://issues.apache.org/jira/browse/SLING-10303
 Project: Sling
  Issue Type: Improvement
  Components: Servlets
Affects Versions: Servlets Get 2.1.40
Reporter: Joerg Hoh
Assignee: Joerg Hoh
 Fix For: Servlets Get 2.1.42






--
This message was sent by Atlassian Jira
(v8.3.4#803005)

[GitHub] [sling-org-apache-sling-event] stefan-egli merged pull request #11: SLING-10300 : fix duplicate dependencies and versions

2021-04-13 Thread GitBox 


stefan-egli merged pull request #11:
URL: https://github.com/apache/sling-org-apache-sling-event/pull/11


   


-- 
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.

For queries about this service, please contact Infrastructure at:
us...@infra.apache.org

Re: Release of Servlets Resolver and Scripting bundles

2021-04-13 Thread Carsten Ziegeler 



Am 13.04.2021 um 14:35 schrieb Oliver Lietz:

On Tuesday, 13 April 2021 08:03:02 CEST Carsten Ziegeler wrote:

IMHO Resource versioning is now a common practice is Sling/AEM projects.
I strongly suggest keeping API and helpers/utils in a single place (as we have
done it so far) instead of spreading it over multiple modules. Any consumer of
Scripting SPI is anyways depending on Sling API.

We are not putting each and every utility api into Sling API. If it is 
of general purpose *and* of interest to users of the Sling API, then 
yes, it makes sense to consider adding it there.


But for example utility api for eventing is part of the event api.

I still fail to see what a general user of the resource api can do with 
the ResourceType class?


It is scripting related, so why not have it part of scripting?


We can easily inline org.osgi.framework.Version into the API bundle to remove
the dependency if required. Commons Lang3 is only used in the test and was
already present:



Sure we can solve the dependency problem, the important point is that we 
consider and look at this.


Regards
Carsten



https://github.com/apache/sling-org-apache-sling-api/commit/
02cb7f1bbc4836865afd7e9964d3be1380daf734

Regards,
O.



Regards
Carsten

Am 12.04.2021 um 18:32 schrieb Radu Cotescu:

Hi Julian,

The reason for pushing back on this is that ResourceType [1] is more of a
utility class, rather than an API one. It’s a final class, used to:

Generate require and provide capabilities with the help of the
scriptingbundle-maven-plugin Set up the servlets for each provided
capability in org.apache.sling.servlets.resolver

Granted, we can move it into a dedicated package in o.a.s.api, but I
really don’t see the value. Moving it will also make o.a.s.scripting.spi
(providing the rest of the API needed to support bundled scripts) depend
on o.a.s.api. Is it really worth it?

Regards,
Radu

[1] -
https://github.com/apache/sling-org-apache-sling-scripting-spi/blob/e14f6
c23df591646d01fb3aaa185e9360cadcaa0/src/main/java/org/apache/sling/scripti
ng/spi/bundle/ResourceType.java#L41>

On 12 Apr 2021, at 16:57, Julian Sedding  wrote:

Hi *

I agree with Olli that moving ResourceType later will not happen,
because it causes too much disruption. I also agree that it is
generally useful and not inherently linked to scripting.

Why can't we just move it now, before we make our lives harder? If
o.a.s.scripting.spi should not depend on o.a.s.api, then it would
still be possible to embed/inline a self-contained class ResourceType.

Regards
Julian

On Thu, Apr 8, 2021 at 10:56 PM Oliver Lietz 

wrote:

On Thursday, 8 April 2021 15:48:27 CEST Radu Cotescu wrote:

Hi Olli,


Hi Radu,


On 1 Apr 2021, at 21:26, Oliver Lietz  wrote:

I have a use case for ResourceType not related to Scripting and would
like
to see it in Sling API (see SLING- for reasons) where it fits
well.

https://github.com/apache/sling-org-apache-sling-scripting-spi/blob/ma
ster
/

src/main/java/org/apache/sling/scripting/spi/bundle/ResourceType.java

WDYT?


I’ve already replied to your concern at [0], but I don’t mind repeating
what I said:

“If we really need to use the ResourceType class somewhere else, we can
move it to the o.a.s.api bundle when the time comes. We can then
deprecate the one from o.a.s.scripting.spi and remove it once there
will be other incompatible changes added by the other interfaces.
Until then, I really don't see the need to spread 5 interfaces over 2
bundles and increase the dependency footprint for the current
consumers.”


And still it does not make sense nor is it consistent.
My initial proposal was to have the Bundle API in bundle
o.a.s.scripting.api (no additional bundle) but you rejected to not
depend on Scripting API.

The o.a.s.scripting.spi bundle is fine but the class (not an interface)
ResourceType should be in Sling API from the beginning:

- it is useful in different contexts not related to Scripting
- better visibility in Sling API
- most modules depend on Sling API anyways
- close to Resource classes (o.a.s.api.resource), similar helpers (e.g.
o.a.s.api.resource.path)
- BundledRenderUnitCapability depends on ResourceType, moving/changing
it
later is a major change (we try to prevent such breaking changes in
Sling)
- it is no effort to do it now, we need a new release of Sling API
anyways


Unless you have something already committed to a repository from which
you
plan to cut a release soon I'd prefer to go ahead without it for now.


So for now would mean never, see above.

Regards,
O.


Cheers,
Radu

[0] -
https://issues.apache.org/jira/browse/SLING-?focusedCommentId=17295
320&
page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel#c
ommen t-17295320







--
--
Carsten Ziegeler
Adobe Research Switzerland
cziege...@apache.org

[GitHub] [sling-org-apache-sling-event] kwin commented on a change in pull request #11: SLING-10300 : fix duplicate dependencies and versions

2021-04-13 Thread GitBox 


kwin commented on a change in pull request #11:
URL: 
https://github.com/apache/sling-org-apache-sling-event/pull/11#discussion_r612414931



##
File path: pom.xml
##
@@ -195,17 +195,14 @@
 
 org.osgi
 osgi.core
-6.0.0
 
 
 org.osgi
 osgi.cmpn
-6.0.0
 
 
 org.osgi
 org.osgi.service.event

Review comment:
   I am fine with tackling that later, but please remove 
`org.osgi.service.event` then as this 
   a) is already contained in `osgi.cmpn`
   b) comes later in the class path, so will never be considered by Maven




-- 
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.

For queries about this service, please contact Infrastructure at:
us...@infra.apache.org

[GitHub] [sling-org-apache-sling-feature-launcher] sonarcloud[bot] commented on pull request #26: container: adoptopenjdk/openjdk11:alpine-jre

2021-04-13 Thread GitBox 


sonarcloud[bot] commented on pull request #26:
URL: 
https://github.com/apache/sling-org-apache-sling-feature-launcher/pull/26#issuecomment-818708442


   Kudos, SonarCloud Quality Gate passed!
   
   [](https://sonarcloud.io/project/issues?id=apache_sling-org-apache-sling-feature-launcher=26=false=BUG)
 [](https://sonarcloud.io/project/issues?id=apache_sling-org-apache-sling-feature-launcher=26=false=BUG)
 [0 
Bugs](https://sonarcloud.io/project/issues?id=apache_sling-org-apache-sling-feature-launcher=26=false=BUG)
  
   [](https://sonarcloud.io/project/issues?id=apache_sling-org-apache-sling-feature-launcher=26=false=VULNERABILITY)
 [](https://sonarcloud.io/project/issues?id=apache_sling-org-apache-sling-feature-launcher=26=false=VULNERABILITY)
 [0 
Vulnerabilities](https://sonarcloud.io/project/issues?id=apache_sling-org-apache-sling-feature-launcher=26=false=VULNERABILITY)
  
   [](https://sonarcloud.io/project/security_hotspots?id=apache_sling-org-apache-sling-feature-launcher=26=false=SECURITY_HOTSPOT)
 [](https://sonarcloud.io/project/security_hotspots?id=apache_sling-org-apache-sling-feature-launcher=26=false=SECURITY_HOTSPOT)
 [0 Security 
Hotspots](https://sonarcloud.io/project/security_hotspots?id=apache_sling-org-apache-sling-feature-launcher=26=false=SECURITY_HOTSPOT)
  
   [](https://sonarcloud.io/project/issues?id=apache_sling-org-apache-sling-feature-launcher=26=false=CODE_SMELL)
 [](https://sonarcloud.io/project/issues?id=apache_sling-org-apache-sling-feature-launcher=26=false=CODE_SMELL)
 [0 Code 
Smells](https://sonarcloud.io/project/issues?id=apache_sling-org-apache-sling-feature-launcher=26=false=CODE_SMELL)
   
   [](https://sonarcloud.io/component_measures?id=apache_sling-org-apache-sling-feature-launcher=26=coverage=list)
 No Coverage information  
   [](https://sonarcloud.io/component_measures?id=apache_sling-org-apache-sling-feature-launcher=26=duplicated_lines_density=list)
 No Duplication information
   
   


-- 
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.

For queries about this service, please contact Infrastructure at:
us...@infra.apache.org

[GitHub] [sling-org-apache-sling-feature-launcher] stbischof opened a new pull request #26: container: adoptopenjdk/openjdk11:alpine-jre

2021-04-13 Thread GitBox 


stbischof opened a new pull request #26:
URL: https://github.com/apache/sling-org-apache-sling-feature-launcher/pull/26


   switch from slim to jre because it is smalle


-- 
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.

