[GitHub] [sling-site] enapps-enorman merged pull request #80: SLING-11023 document setting types for authorizable property containers

[GitBox]

enapps-enorman merged pull request #80:
URL: https://github.com/apache/sling-site/pull/80


   


-- 
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.

To unsubscribe, e-mail: dev-unsubscr...@sling.apache.org

For queries about this service, please contact Infrastructure at:
us...@infra.apache.org

[GitHub] [sling-site] enapps-enorman opened a new pull request #80: SLING-11023 document setting types for authorizable property containers

[GitBox]

enapps-enorman opened a new pull request #80:
URL: https://github.com/apache/sling-site/pull/80


   Support for setting jcr:mixinTypes and jcr:primaryType for nested 
authorizable properties


-- 
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.

To unsubscribe, e-mail: dev-unsubscr...@sling.apache.org

For queries about this service, please contact Infrastructure at:
us...@infra.apache.org

[jira] [Closed] (SLING-11034) Allow option to expose nested authorizable properties as child resources

[Eric Norman (Jira)]

 [ 
https://issues.apache.org/jira/browse/SLING-11034?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel
 ]

Eric Norman closed SLING-11034.
---

closing with the 2.2.18 release

> Allow option to expose nested authorizable properties as child resources
> 
>
> Key: SLING-11034
> URL: https://issues.apache.org/jira/browse/SLING-11034
> Project: Sling
>  Issue Type: Improvement
>Reporter: Eric Norman
>Assignee: Eric Norman
>Priority: Major
> Fix For: JCR Jackrabbit User Manager 2.2.18
>
>  Time Spent: 1.5h
>  Remaining Estimate: 0h
>
> When nested properties are set on a user or group, it is not convenient to 
> read those property values from the AuthorizableResource without writing 
> extra code.
> Expected:
> For any nested authorizable properties, provide a NestedAuthorizableResource 
> child resource for each of the property containers.
> For example to get a user with it's direct children:
> {code:java}
> $ curl http://localhost:8080/system/userManager/user/myuser.tidy.1.json{code}
> Or to access the a "private" nested properties child directly:
> {code:java}
> $ curl 
> http://localhost:8080/system/userManager/user/myuser/private.tidy.json{code}
>  
> This capability should be able to be turned on or off via configuration.  
> Probably off by default for backward compatibility.



--
This message was sent by Atlassian Jira
(v8.20.1#820001)

[jira] [Closed] (SLING-11098) Provide resource for the everyone group

[Eric Norman (Jira)]

 [ 
https://issues.apache.org/jira/browse/SLING-11098?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel
 ]

Eric Norman closed SLING-11098.
---

closing with the 2.2.18 release

> Provide resource for the everyone group
> ---
>
> Key: SLING-11098
> URL: https://issues.apache.org/jira/browse/SLING-11098
> Project: Sling
>  Issue Type: Improvement
>Reporter: Eric Norman
>Assignee: Eric Norman
>Priority: Major
> Fix For: JCR Jackrabbit User Manager 2.2.18
>
>  Time Spent: 1h 10m
>  Remaining Estimate: 0h
>
> This is in support of a use case of a user interface for defining permissions 
> where you would like the option to pick the everyone group for an access 
> control entry.
> Some principals like the everyone group don't have a corresponding 
> Authorizable.  The existing AuthorizableResourceProvider implementation does 
> not provide a resource for that principal.
> So for the use case where UserManager#getAuthorizable returns null but the 
> PrincipalManager#getPrincipal returns non-null then we should have a 
> PrincipalResource instead of skipping it.
>  



--
This message was sent by Atlassian Jira
(v8.20.1#820001)

[jira] [Closed] (SLING-11107) Update to Sling Bundle Parent 47

[Eric Norman (Jira)]

 [ 
https://issues.apache.org/jira/browse/SLING-11107?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel
 ]

Eric Norman closed SLING-11107.
---

closing with the 2.2.18 release

> Update to Sling Bundle Parent 47
> 
>
> Key: SLING-11107
> URL: https://issues.apache.org/jira/browse/SLING-11107
> Project: Sling
>  Issue Type: Improvement
>Reporter: Eric Norman
>Assignee: Eric Norman
>Priority: Major
> Fix For: JCR Jackrabbit User Manager 2.2.18
>
>
> Update to Sling Bundle Parent 47



--
This message was sent by Atlassian Jira
(v8.20.1#820001)

[jira] [Closed] (SLING-11023) Support setting jcr:mixinTypes and jcr:primaryType for nested authorizable properties

[Eric Norman (Jira)]

 [ 
https://issues.apache.org/jira/browse/SLING-11023?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel
 ]

Eric Norman closed SLING-11023.
---

closing with the 2.2.18 release

> Support setting jcr:mixinTypes and jcr:primaryType for nested authorizable 
> properties
> -
>
> Key: SLING-11023
> URL: https://issues.apache.org/jira/browse/SLING-11023
> Project: Sling
>  Issue Type: Improvement
>Reporter: Eric Norman
>Assignee: Eric Norman
>Priority: Major
> Fix For: JCR Jackrabbit User Manager 2.2.18
>
>  Time Spent: 0.5h
>  Remaining Estimate: 0h
>
> When creating or updating a user/group it may be necessary to supply the 
> jcr:primaryType and/or jcr:mixinTypes values for one or more of the container 
> nodes to satisfy constraints.
> For example:
> {code:java}
> curl -Fprivate/jcr:mixinTypes=mymix:samplemix  \
>  -Fprivate2/jcr:primaryType=my:sample  \
>  http://localhost:8080/people/user/testuser1.update.html{code}



--
This message was sent by Atlassian Jira
(v8.20.1#820001)

[RESULT] [VOTE] Release Apache Sling JCR Jackrabbit User Manager version 2.2.18

[Eric Norman]

Hi,

The vote has passed with the following result :

+1 (binding): Daniel Klco, Robert Munteanu, Radu Cotescu, Eric Norman
+1 (non binding): none

I will copy this release to the Sling dist directory and promote the
artifacts to the central Maven repository.

Re: [VOTE] Release Apache Sling JCR Jackrabbit User Manager version 2.2.18

[Eric Norman]

+1

On Mon, Jan 31, 2022 at 1:19 PM Eric Norman  wrote:

> Hi,
>
> We solved 4 issues in this release:
> https://issues.apache.org/jira/browse/SLING/fixforversion/12350857
>
> Staging repository:
> https://repository.apache.org/content/repositories/orgapachesling-2591/
>
> You can use this UNIX script to download the release and verify the
> signatures:
>
> https://gitbox.apache.org/repos/asf?p=sling-tooling-release.git;a=blob;f=check_staged_release.sh;hb=HEAD
>
> Usage:
> sh check_staged_release.sh 2591 /tmp/sling-staging
>
> Please vote to approve this release:
>
>   [ ] +1 Approve the release
>   [ ]  0 Don't care
>   [ ] -1 Don't release, because ...
>
> This majority vote is open for at least 72 hours.
>

[jira] [Commented] (SLING-11124) Update Guava Dependency for CVE CVE-2018-10237 and CVE-2020-8908

[Eric Norman (Jira)]

[ 
https://issues.apache.org/jira/browse/SLING-11124?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel=17487218#comment-17487218
 ] 

Eric Norman commented on SLING-11124:
-

[~andrei.dulvac] I haven't checked this, but do you anticipate any conflicts 
with OAK which I believe is still stuck on guava version 15 (see OAK-7182)?  
For example, if a project depends on both oak and o.a.sling.testing.clients is 
it going to have troubles?

> Update Guava Dependency for CVE CVE-2018-10237 and CVE-2020-8908
> 
>
> Key: SLING-11124
> URL: https://issues.apache.org/jira/browse/SLING-11124
> Project: Sling
>  Issue Type: Task
>  Components: Apache Sling Testing Clients
>Affects Versions: Apache Sling Testing Clients 3.0.8
>Reporter: Andrei Tuicu
>Assignee: Andrei Dulvac
>Priority: Major
> Fix For: Apache Sling Testing Clients 3.0.8
>
>  Time Spent: 40m
>  Remaining Estimate: 0h
>
> Sling testing clients are using com.google.guava guava 14.0.1 which is 
> vulnerable to CVE-2018-10237(MEDIUM) [1] and CVE-2020-8908(LOW) [2].
> Mitigation: update to latest guava 31.0.1-android
> [1] https://www.cvedetails.com/cve/CVE-2018-10237/
> [2] https://www.cvedetails.com/cve/CVE-2020-8908/



--
This message was sent by Atlassian Jira
(v8.20.1#820001)

[GitHub] [sling-org-apache-sling-starter] sonarcloud[bot] commented on pull request #46: SLING-9638 - Update Starter Docker image to be based on the feature model

[GitBox]

sonarcloud[bot] commented on pull request #46:
URL: 
https://github.com/apache/sling-org-apache-sling-starter/pull/46#issuecomment-1030229222


   Kudos, SonarCloud Quality Gate passed!  ![Quality Gate 
passed](https://sonarsource.github.io/sonarcloud-github-static-resources/v2/checks/QualityGateBadge/passed-16px.png
 'Quality Gate passed')
   
   
[![Bug](https://sonarsource.github.io/sonarcloud-github-static-resources/v2/common/bug-16px.png
 
'Bug')](https://sonarcloud.io/project/issues?id=apache_sling-org-apache-sling-starter=46=false=BUG)
 
[![A](https://sonarsource.github.io/sonarcloud-github-static-resources/v2/checks/RatingBadge/A-16px.png
 
'A')](https://sonarcloud.io/project/issues?id=apache_sling-org-apache-sling-starter=46=false=BUG)
 [0 
Bugs](https://sonarcloud.io/project/issues?id=apache_sling-org-apache-sling-starter=46=false=BUG)
  
   
[![Vulnerability](https://sonarsource.github.io/sonarcloud-github-static-resources/v2/common/vulnerability-16px.png
 
'Vulnerability')](https://sonarcloud.io/project/issues?id=apache_sling-org-apache-sling-starter=46=false=VULNERABILITY)
 
[![A](https://sonarsource.github.io/sonarcloud-github-static-resources/v2/checks/RatingBadge/A-16px.png
 
'A')](https://sonarcloud.io/project/issues?id=apache_sling-org-apache-sling-starter=46=false=VULNERABILITY)
 [0 
Vulnerabilities](https://sonarcloud.io/project/issues?id=apache_sling-org-apache-sling-starter=46=false=VULNERABILITY)
  
   [![Security 
Hotspot](https://sonarsource.github.io/sonarcloud-github-static-resources/v2/common/security_hotspot-16px.png
 'Security 
Hotspot')](https://sonarcloud.io/project/security_hotspots?id=apache_sling-org-apache-sling-starter=46=false=SECURITY_HOTSPOT)
 
[![A](https://sonarsource.github.io/sonarcloud-github-static-resources/v2/checks/RatingBadge/A-16px.png
 
'A')](https://sonarcloud.io/project/security_hotspots?id=apache_sling-org-apache-sling-starter=46=false=SECURITY_HOTSPOT)
 [0 Security 
Hotspots](https://sonarcloud.io/project/security_hotspots?id=apache_sling-org-apache-sling-starter=46=false=SECURITY_HOTSPOT)
  
   [![Code 
Smell](https://sonarsource.github.io/sonarcloud-github-static-resources/v2/common/code_smell-16px.png
 'Code 
Smell')](https://sonarcloud.io/project/issues?id=apache_sling-org-apache-sling-starter=46=false=CODE_SMELL)
 
[![A](https://sonarsource.github.io/sonarcloud-github-static-resources/v2/checks/RatingBadge/A-16px.png
 
'A')](https://sonarcloud.io/project/issues?id=apache_sling-org-apache-sling-starter=46=false=CODE_SMELL)
 [0 Code 
Smells](https://sonarcloud.io/project/issues?id=apache_sling-org-apache-sling-starter=46=false=CODE_SMELL)
   
   [![No Coverage 
information](https://sonarsource.github.io/sonarcloud-github-static-resources/v2/checks/CoverageChart/NoCoverageInfo-16px.png
 'No Coverage 
information')](https://sonarcloud.io/component_measures?id=apache_sling-org-apache-sling-starter=46)
 No Coverage information  
   [![No Duplication 
information](https://sonarsource.github.io/sonarcloud-github-static-resources/v2/checks/Duplications/NoDuplicationInfo-16px.png
 'No Duplication 
information')](https://sonarcloud.io/component_measures?id=apache_sling-org-apache-sling-starter=46=duplicated_lines_density=list)
 No Duplication information
   
   


-- 
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.

To unsubscribe, e-mail: dev-unsubscr...@sling.apache.org

For queries about this service, please contact Infrastructure at:
us...@infra.apache.org

[GitHub] [sling-org-apache-sling-starter] rombert opened a new pull request #46: SLING-9638 - Update Starter Docker image to be based on the feature model

[GitBox]

rombert opened a new pull request #46:
URL: https://github.com/apache/sling-org-apache-sling-starter/pull/46


   Reduce final image size and build time.


-- 
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.

