[jira] [Updated] (SLING-11073) Support for Via "Original Resource Type"

[Dirk Rudolph (Jira)]

 [ 
https://issues.apache.org/jira/browse/SLING-11073?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel
 ]

Dirk Rudolph updated SLING-11073:
-
Description: 
Consider the following Models

{code}
interface A { }
interface B { }

@Model(adaptables=SlingHttpServletRequest.class, resourceType="generic")
class AImpl implements A { @Self private B other; }

@Model(adaptables=SlingHttpServletRequest.class, resourceType="generic")
class BImpl implements B { }
{code}

If we want to extend this using the delegation pattern we could do

{code}
interface A1 extends A { }

@Model(adaptables=SlingHttpServletRequest.class, resourceType="specific")
class A1Impl implements A1 { @Self @Via(type=ResourceSuperType.class) private A 
delegate; }
{code}

and additionally for B

{code}
interface B1 extends B { }

@Model(adaptables=SlingHttpServletRequest.class, resourceType="specific")
class B1Impl implements B1 { @Self @Via(type=ResourceSuperType.class) private B 
delegate; }
{code}

This will still inject {{BImpl}} into the instance of {{AImpl}} (the delegate 
in {{A1Impl}}) when adapting a request on a resource with 
resourceType="specific" even though there is a more specific implementation of 
it that would match the original resourceType (would be {{B1Impl}}). The reason 
is that the ResourceTypeBasedResourcePicker picks {{BImpl}} based on the 
resourceType forced by the ResourceSuperTypeViaProvider.

This behaviour may be desired in some cases but not in others. That's why I 
propose to introduce a OriginalResourceViaProvider which unwraps the changes 
made by the AbstractResourceTypeViaProvider. This can explicitly be specified 
to enable it.

{code}
class AImpl implements A {
 @Self 
 @Via(type = OriginalResourceType.class) // undo any forced resourceTypes
 private B other;
}
{code}

Which then would inject {{B1Impl}}, the one for the original "specific" 
resoruceType.

  was:
Consider the following Models

{code}
interface A { }
interface B { }

@Model(adaptables=SlingHttpServletRequest.class, resourceType="generic")
class AImpl implements A { @Self private B other; }

@Model(adaptables=SlingHttpServletRequest.class, resourceType="generic")
class BImpl implements B { }
{code}

If we want to extend this using the delegation pattern we could do

{code}
interface A1 extends A { }

@Model(adaptables=SlingHttpServletRequest.class, resourceType="specific")
class A1Impl implements A1 { @Self @Via(type=ResourceSuperType.class) private A 
delegate; }
{code}

and additionally for B

{code}
interface B1 extends B { }

@Model(adaptables=SlingHttpServletRequest.class, resourceType="specific")
class B1Impl implements B1 { @Self @Via(type=ResourceSuperType.class) private B 
delegate; }
{code}

This will still inject {{BImpl}} into the instance of {{AImpl}} (the delegate 
in {{A1Impl}}) when adapting a request on a resource with 
resourceType="specific" even though there is a more specific implementation of 
it that would match the original resourceType (would be {{B1Impl}}). The reason 
is that the ResourceTypeBasedResourcePicker picks {{BImpl}} based on the 
resourceType forced by the ResourceSuperTypeViaProvider.

This behaviour may be desired in some cases but not in others. That's why I 
propose to introduce a OriginalResourceViaProvider which unwraps the changes 
made by the AbstractResourceTypeViaProvider. This can explicitly be specified 
to enable it.

{code}
class AImpl implements A {
 @Self 
 @Via(type = OriginalResource.class) // undo any forced resourceTypes
 private B other;
}
{code}

Which then would inject {{B1Impl}}, the one for the original "specific" 
resoruceType.


> Support for Via "Original Resource Type"
> 
>
> Key: SLING-11073
> URL: https://issues.apache.org/jira/browse/SLING-11073
> Project: Sling
>  Issue Type: Improvement
>  Components: Sling Models
>Reporter: Dirk Rudolph
>Assignee: Dirk Rudolph
>Priority: Major
> Fix For: Models API 1.4.2, Models Implementation 1.5.2
>
>  Time Spent: 2h 50m
>  Remaining Estimate: 0h
>
> Consider the following Models
> {code}
> interface A { }
> interface B { }
> @Model(adaptables=SlingHttpServletRequest.class, resourceType="generic")
> class AImpl implements A { @Self private B other; }
> @Model(adaptables=SlingHttpServletRequest.class, resourceType="generic")
> class BImpl implements B { }
> {code}
> If we want to extend this using the delegation pattern we could do
> {code}
> interface A1 extends A { }
> @Model(adaptables=SlingHttpServletRequest.class, resourceType="specific")
> class A1Impl implements A1 { @Self @Via(type=ResourceSuperType.class) private 
> A delegate; }
> {code}
> and additionally for B
> {code}
> interface B1 extends B { }
> @Model(adaptables=SlingHttpServletRequest.class, resourceType="specific")
> class B1Impl implements B1 { @Self 