For queries about this service, please contact Infrastructure at:
us...@infra.apache.org

[GitHub] [sling-org-apache-sling-dynamic-include] sonarcloud[bot] commented on pull request #21: SLING-10289 fix array configuration

2021-04-13 Thread GitBox 


sonarcloud[bot] commented on pull request #21:
URL: 
https://github.com/apache/sling-org-apache-sling-dynamic-include/pull/21#issuecomment-818707289


   Kudos, SonarCloud Quality Gate passed!
   
   [](https://sonarcloud.io/project/issues?id=apache_sling-org-apache-sling-dynamic-include=21=false=BUG)
 [](https://sonarcloud.io/project/issues?id=apache_sling-org-apache-sling-dynamic-include=21=false=BUG)
 [0 
Bugs](https://sonarcloud.io/project/issues?id=apache_sling-org-apache-sling-dynamic-include=21=false=BUG)
  
   [](https://sonarcloud.io/project/issues?id=apache_sling-org-apache-sling-dynamic-include=21=false=VULNERABILITY)
 [](https://sonarcloud.io/project/issues?id=apache_sling-org-apache-sling-dynamic-include=21=false=VULNERABILITY)
 [0 
Vulnerabilities](https://sonarcloud.io/project/issues?id=apache_sling-org-apache-sling-dynamic-include=21=false=VULNERABILITY)
  
   [](https://sonarcloud.io/project/security_hotspots?id=apache_sling-org-apache-sling-dynamic-include=21=false=SECURITY_HOTSPOT)
 [](https://sonarcloud.io/project/security_hotspots?id=apache_sling-org-apache-sling-dynamic-include=21=false=SECURITY_HOTSPOT)
 [0 Security 
Hotspots](https://sonarcloud.io/project/security_hotspots?id=apache_sling-org-apache-sling-dynamic-include=21=false=SECURITY_HOTSPOT)
  
   [](https://sonarcloud.io/project/issues?id=apache_sling-org-apache-sling-dynamic-include=21=false=CODE_SMELL)
 [](https://sonarcloud.io/project/issues?id=apache_sling-org-apache-sling-dynamic-include=21=false=CODE_SMELL)
 [2 Code 
Smells](https://sonarcloud.io/project/issues?id=apache_sling-org-apache-sling-dynamic-include=21=false=CODE_SMELL)
   
   [](https://sonarcloud.io/component_measures?id=apache_sling-org-apache-sling-dynamic-include=21=coverage=list)
 No Coverage information  
   [](https://sonarcloud.io/component_measures?id=apache_sling-org-apache-sling-dynamic-include=21=new_duplicated_lines_density=list)
 [0.0% 
Duplication](https://sonarcloud.io/component_measures?id=apache_sling-org-apache-sling-dynamic-include=21=new_duplicated_lines_density=list)
   
   


-- 
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.

For queries about this service, please contact Infrastructure at:
us...@infra.apache.org

[GitHub] [sling-org-apache-sling-dynamic-include] AndreasWurm opened a new pull request #21: SLING-10289 fix array configuration

2021-04-13 Thread GitBox 


AndreasWurm opened a new pull request #21:
URL: https://github.com/apache/sling-org-apache-sling-dynamic-include/pull/21


   extended ConfigurationTest to verify multiple values work and changed the 
AttributeDefinitions to String Arrays


-- 
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.

For queries about this service, please contact Infrastructure at:
us...@infra.apache.org

[jira] [Commented] (SLING-10229) [LauncherContainer]Set up automated builds for this Docker image

2021-04-13 Thread Stefan Bischof (Jira) 


[ 
https://issues.apache.org/jira/browse/SLING-10229?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel=17320143#comment-17320143
 ] 

Stefan Bischof commented on SLING-10229:


They have the version number fixes in the Dockerfile

Line 9:
{code:java}
RUN ./mvnw clean package && cp 
target/publish-docker-image-to-docker-hub-1.0-SNAPSHOT.jar 
publish-docker-image-to-docker-hub-1.0-SNAPSHOT.jar
{code}

while i handle it using th docherhub builder hooks

> [LauncherContainer]Set up automated builds for this Docker image 
> -
>
> Key: SLING-10229
> URL: https://issues.apache.org/jira/browse/SLING-10229
> Project: Sling
>  Issue Type: Improvement
>  Components: Feature Model
>Reporter: Stefan Bischof
>Priority: Minor
>
> This is an leftover from an other PR:
> [~rombert]: in  
> [PR|https://github.com/apache/sling-org-apache-sling-feature-launcher/pull/18]
> "I think it would be good to set up automated builds for this Docker image 
> eventually ( not in scope of this PR ). Looking at 
> https://stackoverflow.com/questions/36853002/writing-dockerfile-for-dockerhub-automated-builds,
>  it looks like the Docker build is basically invoking a top-level Dockerfile. 
> Maybe we should move the 'launch' Dockerfile where the plug-in expects it and 
> leave the top-level Dockerfile as an entry point for Dockerhub automated 
> builds?"
> ---
> I am not sure what you mean with `launch`Dockerfile. And that would mean that 
> we have 2 files?
> The Docker Hub automated build uses a file, that could be specified in 
> Docker-hub. They use the Tag/Branch as the version tag of the image. But we 
> are holding the version just inside maven. So I am not sure that this 
> automated build from the Dockerhub-side is the best way. And we are back at 
> the point where we have to find a way to copy the launcher-${version].jar 
> without changing the Dockerfile in every version just because of the 
> different names. 
> I would really like to have this official container automated in the docker 
> hub.
> But I do not know how to solve this with your CI-Tooling / Access rights on 
> DockerHub.
> Having an jenkins that builds every commit with the -P container option and 
> pushes the images would be the easiest way.
> regards
> Stefan



--
This message was sent by Atlassian Jira
(v8.3.4#803005)

[GitHub] [sling-org-apache-sling-event] stefan-egli commented on a change in pull request #11: SLING-10300 : fix duplicate dependencies and versions

2021-04-13 Thread GitBox 


stefan-egli commented on a change in pull request #11:
URL: 
https://github.com/apache/sling-org-apache-sling-event/pull/11#discussion_r612408343



##
File path: pom.xml
##
@@ -195,17 +195,14 @@
 
 org.osgi
 osgi.core
-6.0.0
 
 
 org.osgi
 osgi.cmpn
-6.0.0
 
 
 org.osgi
 org.osgi.service.event

Review comment:
   SLING-10302 created




-- 
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.

For queries about this service, please contact Infrastructure at:
us...@infra.apache.org

[jira] [Created] (SLING-10302) Tidy up sling.event pom

2021-04-13 Thread Stefan Egli (Jira) 
Stefan Egli created SLING-10302:
---

 Summary: Tidy up sling.event pom
 Key: SLING-10302
 URL: https://issues.apache.org/jira/browse/SLING-10302
 Project: Sling
  Issue Type: Task
  Components: Event
Affects Versions: Event 4.2.18
Reporter: Stefan Egli


The sling.event pom could be further cleaned up to have unnecessary 
dependencies removed. Also see 
https://github.com/apache/sling-org-apache-sling-event/pull/11



--
This message was sent by Atlassian Jira
(v8.3.4#803005)

[GitHub] [sling-org-apache-sling-feature-cpconverter] karlpauls commented on pull request #70: SLING-10127 emit all converted packages to the local Maven repository

2021-04-13 Thread GitBox 


karlpauls commented on pull request #70:
URL: 
https://github.com/apache/sling-org-apache-sling-feature-cpconverter/pull/70#issuecomment-818702640


   > That is where we don't agree. I don't see a good use case for that (even 
if it the current status quo). Can you give one?
   
   I'm not sure how to make this any clearer: I do not _disagree_. 
   
   > For me this is not going "further", but probably related to the first 
point.
   
   It is clearly something new. Right now, the converter doesn't output 
"content" content packages - with your change it will.
   
   > Again, I don't see any use case for the current (errorneous) way of 
working.
   
   I agree. Nevertheless, it is how it is currently used.
   
   > No, just outputting a non-referenced artifact does not do any harm. It all 
depends on whether you use it afterwards or not.
   
   It is putting (potentially lots and big) content packages on disc where they 
are not needed. 
   
   In summary, you want to change the current behavior - whatever usage there 
is currently, has to adapt. I don't understand why you want to insist that 
everybody that wants the old way has to now wrap the output in something that 
deletes the content package manually that are not used in the first place. 
   
   I understand you think it is wrong to not use them - that I can agree with 
but why can't we just be BC in the default case and make it an option to 
include the content packages?
   


-- 
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.

For queries about this service, please contact Infrastructure at:
us...@infra.apache.org

[GitHub] [sling-org-apache-sling-dynamic-include] santiagozky commented on pull request #19: Extend the IncludeGenerator interface with the Sling Request

2021-04-13 Thread GitBox 


santiagozky commented on pull request #19:
URL: 
https://github.com/apache/sling-org-apache-sling-dynamic-include/pull/19#issuecomment-818701825


   thank you @rombert 


-- 
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.