To unsubscribe, e-mail: dev-unsubscr...@sling.apache.org

For queries about this service, please contact Infrastructure at:
us...@infra.apache.org

[GitHub] [sling-org-apache-sling-event] sonarcloud[bot] commented on pull request #16: SLING-11091: expose the number of scheduled jobs as metric

[GitBox]

sonarcloud[bot] commented on pull request #16:
URL: 
https://github.com/apache/sling-org-apache-sling-event/pull/16#issuecomment-1030159426


   SonarCloud Quality Gate failed.  ![Quality Gate 
failed](https://sonarsource.github.io/sonarcloud-github-static-resources/v2/checks/QualityGateBadge/failed-16px.png
 'Quality Gate failed')
   
   
[![Bug](https://sonarsource.github.io/sonarcloud-github-static-resources/v2/common/bug-16px.png
 
'Bug')](https://sonarcloud.io/project/issues?id=apache_sling-org-apache-sling-event=16=false=BUG)
 
[![A](https://sonarsource.github.io/sonarcloud-github-static-resources/v2/checks/RatingBadge/A-16px.png
 
'A')](https://sonarcloud.io/project/issues?id=apache_sling-org-apache-sling-event=16=false=BUG)
 [0 
Bugs](https://sonarcloud.io/project/issues?id=apache_sling-org-apache-sling-event=16=false=BUG)
  
   
[![Vulnerability](https://sonarsource.github.io/sonarcloud-github-static-resources/v2/common/vulnerability-16px.png
 
'Vulnerability')](https://sonarcloud.io/project/issues?id=apache_sling-org-apache-sling-event=16=false=VULNERABILITY)
 
[![A](https://sonarsource.github.io/sonarcloud-github-static-resources/v2/checks/RatingBadge/A-16px.png
 
'A')](https://sonarcloud.io/project/issues?id=apache_sling-org-apache-sling-event=16=false=VULNERABILITY)
 [0 
Vulnerabilities](https://sonarcloud.io/project/issues?id=apache_sling-org-apache-sling-event=16=false=VULNERABILITY)
  
   [![Security 
Hotspot](https://sonarsource.github.io/sonarcloud-github-static-resources/v2/common/security_hotspot-16px.png
 'Security 
Hotspot')](https://sonarcloud.io/project/security_hotspots?id=apache_sling-org-apache-sling-event=16=false=SECURITY_HOTSPOT)
 
[![A](https://sonarsource.github.io/sonarcloud-github-static-resources/v2/checks/RatingBadge/A-16px.png
 
'A')](https://sonarcloud.io/project/security_hotspots?id=apache_sling-org-apache-sling-event=16=false=SECURITY_HOTSPOT)
 [0 Security 
Hotspots](https://sonarcloud.io/project/security_hotspots?id=apache_sling-org-apache-sling-event=16=false=SECURITY_HOTSPOT)
  
   [![Code 
Smell](https://sonarsource.github.io/sonarcloud-github-static-resources/v2/common/code_smell-16px.png
 'Code 
Smell')](https://sonarcloud.io/project/issues?id=apache_sling-org-apache-sling-event=16=false=CODE_SMELL)
 
[![A](https://sonarsource.github.io/sonarcloud-github-static-resources/v2/checks/RatingBadge/A-16px.png
 
'A')](https://sonarcloud.io/project/issues?id=apache_sling-org-apache-sling-event=16=false=CODE_SMELL)
 [0 Code 
Smells](https://sonarcloud.io/project/issues?id=apache_sling-org-apache-sling-event=16=false=CODE_SMELL)
   
   
[![70.0%](https://sonarsource.github.io/sonarcloud-github-static-resources/v2/checks/CoverageChart/60-16px.png
 
'70.0%')](https://sonarcloud.io/component_measures?id=apache_sling-org-apache-sling-event=16=new_coverage=list)
 [70.0% 
Coverage](https://sonarcloud.io/component_measures?id=apache_sling-org-apache-sling-event=16=new_coverage=list)
  
   
[![0.0%](https://sonarsource.github.io/sonarcloud-github-static-resources/v2/checks/Duplications/3-16px.png
 
'0.0%')](https://sonarcloud.io/component_measures?id=apache_sling-org-apache-sling-event=16=new_duplicated_lines_density=list)
 [0.0% 
Duplication](https://sonarcloud.io/component_measures?id=apache_sling-org-apache-sling-event=16=new_duplicated_lines_density=list)
   
   


-- 
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.

To unsubscribe, e-mail: dev-unsubscr...@sling.apache.org

For queries about this service, please contact Infrastructure at:
us...@infra.apache.org

[VOTE] Release Apache Sling Testing Clients version 3.0.8

[Andrei Dulvac]

We solved 1 issues in this release:
https://issues.apache.org/jira/projects/SLING/versions/12351312

Staging repository:
https://repository.apache.org/content/repositories/orgapachesling-2593

You can use this UNIX script to download the release and verify the
signatures:
https://gitbox.apache.org/repos/asf?p=sling-tooling-release.git;a=blob;f=check_staged_release.sh;hb=HEAD

Usage:
sh check_staged_release.sh 2593 /tmp/sling-staging

Please vote to approve this release:

  [ ] +1 Approve the release
  [ ]  0 Don't care
  [ ] -1 Don't release, because ...

This majority vote is open for at least 72 hours.

[jira] [Updated] (SLING-11124) Update Guava Dependency for CVE CVE-2018-10237 and CVE-2020-8908

[Andrei Dulvac (Jira)]

 [ 
https://issues.apache.org/jira/browse/SLING-11124?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel
 ]

Andrei Dulvac updated SLING-11124:
--
Affects Version/s: Apache Sling Testing Clients 3.0.8
   (was: Apache Sling Testing Clients 3.0.6)

> Update Guava Dependency for CVE CVE-2018-10237 and CVE-2020-8908
> 
>
> Key: SLING-11124
> URL: https://issues.apache.org/jira/browse/SLING-11124
> Project: Sling
>  Issue Type: Task
>  Components: Apache Sling Testing Clients
>Affects Versions: Apache Sling Testing Clients 3.0.8
>Reporter: Andrei Tuicu
>Assignee: Andrei Dulvac
>Priority: Major
> Fix For: Apache Sling Testing Clients 3.0.6
>
>  Time Spent: 40m
>  Remaining Estimate: 0h
>
> Sling testing clients are using com.google.guava guava 14.0.1 which is 
> vulnerable to CVE-2018-10237(MEDIUM) [1] and CVE-2020-8908(LOW) [2].
> Mitigation: update to latest guava 31.0.1-android
> [1] https://www.cvedetails.com/cve/CVE-2018-10237/
> [2] https://www.cvedetails.com/cve/CVE-2020-8908/



--
This message was sent by Atlassian Jira
(v8.20.1#820001)

[jira] [Updated] (SLING-11124) Update Guava Dependency for CVE CVE-2018-10237 and CVE-2020-8908

[Andrei Dulvac (Jira)]

 [ 
https://issues.apache.org/jira/browse/SLING-11124?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel
 ]

Andrei Dulvac updated SLING-11124:
--
Fix Version/s: Apache Sling Testing Clients 3.0.8
   (was: Apache Sling Testing Clients 3.0.6)

> Update Guava Dependency for CVE CVE-2018-10237 and CVE-2020-8908
> 
>
> Key: SLING-11124
> URL: https://issues.apache.org/jira/browse/SLING-11124
> Project: Sling
>  Issue Type: Task
>  Components: Apache Sling Testing Clients
>Affects Versions: Apache Sling Testing Clients 3.0.8
>Reporter: Andrei Tuicu
>Assignee: Andrei Dulvac
>Priority: Major
> Fix For: Apache Sling Testing Clients 3.0.8
>
>  Time Spent: 40m
>  Remaining Estimate: 0h
>
> Sling testing clients are using com.google.guava guava 14.0.1 which is 
> vulnerable to CVE-2018-10237(MEDIUM) [1] and CVE-2020-8908(LOW) [2].
> Mitigation: update to latest guava 31.0.1-android
> [1] https://www.cvedetails.com/cve/CVE-2018-10237/
> [2] https://www.cvedetails.com/cve/CVE-2020-8908/



--
This message was sent by Atlassian Jira
(v8.20.1#820001)

[jira] [Resolved] (SLING-11124) Update Guava Dependency for CVE CVE-2018-10237 and CVE-2020-8908

[Andrei Dulvac (Jira)]

 [ 
https://issues.apache.org/jira/browse/SLING-11124?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel
 ]

Andrei Dulvac resolved SLING-11124.
---
Fix Version/s: Apache Sling Testing Clients 3.0.6
   Resolution: Fixed

> Update Guava Dependency for CVE CVE-2018-10237 and CVE-2020-8908
> 
>
> Key: SLING-11124
> URL: https://issues.apache.org/jira/browse/SLING-11124
> Project: Sling
>  Issue Type: Task
>  Components: Apache Sling Testing Clients
>Affects Versions: Apache Sling Testing Clients 3.0.6
>Reporter: Andrei Tuicu
>Assignee: Andrei Dulvac
>Priority: Major
> Fix For: Apache Sling Testing Clients 3.0.6
>
>  Time Spent: 40m
>  Remaining Estimate: 0h
>
> Sling testing clients are using com.google.guava guava 14.0.1 which is 
> vulnerable to CVE-2018-10237(MEDIUM) [1] and CVE-2020-8908(LOW) [2].
> Mitigation: update to latest guava 31.0.1-android
> [1] https://www.cvedetails.com/cve/CVE-2018-10237/
> [2] https://www.cvedetails.com/cve/CVE-2020-8908/



--
This message was sent by Atlassian Jira
(v8.20.1#820001)

[jira] [Commented] (SLING-11124) Update Guava Dependency for CVE CVE-2018-10237 and CVE-2020-8908

[Andrei Dulvac (Jira)]

[ 
https://issues.apache.org/jira/browse/SLING-11124?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel=17487166#comment-17487166
 ] 

Andrei Dulvac commented on SLING-11124:
---

Merged in 
https://github.com/apache/sling-org-apache-sling-testing-clients/pull/25

> Update Guava Dependency for CVE CVE-2018-10237 and CVE-2020-8908
> 
>
> Key: SLING-11124
> URL: https://issues.apache.org/jira/browse/SLING-11124
> Project: Sling
>  Issue Type: Task
>  Components: Apache Sling Testing Clients
>Affects Versions: Apache Sling Testing Clients 3.0.6
>Reporter: Andrei Tuicu
>Assignee: Andrei Dulvac
>Priority: Major
>  Time Spent: 40m
>  Remaining Estimate: 0h
>
> Sling testing clients are using com.google.guava guava 14.0.1 which is 
> vulnerable to CVE-2018-10237(MEDIUM) [1] and CVE-2020-8908(LOW) [2].
> Mitigation: update to latest guava 31.0.1-android
> [1] https://www.cvedetails.com/cve/CVE-2018-10237/
> [2] https://www.cvedetails.com/cve/CVE-2020-8908/



--
This message was sent by Atlassian Jira
(v8.20.1#820001)

[jira] [Assigned] (SLING-11124) Update Guava Dependency for CVE CVE-2018-10237 and CVE-2020-8908

[Andrei Dulvac (Jira)]

 [ 
https://issues.apache.org/jira/browse/SLING-11124?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel
 ]

Andrei Dulvac reassigned SLING-11124:
-

Assignee: Andrei Dulvac

> Update Guava Dependency for CVE CVE-2018-10237 and CVE-2020-8908
> 
>
> Key: SLING-11124
> URL: https://issues.apache.org/jira/browse/SLING-11124
> Project: Sling
>  Issue Type: Task
>  Components: Apache Sling Testing Clients
>Affects Versions: Apache Sling Testing Clients 3.0.6
>Reporter: Andrei Tuicu
>Assignee: Andrei Dulvac
>Priority: Major
>  Time Spent: 40m
>  Remaining Estimate: 0h
>
> Sling testing clients are using com.google.guava guava 14.0.1 which is 
> vulnerable to CVE-2018-10237(MEDIUM) [1] and CVE-2020-8908(LOW) [2].
> Mitigation: update to latest guava 31.0.1-android
> [1] https://www.cvedetails.com/cve/CVE-2018-10237/
> [2] https://www.cvedetails.com/cve/CVE-2020-8908/



--
This message was sent by Atlassian Jira
(v8.20.1#820001)

[GitHub] [sling-org-apache-sling-testing-clients] dulvac merged pull request #25: SLING-11124 - Update Guava Dependency for CVE CVE-2018-10237 and CVE-2020-8908

[GitBox]

dulvac merged pull request #25:
URL: https://github.com/apache/sling-org-apache-sling-testing-clients/pull/25


   


-- 
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.