[GitHub] [sling-org-apache-sling-models-impl] sonarcloud[bot] commented on pull request #33: SLING-11073: rename OriginalResourceViaProvider to OriginalResourceTypeViaProvider

[GitBox]

sonarcloud[bot] commented on pull request #33:
URL: 
https://github.com/apache/sling-org-apache-sling-models-impl/pull/33#issuecomment-1031892373


   Kudos, SonarCloud Quality Gate passed!  ![Quality Gate 
passed](https://sonarsource.github.io/sonarcloud-github-static-resources/v2/checks/QualityGateBadge/passed-16px.png
 'Quality Gate passed')
   
   
[![Bug](https://sonarsource.github.io/sonarcloud-github-static-resources/v2/common/bug-16px.png
 
'Bug')](https://sonarcloud.io/project/issues?id=apache_sling-org-apache-sling-models-impl=33=false=BUG)
 
[![A](https://sonarsource.github.io/sonarcloud-github-static-resources/v2/checks/RatingBadge/A-16px.png
 
'A')](https://sonarcloud.io/project/issues?id=apache_sling-org-apache-sling-models-impl=33=false=BUG)
 [0 
Bugs](https://sonarcloud.io/project/issues?id=apache_sling-org-apache-sling-models-impl=33=false=BUG)
  
   
[![Vulnerability](https://sonarsource.github.io/sonarcloud-github-static-resources/v2/common/vulnerability-16px.png
 
'Vulnerability')](https://sonarcloud.io/project/issues?id=apache_sling-org-apache-sling-models-impl=33=false=VULNERABILITY)
 
[![A](https://sonarsource.github.io/sonarcloud-github-static-resources/v2/checks/RatingBadge/A-16px.png
 
'A')](https://sonarcloud.io/project/issues?id=apache_sling-org-apache-sling-models-impl=33=false=VULNERABILITY)
 [0 
Vulnerabilities](https://sonarcloud.io/project/issues?id=apache_sling-org-apache-sling-models-impl=33=false=VULNERABILITY)
  
   [![Security 
Hotspot](https://sonarsource.github.io/sonarcloud-github-static-resources/v2/common/security_hotspot-16px.png
 'Security 
Hotspot')](https://sonarcloud.io/project/security_hotspots?id=apache_sling-org-apache-sling-models-impl=33=false=SECURITY_HOTSPOT)
 
[![A](https://sonarsource.github.io/sonarcloud-github-static-resources/v2/checks/RatingBadge/A-16px.png
 
'A')](https://sonarcloud.io/project/security_hotspots?id=apache_sling-org-apache-sling-models-impl=33=false=SECURITY_HOTSPOT)
 [0 Security 
Hotspots](https://sonarcloud.io/project/security_hotspots?id=apache_sling-org-apache-sling-models-impl=33=false=SECURITY_HOTSPOT)
  
   [![Code 
Smell](https://sonarsource.github.io/sonarcloud-github-static-resources/v2/common/code_smell-16px.png
 'Code 
Smell')](https://sonarcloud.io/project/issues?id=apache_sling-org-apache-sling-models-impl=33=false=CODE_SMELL)
 
[![A](https://sonarsource.github.io/sonarcloud-github-static-resources/v2/checks/RatingBadge/A-16px.png
 
'A')](https://sonarcloud.io/project/issues?id=apache_sling-org-apache-sling-models-impl=33=false=CODE_SMELL)
 [0 Code 
Smells](https://sonarcloud.io/project/issues?id=apache_sling-org-apache-sling-models-impl=33=false=CODE_SMELL)
   
   
[![100.0%](https://sonarsource.github.io/sonarcloud-github-static-resources/v2/checks/CoverageChart/100-16px.png
 
'100.0%')](https://sonarcloud.io/component_measures?id=apache_sling-org-apache-sling-models-impl=33=new_coverage=list)
 [100.0% 
Coverage](https://sonarcloud.io/component_measures?id=apache_sling-org-apache-sling-models-impl=33=new_coverage=list)
  
   
[![0.0%](https://sonarsource.github.io/sonarcloud-github-static-resources/v2/checks/Duplications/3-16px.png
 
'0.0%')](https://sonarcloud.io/component_measures?id=apache_sling-org-apache-sling-models-impl=33=new_duplicated_lines_density=list)
 [0.0% 
Duplication](https://sonarcloud.io/component_measures?id=apache_sling-org-apache-sling-models-impl=33=new_duplicated_lines_density=list)
   
   


-- 
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.