For queries about this service, please contact Infrastructure at:
us...@infra.apache.org

Re: Release of Servlets Resolver and Scripting bundles

2021-04-13 Thread Oliver Lietz 
On Tuesday, 13 April 2021 08:03:02 CEST Carsten Ziegeler wrote:
> I tend to agree that there is not that much value in moving this to the
> api. I don't see any use cases for users of Sling's resource api to also
> use this class.
> 
> Apart from the reasons mentioned, ResourceType talks about versioning -
> a concept we currently don't have in the api.
> 
> In addition - at least as-is - it creates two more dependencies for the
> api: the osgi framework for the Version class and commons lang3 (that
> one can be easily removed).

IMHO Resource versioning is now a common practice is Sling/AEM projects.
I strongly suggest keeping API and helpers/utils in a single place (as we have 
done it so far) instead of spreading it over multiple modules. Any consumer of 
Scripting SPI is anyways depending on Sling API.

We can easily inline org.osgi.framework.Version into the API bundle to remove 
the dependency if required. Commons Lang3 is only used in the test and was 
already present:

https://github.com/apache/sling-org-apache-sling-api/commit/
02cb7f1bbc4836865afd7e9964d3be1380daf734

Regards,
O.


> Regards
> Carsten
> 
> Am 12.04.2021 um 18:32 schrieb Radu Cotescu:
> > Hi Julian,
> > 
> > The reason for pushing back on this is that ResourceType [1] is more of a
> > utility class, rather than an API one. It’s a final class, used to:
> > 
> > Generate require and provide capabilities with the help of the
> > scriptingbundle-maven-plugin Set up the servlets for each provided
> > capability in org.apache.sling.servlets.resolver
> > 
> > Granted, we can move it into a dedicated package in o.a.s.api, but I
> > really don’t see the value. Moving it will also make o.a.s.scripting.spi
> > (providing the rest of the API needed to support bundled scripts) depend
> > on o.a.s.api. Is it really worth it?
> > 
> > Regards,
> > Radu
> > 
> > [1] -
> > https://github.com/apache/sling-org-apache-sling-scripting-spi/blob/e14f6
> > c23df591646d01fb3aaa185e9360cadcaa0/src/main/java/org/apache/sling/scripti
> > ng/spi/bundle/ResourceType.java#L41> 
> >> On 12 Apr 2021, at 16:57, Julian Sedding  wrote:
> >> 
> >> Hi *
> >> 
> >> I agree with Olli that moving ResourceType later will not happen,
> >> because it causes too much disruption. I also agree that it is
> >> generally useful and not inherently linked to scripting.
> >> 
> >> Why can't we just move it now, before we make our lives harder? If
> >> o.a.s.scripting.spi should not depend on o.a.s.api, then it would
> >> still be possible to embed/inline a self-contained class ResourceType.
> >> 
> >> Regards
> >> Julian
> >> 
> >> On Thu, Apr 8, 2021 at 10:56 PM Oliver Lietz  
wrote:
> >>> On Thursday, 8 April 2021 15:48:27 CEST Radu Cotescu wrote:
>  Hi Olli,
> >>> 
> >>> Hi Radu,
> >>> 
> > On 1 Apr 2021, at 21:26, Oliver Lietz  wrote:
> > 
> > I have a use case for ResourceType not related to Scripting and would
> > like
> > to see it in Sling API (see SLING- for reasons) where it fits
> > well.
> > 
> > https://github.com/apache/sling-org-apache-sling-scripting-spi/blob/ma
> > ster
> > /
> >  > ast
> > er/>
> > src/main/java/org/apache/sling/scripting/spi/bundle/ResourceType.java
> > 
> > WDYT?
>  
>  I’ve already replied to your concern at [0], but I don’t mind repeating
>  what I said:
>  
>  “If we really need to use the ResourceType class somewhere else, we can
>  move it to the o.a.s.api bundle when the time comes. We can then
>  deprecate the one from o.a.s.scripting.spi and remove it once there
>  will be other incompatible changes added by the other interfaces.
>  Until then, I really don't see the need to spread 5 interfaces over 2
>  bundles and increase the dependency footprint for the current
>  consumers.”
> >>> 
> >>> And still it does not make sense nor is it consistent.
> >>> My initial proposal was to have the Bundle API in bundle
> >>> o.a.s.scripting.api (no additional bundle) but you rejected to not
> >>> depend on Scripting API.
> >>> 
> >>> The o.a.s.scripting.spi bundle is fine but the class (not an interface)
> >>> ResourceType should be in Sling API from the beginning:
> >>> 
> >>> - it is useful in different contexts not related to Scripting
> >>> - better visibility in Sling API
> >>> - most modules depend on Sling API anyways
> >>> - close to Resource classes (o.a.s.api.resource), similar helpers (e.g.
> >>> o.a.s.api.resource.path)
> >>> - BundledRenderUnitCapability depends on ResourceType, moving/changing
> >>> it
> >>> later is a major change (we try to prevent such breaking changes in
> >>> Sling)
> >>> - it is no effort to do it now, we need a new release of Sling API
> >>> anyways
> >>> 
>  Unless you have something already committed to a repository from which
>  you
>  plan to cut a release soon I'd prefer to go ahead without it for now.
> >>>

[GitHub] [sling-org-apache-sling-feature-cpconverter] sonarcloud[bot] commented on pull request #73: SLING-10286 : Converter ignores disabled status of system user

2021-04-13 Thread GitBox 


sonarcloud[bot] commented on pull request #73:
URL: 
https://github.com/apache/sling-org-apache-sling-feature-cpconverter/pull/73#issuecomment-818697480


   Kudos, SonarCloud Quality Gate passed!
   
   [](https://sonarcloud.io/project/issues?id=apache_sling-org-apache-sling-feature-cpconverter=73=false=BUG)
 [](https://sonarcloud.io/project/issues?id=apache_sling-org-apache-sling-feature-cpconverter=73=false=BUG)
 [0 
Bugs](https://sonarcloud.io/project/issues?id=apache_sling-org-apache-sling-feature-cpconverter=73=false=BUG)
  
   [](https://sonarcloud.io/project/issues?id=apache_sling-org-apache-sling-feature-cpconverter=73=false=VULNERABILITY)
 [](https://sonarcloud.io/project/issues?id=apache_sling-org-apache-sling-feature-cpconverter=73=false=VULNERABILITY)
 [0 
Vulnerabilities](https://sonarcloud.io/project/issues?id=apache_sling-org-apache-sling-feature-cpconverter=73=false=VULNERABILITY)
  
   [](https://sonarcloud.io/project/security_hotspots?id=apache_sling-org-apache-sling-feature-cpconverter=73=false=SECURITY_HOTSPOT)
 [](https://sonarcloud.io/project/security_hotspots?id=apache_sling-org-apache-sling-feature-cpconverter=73=false=SECURITY_HOTSPOT)
 [0 Security 
Hotspots](https://sonarcloud.io/project/security_hotspots?id=apache_sling-org-apache-sling-feature-cpconverter=73=false=SECURITY_HOTSPOT)
  
   [](https://sonarcloud.io/project/issues?id=apache_sling-org-apache-sling-feature-cpconverter=73=false=CODE_SMELL)
 [](https://sonarcloud.io/project/issues?id=apache_sling-org-apache-sling-feature-cpconverter=73=false=CODE_SMELL)
 [0 Code 
Smells](https://sonarcloud.io/project/issues?id=apache_sling-org-apache-sling-feature-cpconverter=73=false=CODE_SMELL)
   
   [](https://sonarcloud.io/component_measures?id=apache_sling-org-apache-sling-feature-cpconverter=73=new_coverage=list)
 [100.0% 
Coverage](https://sonarcloud.io/component_measures?id=apache_sling-org-apache-sling-feature-cpconverter=73=new_coverage=list)
  
   [](https://sonarcloud.io/component_measures?id=apache_sling-org-apache-sling-feature-cpconverter=73=new_duplicated_lines_density=list)
 [0.0% 
Duplication](https://sonarcloud.io/component_measures?id=apache_sling-org-apache-sling-feature-cpconverter=73=new_duplicated_lines_density=list)
   
   


-- 
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.

For queries about this service, please contact Infrastructure at:
us...@infra.apache.org

[jira] [Assigned] (SLING-10286) Converter ignores disabled status of system user

2021-04-13 Thread Angela Schreiber (Jira) 


 [ 
https://issues.apache.org/jira/browse/SLING-10286?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel
 ]

Angela Schreiber reassigned SLING-10286:


Assignee: Angela Schreiber

> Converter ignores disabled status of system user
> 
>
> Key: SLING-10286
> URL: https://issues.apache.org/jira/browse/SLING-10286
> Project: Sling
>  Issue Type: Bug
>  Components: Content-Package to Feature Model Converter
>Affects Versions: Content-Package to Feature Model Converter 1.0.24
>Reporter: Angela Schreiber
>Assignee: Angela Schreiber
>Priority: Minor
>
> [~kpauls], IMHO the content-package-2-fm-converter should spot if 
> system-users are marked as disabled (i.e. if they have {{rep:disabled}} 
> property set and should reflect that in the set of repo-init statements 
> generated upon conversion.
> While this is probably not a very common scenario it still has a significant 
> impact as disabled system users are not allowed in sling service user 
> mappings (and should allowed to login).
> the fix should be straight forward:
> - test if rep:disabled exists with users/system-users
> - extend User/SystemUser to allow to have a 'disable-reason' set (groups 
> can't be disabled)
> - when generating repo-init statements in {{DefaultAclManager}} add an 
> additional {{DisableServiceUser}} operation if a user is marked as disabled.