To unsubscribe, e-mail: dev-unsubscr...@sling.apache.org

For queries about this service, please contact Infrastructure at:
us...@infra.apache.org

[jira] [Resolved] (SLING-10303) Improve test coverage of StreamRenderer

[Joerg Hoh (Jira)]

 [ 
https://issues.apache.org/jira/browse/SLING-10303?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel
 ]

Joerg Hoh resolved SLING-10303.
---
Resolution: Fixed

> Improve test coverage of StreamRenderer
> ---
>
> Key: SLING-10303
> URL: https://issues.apache.org/jira/browse/SLING-10303
> Project: Sling
>  Issue Type: Improvement
>  Components: Servlets
>Affects Versions: Servlets Get 2.1.40
>Reporter: Joerg Hoh
>Assignee: Joerg Hoh
>Priority: Major
>  Time Spent: 0.5h
>  Remaining Estimate: 0h
>
> * Add some test coverage to the StreamRenderer
> * Update dependencies
> https://github.com/apache/sling-org-apache-sling-servlets-get/pull/6



--
This message was sent by Atlassian Jira
(v8.20.1#820001)

[jira] [Updated] (SLING-10303) Improve test coverage of StreamRenderer

[Joerg Hoh (Jira)]

 [ 
https://issues.apache.org/jira/browse/SLING-10303?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel
 ]

Joerg Hoh updated SLING-10303:
--
Fix Version/s: Servlets Get 2.1.44

> Improve test coverage of StreamRenderer
> ---
>
> Key: SLING-10303
> URL: https://issues.apache.org/jira/browse/SLING-10303
> Project: Sling
>  Issue Type: Improvement
>  Components: Servlets
>Affects Versions: Servlets Get 2.1.40
>Reporter: Joerg Hoh
>Assignee: Joerg Hoh
>Priority: Major
> Fix For: Servlets Get 2.1.44
>
>  Time Spent: 0.5h
>  Remaining Estimate: 0h
>
> * Add some test coverage to the StreamRenderer
> * Update dependencies
> https://github.com/apache/sling-org-apache-sling-servlets-get/pull/6



--
This message was sent by Atlassian Jira
(v8.20.1#820001)

[jira] [Commented] (SLING-10303) Improve test coverage of StreamRenderer

[Joerg Hoh (Jira)]

[ 
https://issues.apache.org/jira/browse/SLING-10303?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel=17487159#comment-17487159
 ] 

Joerg Hoh commented on SLING-10303:
---

PR merged

> Improve test coverage of StreamRenderer
> ---
>
> Key: SLING-10303
> URL: https://issues.apache.org/jira/browse/SLING-10303
> Project: Sling
>  Issue Type: Improvement
>  Components: Servlets
>Affects Versions: Servlets Get 2.1.40
>Reporter: Joerg Hoh
>Assignee: Joerg Hoh
>Priority: Major
>  Time Spent: 0.5h
>  Remaining Estimate: 0h
>
> * Add some test coverage to the StreamRenderer
> * Update dependencies
> https://github.com/apache/sling-org-apache-sling-servlets-get/pull/6



--
This message was sent by Atlassian Jira
(v8.20.1#820001)

[GitHub] [sling-org-apache-sling-servlets-get] joerghoh merged pull request #6: SLING-10303 update to parent pom 41, other version updates, add testcases

[GitBox]

joerghoh merged pull request #6:
URL: https://github.com/apache/sling-org-apache-sling-servlets-get/pull/6


   


-- 
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.

To unsubscribe, e-mail: dev-unsubscr...@sling.apache.org

For queries about this service, please contact Infrastructure at:
us...@infra.apache.org

[jira] [Closed] (SLING-11085) Expose number of scheduled jobs as metric

[Joerg Hoh (Jira)]

 [ 
https://issues.apache.org/jira/browse/SLING-11085?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel
 ]

Joerg Hoh closed SLING-11085.
-

> Expose number of scheduled jobs as metric
> -
>
> Key: SLING-11085
> URL: https://issues.apache.org/jira/browse/SLING-11085
> Project: Sling
>  Issue Type: Improvement
>  Components: Event
>Affects Versions: Event 4.2.24
>Reporter: Joerg Hoh
>Priority: Major
>
> The total number of scheduled jobs should get exposed as metric



--
This message was sent by Atlassian Jira
(v8.20.1#820001)

[GitHub] [sling-org-apache-sling-testing-clients] sonarcloud[bot] removed a comment on pull request #25: SLING-11124 - Update Guava Dependency for CVE CVE-2018-10237 and CVE-2020-8908

[GitBox]

sonarcloud[bot] removed a comment on pull request #25:
URL: 
https://github.com/apache/sling-org-apache-sling-testing-clients/pull/25#issuecomment-1030098357


   Kudos, SonarCloud Quality Gate passed!  ![Quality Gate 
passed](https://sonarsource.github.io/sonarcloud-github-static-resources/v2/checks/QualityGateBadge/passed-16px.png
 'Quality Gate passed')
   
   
[![Bug](https://sonarsource.github.io/sonarcloud-github-static-resources/v2/common/bug-16px.png
 
'Bug')](https://sonarcloud.io/project/issues?id=apache_sling-org-apache-sling-testing-clients=25=false=BUG)
 
[![A](https://sonarsource.github.io/sonarcloud-github-static-resources/v2/checks/RatingBadge/A-16px.png
 
'A')](https://sonarcloud.io/project/issues?id=apache_sling-org-apache-sling-testing-clients=25=false=BUG)
 [0 
Bugs](https://sonarcloud.io/project/issues?id=apache_sling-org-apache-sling-testing-clients=25=false=BUG)
  
   
[![Vulnerability](https://sonarsource.github.io/sonarcloud-github-static-resources/v2/common/vulnerability-16px.png
 
'Vulnerability')](https://sonarcloud.io/project/issues?id=apache_sling-org-apache-sling-testing-clients=25=false=VULNERABILITY)
 
[![A](https://sonarsource.github.io/sonarcloud-github-static-resources/v2/checks/RatingBadge/A-16px.png
 
'A')](https://sonarcloud.io/project/issues?id=apache_sling-org-apache-sling-testing-clients=25=false=VULNERABILITY)
 [0 
Vulnerabilities](https://sonarcloud.io/project/issues?id=apache_sling-org-apache-sling-testing-clients=25=false=VULNERABILITY)
  
   [![Security 
Hotspot](https://sonarsource.github.io/sonarcloud-github-static-resources/v2/common/security_hotspot-16px.png
 'Security 
Hotspot')](https://sonarcloud.io/project/security_hotspots?id=apache_sling-org-apache-sling-testing-clients=25=false=SECURITY_HOTSPOT)
 
[![A](https://sonarsource.github.io/sonarcloud-github-static-resources/v2/checks/RatingBadge/A-16px.png
 
'A')](https://sonarcloud.io/project/security_hotspots?id=apache_sling-org-apache-sling-testing-clients=25=false=SECURITY_HOTSPOT)
 [0 Security 
Hotspots](https://sonarcloud.io/project/security_hotspots?id=apache_sling-org-apache-sling-testing-clients=25=false=SECURITY_HOTSPOT)
  
   [![Code 
Smell](https://sonarsource.github.io/sonarcloud-github-static-resources/v2/common/code_smell-16px.png
 'Code 
Smell')](https://sonarcloud.io/project/issues?id=apache_sling-org-apache-sling-testing-clients=25=false=CODE_SMELL)
 
[![A](https://sonarsource.github.io/sonarcloud-github-static-resources/v2/checks/RatingBadge/A-16px.png
 
'A')](https://sonarcloud.io/project/issues?id=apache_sling-org-apache-sling-testing-clients=25=false=CODE_SMELL)
 [0 Code 
Smells](https://sonarcloud.io/project/issues?id=apache_sling-org-apache-sling-testing-clients=25=false=CODE_SMELL)
   
   [![No Coverage 
information](https://sonarsource.github.io/sonarcloud-github-static-resources/v2/checks/CoverageChart/NoCoverageInfo-16px.png
 'No Coverage 
information')](https://sonarcloud.io/component_measures?id=apache_sling-org-apache-sling-testing-clients=25=coverage=list)
 No Coverage information  
   
[![0.0%](https://sonarsource.github.io/sonarcloud-github-static-resources/v2/checks/Duplications/3-16px.png
 
'0.0%')](https://sonarcloud.io/component_measures?id=apache_sling-org-apache-sling-testing-clients=25=new_duplicated_lines_density=list)
 [0.0% 
Duplication](https://sonarcloud.io/component_measures?id=apache_sling-org-apache-sling-testing-clients=25=new_duplicated_lines_density=list)
   
   


-- 
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.

To unsubscribe, e-mail: dev-unsubscr...@sling.apache.org

For queries about this service, please contact Infrastructure at:
us...@infra.apache.org

[GitHub] [sling-org-apache-sling-testing-clients] sonarcloud[bot] commented on pull request #25: SLING-11124 - Update Guava Dependency for CVE CVE-2018-10237 and CVE-2020-8908

[GitBox]

sonarcloud[bot] commented on pull request #25:
URL: 
https://github.com/apache/sling-org-apache-sling-testing-clients/pull/25#issuecomment-1030119359


   Kudos, SonarCloud Quality Gate passed!  ![Quality Gate 
passed](https://sonarsource.github.io/sonarcloud-github-static-resources/v2/checks/QualityGateBadge/passed-16px.png
 'Quality Gate passed')
   
   
[![Bug](https://sonarsource.github.io/sonarcloud-github-static-resources/v2/common/bug-16px.png
 
'Bug')](https://sonarcloud.io/project/issues?id=apache_sling-org-apache-sling-testing-clients=25=false=BUG)
 
[![A](https://sonarsource.github.io/sonarcloud-github-static-resources/v2/checks/RatingBadge/A-16px.png
 
'A')](https://sonarcloud.io/project/issues?id=apache_sling-org-apache-sling-testing-clients=25=false=BUG)
 [0 
Bugs](https://sonarcloud.io/project/issues?id=apache_sling-org-apache-sling-testing-clients=25=false=BUG)
  
   
[![Vulnerability](https://sonarsource.github.io/sonarcloud-github-static-resources/v2/common/vulnerability-16px.png
 
'Vulnerability')](https://sonarcloud.io/project/issues?id=apache_sling-org-apache-sling-testing-clients=25=false=VULNERABILITY)
 
[![A](https://sonarsource.github.io/sonarcloud-github-static-resources/v2/checks/RatingBadge/A-16px.png
 
'A')](https://sonarcloud.io/project/issues?id=apache_sling-org-apache-sling-testing-clients=25=false=VULNERABILITY)
 [0 
Vulnerabilities](https://sonarcloud.io/project/issues?id=apache_sling-org-apache-sling-testing-clients=25=false=VULNERABILITY)
  
   [![Security 
Hotspot](https://sonarsource.github.io/sonarcloud-github-static-resources/v2/common/security_hotspot-16px.png
 'Security 
Hotspot')](https://sonarcloud.io/project/security_hotspots?id=apache_sling-org-apache-sling-testing-clients=25=false=SECURITY_HOTSPOT)
 
[![A](https://sonarsource.github.io/sonarcloud-github-static-resources/v2/checks/RatingBadge/A-16px.png
 
'A')](https://sonarcloud.io/project/security_hotspots?id=apache_sling-org-apache-sling-testing-clients=25=false=SECURITY_HOTSPOT)
 [0 Security 
Hotspots](https://sonarcloud.io/project/security_hotspots?id=apache_sling-org-apache-sling-testing-clients=25=false=SECURITY_HOTSPOT)
  
   [![Code 
Smell](https://sonarsource.github.io/sonarcloud-github-static-resources/v2/common/code_smell-16px.png
 'Code 
Smell')](https://sonarcloud.io/project/issues?id=apache_sling-org-apache-sling-testing-clients=25=false=CODE_SMELL)
 
[![A](https://sonarsource.github.io/sonarcloud-github-static-resources/v2/checks/RatingBadge/A-16px.png
 
'A')](https://sonarcloud.io/project/issues?id=apache_sling-org-apache-sling-testing-clients=25=false=CODE_SMELL)
 [0 Code 
Smells](https://sonarcloud.io/project/issues?id=apache_sling-org-apache-sling-testing-clients=25=false=CODE_SMELL)
   
   [![No Coverage 
information](https://sonarsource.github.io/sonarcloud-github-static-resources/v2/checks/CoverageChart/NoCoverageInfo-16px.png
 'No Coverage 
information')](https://sonarcloud.io/component_measures?id=apache_sling-org-apache-sling-testing-clients=25=coverage=list)
 No Coverage information  
   
[![0.0%](https://sonarsource.github.io/sonarcloud-github-static-resources/v2/checks/Duplications/3-16px.png
 
'0.0%')](https://sonarcloud.io/component_measures?id=apache_sling-org-apache-sling-testing-clients=25=new_duplicated_lines_density=list)
 [0.0% 
Duplication](https://sonarcloud.io/component_measures?id=apache_sling-org-apache-sling-testing-clients=25=new_duplicated_lines_density=list)
   
   


-- 
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.

To unsubscribe, e-mail: dev-unsubscr...@sling.apache.org

For queries about this service, please contact Infrastructure at:
us...@infra.apache.org

[jira] [Commented] (SLING-11091) Expose the number of scheduled jobs

[Joerg Hoh (Jira)]

[ 
https://issues.apache.org/jira/browse/SLING-11091?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel=17487146#comment-17487146
 ] 

Joerg Hoh commented on SLING-11091:
---

https://github.com/apache/sling-org-apache-sling-event/pull/16

> Expose the number of scheduled jobs
> ---
>
> Key: SLING-11091
> URL: https://issues.apache.org/jira/browse/SLING-11091
> Project: Sling
>  Issue Type: Improvement
>  Components: Event
>Affects Versions: Event 4.2.24
>Reporter: Joerg Hoh
>Assignee: Joerg Hoh
>Priority: Major
>
> Eventing should expose the total number of scheduled jobs as a metric; I have 
> seen cases where to incorrectly unscheduling the total number of scheduled 
> jobs was getting huge (> 10k), thus overloading the system.