To unsubscribe, e-mail: dev-unsubscr...@sling.apache.org

For queries about this service, please contact Infrastructure at:
us...@infra.apache.org

[GitHub] [sling-org-apache-sling-models-impl] Buuhuu merged pull request #33: SLING-11073: rename OriginalResourceViaProvider to OriginalResourceTypeViaProvider

[GitBox]

Buuhuu merged pull request #33:
URL: https://github.com/apache/sling-org-apache-sling-models-impl/pull/33


   


-- 
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.

To unsubscribe, e-mail: dev-unsubscr...@sling.apache.org

For queries about this service, please contact Infrastructure at:
us...@infra.apache.org

[GitHub] [sling-org-apache-sling-models-impl] Buuhuu opened a new pull request #33: SLING-11073: rename OriginalResourceViaProvider to OriginalResourceTypeViaProvider

[GitBox]

Buuhuu opened a new pull request #33:
URL: https://github.com/apache/sling-org-apache-sling-models-impl/pull/33


   In order to make it clear that this is the counterpart of 
ResourceSuperTypeViaProvider and ForcedResourceTypeViaProvider.


-- 
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.

To unsubscribe, e-mail: dev-unsubscr...@sling.apache.org

For queries about this service, please contact Infrastructure at:
us...@infra.apache.org

[GitHub] [sling-org-apache-sling-models-api] sonarcloud[bot] removed a comment on pull request #4: SLING-11073: Rename OriginalResource ViaProviderTpye to OriginalResourceType

[GitBox]

sonarcloud[bot] removed a comment on pull request #4:
URL: 
https://github.com/apache/sling-org-apache-sling-models-api/pull/4#issuecomment-1031877492


   SonarCloud Quality Gate failed.  ![Quality Gate 
failed](https://sonarsource.github.io/sonarcloud-github-static-resources/v2/checks/QualityGateBadge/failed-16px.png
 'Quality Gate failed')
   
   
[![Bug](https://sonarsource.github.io/sonarcloud-github-static-resources/v2/common/bug-16px.png
 
'Bug')](https://sonarcloud.io/project/issues?id=apache_sling-org-apache-sling-models-api=4=false=BUG)
 
[![A](https://sonarsource.github.io/sonarcloud-github-static-resources/v2/checks/RatingBadge/A-16px.png
 
'A')](https://sonarcloud.io/project/issues?id=apache_sling-org-apache-sling-models-api=4=false=BUG)
 [0 
Bugs](https://sonarcloud.io/project/issues?id=apache_sling-org-apache-sling-models-api=4=false=BUG)
  
   
[![Vulnerability](https://sonarsource.github.io/sonarcloud-github-static-resources/v2/common/vulnerability-16px.png
 
'Vulnerability')](https://sonarcloud.io/project/issues?id=apache_sling-org-apache-sling-models-api=4=false=VULNERABILITY)
 
[![A](https://sonarsource.github.io/sonarcloud-github-static-resources/v2/checks/RatingBadge/A-16px.png
 
'A')](https://sonarcloud.io/project/issues?id=apache_sling-org-apache-sling-models-api=4=false=VULNERABILITY)
 [0 
Vulnerabilities](https://sonarcloud.io/project/issues?id=apache_sling-org-apache-sling-models-api=4=false=VULNERABILITY)
  
   [![Security 
Hotspot](https://sonarsource.github.io/sonarcloud-github-static-resources/v2/common/security_hotspot-16px.png
 'Security 
Hotspot')](https://sonarcloud.io/project/security_hotspots?id=apache_sling-org-apache-sling-models-api=4=false=SECURITY_HOTSPOT)
 
[![A](https://sonarsource.github.io/sonarcloud-github-static-resources/v2/checks/RatingBadge/A-16px.png
 
'A')](https://sonarcloud.io/project/security_hotspots?id=apache_sling-org-apache-sling-models-api=4=false=SECURITY_HOTSPOT)
 [0 Security 
Hotspots](https://sonarcloud.io/project/security_hotspots?id=apache_sling-org-apache-sling-models-api=4=false=SECURITY_HOTSPOT)
  
   [![Code 
Smell](https://sonarsource.github.io/sonarcloud-github-static-resources/v2/common/code_smell-16px.png
 'Code 
Smell')](https://sonarcloud.io/project/issues?id=apache_sling-org-apache-sling-models-api=4=false=CODE_SMELL)
 
[![A](https://sonarsource.github.io/sonarcloud-github-static-resources/v2/checks/RatingBadge/A-16px.png
 
'A')](https://sonarcloud.io/project/issues?id=apache_sling-org-apache-sling-models-api=4=false=CODE_SMELL)
 [0 Code 
Smells](https://sonarcloud.io/project/issues?id=apache_sling-org-apache-sling-models-api=4=false=CODE_SMELL)
   