--
This message was sent by Atlassian Jira
(v8.3.4#803005)

[GitHub] [sling-org-apache-sling-feature-cpconverter] anchela opened a new pull request #73: SLING-10286 : Converter ignores disabled status of system user

2021-04-13 Thread GitBox 


anchela opened a new pull request #73:
URL: 
https://github.com/apache/sling-org-apache-sling-feature-cpconverter/pull/73


   @karlpauls , i would appreciate if you had time to take a look at the 
suggested fix. nothing urgent and it's probably a minor bug but if the 
converter is expected to work reliably with an increasing number of different 
content packages that's something that sooner or later will pop up (and 
potentially cause security issues).


-- 
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.

For queries about this service, please contact Infrastructure at:
us...@infra.apache.org

[GitHub] [sling-org-apache-sling-event] stefan-egli commented on a change in pull request #11: SLING-10300 : fix duplicate dependencies and versions

2021-04-13 Thread GitBox 


stefan-egli commented on a change in pull request #11:
URL: 
https://github.com/apache/sling-org-apache-sling-event/pull/11#discussion_r612396444



##
File path: pom.xml
##
@@ -195,17 +195,14 @@
 
 org.osgi
 osgi.core
-6.0.0
 
 
 org.osgi
 osgi.cmpn
-6.0.0
 
 
 org.osgi
 org.osgi.service.event

Review comment:
   ok, test seems to work without this. 
   
   However, I feel like this is going down a rabbit hole, and I'd prefer to 
continue for now and look at this later. 
   
   @kwin, are you -1 on shipping with this included? The parent pom says 
"preferred", so that doesn't sound like a must.




-- 
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.

For queries about this service, please contact Infrastructure at:
us...@infra.apache.org

[jira] [Resolved] (SLING-10301) Use Apache Sling Bundle Parent 41

2021-04-13 Thread Radu Cotescu (Jira) 


 [ 
https://issues.apache.org/jira/browse/SLING-10301?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel
 ]

Radu Cotescu resolved SLING-10301.
--
Resolution: Fixed

Fixed in [commit 
e6e92d6|https://github.com/apache/sling-org-apache-sling-scripting-spi/commit/e6e92d6].

> Use Apache Sling Bundle Parent 41
> -
>
> Key: SLING-10301
> URL: https://issues.apache.org/jira/browse/SLING-10301
> Project: Sling
>  Issue Type: Improvement
>  Components: Scripting
>Reporter: Radu Cotescu
>Assignee: Radu Cotescu
>Priority: Major
> Fix For: Scripting SPI 1.0.0
>
>
> The Scripting SPI bundle should use the latest version of the Sling Bundle 
> Parent.



--
This message was sent by Atlassian Jira
(v8.3.4#803005)

[jira] [Created] (SLING-10301) Use Apache Sling Bundle Parent 41

2021-04-13 Thread Radu Cotescu (Jira) 
Radu Cotescu created SLING-10301:


 Summary: Use Apache Sling Bundle Parent 41
 Key: SLING-10301
 URL: https://issues.apache.org/jira/browse/SLING-10301
 Project: Sling
  Issue Type: Improvement
  Components: Scripting
Reporter: Radu Cotescu
Assignee: Radu Cotescu
 Fix For: Scripting SPI 1.0.0


The Scripting SPI bundle should use the latest version of the Sling Bundle 
Parent.



--
This message was sent by Atlassian Jira
(v8.3.4#803005)

[jira] [Updated] (SLING-10299) Allow for removal of access control policies (not just individual entries)

2021-04-13 Thread Angela Schreiber (Jira) 


 [ 
https://issues.apache.org/jira/browse/SLING-10299?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel
 ]

Angela Schreiber updated SLING-10299:
-
Description: 
hi [~bdelacretaz], as outline in SLING-10134 the ability to cleanup access 
control content with repo-init is currently limited. while investigating ways 
to remove resource-based service user permissions in existing installations i 
noticed that there is one piece from the Jackrabbit API missing altogether: 
{{AccessControlManager.removePolicy(String absPath, AccessControlPolicy}}.

repo-init language today allows for removal of individual access control 
entries and all entries, it doesn't provide the means to drop a policy (without 
specifying which entries to drop).

the langage extension could look as follows for the 3 main types to set access 
control:
{code}
remove ACL on /libs,/apps
remove ACL for alice, bob, fred
remove principal ACL for alice, bob
{code}

IMO no {{end}} statement would be required as there are no additional entry 
specific statements present.

since this would also be needed to cleanup AC content for principals that are 
being removed, I would strongly suggest to leave the principal-validation step 
to the repository and not mandate the target principal to exist. In order to 
not break subsequent executions I would also suggest to only log an INFO if the 
policy to remove doesn't exist.

implementation wise it could look as follows (untested pseudo-code):
{code}
JackrabbitAccessControlList acl = 
AccessControlUtils.getAccessControlList(acMgr, jcrPath);
if (acl != null) {
  acMgr.removePolicy(acl.getPath(), acl)
} else {
  log.info(".");
}
{code}

{code}
PrincipalAccessControlList acl = getPrincipalAccessControlList(acMgr, principal)
if (acl != null) {
  acMgr.removePolicy(acl.getPath(), acl)
} else {
  log.info(".");
}
{code}

for the case {{remove ACL for alice, bob, fred}} multiple options exist i 
would need to dig into the repo-init code to see what was best. in theory 
{{JackrabbitAccessControlManager.getPolicies(principal)}} should work and one 
only need to make sure not to delete the {{PrincipalAccessControlList}} if that 
existed as well.





  was:
hi [~bdelacretaz], as outline in SLING-10134 the ability to cleanup access 
control content with repo-init is currently limited. while investigating ways 
to remove resource-based service user permissions in existing installations i 
noticed that there is one piece from the Jackrabbit API missing altogether: 
{{AccessControlManager.removePolicy(String absPath, AccessControlPolicy}}.

repo-init language today allows for removal of individual access control 
entries and all entries, it doesn't provide the means to drop a policy (without 
specifying which entries to drop).

the langage extension could look as follows for the 3 main types to set access 
control:
{code}
remove ACL on /libs,/apps
remove ACL for alice, bob, fred
remove principal ACL for alice, bob
{code}

IMO no {{end}} statement would be required as there are no additional entry 
specific statements present.

since this would also be needed to cleanup AC content for principals that are 
being removed, I would strongly suggest to leave the principal-validation step 
to the repository and mandate the target principal to exist. In order to not 
break subsequent executions I would also suggest to only log an INFO if the 
policy to remove doesn't exist.

implementation wise it could look as follows (untested pseudo-code):
{code}
JackrabbitAccessControlList acl = 
AccessControlUtils.getAccessControlList(acMgr, jcrPath);
if (acl != null) {
  acMgr.removePolicy(acl.getPath(), acl)
} else {
  log.info(".");
}
{code}

{code}
PrincipalAccessControlList acl = getPrincipalAccessControlList(acMgr, principal)
if (acl != null) {
  acMgr.removePolicy(acl.getPath(), acl)
} else {
  log.info(".");
}
{code}

for the case {{remove ACL for alice, bob, fred}} multiple options exist i 
would need to dig into the repo-init code to see what was best. in theory 
{{JackrabbitAccessControlManager.getPolicies(principal)}} should work and one 
only need to make sure not to delete the {{PrincipalAccessControlList}} if that 
existed as well.






> Allow for removal of access control policies (not just individual entries)
> --
>
> Key: SLING-10299
> URL: https://issues.apache.org/jira/browse/SLING-10299
> Project: Sling
>  Issue Type: New Feature
>  Components: Repoinit
>Affects Versions: Repoinit JCR 1.1.32, Repoinit Parser 1.6.6
>Reporter: Angela Schreiber
>Priority: Major
>
> hi [~bdelacretaz], as outline in SLING-10134 the ability to cleanup access 
> control content with repo-init is currently limited. while investigating ways 
> to remove resource-based

[GitHub] [sling-org-apache-sling-dynamic-include] rombert commented on pull request #20: Moving the JS calling part into the DIV, thus it get replaced after d…

2021-04-13 Thread GitBox 


rombert commented on pull request #20:
URL: 
https://github.com/apache/sling-org-apache-sling-dynamic-include/pull/20#issuecomment-818677827


   Thanks for the PR @maximilianvoss . As this is a non-trivial fix, can you 
please file an issue in the Sling Jira - 
https://issues.apache.org/jira/browse/SLING ? 


-- 
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.