--
This message was sent by Atlassian Jira
(v8.20.1#820001)

[jira] [Assigned] (SLING-11091) Expose the number of scheduled jobs

[Joerg Hoh (Jira)]

 [ 
https://issues.apache.org/jira/browse/SLING-11091?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel
 ]

Joerg Hoh reassigned SLING-11091:
-

Assignee: Joerg Hoh

> Expose the number of scheduled jobs
> ---
>
> Key: SLING-11091
> URL: https://issues.apache.org/jira/browse/SLING-11091
> Project: Sling
>  Issue Type: Improvement
>  Components: Event
>Affects Versions: Event 4.2.24
>Reporter: Joerg Hoh
>Assignee: Joerg Hoh
>Priority: Major
>
> Eventing should expose the total number of scheduled jobs as a metric; I have 
> seen cases where to incorrectly unscheduling the total number of scheduled 
> jobs was getting huge (> 10k), thus overloading the system.



--
This message was sent by Atlassian Jira
(v8.20.1#820001)

[GitHub] [sling-org-apache-sling-testing-clients] sonarcloud[bot] commented on pull request #25: SLING-11124 - Update Guava Dependency for CVE CVE-2018-10237 and CVE-2020-8908

[GitBox]

sonarcloud[bot] commented on pull request #25:
URL: 
https://github.com/apache/sling-org-apache-sling-testing-clients/pull/25#issuecomment-1030098357


   Kudos, SonarCloud Quality Gate passed!  ![Quality Gate 
passed](https://sonarsource.github.io/sonarcloud-github-static-resources/v2/checks/QualityGateBadge/passed-16px.png
 'Quality Gate passed')
   
   
[![Bug](https://sonarsource.github.io/sonarcloud-github-static-resources/v2/common/bug-16px.png
 
'Bug')](https://sonarcloud.io/project/issues?id=apache_sling-org-apache-sling-testing-clients=25=false=BUG)
 
[![A](https://sonarsource.github.io/sonarcloud-github-static-resources/v2/checks/RatingBadge/A-16px.png
 
'A')](https://sonarcloud.io/project/issues?id=apache_sling-org-apache-sling-testing-clients=25=false=BUG)
 [0 
Bugs](https://sonarcloud.io/project/issues?id=apache_sling-org-apache-sling-testing-clients=25=false=BUG)
  
   
[![Vulnerability](https://sonarsource.github.io/sonarcloud-github-static-resources/v2/common/vulnerability-16px.png
 
'Vulnerability')](https://sonarcloud.io/project/issues?id=apache_sling-org-apache-sling-testing-clients=25=false=VULNERABILITY)
 
[![A](https://sonarsource.github.io/sonarcloud-github-static-resources/v2/checks/RatingBadge/A-16px.png
 
'A')](https://sonarcloud.io/project/issues?id=apache_sling-org-apache-sling-testing-clients=25=false=VULNERABILITY)
 [0 
Vulnerabilities](https://sonarcloud.io/project/issues?id=apache_sling-org-apache-sling-testing-clients=25=false=VULNERABILITY)
  
   [![Security 
Hotspot](https://sonarsource.github.io/sonarcloud-github-static-resources/v2/common/security_hotspot-16px.png
 'Security 
Hotspot')](https://sonarcloud.io/project/security_hotspots?id=apache_sling-org-apache-sling-testing-clients=25=false=SECURITY_HOTSPOT)
 
[![A](https://sonarsource.github.io/sonarcloud-github-static-resources/v2/checks/RatingBadge/A-16px.png
 
'A')](https://sonarcloud.io/project/security_hotspots?id=apache_sling-org-apache-sling-testing-clients=25=false=SECURITY_HOTSPOT)
 [0 Security 
Hotspots](https://sonarcloud.io/project/security_hotspots?id=apache_sling-org-apache-sling-testing-clients=25=false=SECURITY_HOTSPOT)
  
   [![Code 
Smell](https://sonarsource.github.io/sonarcloud-github-static-resources/v2/common/code_smell-16px.png
 'Code 
Smell')](https://sonarcloud.io/project/issues?id=apache_sling-org-apache-sling-testing-clients=25=false=CODE_SMELL)
 
[![A](https://sonarsource.github.io/sonarcloud-github-static-resources/v2/checks/RatingBadge/A-16px.png
 
'A')](https://sonarcloud.io/project/issues?id=apache_sling-org-apache-sling-testing-clients=25=false=CODE_SMELL)
 [0 Code 
Smells](https://sonarcloud.io/project/issues?id=apache_sling-org-apache-sling-testing-clients=25=false=CODE_SMELL)
   
   [![No Coverage 
information](https://sonarsource.github.io/sonarcloud-github-static-resources/v2/checks/CoverageChart/NoCoverageInfo-16px.png
 'No Coverage 
information')](https://sonarcloud.io/component_measures?id=apache_sling-org-apache-sling-testing-clients=25=coverage=list)
 No Coverage information  
   
[![0.0%](https://sonarsource.github.io/sonarcloud-github-static-resources/v2/checks/Duplications/3-16px.png
 
'0.0%')](https://sonarcloud.io/component_measures?id=apache_sling-org-apache-sling-testing-clients=25=new_duplicated_lines_density=list)
 [0.0% 
Duplication](https://sonarcloud.io/component_measures?id=apache_sling-org-apache-sling-testing-clients=25=new_duplicated_lines_density=list)
   
   


-- 
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.

To unsubscribe, e-mail: dev-unsubscr...@sling.apache.org

For queries about this service, please contact Infrastructure at:
us...@infra.apache.org

[jira] [Created] (SLING-11124) Update Guava Dependency for CVE CVE-2018-10237 and CVE-2020-8908

[Andrei Tuicu (Jira)]

Andrei Tuicu created SLING-11124:


 Summary: Update Guava Dependency for CVE CVE-2018-10237 and 
CVE-2020-8908
 Key: SLING-11124
 URL: https://issues.apache.org/jira/browse/SLING-11124
 Project: Sling
  Issue Type: Task
  Components: Apache Sling Testing Clients
Affects Versions: Apache Sling Testing Clients 3.0.6
Reporter: Andrei Tuicu


Sling testing clients are using com.google.guava guava 14.0.1 which is 
vulnerable to CVE-2018-10237(MEDIUM) [1] and CVE-2020-8908(LOW) [2].

Mitigation: update to latest guava 31.0.1-android

[1] https://www.cvedetails.com/cve/CVE-2018-10237/
[2] https://www.cvedetails.com/cve/CVE-2020-8908/



--
This message was sent by Atlassian Jira
(v8.20.1#820001)

[jira] [Resolved] (SLING-11123) Multiple puts with same key are not handled correctly

[Carsten Ziegeler (Jira)]

 [ 
https://issues.apache.org/jira/browse/SLING-11123?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel
 ]

Carsten Ziegeler resolved SLING-11123.
--
Resolution: Fixed

Fixed in 
https://github.com/apache/sling-org-apache-sling-api/commit/9232ef9b6a4f025f58622d2d2c3b41fa5c29fb18

Added additional test

> Multiple puts with same key are not handled correctly
> -
>
> Key: SLING-11123
> URL: https://issues.apache.org/jira/browse/SLING-11123
> Project: Sling
>  Issue Type: Improvement
>  Components: API
>Affects Versions: API 2.24.0
>Reporter: Carsten Ziegeler
>Assignee: Carsten Ziegeler
>Priority: Major
> Fix For: API 2.24.2
>
>
> If multiple puts with the same key to a LazyBindings are done then it depends 
> on the type of value whether the put is handled correctly.
> If first a concrete value is put, followed by a supplier, then always the 
> concrete value is returned. But the value from the supplier should be 
> returned instead.



--
This message was sent by Atlassian Jira
(v8.20.1#820001)

[jira] [Updated] (SLING-11123) Multiple puts with same key are not handled correctly

[Carsten Ziegeler (Jira)]

 [ 
https://issues.apache.org/jira/browse/SLING-11123?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel
 ]

Carsten Ziegeler updated SLING-11123:
-
Description: 
If multiple puts with the same key to a LazyBindings are done then it depends 
on the type of value whether the put is handled correctly.
If first a concrete value is put, followed by a supplier, then always the 
concrete value is returned. But the value from the supplier should be returned 
instead.

> Multiple puts with same key are not handled correctly
> -
>
> Key: SLING-11123
> URL: https://issues.apache.org/jira/browse/SLING-11123
> Project: Sling
>  Issue Type: Improvement
>  Components: API
>Affects Versions: API 2.24.0
>Reporter: Carsten Ziegeler
>Assignee: Carsten Ziegeler
>Priority: Major
> Fix For: API 2.24.2
>
>
> If multiple puts with the same key to a LazyBindings are done then it depends 
> on the type of value whether the put is handled correctly.
> If first a concrete value is put, followed by a supplier, then always the 
> concrete value is returned. But the value from the supplier should be 
> returned instead.



--
This message was sent by Atlassian Jira
(v8.20.1#820001)

[jira] [Created] (SLING-11123) Multiple puts with same key are not handled correctly

[Carsten Ziegeler (Jira)]

Carsten Ziegeler created SLING-11123:


 Summary: Multiple puts with same key are not handled correctly
 Key: SLING-11123
 URL: https://issues.apache.org/jira/browse/SLING-11123
 Project: Sling
  Issue Type: Improvement
  Components: API
Affects Versions: API 2.24.0
Reporter: Carsten Ziegeler
 Fix For: API 2.24.2






--
This message was sent by Atlassian Jira
(v8.20.1#820001)

[jira] [Assigned] (SLING-11123) Multiple puts with same key are not handled correctly

[Carsten Ziegeler (Jira)]

 [ 
https://issues.apache.org/jira/browse/SLING-11123?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel
 ]

Carsten Ziegeler reassigned SLING-11123:


Assignee: Carsten Ziegeler

> Multiple puts with same key are not handled correctly
> -
>
> Key: SLING-11123
> URL: https://issues.apache.org/jira/browse/SLING-11123
> Project: Sling
>  Issue Type: Improvement
>  Components: API
>Affects Versions: API 2.24.0
>Reporter: Carsten Ziegeler
>Assignee: Carsten Ziegeler
>Priority: Major
> Fix For: API 2.24.2
>
>




--
This message was sent by Atlassian Jira
(v8.20.1#820001)

[jira] [Closed] (SLING-11055) Cleanup Repoinit Parser Code Smells

[Dan Klco (Jira)]

 [ 
https://issues.apache.org/jira/browse/SLING-11055?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel
 ]

Dan Klco closed SLING-11055.


> Cleanup Repoinit Parser Code Smells
> ---
>
> Key: SLING-11055
> URL: https://issues.apache.org/jira/browse/SLING-11055
> Project: Sling
>  Issue Type: Improvement
>  Components: Repoinit
>Affects Versions: Repoinit Parser 1.6.10
>Reporter: Dan Klco
>Assignee: Dan Klco
>Priority: Trivial
> Fix For: Repoinit Parser 1.6.12
>
>  Time Spent: 0.5h
>  Remaining Estimate: 0h
>
> There are 31 open code smells identified by SonarQube for the RepoInit Parser:
> https://sonarcloud.io/project/issues?id=apache_sling-org-apache-sling-repoinit-parser=false=CODE_SMELL
> Most are trivial to fix and don't impact the public surface, such as:
>  * removing unneeded semi-colons
>  * not specifying second generic parameters
>  * ensuring assertions are present in all tests
>  * including the override annotations
> There are a few that would either be more difficult to resolve or may change 
> the public surface and therefore aren't going to be addressed in this ticket, 
> specifically:
>  * code duplication
>  * avoiding built in exception types
>  * enum naming



--
This message was sent by Atlassian Jira
(v8.20.1#820001)

[jira] [Closed] (SLING-10747) Remove test-99 and better sync docs page with repoinit parser tests

[Dan Klco (Jira)]

 [ 
https://issues.apache.org/jira/browse/SLING-10747?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel
 ]

Dan Klco closed SLING-10747.