For queries about this service, please contact Infrastructure at:
us...@infra.apache.org

[jira] [Updated] (SLING-10096) Allow the SlingHttpServletRequest in the IncludeGenerator or Sling dynamic includes

2021-04-13 Thread Robert Munteanu (Jira) 


 [ 
https://issues.apache.org/jira/browse/SLING-10096?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel
 ]

Robert Munteanu updated SLING-10096:

Fix Version/s: Dynamic Include 3.2.2

> Allow the SlingHttpServletRequest in the IncludeGenerator or Sling dynamic 
> includes
> ---
>
> Key: SLING-10096
> URL: https://issues.apache.org/jira/browse/SLING-10096
> Project: Sling
>  Issue Type: Improvement
>Reporter: Santiago García Pimentel
>Priority: Major
> Fix For: Dynamic Include 3.2.2
>
>
> The current interface of the IncludeGenerator of Sling Dynamic Includes only 
> pass the String with the original URL.
> It would be great to allow to pass it also the Request to allow clients to 
> implement more robust/complex implementations. 
> For example, allow to create SDI that use the information of the user making 
> the request



--
This message was sent by Atlassian Jira
(v8.3.4#803005)

[jira] [Resolved] (SLING-10096) Allow the SlingHttpServletRequest in the IncludeGenerator or Sling dynamic includes

2021-04-13 Thread Robert Munteanu (Jira) 


 [ 
https://issues.apache.org/jira/browse/SLING-10096?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel
 ]

Robert Munteanu resolved SLING-10096.
-
  Assignee: Robert Munteanu
Resolution: Fixed

Fixed in 
https://github.com/apache/sling-org-apache-sling-dynamic-include/pull/19, 
thanks [~santiagozky]!

> Allow the SlingHttpServletRequest in the IncludeGenerator or Sling dynamic 
> includes
> ---
>
> Key: SLING-10096
> URL: https://issues.apache.org/jira/browse/SLING-10096
> Project: Sling
>  Issue Type: Improvement
>Reporter: Santiago García Pimentel
>Assignee: Robert Munteanu
>Priority: Major
> Fix For: Dynamic Include 3.2.2
>
>
> The current interface of the IncludeGenerator of Sling Dynamic Includes only 
> pass the String with the original URL.
> It would be great to allow to pass it also the Request to allow clients to 
> implement more robust/complex implementations. 
> For example, allow to create SDI that use the information of the user making 
> the request



--
This message was sent by Atlassian Jira
(v8.3.4#803005)

[GitHub] [sling-org-apache-sling-dynamic-include] rombert merged pull request #19: Extend the IncludeGenerator interface with the Sling Request

2021-04-13 Thread GitBox 


rombert merged pull request #19:
URL: https://github.com/apache/sling-org-apache-sling-dynamic-include/pull/19


   


-- 
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.

For queries about this service, please contact Infrastructure at:
us...@infra.apache.org

[GitHub] [sling-org-apache-sling-event] stefan-egli commented on a change in pull request #11: SLING-10300 : fix duplicate dependencies and versions

2021-04-13 Thread GitBox 


stefan-egli commented on a change in pull request #11:
URL: 
https://github.com/apache/sling-org-apache-sling-event/pull/11#discussion_r612362361



##
File path: pom.xml
##
@@ -195,17 +195,14 @@
 
 org.osgi
 osgi.core
-6.0.0
 
 
 org.osgi
 osgi.cmpn
-6.0.0
 
 
 org.osgi
 org.osgi.service.event

Review comment:
   Not sure it needs the whole thing - let me try without `osgi.cmpn` ..




-- 
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.

For queries about this service, please contact Infrastructure at:
us...@infra.apache.org

[GitHub] [sling-org-apache-sling-event] kwin commented on a change in pull request #11: SLING-10300 : fix duplicate dependencies and versions

2021-04-13 Thread GitBox 


kwin commented on a change in pull request #11:
URL: 
https://github.com/apache/sling-org-apache-sling-event/pull/11#discussion_r612337111



##
File path: pom.xml
##
@@ -195,17 +195,14 @@
 
 org.osgi
 osgi.core
-6.0.0
 
 
 org.osgi
 osgi.cmpn
-6.0.0
 
 
 org.osgi
 org.osgi.service.event

Review comment:
   Please either depend on the individual OSGi artifacts (preferably) or 
the aggregates (osgi.cmpn) but not both, for details refer to 
https://github.com/apache/sling-parent/blob/35ff6b88ff7e69a9da0f94be1997b7a72450282e/sling-bundle-parent/pom.xml#L222




-- 
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.

For queries about this service, please contact Infrastructure at:
us...@infra.apache.org

[jira] [Commented] (SLING-10300) fix maven dependencies in sling.event

2021-04-13 Thread Stefan Egli (Jira) 


[ 
https://issues.apache.org/jira/browse/SLING-10300?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel=17320072#comment-17320072
 ] 

Stefan Egli commented on SLING-10300:
-

* [PR|https://github.com/apache/sling-org-apache-sling-event/pull/11] created

> fix maven dependencies in sling.event
> -
>
> Key: SLING-10300
> URL: https://issues.apache.org/jira/browse/SLING-10300
> Project: Sling
>  Issue Type: Task
>  Components: Event
>Reporter: Stefan Egli
>Assignee: Stefan Egli
>Priority: Major
> Fix For: Event 4.2.18
>
>  Time Spent: 10m
>  Remaining Estimate: 0h
>
> The following maven dependencies when building sling.event should be fixed:
> {noformat}
> [INFO] Scanning for projects...
> [WARNING] 
> [WARNING] Some problems were encountered while building the effective model 
> for org.apache.sling:org.apache.sling.event:jar:4.2.15-SNAPSHOT
> [WARNING] 'dependencies.dependency.(groupId:artifactId:type:classifier)' must 
> be unique: org.apache.sling:org.apache.sling.serviceusermapper:jar -> version 
> 1.2.0 vs 1.4.6 @ line 357, column 21
> [WARNING] 'dependencies.dependency.(groupId:artifactId:type:classifier)' must 
> be unique: org.apache.felix:org.apache.felix.framework:jar -> version 5.6.2 
> vs 6.0.3 @ line 377, column 21
> [WARNING] 
> [WARNING] It is highly recommended to fix these problems because they 
> threaten the stability of your build.
> [WARNING] 
> [WARNING] For this reason, future Maven versions might no longer support 
> building such malformed projects.
> [WARNING] 
> {noformat}



--
This message was sent by Atlassian Jira
(v8.3.4#803005)

[GitHub] [sling-org-apache-sling-event] stefan-egli opened a new pull request #11: SLING-10300 : fix duplicate dependencies and versions

2021-04-13 Thread GitBox 


stefan-egli opened a new pull request #11:
URL: https://github.com/apache/sling-org-apache-sling-event/pull/11


   


-- 
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.

For queries about this service, please contact Infrastructure at:
us...@infra.apache.org

Re: [git] New git repository - org-apache-sling-auth-saml2

2021-04-13 Thread Robert Munteanu 
Hi Cris,

Overall this looks good, I'll create a repo later this week unless
someone objects.

Note that we still need to clarify the status of the additional Maven
artifact repository [1] and probably need to review the deps (there are
lots of them) before starting a release. But that's for later.

Thanks,
Robert

[1]: 
https://github.com/apache/sling-whiteboard/blob/44f4dd89be83f786d6e7e25c4427e19cac71a0e1/saml-handler/pom.xml#L404-L412

On Mon, 2021-04-12 at 16:27 -0400, Cris Rockwell wrote:
> Hi Robert
> 
> The whiteboard PR is merged. Let me know if you have other questions
> about creating the repository.
> 
> Thanks 
> Cris
> 
> 
> 
> > On Apr 8, 2021, at 12:14 PM, Cris Rockwell 
> > wrote:
> > 
> > Hi,
> > 
> > Currently org-apache-sling-auth-saml2 build runs about 65 seconds on
> > my local workstation, 
> > and several minuted in the Jenkins CI pipeline. 
> > My understanding is that projects in the Sling Whiteboard repo should
> > be moved to another repo 
> > before releasing to Maven Central.
> > 
> > Therefore, I'd like to create a new repo for the code currently
> > living in the
> > whiteboard at [0]. 
> > 
> > Proposed repository name:  org-apache-sling-auth-saml2
> > Artifact id: org.apache.sling.auth.saml2
> > 
> > The resulting jar file will be a java OSGi bundle that when
> > configured is used to 
> > authenticate external users using SAML 2.0 protocols.
> > 
> > The README [1] has more details on requirements, supported features
> > and
> > usage.
> > 
> > Thoughts?
> > Cris Rockwell
> > Application Architect Senior
> > University of Michigan | College of Literature, Science, and the Arts
> > LSA Technology Services | Web & Application Development Services
> > 
> > [0]: 
> > https://github.com/apache/sling-whiteboard/pull/69
> > 
> > [1]: 
> > https://github.com/apache/sling-whiteboard/tree/SLING-9397/update-removed-saml-config-service/saml-handler#readme
> > 
>

Re: [VOTE] Release Apache Sling JUnit Core 1.1.2

2021-04-13 Thread Robert Munteanu 
On Fri, 2021-04-09 at 12:12 -0400, Cris Rockwell wrote:
> Please vote to approve these releases:

+1
Robert


signature.asc
Description: This is a digitally signed message part

Re: [VOTE] Release Apache Sling Resource Resolver 1.7.4

2021-04-13 Thread Robert Munteanu 
On Mon, 2021-04-12 at 20:22 +, Stefan Seifert wrote:
> Please vote to approve this release:

+1
Robert


signature.asc
Description: This is a digitally signed message part

[jira] [Commented] (SLING-10229) [LauncherContainer]Set up automated builds for this Docker image

2021-04-13 Thread Robert Munteanu (Jira) 


[ 
https://issues.apache.org/jira/browse/SLING-10229?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel=17320067#comment-17320067
 ] 

Robert Munteanu commented on SLING-10229:
-

Hi [~bisch...@jena.de]. Sorry for the delay, I hope to be able to look into 
this by the end of the week. In the meantime, I have also found an approach to 
build Java applications on Docker Hub - 
https://springframework.guru/docker-hub-for-spring-boot/ . Not sure how this 
compares to your proposal, just wanted to leave it here.

> [LauncherContainer]Set up automated builds for this Docker image 
> -
>
> Key: SLING-10229
> URL: https://issues.apache.org/jira/browse/SLING-10229
> Project: Sling
>  Issue Type: Improvement
>  Components: Feature Model
>Reporter: Stefan Bischof
>Priority: Minor
>
> This is an leftover from an other PR:
> [~rombert]: in  
> [PR|https://github.com/apache/sling-org-apache-sling-feature-launcher/pull/18]
> "I think it would be good to set up automated builds for this Docker image 
> eventually ( not in scope of this PR ). Looking at 
> https://stackoverflow.com/questions/36853002/writing-dockerfile-for-dockerhub-automated-builds,
>  it looks like the Docker build is basically invoking a top-level Dockerfile. 
> Maybe we should move the 'launch' Dockerfile where the plug-in expects it and 
> leave the top-level Dockerfile as an entry point for Dockerhub automated 
> builds?"
> ---
> I am not sure what you mean with `launch`Dockerfile. And that would mean that 
> we have 2 files?
> The Docker Hub automated build uses a file, that could be specified in 
> Docker-hub. They use the Tag/Branch as the version tag of the image. But we 
> are holding the version just inside maven. So I am not sure that this 
> automated build from the Dockerhub-side is the best way. And we are back at 
> the point where we have to find a way to copy the launcher-${version].jar 
> without changing the Dockerfile in every version just because of the 
> different names. 
> I would really like to have this official container automated in the docker 
> hub.
> But I do not know how to solve this with your CI-Tooling / Access rights on 
> DockerHub.
> Having an jenkins that builds every commit with the -P container option and 
> pushes the images would be the easiest way.
> regards
> Stefan



--
This message was sent by Atlassian Jira
(v8.3.4#803005)

[GitHub] [sling-org-apache-sling-jcr-base] rombert commented on pull request #4: SLING-9821 - Fix Error message points to non-existing method

2021-04-13 Thread GitBox 


rombert commented on pull request #4:
URL: 
https://github.com/apache/sling-org-apache-sling-jcr-base/pull/4#issuecomment-818624332


   Hi @valtsu3000 and thanks for the PR! I see a couple of unrelated changes, 
it would be good to remove them from the PR:
   
   - we don't use GitHub actions so please remove ` .github/workflows/build.yml`
   - the changes to pom.xml are unnecessary since we configure SonarCloud 
differently, please remove them
   - we intentionally catch `Throwable` instead of `Exception` so keep that as 
it is
   - by extracting the `repositoryInit` method you've changed to flow - when 
exceptions are caught the method is no longer stopped early
   
   In the end, I would suggest simply changing the log message, it's the 
simplest and most straightforwad action. Thanks!


-- 
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.

For queries about this service, please contact Infrastructure at:
us...@infra.apache.org

[jira] [Assigned] (SLING-10300) fix maven dependencies in sling.event

2021-04-13 Thread Stefan Egli (Jira) 


 [ 
https://issues.apache.org/jira/browse/SLING-10300?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel
 ]

Stefan Egli reassigned SLING-10300:
---

Assignee: Stefan Egli

> fix maven dependencies in sling.event
> -
>
> Key: SLING-10300
> URL: https://issues.apache.org/jira/browse/SLING-10300
> Project: Sling
>  Issue Type: Task
>  Components: Event
>Reporter: Stefan Egli
>Assignee: Stefan Egli
>Priority: Major
> Fix For: Event 4.2.18
>
>
> The following maven dependencies when building sling.event should be fixed:
> {noformat}
> [INFO] Scanning for projects...
> [WARNING] 
> [WARNING] Some problems were encountered while building the effective model 
> for org.apache.sling:org.apache.sling.event:jar:4.2.15-SNAPSHOT
> [WARNING] 'dependencies.dependency.(groupId:artifactId:type:classifier)' must 
> be unique: org.apache.sling:org.apache.sling.serviceusermapper:jar -> version 
> 1.2.0 vs 1.4.6 @ line 357, column 21
> [WARNING] 'dependencies.dependency.(groupId:artifactId:type:classifier)' must 
> be unique: org.apache.felix:org.apache.felix.framework:jar -> version 5.6.2 
> vs 6.0.3 @ line 377, column 21
> [WARNING] 
> [WARNING] It is highly recommended to fix these problems because they 
> threaten the stability of your build.
> [WARNING] 
> [WARNING] For this reason, future Maven versions might no longer support 
> building such malformed projects.
> [WARNING] 
> {noformat}



--
This message was sent by Atlassian Jira
(v8.3.4#803005)

[CANCEL][VOTE] Release Apache Sling Event Support 4.2.16

2021-04-13 Thread Stefan Egli 

Ok, let me cancel the release

Cheers,
Stefan

On 13.04.21 12:10, Stefan Seifert wrote:

hmm, those inconsistencies were newly introduced with the latest version.
although the one has "provided" scope and the other "test" scope, it has effect 
on the package version selected by the bnd plugin for depending on the service user mapper 
dependency. it seems to have picked automatically the newer version which may be fine.

i'm +0 on it, problem is not serious enough to block the release, but 
publishing POMs with inconsistencies to maven central is bad practice.

stefan



-Original Message-
From: Stefan Egli 
Sent: Tuesday, April 13, 2021 12:01 PM
To: dev@sling.apache.org
Subject: Re: [VOTE] Release Apache Sling Event Support 4.2.16

Hi Stefan,

Good point, I created SLING-10300 to follow up.

What's your vote for 4.2.16?

Cheers,
Stefan

On 12.04.21 22:41, Stefan Seifert wrote:

the dependencies defined for the project are inconsistent - as reported

by maven:


[WARNING] 'dependencies.dependency.(groupId:artifactId:type:classifier)'

must be unique: org.apache.sling:org.apache.sling.serviceusermapper:jar ->
version 1.2.0 vs 1.4.6 @ line 357, column 21

[WARNING] 'dependencies.dependency.(groupId:artifactId:type:classifier)'

must be unique: org.apache.felix:org.apache.felix.framework:jar -> version
5.6.2 vs 6.0.3 @ line 377, column 21



stefan

RE: [VOTE] Release Apache Sling Event Support 4.2.16

2021-04-13 Thread Stefan Seifert 
hmm, those inconsistencies were newly introduced with the latest version.
although the one has "provided" scope and the other "test" scope, it has effect 
on the package version selected by the bnd plugin for depending on the service 
user mapper dependency. it seems to have picked automatically the newer version 
which may be fine.

i'm +0 on it, problem is not serious enough to block the release, but 
publishing POMs with inconsistencies to maven central is bad practice.

stefan


>-Original Message-
>From: Stefan Egli 
>Sent: Tuesday, April 13, 2021 12:01 PM
>To: dev@sling.apache.org
>Subject: Re: [VOTE] Release Apache Sling Event Support 4.2.16
>
>Hi Stefan,
>
>Good point, I created SLING-10300 to follow up.
>
>What's your vote for 4.2.16?
>
>Cheers,
>Stefan
>
>On 12.04.21 22:41, Stefan Seifert wrote:
>> the dependencies defined for the project are inconsistent - as reported
>by maven:
>>
>> [WARNING] 'dependencies.dependency.(groupId:artifactId:type:classifier)'
>must be unique: org.apache.sling:org.apache.sling.serviceusermapper:jar ->
>version 1.2.0 vs 1.4.6 @ line 357, column 21
>> [WARNING] 'dependencies.dependency.(groupId:artifactId:type:classifier)'
>must be unique: org.apache.felix:org.apache.felix.framework:jar -> version
>5.6.2 vs 6.0.3 @ line 377, column 21
>>
>>
>> stefan
>>

Re: [VOTE] Release Apache Sling Event Support 4.2.16

2021-04-13 Thread Stefan Egli 

Hi Stefan,

Good point, I created SLING-10300 to follow up.

What's your vote for 4.2.16?

Cheers,
Stefan

On 12.04.21 22:41, Stefan Seifert wrote:

the dependencies defined for the project are inconsistent - as reported by 
maven:

[WARNING] 'dependencies.dependency.(groupId:artifactId:type:classifier)' must be 
unique: org.apache.sling:org.apache.sling.serviceusermapper:jar -> version 
1.2.0 vs 1.4.6 @ line 357, column 21
[WARNING] 'dependencies.dependency.(groupId:artifactId:type:classifier)' must be 
unique: org.apache.felix:org.apache.felix.framework:jar -> version 5.6.2 vs 
6.0.3 @ line 377, column 21


stefan

Re: [VOTE] Release Apache Sling Event Support 4.2.16

2021-04-13 Thread Stefan Egli 

done now.