> Remove test-99 and better sync docs page with repoinit parser tests
> ---
>
> Key: SLING-10747
> URL: https://issues.apache.org/jira/browse/SLING-10747
> Project: Sling
>  Issue Type: Bug
>  Components: Repoinit
>Affects Versions: Repoinit Parser 1.6.10
>Reporter: Bertrand Delacretaz
>Assignee: Bertrand Delacretaz
>Priority: Minor
> Fix For: Repoinit Parser 1.6.12
>
>
> The docs page at 
> [https://sling.apache.org/documentation/bundles/repository-initialization.html]
>  is supposed to show examples of all repoinit statements, but it's hard to 
> keep in sync manually and is often slightly out of sync.
> The {{src/test/resources/testcases/test-99.txt}} is supposed to also expose 
> all the repoinit syntax, is also maintained manually and is not 100% in sync 
> with that docs page.
> To make sure the docs stay in sync with minimal effort, we should:
>  * Remove the {{test-99.txt}} and adapt the other tests scenarios to make 
> sure the test coverage remains the same or better. Currently there's a slight 
> difference in "missed branches" in the {{-P jacoco-report}} output for the 
> parser.impl package if I remove it.
>  * Create a script that aggregates all the 
> {{src/test/resources/testcases/test-*.txt}} scenarios, ordered by name, and 
> use that output in the docs page.
>  * Verify that the result is at least as good as the current docs page in 
> terms of examples, comments and notes on required versions, and adapt the 
> test scenarios if not.
>  * Add information to the docs page on how to keep it up to date.



--
This message was sent by Atlassian Jira
(v8.20.1#820001)

[jira] [Closed] (SLING-10952) Repoinit - Support Whitespace in Group IDs

[Dan Klco (Jira)]

 [ 
https://issues.apache.org/jira/browse/SLING-10952?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel
 ]

Dan Klco closed SLING-10952.


> Repoinit - Support Whitespace in Group IDs
> --
>
> Key: SLING-10952
> URL: https://issues.apache.org/jira/browse/SLING-10952
> Project: Sling
>  Issue Type: Improvement
>  Components: Repoinit
>Affects Versions: Repoinit Parser 1.6.10
>Reporter: Dan Klco
>Assignee: Dan Klco
>Priority: Major
> Fix For: Repoinit Parser 1.6.12
>
>  Time Spent: 2h 50m
>  Remaining Estimate: 0h
>
> Currently, Repoinit does not support creating or managing groups with 
> whitespace in the principal name as the group name is treated as a string and 
> does not support being quoted.
> This works for system-managed groups as these can be created with names not 
> containing whitespace, however when synchronizing groups from external 
> systems, for example using the Oak OAuth integration, the source system could 
> provide group names containing whitespace which cannot be managed or 
> pre-created via Repoinit.



--
This message was sent by Atlassian Jira
(v8.20.1#820001)

[jira] [Closed] (SLING-10126) Repository Initializer should support Empty or Single Value Lists

[Dan Klco (Jira)]

 [ 
https://issues.apache.org/jira/browse/SLING-10126?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel
 ]

Dan Klco closed SLING-10126.


> Repository Initializer should support Empty or Single Value Lists
> -
>
> Key: SLING-10126
> URL: https://issues.apache.org/jira/browse/SLING-10126
> Project: Sling
>  Issue Type: Improvement
>  Components: Repoinit
>Affects Versions: Repoinit Parser 1.6.2
>Reporter: Andreas Schaefer
>Assignee: Andreas Schaefer
>Priority: Major
> Fix For: Repoinit Parser 1.6.12
>
>  Time Spent: 1h 20m
>  Remaining Estimate: 0h
>
> In the current implementation it is not possible to create an empty or single 
> multi-value entry for JCR Node properties.
> I would suggest to allow a '[]' postfix to the type like \{String[]} to 
> indicate a multi-value and then allow for an empty or single value.



--
This message was sent by Atlassian Jira
(v8.20.1#820001)

[jira] [Closed] (SLING-11078) Repoinit Parser - Describe and Validate Operation.asRepoInitString() Format

[Dan Klco (Jira)]

 [ 
https://issues.apache.org/jira/browse/SLING-11078?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel
 ]

Dan Klco closed SLING-11078.


> Repoinit Parser - Describe and Validate Operation.asRepoInitString() Format
> ---
>
> Key: SLING-11078
> URL: https://issues.apache.org/jira/browse/SLING-11078
> Project: Sling
>  Issue Type: Improvement
>  Components: Repoinit
>Affects Versions: Repoinit Parser 1.6.10
>Reporter: Dan Klco
>Assignee: Dan Klco
>Priority: Minor
> Fix For: Repoinit Parser 1.6.12
>
>  Time Spent: 1h 20m
>  Remaining Estimate: 0h
>
> There's no JavaDoc for Operation.asRepoInitString(), however all of the other 
> operations follow the convention of using an OS-agnostic line separator at 
> the end of the statement and this would seem like a reasonable safety measure 
> for generating scripts.
> We should clarify the intended format in the JavaDoc and add a test to verify 
> the behavior. 



--
This message was sent by Atlassian Jira
(v8.20.1#820001)

[GitHub] [sling-org-apache-sling-scripting-core] sonarcloud[bot] commented on pull request #12: SLING-11122 log the time it took to add all bindings

[GitBox]

sonarcloud[bot] commented on pull request #12:
URL: 
https://github.com/apache/sling-org-apache-sling-scripting-core/pull/12#issuecomment-1029924404


   Kudos, SonarCloud Quality Gate passed!  ![Quality Gate 
passed](https://sonarsource.github.io/sonarcloud-github-static-resources/v2/checks/QualityGateBadge/passed-16px.png
 'Quality Gate passed')
   
   
[![Bug](https://sonarsource.github.io/sonarcloud-github-static-resources/v2/common/bug-16px.png
 
'Bug')](https://sonarcloud.io/project/issues?id=apache_sling-org-apache-sling-scripting-core=12=false=BUG)
 
[![A](https://sonarsource.github.io/sonarcloud-github-static-resources/v2/checks/RatingBadge/A-16px.png
 
'A')](https://sonarcloud.io/project/issues?id=apache_sling-org-apache-sling-scripting-core=12=false=BUG)
 [0 
Bugs](https://sonarcloud.io/project/issues?id=apache_sling-org-apache-sling-scripting-core=12=false=BUG)
  
   
[![Vulnerability](https://sonarsource.github.io/sonarcloud-github-static-resources/v2/common/vulnerability-16px.png
 
'Vulnerability')](https://sonarcloud.io/project/issues?id=apache_sling-org-apache-sling-scripting-core=12=false=VULNERABILITY)
 
[![A](https://sonarsource.github.io/sonarcloud-github-static-resources/v2/checks/RatingBadge/A-16px.png
 
'A')](https://sonarcloud.io/project/issues?id=apache_sling-org-apache-sling-scripting-core=12=false=VULNERABILITY)
 [0 
Vulnerabilities](https://sonarcloud.io/project/issues?id=apache_sling-org-apache-sling-scripting-core=12=false=VULNERABILITY)
  
   [![Security 
Hotspot](https://sonarsource.github.io/sonarcloud-github-static-resources/v2/common/security_hotspot-16px.png
 'Security 
Hotspot')](https://sonarcloud.io/project/security_hotspots?id=apache_sling-org-apache-sling-scripting-core=12=false=SECURITY_HOTSPOT)
 
[![A](https://sonarsource.github.io/sonarcloud-github-static-resources/v2/checks/RatingBadge/A-16px.png
 
'A')](https://sonarcloud.io/project/security_hotspots?id=apache_sling-org-apache-sling-scripting-core=12=false=SECURITY_HOTSPOT)
 [0 Security 
Hotspots](https://sonarcloud.io/project/security_hotspots?id=apache_sling-org-apache-sling-scripting-core=12=false=SECURITY_HOTSPOT)
  
   [![Code 
Smell](https://sonarsource.github.io/sonarcloud-github-static-resources/v2/common/code_smell-16px.png
 'Code 
Smell')](https://sonarcloud.io/project/issues?id=apache_sling-org-apache-sling-scripting-core=12=false=CODE_SMELL)
 
[![A](https://sonarsource.github.io/sonarcloud-github-static-resources/v2/checks/RatingBadge/A-16px.png
 
'A')](https://sonarcloud.io/project/issues?id=apache_sling-org-apache-sling-scripting-core=12=false=CODE_SMELL)
 [0 Code 
Smells](https://sonarcloud.io/project/issues?id=apache_sling-org-apache-sling-scripting-core=12=false=CODE_SMELL)
   
   
[![50.0%](https://sonarsource.github.io/sonarcloud-github-static-resources/v2/checks/CoverageChart/50-16px.png
 
'50.0%')](https://sonarcloud.io/component_measures?id=apache_sling-org-apache-sling-scripting-core=12=new_coverage=list)
 [50.0% 
Coverage](https://sonarcloud.io/component_measures?id=apache_sling-org-apache-sling-scripting-core=12=new_coverage=list)
  
   
[![0.0%](https://sonarsource.github.io/sonarcloud-github-static-resources/v2/checks/Duplications/3-16px.png
 
'0.0%')](https://sonarcloud.io/component_measures?id=apache_sling-org-apache-sling-scripting-core=12=new_duplicated_lines_density=list)
 [0.0% 
Duplication](https://sonarcloud.io/component_measures?id=apache_sling-org-apache-sling-scripting-core=12=new_duplicated_lines_density=list)
   
   


-- 
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.

To unsubscribe, e-mail: dev-unsubscr...@sling.apache.org

For queries about this service, please contact Infrastructure at:
us...@infra.apache.org

[jira] [Commented] (SLING-11122) Improve logging when including Script Bindings

[Joerg Hoh (Jira)]

[ 
https://issues.apache.org/jira/browse/SLING-11122?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel=17487045#comment-17487045
 ] 

Joerg Hoh commented on SLING-11122:
---

PR: https://github.com/apache/sling-org-apache-sling-scripting-core/pull/12

> Improve logging when including Script Bindings
> --
>
> Key: SLING-11122
> URL: https://issues.apache.org/jira/browse/SLING-11122
> Project: Sling
>  Issue Type: Improvement
>  Components: Scripting
>Affects Versions: Scripting Core 2.4.2
>Reporter: Joerg Hoh
>Assignee: Joerg Hoh
>Priority: Major
> Fix For: Scripting Core 2.4.4
>
>
> Right now it is not possible to understand the overhead imposed by the 
> BindingsValuesProviders. 
> It should always be logged to the RequestProgressTracker how long it took to 
> add them all.



--
This message was sent by Atlassian Jira
(v8.20.1#820001)

[jira] [Created] (SLING-11122) Improve logging when including Script Bindings

[Joerg Hoh (Jira)]

Joerg Hoh created SLING-11122:
-

 Summary: Improve logging when including Script Bindings
 Key: SLING-11122
 URL: https://issues.apache.org/jira/browse/SLING-11122
 Project: Sling
  Issue Type: Improvement
  Components: Scripting
Affects Versions: Scripting Core 2.4.2
Reporter: Joerg Hoh
Assignee: Joerg Hoh
 Fix For: Scripting Core 2.4.4


Right now it is not possible to understand the overhead imposed by the 
BindingsValuesProviders. 
It should always be logged to the RequestProgressTracker how long it took to 
add them all.



--
This message was sent by Atlassian Jira
(v8.20.1#820001)

[Scripting] Bindings returning null

[Jörg Hoh]

Hi,

I am currently working on a number of smaller performance improvements, and
I found that some BindingsValuesProvider could benefit from providings
lazily. In that case the binding is added, but the value is only resolved
when the value of the binding is actually needed, instead of resolving them
when adding the binding [1]. As these bindings are added very often, but
not always used, a small improvement in the area of a few hundred
microseconds can accumulate to a 2-digit number of milliseconds for a
complex request;

The implementations of the BindingValuesProvider#addBindings() currently
often perform checks if the binding should be added at all. In the case of
a failed check the binding would not be added at all.
 With the dynamic resolution this is hardly possible, it would defeat the
purpose of delaying the resolution (including these checks) to a time when
it's absolutely necessary. In the case of the dynamic resolution with a
failed check this just leaves the option to return "null" for that binding.

The javax.script.Bindings#get spec [2] allows to return null in 2 cases:
* the mapping is not present
* the mapping returns a null

So technically this change is covered by the spec, but I don't know if all
users of the bindings always check for null but have used some other
approach instead:

if (bindings.containsKey(BINDING)) {
  Object o = bindings.get(BINDING);
  assertNotNull(o);
}

which is incorrect according to the spec, but might have worked in the past.

In my opinion we should adjust these BindingsValuesProviders and require
the consumers of these bindings to make sure that they do the null-check as
required by the spec.

WDYT?


Jörg


[1]
https://github.com/apache/sling-org-apache-sling-api/blob/master/src/main/java/org/apache/sling/api/scripting/LazyBindings.java
[2]
https://docs.oracle.com/javase/8/docs/api/javax/script/Bindings.html#get-java.lang.Object-


-- 
Cheers,
Jörg Hoh,

https://cqdump.joerghoh.de
Twitter: @joerghoh

[jira] [Resolved] (SLING-11118) null returned even if OSGi service is found

[A. J. David Bosschaert (Jira)]

 [ 
https://issues.apache.org/jira/browse/SLING-8?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel
 ]

A. J. David Bosschaert resolved SLING-8.

Resolution: Fixed

> null returned even if OSGi service is found
> ---
>
> Key: SLING-8
> URL: https://issues.apache.org/jira/browse/SLING-8
> Project: Sling
>  Issue Type: Bug
>  Components: Scripting
>Affects Versions: Scripting Core 2.4.2
>Reporter: A. J. David Bosschaert
>Assignee: A. J. David Bosschaert
>Priority: Major
> Fix For: Scripting Core 2.4.4
>
>  Time Spent: 1h 10m
>  Remaining Estimate: 0h
>
> AbstractBundledRenderUnit.getService(String className) can return {{null}} 
> for a service even if the service is found in the service registry.
> This is because the last line of this method always returns {{null}} which 
> discards the result from the local {{this.services}} cache if it's found in 
> there.



--
This message was sent by Atlassian Jira
(v8.20.1#820001)

[GitHub] [sling-org-apache-sling-scripting-core] bosschaert merged pull request #11: SLING-11118 null returned even if OSGi service is found

[GitBox]

bosschaert merged pull request #11:
URL: https://github.com/apache/sling-org-apache-sling-scripting-core/pull/11


   


-- 
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.

To unsubscribe, e-mail: dev-unsubscr...@sling.apache.org

For queries about this service, please contact Infrastructure at:
us...@infra.apache.org

[GitHub] [sling-org-apache-sling-scripting-core] sonarcloud[bot] commented on pull request #11: SLING-11118 null returned even if OSGi service is found

[GitBox]

sonarcloud[bot] commented on pull request #11:
URL: 
https://github.com/apache/sling-org-apache-sling-scripting-core/pull/11#issuecomment-1029854435


   Kudos, SonarCloud Quality Gate passed!  ![Quality Gate 
passed](https://sonarsource.github.io/sonarcloud-github-static-resources/v2/checks/QualityGateBadge/passed-16px.png
 'Quality Gate passed')
   
   
[![Bug](https://sonarsource.github.io/sonarcloud-github-static-resources/v2/common/bug-16px.png
 
'Bug')](https://sonarcloud.io/project/issues?id=apache_sling-org-apache-sling-scripting-core=11=false=BUG)
 
[![A](https://sonarsource.github.io/sonarcloud-github-static-resources/v2/checks/RatingBadge/A-16px.png
 
'A')](https://sonarcloud.io/project/issues?id=apache_sling-org-apache-sling-scripting-core=11=false=BUG)
 [0 
Bugs](https://sonarcloud.io/project/issues?id=apache_sling-org-apache-sling-scripting-core=11=false=BUG)
  
   
[![Vulnerability](https://sonarsource.github.io/sonarcloud-github-static-resources/v2/common/vulnerability-16px.png
 
'Vulnerability')](https://sonarcloud.io/project/issues?id=apache_sling-org-apache-sling-scripting-core=11=false=VULNERABILITY)
 
[![A](https://sonarsource.github.io/sonarcloud-github-static-resources/v2/checks/RatingBadge/A-16px.png
 
'A')](https://sonarcloud.io/project/issues?id=apache_sling-org-apache-sling-scripting-core=11=false=VULNERABILITY)
 [0 
Vulnerabilities](https://sonarcloud.io/project/issues?id=apache_sling-org-apache-sling-scripting-core=11=false=VULNERABILITY)
  
   [![Security 
Hotspot](https://sonarsource.github.io/sonarcloud-github-static-resources/v2/common/security_hotspot-16px.png
 'Security 
Hotspot')](https://sonarcloud.io/project/security_hotspots?id=apache_sling-org-apache-sling-scripting-core=11=false=SECURITY_HOTSPOT)
 
[![A](https://sonarsource.github.io/sonarcloud-github-static-resources/v2/checks/RatingBadge/A-16px.png
 
'A')](https://sonarcloud.io/project/security_hotspots?id=apache_sling-org-apache-sling-scripting-core=11=false=SECURITY_HOTSPOT)
 [0 Security 
Hotspots](https://sonarcloud.io/project/security_hotspots?id=apache_sling-org-apache-sling-scripting-core=11=false=SECURITY_HOTSPOT)
  
   [![Code 
Smell](https://sonarsource.github.io/sonarcloud-github-static-resources/v2/common/code_smell-16px.png
 'Code 
Smell')](https://sonarcloud.io/project/issues?id=apache_sling-org-apache-sling-scripting-core=11=false=CODE_SMELL)
 
[![A](https://sonarsource.github.io/sonarcloud-github-static-resources/v2/checks/RatingBadge/A-16px.png
 
'A')](https://sonarcloud.io/project/issues?id=apache_sling-org-apache-sling-scripting-core=11=false=CODE_SMELL)
 [0 Code 
Smells](https://sonarcloud.io/project/issues?id=apache_sling-org-apache-sling-scripting-core=11=false=CODE_SMELL)
   
   
[![100.0%](https://sonarsource.github.io/sonarcloud-github-static-resources/v2/checks/CoverageChart/100-16px.png
 
'100.0%')](https://sonarcloud.io/component_measures?id=apache_sling-org-apache-sling-scripting-core=11=new_coverage=list)
 [100.0% 
Coverage](https://sonarcloud.io/component_measures?id=apache_sling-org-apache-sling-scripting-core=11=new_coverage=list)
  
   
[![0.0%](https://sonarsource.github.io/sonarcloud-github-static-resources/v2/checks/Duplications/3-16px.png
 
'0.0%')](https://sonarcloud.io/component_measures?id=apache_sling-org-apache-sling-scripting-core=11=new_duplicated_lines_density=list)
 [0.0% 
Duplication](https://sonarcloud.io/component_measures?id=apache_sling-org-apache-sling-scripting-core=11=new_duplicated_lines_density=list)
   
   


-- 
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.

To unsubscribe, e-mail: dev-unsubscr...@sling.apache.org

For queries about this service, please contact Infrastructure at:
us...@infra.apache.org

[GitHub] [sling-org-apache-sling-scripting-core] sonarcloud[bot] removed a comment on pull request #11: SLING-11118 null returned even if OSGi service is found

[GitBox]

sonarcloud[bot] removed a comment on pull request #11:
URL: 
https://github.com/apache/sling-org-apache-sling-scripting-core/pull/11#issuecomment-1029259262


   Kudos, SonarCloud Quality Gate passed!  ![Quality Gate 
passed](https://sonarsource.github.io/sonarcloud-github-static-resources/v2/checks/QualityGateBadge/passed-16px.png
 'Quality Gate passed')
   
   
[![Bug](https://sonarsource.github.io/sonarcloud-github-static-resources/v2/common/bug-16px.png
 
'Bug')](https://sonarcloud.io/project/issues?id=apache_sling-org-apache-sling-scripting-core=11=false=BUG)
 
[![A](https://sonarsource.github.io/sonarcloud-github-static-resources/v2/checks/RatingBadge/A-16px.png
 
'A')](https://sonarcloud.io/project/issues?id=apache_sling-org-apache-sling-scripting-core=11=false=BUG)
 [0 
Bugs](https://sonarcloud.io/project/issues?id=apache_sling-org-apache-sling-scripting-core=11=false=BUG)
  
   
[![Vulnerability](https://sonarsource.github.io/sonarcloud-github-static-resources/v2/common/vulnerability-16px.png
 
'Vulnerability')](https://sonarcloud.io/project/issues?id=apache_sling-org-apache-sling-scripting-core=11=false=VULNERABILITY)
 
[![A](https://sonarsource.github.io/sonarcloud-github-static-resources/v2/checks/RatingBadge/A-16px.png
 
'A')](https://sonarcloud.io/project/issues?id=apache_sling-org-apache-sling-scripting-core=11=false=VULNERABILITY)
 [0 
Vulnerabilities](https://sonarcloud.io/project/issues?id=apache_sling-org-apache-sling-scripting-core=11=false=VULNERABILITY)
  
   [![Security 
Hotspot](https://sonarsource.github.io/sonarcloud-github-static-resources/v2/common/security_hotspot-16px.png
 'Security 
Hotspot')](https://sonarcloud.io/project/security_hotspots?id=apache_sling-org-apache-sling-scripting-core=11=false=SECURITY_HOTSPOT)
 
[![A](https://sonarsource.github.io/sonarcloud-github-static-resources/v2/checks/RatingBadge/A-16px.png
 
'A')](https://sonarcloud.io/project/security_hotspots?id=apache_sling-org-apache-sling-scripting-core=11=false=SECURITY_HOTSPOT)
 [0 Security 
Hotspots](https://sonarcloud.io/project/security_hotspots?id=apache_sling-org-apache-sling-scripting-core=11=false=SECURITY_HOTSPOT)
  
   [![Code 
Smell](https://sonarsource.github.io/sonarcloud-github-static-resources/v2/common/code_smell-16px.png
 'Code 
Smell')](https://sonarcloud.io/project/issues?id=apache_sling-org-apache-sling-scripting-core=11=false=CODE_SMELL)
 
[![A](https://sonarsource.github.io/sonarcloud-github-static-resources/v2/checks/RatingBadge/A-16px.png
 
'A')](https://sonarcloud.io/project/issues?id=apache_sling-org-apache-sling-scripting-core=11=false=CODE_SMELL)
 [0 Code 
Smells](https://sonarcloud.io/project/issues?id=apache_sling-org-apache-sling-scripting-core=11=false=CODE_SMELL)
   
   
[![100.0%](https://sonarsource.github.io/sonarcloud-github-static-resources/v2/checks/CoverageChart/100-16px.png
 
'100.0%')](https://sonarcloud.io/component_measures?id=apache_sling-org-apache-sling-scripting-core=11=new_coverage=list)
 [100.0% 
Coverage](https://sonarcloud.io/component_measures?id=apache_sling-org-apache-sling-scripting-core=11=new_coverage=list)
  
   
[![0.0%](https://sonarsource.github.io/sonarcloud-github-static-resources/v2/checks/Duplications/3-16px.png
 
'0.0%')](https://sonarcloud.io/component_measures?id=apache_sling-org-apache-sling-scripting-core=11=new_duplicated_lines_density=list)
 [0.0% 
Duplication](https://sonarcloud.io/component_measures?id=apache_sling-org-apache-sling-scripting-core=11=new_duplicated_lines_density=list)
   
   


-- 
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.

To unsubscribe, e-mail: dev-unsubscr...@sling.apache.org

For queries about this service, please contact Infrastructure at:
us...@infra.apache.org

[GitHub] [sling-org-apache-sling-scripting-core] bosschaert commented on a change in pull request #11: SLING-11118 null returned even if OSGi service is found

[GitBox]

bosschaert commented on a change in pull request #11:
URL: 
https://github.com/apache/sling-org-apache-sling-scripting-core/pull/11#discussion_r799349636



##
File path: 
src/main/java/org/apache/sling/scripting/core/impl/bundled/AbstractBundledRenderUnit.java
##
@@ -126,7 +124,7 @@ public BundleContext getBundleContext() {
 }
 }
 }
-return null;
+return result;

Review comment:
   It's a little bit a matter of taste IMHO. I personally find it easier to 
read when a method returns straight away when it can, rather than reading 
through the rest of the method to see that nothing else is happening before it 
returns at the end.
   So therefore my preference would be to keep the 2 return statements as we 
have them now.
   If you feel strongly about this one we can address it in a subsequent commit.




-- 
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.

To unsubscribe, e-mail: dev-unsubscr...@sling.apache.org

For queries about this service, please contact Infrastructure at:
us...@infra.apache.org

[GitHub] [sling-org-apache-sling-scripting-core] bosschaert commented on a change in pull request #11: SLING-11118 null returned even if OSGi service is found

[GitBox]

bosschaert commented on a change in pull request #11:
URL: 
https://github.com/apache/sling-org-apache-sling-scripting-core/pull/11#discussion_r799348398



##
File path: 
src/test/java/org/apache/sling/scripting/core/impl/bundled/AbstractBundledRenderUnitTest.java
##
@@ -0,0 +1,87 @@
+/*~~
+ ~ Licensed to the Apache Software Foundation (ASF) under one
+ ~ or more contributor license agreements.  See the NOTICE file
+ ~ distributed with this work for additional information
+ ~ regarding copyright ownership.  The ASF licenses this file
+ ~ to you under the Apache License, Version 2.0 (the
+ ~ "License"); you may not use this file except in compliance
+ ~ with the License.  You may obtain a copy of the License at
+ ~
+ ~   http://www.apache.org/licenses/LICENSE-2.0
+ ~
+ ~ Unless required by applicable law or agreed to in writing,
+ ~ software distributed under the License is distributed on an
+ ~ "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
+ ~ KIND, either express or implied.  See the License for the
+ ~ specific language governing permissions and limitations
+ ~ under the License.
+ 
~*/
+package org.apache.sling.scripting.core.impl.bundled;
+
+import static org.junit.Assert.assertNull;
+import static org.junit.Assert.assertSame;
+import static org.junit.Assert.assertTrue;
+
+import java.lang.reflect.Field;
+import java.util.Collections;
+import java.util.List;
+import java.util.Map;
+
+import javax.script.ScriptContext;
+import javax.script.ScriptEngine;
+import javax.script.ScriptException;
+
+import org.junit.Test;
+import org.mockito.Mockito;
+import org.osgi.framework.Bundle;
+import org.osgi.framework.BundleContext;
+import org.osgi.framework.ServiceReference;
+
+public class AbstractBundledRenderUnitTest {
+@SuppressWarnings({ "unchecked", "rawtypes" })
+@Test
+public void testGetService() throws Exception {

Review comment:
   Hi @raducotescu thanks for the feedback. I have updated the test now  




-- 
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.