Cheers,
Stefan

On 13.04.21 11:14, Konrad Windszus wrote:

Please move all issues which have 4.2.14 as fix version to 4.2.16 and remove 
the cancelled version from JIRA.
We don't use fix-versions against non-public releases.
That makes it way easier for customers to understand which version is necessary 
for the fix.
Konrad


On 12. Apr 2021, at 17:26, Stefan Egli  wrote:

Hi,

We solved 3 issues in this release which includes cancelled 4.2.14:

* 1 issue in 4.2.16 :
  https://issues.apache.org/jira/projects/SLING/versions/12349657
* 2 issues in cancelled 4.2.14:
  https://issues.apache.org/jira/projects/SLING/versions/12344827

Staging repository:
https://repository.apache.org/content/repositories/orgapachesling-2427/

You can use this UNIX script to download the release and verify the
signatures:
https://gitbox.apache.org/repos/asf?p=sling-tooling-release.git;a=blob;f=check_staged_release.sh;hb=HEAD

Usage:
sh check_staged_release.sh 2427 /tmp/sling-staging

Please vote to approve this release:

  [ ] +1 Approve the release
  [ ]  0 Don't care
  [ ] -1 Don't release, because ...

This majority vote is open for at least 72 hours.

Cheers,
Stefan

[jira] [Updated] (SLING-7756) Improve logging for Job retries

2021-04-13 Thread Stefan Egli (Jira) 


 [ 
https://issues.apache.org/jira/browse/SLING-7756?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel
 ]

Stefan Egli updated SLING-7756:
---
Fix Version/s: (was: Event 4.2.14)
   Event 4.2.16

> Improve logging for Job retries
> ---
>
> Key: SLING-7756
> URL: https://issues.apache.org/jira/browse/SLING-7756
> Project: Sling
>  Issue Type: Improvement
>  Components: Event
>Affects Versions: Event 4.2.10
>Reporter: Konrad Windszus
>Assignee: Konrad Windszus
>Priority: Major
> Fix For: Event 4.2.16
>
>  Time Spent: 0.5h
>  Remaining Estimate: 0h
>
> Currently a {{JobConsumer}} returning {{JobResult.FAILED}} is usually retried 
> (https://sling.apache.org/documentation/bundles/apache-sling-eventing-and-job-handling.html).
>  Unfortunately this is not exposed in the logs, so in case a JobConsumer logs 
> an error before returning {{JobResult.FAILED}} the job is silently retried 
> without any particular log message. I think each failed job should lead to a 
> WARN in the log (in case the job is retried) with the attempt number and 
> outstanding attempts in the log message. In case a job is not retried, an 
> ERROR should be emitted to the log for every failed job.



--
This message was sent by Atlassian Jira
(v8.3.4#803005)

[jira] [Updated] (SLING-9906) Avoid retrying to load jobs if classes are missing

2021-04-13 Thread Stefan Egli (Jira) 


 [ 
https://issues.apache.org/jira/browse/SLING-9906?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel
 ]

Stefan Egli updated SLING-9906:
---
Fix Version/s: (was: Event 4.2.14)
   Event 4.2.16

> Avoid retrying to load jobs if classes are missing
> --
>
> Key: SLING-9906
> URL: https://issues.apache.org/jira/browse/SLING-9906
> Project: Sling
>  Issue Type: Improvement
>  Components: Event
>Reporter: Carsten Ziegeler
>Assignee: Stefan Egli
>Priority: Major
> Fix For: Event 4.2.16
>
>  Time Spent: 1h
>  Remaining Estimate: 0h
>
> When a Sling job is tried to be loaded, it might reference public api classes 
> provided by bundles - although that is a bad pattern that should be avoid, 
> sometimes this is used.
> While the job engine does not try to reload those jobs for execution - unless 
> such a new job is created (which is unlikely as the class is missing), the 
> re-assigning of jobs from a removed instance to a new one suffers from the 
> same problem. And that is retried over and over again.
> So there are probably several possible improvements:
> - make sure that jobs are not reloaded when public classes are missing during 
> job execution (unless bundles have changed)
> - reduce log output to a log statement (except of stack trace) if 
> classloading for jobs fails
> - change re-assigning of jobs to not require classes to be available. This 
> can probably be solved by using ResourceResolver.move



--
This message was sent by Atlassian Jira
(v8.3.4#803005)

[jira] [Created] (SLING-10300) fix maven dependencies in sling.event

2021-04-13 Thread Stefan Egli (Jira) 
Stefan Egli created SLING-10300:
---

 Summary: fix maven dependencies in sling.event
 Key: SLING-10300
 URL: https://issues.apache.org/jira/browse/SLING-10300
 Project: Sling
  Issue Type: Task
  Components: Event
Reporter: Stefan Egli


The following maven dependencies when building sling.event should be fixed:
{noformat}
[INFO] Scanning for projects...
[WARNING] 
[WARNING] Some problems were encountered while building the effective model for 
org.apache.sling:org.apache.sling.event:jar:4.2.15-SNAPSHOT
[WARNING] 'dependencies.dependency.(groupId:artifactId:type:classifier)' must 
be unique: org.apache.sling:org.apache.sling.serviceusermapper:jar -> version 
1.2.0 vs 1.4.6 @ line 357, column 21
[WARNING] 'dependencies.dependency.(groupId:artifactId:type:classifier)' must 
be unique: org.apache.felix:org.apache.felix.framework:jar -> version 5.6.2 vs 
6.0.3 @ line 377, column 21
[WARNING] 
[WARNING] It is highly recommended to fix these problems because they threaten 
the stability of your build.
[WARNING] 
[WARNING] For this reason, future Maven versions might no longer support 
building such malformed projects.
[WARNING] 
{noformat}



--
This message was sent by Atlassian Jira
(v8.3.4#803005)

[jira] [Updated] (SLING-10300) fix maven dependencies in sling.event

2021-04-13 Thread Stefan Egli (Jira) 


 [ 
https://issues.apache.org/jira/browse/SLING-10300?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel
 ]

Stefan Egli updated SLING-10300:

Fix Version/s: Event 4.2.18

> fix maven dependencies in sling.event
> -
>
> Key: SLING-10300
> URL: https://issues.apache.org/jira/browse/SLING-10300
> Project: Sling
>  Issue Type: Task
>  Components: Event
>Reporter: Stefan Egli
>Priority: Major
> Fix For: Event 4.2.18
>
>
> The following maven dependencies when building sling.event should be fixed:
> {noformat}
> [INFO] Scanning for projects...
> [WARNING] 
> [WARNING] Some problems were encountered while building the effective model 
> for org.apache.sling:org.apache.sling.event:jar:4.2.15-SNAPSHOT
> [WARNING] 'dependencies.dependency.(groupId:artifactId:type:classifier)' must 
> be unique: org.apache.sling:org.apache.sling.serviceusermapper:jar -> version 
> 1.2.0 vs 1.4.6 @ line 357, column 21
> [WARNING] 'dependencies.dependency.(groupId:artifactId:type:classifier)' must 
> be unique: org.apache.felix:org.apache.felix.framework:jar -> version 5.6.2 
> vs 6.0.3 @ line 377, column 21
> [WARNING] 
> [WARNING] It is highly recommended to fix these problems because they 
> threaten the stability of your build.
> [WARNING] 
> [WARNING] For this reason, future Maven versions might no longer support 
> building such malformed projects.
> [WARNING] 
> {noformat}



--
This message was sent by Atlassian Jira
(v8.3.4#803005)

[GitHub] [sling-org-apache-sling-jcr-base] sonarcloud[bot] commented on pull request #4: SLING-9821 - Fix Error message points to non-existing method

2021-04-13 Thread GitBox 


sonarcloud[bot] commented on pull request #4:
URL: 
https://github.com/apache/sling-org-apache-sling-jcr-base/pull/4#issuecomment-818597691


   Kudos, SonarCloud Quality Gate passed!
   
   [](https://sonarcloud.io/project/issues?id=apache_sling-org-apache-sling-jcr-base=4=false=BUG)
 [](https://sonarcloud.io/project/issues?id=apache_sling-org-apache-sling-jcr-base=4=false=BUG)
 [0 
Bugs](https://sonarcloud.io/project/issues?id=apache_sling-org-apache-sling-jcr-base=4=false=BUG)
  
   [](https://sonarcloud.io/project/issues?id=apache_sling-org-apache-sling-jcr-base=4=false=VULNERABILITY)
 [](https://sonarcloud.io/project/issues?id=apache_sling-org-apache-sling-jcr-base=4=false=VULNERABILITY)
 [0 
Vulnerabilities](https://sonarcloud.io/project/issues?id=apache_sling-org-apache-sling-jcr-base=4=false=VULNERABILITY)
  
   [](https://sonarcloud.io/project/security_hotspots?id=apache_sling-org-apache-sling-jcr-base=4=false=SECURITY_HOTSPOT)
 [](https://sonarcloud.io/project/security_hotspots?id=apache_sling-org-apache-sling-jcr-base=4=false=SECURITY_HOTSPOT)
 [0 Security 
Hotspots](https://sonarcloud.io/project/security_hotspots?id=apache_sling-org-apache-sling-jcr-base=4=false=SECURITY_HOTSPOT)
  
   [](https://sonarcloud.io/project/issues?id=apache_sling-org-apache-sling-jcr-base=4=false=CODE_SMELL)
 [](https://sonarcloud.io/project/issues?id=apache_sling-org-apache-sling-jcr-base=4=false=CODE_SMELL)
 [0 Code 
Smells](https://sonarcloud.io/project/issues?id=apache_sling-org-apache-sling-jcr-base=4=false=CODE_SMELL)
   
   [](https://sonarcloud.io/component_measures?id=apache_sling-org-apache-sling-jcr-base=4=new_coverage=list)
 [100.0% 
Coverage](https://sonarcloud.io/component_measures?id=apache_sling-org-apache-sling-jcr-base=4=new_coverage=list)
  
   [](https://sonarcloud.io/component_measures?id=apache_sling-org-apache-sling-jcr-base=4=new_duplicated_lines_density=list)
 [0.0% 
Duplication](https://sonarcloud.io/component_measures?id=apache_sling-org-apache-sling-jcr-base=4=new_duplicated_lines_density=list)
   
   


-- 
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.

For queries about this service, please contact Infrastructure at:
us...@infra.apache.org

[GitHub] [sling-org-apache-sling-jcr-base] valtsu3000 opened a new pull request #4: SLING-9821 - Fix Error message points to non-existing method

2021-04-13 Thread GitBox 


valtsu3000 opened a new pull request #4:
URL: https://github.com/apache/sling-org-apache-sling-jcr-base/pull/4


   This pull request was made for a mandatory school project
   
   https://issues.apache.org/jira/browse/SLING-9821


-- 
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.

For queries about this service, please contact Infrastructure at:
us...@infra.apache.org

Re: [VOTE] Release Apache Sling Event Support 4.2.16

2021-04-13 Thread Konrad Windszus 
Please move all issues which have 4.2.14 as fix version to 4.2.16 and remove 
the cancelled version from JIRA.
We don't use fix-versions against non-public releases.
That makes it way easier for customers to understand which version is necessary 
for the fix.
Konrad

> On 12. Apr 2021, at 17:26, Stefan Egli  wrote:
> 
> Hi,
> 
> We solved 3 issues in this release which includes cancelled 4.2.14:
> 
> * 1 issue in 4.2.16 :
>  https://issues.apache.org/jira/projects/SLING/versions/12349657
> * 2 issues in cancelled 4.2.14:
>  https://issues.apache.org/jira/projects/SLING/versions/12344827
> 
> Staging repository:
> https://repository.apache.org/content/repositories/orgapachesling-2427/
> 
> You can use this UNIX script to download the release and verify the
> signatures:
> https://gitbox.apache.org/repos/asf?p=sling-tooling-release.git;a=blob;f=check_staged_release.sh;hb=HEAD
> 
> Usage:
> sh check_staged_release.sh 2427 /tmp/sling-staging
> 
> Please vote to approve this release:
> 
>  [ ] +1 Approve the release
>  [ ]  0 Don't care
>  [ ] -1 Don't release, because ...
> 
> This majority vote is open for at least 72 hours.
> 
> Cheers,
> Stefan

[GitHub] [sling-org-apache-sling-feature-cpconverter] kwin commented on pull request #70: SLING-10127 emit all converted packages to the local Maven repository

2021-04-13 Thread GitBox 


kwin commented on pull request #70:
URL: 
https://github.com/apache/sling-org-apache-sling-feature-cpconverter/pull/70#issuecomment-818567126


   bq. I think we should as a first step expose that as an option.
   
   That is where we don't agree. I don't see a good use case for that (even if 
it the current status quo). Can you give one?
   
   bq. You want to go further and change it to be always write the artifacts
   
   For me this is not going "further", but probably related to the first point.
   
   bq. What do users do that want the current way of working?
   
   Again, I don't see any use case for the current (errorneous) way of working.
   
   bq. We would force them to change what they do - which I would like to avoid
   
   No, just outputting a non-referenced artifact does not do any harm. It all 
depends on whether you use it afterwards or not.


-- 
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.

For queries about this service, please contact Infrastructure at:
us...@infra.apache.org

[GitHub] [sling-org-apache-sling-feature-cpconverter] kwin edited a comment on pull request #70: SLING-10127 emit all converted packages to the local Maven repository

2021-04-13 Thread GitBox 


kwin edited a comment on pull request #70:
URL: 
https://github.com/apache/sling-org-apache-sling-feature-cpconverter/pull/70#issuecomment-818567126


   > I think we should as a first step expose that as an option.
   
   That is where we don't agree. I don't see a good use case for that (even if 
it the current status quo). Can you give one?
   
   > You want to go further and change it to be always write the artifacts
   
   For me this is not going "further", but probably related to the first point.
   
   > What do users do that want the current way of working?
   
   Again, I don't see any use case for the current (errorneous) way of working.
   
   > We would force them to change what they do - which I would like to avoid
   
   No, just outputting a non-referenced artifact does not do any harm. It all 
depends on whether you use it afterwards or not.


-- 
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.

For queries about this service, please contact Infrastructure at:
us...@infra.apache.org

[GitHub] [sling-org-apache-sling-feature-cpconverter] karlpauls commented on pull request #70: SLING-10127 emit all converted packages to the local Maven repository

2021-04-13 Thread GitBox 


karlpauls commented on pull request #70:
URL: 
https://github.com/apache/sling-org-apache-sling-feature-cpconverter/pull/70#issuecomment-818563923


   @kwin, right. So the current behavior is to never reference "content" 
content packages and never write them. I think we should as a first step expose 
that as an option. You want to go further and change it to be always write the 
artifacts and only make the reference optional. What do users do that want the 
current way of working? We would force them to change what they do - which I 
would like to avoid. 


-- 
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.

For queries about this service, please contact Infrastructure at:
us...@infra.apache.org

[jira] [Created] (SLING-10299) Allow for removal of access control policies (not just individual entries)

2021-04-13 Thread Angela Schreiber (Jira) 
Angela Schreiber created SLING-10299:


 Summary: Allow for removal of access control policies (not just 
individual entries)
 Key: SLING-10299
 URL: https://issues.apache.org/jira/browse/SLING-10299
 Project: Sling
  Issue Type: New Feature
  Components: Repoinit
Affects Versions: Repoinit Parser 1.6.6, Repoinit JCR 1.1.32
Reporter: Angela Schreiber


hi [~bdelacretaz], as outline in SLING-10134 the ability to cleanup access 
control content with repo-init is currently limited. while investigating ways 
to remove resource-based service user permissions in existing installations i 
noticed that there is one piece from the Jackrabbit API missing altogether: 
{{AccessControlManager.removePolicy(String absPath, AccessControlPolicy}}.

repo-init language today allows for removal of individual access control 
entries and all entries, it doesn't provide the means to drop a policy (without 
specifying which entries to drop).

the langage extension could look as follows for the 3 main types to set access 
control:
{code}
remove ACL on /libs,/apps
remove ACL for alice, bob, fred
remove principal ACL for alice, bob
{code}

IMO no {{end}} statement would be required as there are no additional entry 
specific statements present.

since this would also be needed to cleanup AC content for principals that are 
being removed, I would strongly suggest to leave the principal-validation step 
to the repository and mandate the target principal to exist. In order to not 
break subsequent executions I would also suggest to only log an INFO if the 
policy to remove doesn't exist.

implementation wise it could look as follows (untested pseudo-code):
{code}
JackrabbitAccessControlList acl = 
AccessControlUtils.getAccessControlList(acMgr, jcrPath);
if (acl != null) {
  acMgr.removePolicy(acl.getPath(), acl)
} else {
  log.info(".");
}
{code}

{code}
PrincipalAccessControlList acl = getPrincipalAccessControlList(acMgr, principal)
if (acl != null) {
  acMgr.removePolicy(acl.getPath(), acl)
} else {
  log.info(".");
}
{code}

for the case {{remove ACL for alice, bob, fred}} multiple options exist i 
would need to dig into the repo-init code to see what was best. in theory 
{{JackrabbitAccessControlManager.getPolicies(principal)}} should work and one 
only need to make sure not to delete the {{PrincipalAccessControlList}} if that 
existed as well.







--
This message was sent by Atlassian Jira
(v8.3.4#803005)

[jira] [Created] (SLING-10298) Record origins for configurations and bundles

2021-04-13 Thread Carsten Ziegeler (Jira) 
Carsten Ziegeler created SLING-10298:


 Summary: Record origins for configurations and bundles
 Key: SLING-10298
 URL: https://issues.apache.org/jira/browse/SLING-10298
 Project: Sling
  Issue Type: Improvement
  Components: Content-Package to Feature Model Converter
Reporter: Carsten Ziegeler
 Fix For: Content-Package to Feature Model Converter 1.0.26


For better diagnosis, the origin of OSGi configurations and bundles should be 
recorded as metadata. We should keep track of the content package(s) they were 
contained in



--
This message was sent by Atlassian Jira
(v8.3.4#803005)

  1   2   >