To unsubscribe, e-mail: dev-unsubscr...@sling.apache.org

For queries about this service, please contact Infrastructure at:
us...@infra.apache.org

[GitHub] [sling-org-apache-sling-scripting-core] raducotescu commented on a change in pull request #11: SLING-11118 null returned even if OSGi service is found

[GitBox]

raducotescu commented on a change in pull request #11:
URL: 
https://github.com/apache/sling-org-apache-sling-scripting-core/pull/11#discussion_r799328944



##
File path: 
src/test/java/org/apache/sling/scripting/core/impl/bundled/AbstractBundledRenderUnitTest.java
##
@@ -0,0 +1,87 @@
+/*~~
+ ~ Licensed to the Apache Software Foundation (ASF) under one
+ ~ or more contributor license agreements.  See the NOTICE file
+ ~ distributed with this work for additional information
+ ~ regarding copyright ownership.  The ASF licenses this file
+ ~ to you under the Apache License, Version 2.0 (the
+ ~ "License"); you may not use this file except in compliance
+ ~ with the License.  You may obtain a copy of the License at
+ ~
+ ~   http://www.apache.org/licenses/LICENSE-2.0
+ ~
+ ~ Unless required by applicable law or agreed to in writing,
+ ~ software distributed under the License is distributed on an
+ ~ "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
+ ~ KIND, either express or implied.  See the License for the
+ ~ specific language governing permissions and limitations
+ ~ under the License.
+ 
~*/
+package org.apache.sling.scripting.core.impl.bundled;
+
+import static org.junit.Assert.assertNull;
+import static org.junit.Assert.assertSame;
+import static org.junit.Assert.assertTrue;
+
+import java.lang.reflect.Field;
+import java.util.Collections;
+import java.util.List;
+import java.util.Map;
+
+import javax.script.ScriptContext;
+import javax.script.ScriptEngine;
+import javax.script.ScriptException;
+
+import org.junit.Test;
+import org.mockito.Mockito;
+import org.osgi.framework.Bundle;
+import org.osgi.framework.BundleContext;
+import org.osgi.framework.ServiceReference;
+
+public class AbstractBundledRenderUnitTest {
+@SuppressWarnings({ "unchecked", "rawtypes" })
+@Test
+public void testGetService() throws Exception {

Review comment:
   Thanks for adding a test here, @bosschaert! I would like though one tiny 
change: rather than use the white-box approach, where you check the private 
`services` map and `references` list, I'd switch to a black-box approach.
   
   Keep the mocking like you do now, but after doing the first service 
retrieval make the reference return a different service object. The do another 
retrieval and check that the service instance is still the same (since it was 
retrieved from the cache). Call then `releaseDependencies` and check that the 
service returned is now the second service object you prepared above. Does that 
make sense?

##
File path: 
src/main/java/org/apache/sling/scripting/core/impl/bundled/AbstractBundledRenderUnit.java
##
@@ -126,7 +124,7 @@ public BundleContext getBundleContext() {
 }
 }
 }
-return null;
+return result;

Review comment:
   Should we remove the `return` at line 123 and have only one `return` 
statement? It would make the code simpler to read.




-- 
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.

To unsubscribe, e-mail: dev-unsubscr...@sling.apache.org

For queries about this service, please contact Infrastructure at:
us...@infra.apache.org

[jira] [Resolved] (SLING-11121) Avoid registering service in activate method

[Carsten Ziegeler (Jira)]

 [ 
https://issues.apache.org/jira/browse/SLING-11121?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel
 ]

Carsten Ziegeler resolved SLING-11121.
--
Resolution: Fixed

Fixed in 
https://github.com/apache/sling-org-apache-sling-security/commit/2e2f7350e3fb8a9a9f25a2db0d001b9b062081fa

> Avoid registering service in activate method
> 
>
> Key: SLING-11121
> URL: https://issues.apache.org/jira/browse/SLING-11121
> Project: Sling
>  Issue Type: Improvement
>  Components: Sling Security
>Reporter: Carsten Ziegeler
>Assignee: Carsten Ziegeler
>Priority: Major
> Fix For: Security 1.1.24
>
>
> The referrer filter is currently registering a web console plugin during 
> activate() . However, service registry calls during activate is an 
> anti-pattern that should be avoided



--
This message was sent by Atlassian Jira
(v8.20.1#820001)

[jira] [Created] (SLING-11121) Avoid registering service in activate method

[Carsten Ziegeler (Jira)]

Carsten Ziegeler created SLING-11121:


 Summary: Avoid registering service in activate method
 Key: SLING-11121
 URL: https://issues.apache.org/jira/browse/SLING-11121
 Project: Sling
  Issue Type: Improvement
  Components: Sling Security
Reporter: Carsten Ziegeler
Assignee: Carsten Ziegeler
 Fix For: Security 1.1.24


The referrer filter is currently registering a web console plugin during 
activate() . However, service registry calls during activate is an anti-pattern 
that should be avoided



--
This message was sent by Atlassian Jira
(v8.20.1#820001)

[jira] [Resolved] (SLING-11120) Reduce log output from BundledScriptTracker

[Carsten Ziegeler (Jira)]

 [ 
https://issues.apache.org/jira/browse/SLING-11120?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel
 ]

Carsten Ziegeler resolved SLING-11120.
--
  Assignee: Carsten Ziegeler
Resolution: Fixed

https://github.com/apache/sling-org-apache-sling-servlets-resolver/commit/b3d4286b857df18b244b2446be95abaf1a6575b3

> Reduce log output from BundledScriptTracker
> ---
>
> Key: SLING-11120
> URL: https://issues.apache.org/jira/browse/SLING-11120
> Project: Sling
>  Issue Type: Improvement
>  Components: Servlets
>Reporter: Carsten Ziegeler
>Assignee: Carsten Ziegeler
>Priority: Major
> Fix For: Servlets Resolver 2.9.4
>
>
> With bundled scripts it might happen that a lot of warnings are outputted, 
> like below.  It's usually a capability that doesn't provide its own script, 
> nor does it have a main script or selector script in the one from which it 
> inherits.
> This can also happen if folders in libs hvae a sling:resourceSuperType on 
> them without having scripts in the chain. Sometimes the reason for that is to 
> trigger the Sling Resource Merger for a component dialog
> As this warning does not really provide something actionable but just fills 
> the logs, we should reduce the log level to Debug.
> {noformat}
> 04.02.2022 09:30:43.427 *WARN* [FelixStartLevel] 
> org.apache.sling.servlets.resolver.internal.bundle.BundledScriptTracker 
> Unable to locate an executable for capability 
> BundledRenderUnitCapability[sling.servlet.resourceTypes=[/libs/foo/templates/bar,
>  foo/templates/bar]; extends=foo/myerviceconfigs/templates/configpage].
> {noformat}



--
This message was sent by Atlassian Jira
(v8.20.1#820001)

[jira] [Updated] (SLING-11093) Bundled scripts should only be registered for the absolute resource type if the relative resource type is the same

[Carsten Ziegeler (Jira)]

 [ 
https://issues.apache.org/jira/browse/SLING-11093?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel
 ]

Carsten Ziegeler updated SLING-11093:
-
Fix Version/s: Servlets Resolver 2.9.4
   (was: Servlets Resolver 2.9.2)

> Bundled scripts should only be registered for the absolute resource type if 
> the relative resource type is the same
> --
>
> Key: SLING-11093
> URL: https://issues.apache.org/jira/browse/SLING-11093
> Project: Sling
>  Issue Type: Improvement
>  Components: Scripting, Servlets
>Affects Versions: Servlets Resolver 2.9.2
>Reporter: Karl Pauls
>Assignee: Karl Pauls
>Priority: Major
> Fix For: Servlets Resolver 2.9.4
>
>  Time Spent: 0.5h
>  Remaining Estimate: 0h
>
> The capabilities for bundled scripts typically contain the same resource type 
> as an absolute and a relative version. Right now, we end up registering both, 
> which is not needed if we have an absolute resource type anyways. 
> Furthermore, this can cause problems if the servlet root index is configured 
> because, in that case, one has to take into account the bundle scripts as 
> their relative resource types will depend on that as well.



--
This message was sent by Atlassian Jira
(v8.20.1#820001)

[jira] [Updated] (SLING-11118) null returned even if OSGi service is found

[A. J. David Bosschaert (Jira)]

 [ 
https://issues.apache.org/jira/browse/SLING-8?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel
 ]

A. J. David Bosschaert updated SLING-8:
---
Fix Version/s: Scripting Core 2.4.4

> null returned even if OSGi service is found
> ---
>
> Key: SLING-8
> URL: https://issues.apache.org/jira/browse/SLING-8
> Project: Sling
>  Issue Type: Bug
>  Components: Scripting
>Affects Versions: Scripting Core 2.4.2
>Reporter: A. J. David Bosschaert
>Assignee: A. J. David Bosschaert
>Priority: Major
> Fix For: Scripting Core 2.4.4
>
>  Time Spent: 10m
>  Remaining Estimate: 0h
>
> AbstractBundledRenderUnit.getService(String className) can return {{null}} 
> for a service even if the service is found in the service registry.
> This is because the last line of this method always returns {{null}} which 
> discards the result from the local {{this.services}} cache if it's found in 
> there.



--
This message was sent by Atlassian Jira
(v8.20.1#820001)

[jira] [Created] (SLING-11120) Reduce log output from BundledScriptTracker

[Carsten Ziegeler (Jira)]

Carsten Ziegeler created SLING-11120:


 Summary: Reduce log output from BundledScriptTracker
 Key: SLING-11120
 URL: https://issues.apache.org/jira/browse/SLING-11120
 Project: Sling
  Issue Type: Improvement
  Components: Servlets
Reporter: Carsten Ziegeler
 Fix For: Servlets Resolver 2.9.4


With bundled scripts it might happen that a lot of warnings are outputted, like 
below.  It's usually a capability that doesn't provide its own script, nor does 
it have a main script or selector script in the one from which it inherits.
This can also happen if folders in libs hvae a sling:resourceSuperType on them 
without having scripts in the chain. Sometimes the reason for that is to 
trigger the Sling Resource Merger for a component dialog

As this warning does not really provide something actionable but just fills the 
logs, we should reduce the log level to Debug.

{noformat}
04.02.2022 09:30:43.427 *WARN* [FelixStartLevel] 
org.apache.sling.servlets.resolver.internal.bundle.BundledScriptTracker Unable 
to locate an executable for capability 
BundledRenderUnitCapability[sling.servlet.resourceTypes=[/libs/foo/templates/bar,
 foo/templates/bar]; extends=foo/myerviceconfigs/templates/configpage].
{noformat}



--
This message was sent by Atlassian Jira
(v8.20.1#820001)

[GitHub] [sling-org-apache-sling-caconfig-impl] sonarcloud[bot] commented on pull request #5: SLING-11114 Use a LazySupplier for the caconfig binding

[GitBox]

sonarcloud[bot] commented on pull request #5:
URL: 
https://github.com/apache/sling-org-apache-sling-caconfig-impl/pull/5#issuecomment-1029787372


   Kudos, SonarCloud Quality Gate passed!  ![Quality Gate 
passed](https://sonarsource.github.io/sonarcloud-github-static-resources/v2/checks/QualityGateBadge/passed-16px.png
 'Quality Gate passed')
   
   
[![Bug](https://sonarsource.github.io/sonarcloud-github-static-resources/v2/common/bug-16px.png
 
'Bug')](https://sonarcloud.io/project/issues?id=apache_sling-org-apache-sling-caconfig-impl=5=false=BUG)
 
[![A](https://sonarsource.github.io/sonarcloud-github-static-resources/v2/checks/RatingBadge/A-16px.png
 
'A')](https://sonarcloud.io/project/issues?id=apache_sling-org-apache-sling-caconfig-impl=5=false=BUG)
 [0 
Bugs](https://sonarcloud.io/project/issues?id=apache_sling-org-apache-sling-caconfig-impl=5=false=BUG)
  
   
[![Vulnerability](https://sonarsource.github.io/sonarcloud-github-static-resources/v2/common/vulnerability-16px.png
 
'Vulnerability')](https://sonarcloud.io/project/issues?id=apache_sling-org-apache-sling-caconfig-impl=5=false=VULNERABILITY)
 
[![A](https://sonarsource.github.io/sonarcloud-github-static-resources/v2/checks/RatingBadge/A-16px.png
 
'A')](https://sonarcloud.io/project/issues?id=apache_sling-org-apache-sling-caconfig-impl=5=false=VULNERABILITY)
 [0 
Vulnerabilities](https://sonarcloud.io/project/issues?id=apache_sling-org-apache-sling-caconfig-impl=5=false=VULNERABILITY)
  
   [![Security 
Hotspot](https://sonarsource.github.io/sonarcloud-github-static-resources/v2/common/security_hotspot-16px.png
 'Security 
Hotspot')](https://sonarcloud.io/project/security_hotspots?id=apache_sling-org-apache-sling-caconfig-impl=5=false=SECURITY_HOTSPOT)
 
[![A](https://sonarsource.github.io/sonarcloud-github-static-resources/v2/checks/RatingBadge/A-16px.png
 
'A')](https://sonarcloud.io/project/security_hotspots?id=apache_sling-org-apache-sling-caconfig-impl=5=false=SECURITY_HOTSPOT)
 [0 Security 
Hotspots](https://sonarcloud.io/project/security_hotspots?id=apache_sling-org-apache-sling-caconfig-impl=5=false=SECURITY_HOTSPOT)
  
   [![Code 
Smell](https://sonarsource.github.io/sonarcloud-github-static-resources/v2/common/code_smell-16px.png
 'Code 
Smell')](https://sonarcloud.io/project/issues?id=apache_sling-org-apache-sling-caconfig-impl=5=false=CODE_SMELL)
 
[![A](https://sonarsource.github.io/sonarcloud-github-static-resources/v2/checks/RatingBadge/A-16px.png
 
'A')](https://sonarcloud.io/project/issues?id=apache_sling-org-apache-sling-caconfig-impl=5=false=CODE_SMELL)
 [0 Code 
Smells](https://sonarcloud.io/project/issues?id=apache_sling-org-apache-sling-caconfig-impl=5=false=CODE_SMELL)
   
   
[![81.8%](https://sonarsource.github.io/sonarcloud-github-static-resources/v2/checks/CoverageChart/60-16px.png
 
'81.8%')](https://sonarcloud.io/component_measures?id=apache_sling-org-apache-sling-caconfig-impl=5=new_coverage=list)
 [81.8% 
Coverage](https://sonarcloud.io/component_measures?id=apache_sling-org-apache-sling-caconfig-impl=5=new_coverage=list)
  
   
[![0.0%](https://sonarsource.github.io/sonarcloud-github-static-resources/v2/checks/Duplications/3-16px.png
 
'0.0%')](https://sonarcloud.io/component_measures?id=apache_sling-org-apache-sling-caconfig-impl=5=new_duplicated_lines_density=list)
 [0.0% 
Duplication](https://sonarcloud.io/component_measures?id=apache_sling-org-apache-sling-caconfig-impl=5=new_duplicated_lines_density=list)
   
   


-- 
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.

To unsubscribe, e-mail: dev-unsubscr...@sling.apache.org

For queries about this service, please contact Infrastructure at:
us...@infra.apache.org

[GitHub] [sling-org-apache-sling-caconfig-impl] sonarcloud[bot] removed a comment on pull request #5: SLING-11114 Use a LazySupplier for the caconfig binding

[GitBox]

sonarcloud[bot] removed a comment on pull request #5:
URL: 
https://github.com/apache/sling-org-apache-sling-caconfig-impl/pull/5#issuecomment-1029776052


   SonarCloud Quality Gate failed.  ![Quality Gate 
failed](https://sonarsource.github.io/sonarcloud-github-static-resources/v2/checks/QualityGateBadge/failed-16px.png
 'Quality Gate failed')
   
   
[![Bug](https://sonarsource.github.io/sonarcloud-github-static-resources/v2/common/bug-16px.png
 
'Bug')](https://sonarcloud.io/project/issues?id=apache_sling-org-apache-sling-caconfig-impl=5=false=BUG)
 
[![A](https://sonarsource.github.io/sonarcloud-github-static-resources/v2/checks/RatingBadge/A-16px.png
 
'A')](https://sonarcloud.io/project/issues?id=apache_sling-org-apache-sling-caconfig-impl=5=false=BUG)
 [0 
Bugs](https://sonarcloud.io/project/issues?id=apache_sling-org-apache-sling-caconfig-impl=5=false=BUG)
  
   
[![Vulnerability](https://sonarsource.github.io/sonarcloud-github-static-resources/v2/common/vulnerability-16px.png
 
'Vulnerability')](https://sonarcloud.io/project/issues?id=apache_sling-org-apache-sling-caconfig-impl=5=false=VULNERABILITY)
 
[![A](https://sonarsource.github.io/sonarcloud-github-static-resources/v2/checks/RatingBadge/A-16px.png
 
'A')](https://sonarcloud.io/project/issues?id=apache_sling-org-apache-sling-caconfig-impl=5=false=VULNERABILITY)
 [0 
Vulnerabilities](https://sonarcloud.io/project/issues?id=apache_sling-org-apache-sling-caconfig-impl=5=false=VULNERABILITY)
  
   [![Security 
Hotspot](https://sonarsource.github.io/sonarcloud-github-static-resources/v2/common/security_hotspot-16px.png
 'Security 
Hotspot')](https://sonarcloud.io/project/security_hotspots?id=apache_sling-org-apache-sling-caconfig-impl=5=false=SECURITY_HOTSPOT)
 
[![A](https://sonarsource.github.io/sonarcloud-github-static-resources/v2/checks/RatingBadge/A-16px.png
 
'A')](https://sonarcloud.io/project/security_hotspots?id=apache_sling-org-apache-sling-caconfig-impl=5=false=SECURITY_HOTSPOT)
 [0 Security 
Hotspots](https://sonarcloud.io/project/security_hotspots?id=apache_sling-org-apache-sling-caconfig-impl=5=false=SECURITY_HOTSPOT)
  
   [![Code 
Smell](https://sonarsource.github.io/sonarcloud-github-static-resources/v2/common/code_smell-16px.png
 'Code 
Smell')](https://sonarcloud.io/project/issues?id=apache_sling-org-apache-sling-caconfig-impl=5=false=CODE_SMELL)
 
[![A](https://sonarsource.github.io/sonarcloud-github-static-resources/v2/checks/RatingBadge/A-16px.png
 
'A')](https://sonarcloud.io/project/issues?id=apache_sling-org-apache-sling-caconfig-impl=5=false=CODE_SMELL)
 [0 Code 
Smells](https://sonarcloud.io/project/issues?id=apache_sling-org-apache-sling-caconfig-impl=5=false=CODE_SMELL)
   
   
[![27.3%](https://sonarsource.github.io/sonarcloud-github-static-resources/v2/checks/CoverageChart/25-16px.png
 
'27.3%')](https://sonarcloud.io/component_measures?id=apache_sling-org-apache-sling-caconfig-impl=5=new_coverage=list)
 [27.3% 
Coverage](https://sonarcloud.io/component_measures?id=apache_sling-org-apache-sling-caconfig-impl=5=new_coverage=list)
  
   
[![0.0%](https://sonarsource.github.io/sonarcloud-github-static-resources/v2/checks/Duplications/3-16px.png
 
'0.0%')](https://sonarcloud.io/component_measures?id=apache_sling-org-apache-sling-caconfig-impl=5=new_duplicated_lines_density=list)
 [0.0% 
Duplication](https://sonarcloud.io/component_measures?id=apache_sling-org-apache-sling-caconfig-impl=5=new_duplicated_lines_density=list)
   
   


-- 
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.

To unsubscribe, e-mail: dev-unsubscr...@sling.apache.org

For queries about this service, please contact Infrastructure at:
us...@infra.apache.org

[GitHub] [sling-org-apache-sling-caconfig-impl] sonarcloud[bot] commented on pull request #5: SLING-11114 Use a LazySupplier for the caconfig binding

[GitBox]

sonarcloud[bot] commented on pull request #5:
URL: 
https://github.com/apache/sling-org-apache-sling-caconfig-impl/pull/5#issuecomment-1029776052


   SonarCloud Quality Gate failed.  ![Quality Gate 
failed](https://sonarsource.github.io/sonarcloud-github-static-resources/v2/checks/QualityGateBadge/failed-16px.png
 'Quality Gate failed')
   
   
[![Bug](https://sonarsource.github.io/sonarcloud-github-static-resources/v2/common/bug-16px.png
 
'Bug')](https://sonarcloud.io/project/issues?id=apache_sling-org-apache-sling-caconfig-impl=5=false=BUG)
 
[![A](https://sonarsource.github.io/sonarcloud-github-static-resources/v2/checks/RatingBadge/A-16px.png
 
'A')](https://sonarcloud.io/project/issues?id=apache_sling-org-apache-sling-caconfig-impl=5=false=BUG)
 [0 
Bugs](https://sonarcloud.io/project/issues?id=apache_sling-org-apache-sling-caconfig-impl=5=false=BUG)
  
   
[![Vulnerability](https://sonarsource.github.io/sonarcloud-github-static-resources/v2/common/vulnerability-16px.png
 
'Vulnerability')](https://sonarcloud.io/project/issues?id=apache_sling-org-apache-sling-caconfig-impl=5=false=VULNERABILITY)
 
[![A](https://sonarsource.github.io/sonarcloud-github-static-resources/v2/checks/RatingBadge/A-16px.png
 
'A')](https://sonarcloud.io/project/issues?id=apache_sling-org-apache-sling-caconfig-impl=5=false=VULNERABILITY)
 [0 
Vulnerabilities](https://sonarcloud.io/project/issues?id=apache_sling-org-apache-sling-caconfig-impl=5=false=VULNERABILITY)
  
   [![Security 
Hotspot](https://sonarsource.github.io/sonarcloud-github-static-resources/v2/common/security_hotspot-16px.png
 'Security 
Hotspot')](https://sonarcloud.io/project/security_hotspots?id=apache_sling-org-apache-sling-caconfig-impl=5=false=SECURITY_HOTSPOT)
 
[![A](https://sonarsource.github.io/sonarcloud-github-static-resources/v2/checks/RatingBadge/A-16px.png
 
'A')](https://sonarcloud.io/project/security_hotspots?id=apache_sling-org-apache-sling-caconfig-impl=5=false=SECURITY_HOTSPOT)
 [0 Security 
Hotspots](https://sonarcloud.io/project/security_hotspots?id=apache_sling-org-apache-sling-caconfig-impl=5=false=SECURITY_HOTSPOT)
  
   [![Code 
Smell](https://sonarsource.github.io/sonarcloud-github-static-resources/v2/common/code_smell-16px.png
 'Code 
Smell')](https://sonarcloud.io/project/issues?id=apache_sling-org-apache-sling-caconfig-impl=5=false=CODE_SMELL)
 
[![A](https://sonarsource.github.io/sonarcloud-github-static-resources/v2/checks/RatingBadge/A-16px.png
 
'A')](https://sonarcloud.io/project/issues?id=apache_sling-org-apache-sling-caconfig-impl=5=false=CODE_SMELL)
 [0 Code 
Smells](https://sonarcloud.io/project/issues?id=apache_sling-org-apache-sling-caconfig-impl=5=false=CODE_SMELL)
   
   
[![27.3%](https://sonarsource.github.io/sonarcloud-github-static-resources/v2/checks/CoverageChart/25-16px.png
 
'27.3%')](https://sonarcloud.io/component_measures?id=apache_sling-org-apache-sling-caconfig-impl=5=new_coverage=list)
 [27.3% 
Coverage](https://sonarcloud.io/component_measures?id=apache_sling-org-apache-sling-caconfig-impl=5=new_coverage=list)
  
   
[![0.0%](https://sonarsource.github.io/sonarcloud-github-static-resources/v2/checks/Duplications/3-16px.png
 
'0.0%')](https://sonarcloud.io/component_measures?id=apache_sling-org-apache-sling-caconfig-impl=5=new_duplicated_lines_density=list)
 [0.0% 
Duplication](https://sonarcloud.io/component_measures?id=apache_sling-org-apache-sling-caconfig-impl=5=new_duplicated_lines_density=list)
   
   


-- 
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.

To unsubscribe, e-mail: dev-unsubscr...@sling.apache.org

For queries about this service, please contact Infrastructure at:
us...@infra.apache.org

[jira] [Commented] (SLING-11114) Use LazySupplier in ConfigurationBindingsValueProvider

[Joerg Hoh (Jira)]

[ 
https://issues.apache.org/jira/browse/SLING-4?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel=17486877#comment-17486877
 ] 

Joerg Hoh commented on SLING-4:
---

Raised PR: https://github.com/apache/sling-org-apache-sling-caconfig-impl/pull/5

> Use LazySupplier in ConfigurationBindingsValueProvider
> --
>
> Key: SLING-4
> URL: https://issues.apache.org/jira/browse/SLING-4
> Project: Sling
>  Issue Type: Improvement
>  Components: Extensions
>Affects Versions: Context-Aware Configuration Impl 1.6.0
>Reporter: Joerg Hoh
>Assignee: Joerg Hoh
>Priority: Major
>  Time Spent: 10m
>  Remaining Estimate: 0h
>
> When adding the bindings some logic is executed independent if the caconfig 
> binding is used or not. In case the provided Bindings object is of type 
> {{LazyBindings}}, a LazySupplier can be added, which will only be resolved if 
> the binding is actually used.



--
This message was sent by Atlassian Jira
(v8.20.1#820001)

[GitHub] [sling-org-apache-sling-caconfig-impl] joerghoh opened a new pull request #5: SLING-11114 Use a LazySupplier for the caconfig binding

[GitBox]

joerghoh opened a new pull request #5:
URL: https://github.com/apache/sling-org-apache-sling-caconfig-impl/pull/5


   Using the LazyBinding we can avoid to perform checks and validations when 
the binding is not used.


-- 
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.

To unsubscribe, e-mail: dev-unsubscr...@sling.apache.org

For queries about this service, please contact Infrastructure at:
us...@infra.apache.org