   
[![0.0%](https://sonarsource.github.io/sonarcloud-github-static-resources/v2/checks/CoverageChart/0-16px.png
 
'0.0%')](https://sonarcloud.io/component_measures?id=apache_sling-org-apache-sling-models-api=4=new_coverage=list)
 [0.0% 
Coverage](https://sonarcloud.io/component_measures?id=apache_sling-org-apache-sling-models-api=4=new_coverage=list)
  
   
[![0.0%](https://sonarsource.github.io/sonarcloud-github-static-resources/v2/checks/Duplications/3-16px.png
 
'0.0%')](https://sonarcloud.io/component_measures?id=apache_sling-org-apache-sling-models-api=4=new_duplicated_lines_density=list)
 [0.0% 
Duplication](https://sonarcloud.io/component_measures?id=apache_sling-org-apache-sling-models-api=4=new_duplicated_lines_density=list)
   
   


-- 
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.

To unsubscribe, e-mail: dev-unsubscr...@sling.apache.org

For queries about this service, please contact Infrastructure at:
us...@infra.apache.org

[GitHub] [sling-org-apache-sling-models-api] sonarcloud[bot] commented on pull request #4: SLING-11073: Rename OriginalResource ViaProviderTpye to OriginalResourceType

[GitBox]

sonarcloud[bot] commented on pull request #4:
URL: 
https://github.com/apache/sling-org-apache-sling-models-api/pull/4#issuecomment-1031879027


   SonarCloud Quality Gate failed.  ![Quality Gate 
failed](https://sonarsource.github.io/sonarcloud-github-static-resources/v2/checks/QualityGateBadge/failed-16px.png
 'Quality Gate failed')
   
   
[![Bug](https://sonarsource.github.io/sonarcloud-github-static-resources/v2/common/bug-16px.png
 
'Bug')](https://sonarcloud.io/project/issues?id=apache_sling-org-apache-sling-models-api=4=false=BUG)
 
[![A](https://sonarsource.github.io/sonarcloud-github-static-resources/v2/checks/RatingBadge/A-16px.png
 
'A')](https://sonarcloud.io/project/issues?id=apache_sling-org-apache-sling-models-api=4=false=BUG)
 [0 
Bugs](https://sonarcloud.io/project/issues?id=apache_sling-org-apache-sling-models-api=4=false=BUG)
  
   
[![Vulnerability](https://sonarsource.github.io/sonarcloud-github-static-resources/v2/common/vulnerability-16px.png
 
'Vulnerability')](https://sonarcloud.io/project/issues?id=apache_sling-org-apache-sling-models-api=4=false=VULNERABILITY)
 
[![A](https://sonarsource.github.io/sonarcloud-github-static-resources/v2/checks/RatingBadge/A-16px.png
 
'A')](https://sonarcloud.io/project/issues?id=apache_sling-org-apache-sling-models-api=4=false=VULNERABILITY)
 [0 
Vulnerabilities](https://sonarcloud.io/project/issues?id=apache_sling-org-apache-sling-models-api=4=false=VULNERABILITY)
  
   [![Security 
Hotspot](https://sonarsource.github.io/sonarcloud-github-static-resources/v2/common/security_hotspot-16px.png
 'Security 
Hotspot')](https://sonarcloud.io/project/security_hotspots?id=apache_sling-org-apache-sling-models-api=4=false=SECURITY_HOTSPOT)
 
[![A](https://sonarsource.github.io/sonarcloud-github-static-resources/v2/checks/RatingBadge/A-16px.png
 
'A')](https://sonarcloud.io/project/security_hotspots?id=apache_sling-org-apache-sling-models-api=4=false=SECURITY_HOTSPOT)
 [0 Security 
Hotspots](https://sonarcloud.io/project/security_hotspots?id=apache_sling-org-apache-sling-models-api=4=false=SECURITY_HOTSPOT)
  
   [![Code 
Smell](https://sonarsource.github.io/sonarcloud-github-static-resources/v2/common/code_smell-16px.png
 'Code 
Smell')](https://sonarcloud.io/project/issues?id=apache_sling-org-apache-sling-models-api=4=false=CODE_SMELL)
 
[![A](https://sonarsource.github.io/sonarcloud-github-static-resources/v2/checks/RatingBadge/A-16px.png
 
'A')](https://sonarcloud.io/project/issues?id=apache_sling-org-apache-sling-models-api=4=false=CODE_SMELL)
 [0 Code 
Smells](https://sonarcloud.io/project/issues?id=apache_sling-org-apache-sling-models-api=4=false=CODE_SMELL)
   
   
[![0.0%](https://sonarsource.github.io/sonarcloud-github-static-resources/v2/checks/CoverageChart/0-16px.png
 
'0.0%')](https://sonarcloud.io/component_measures?id=apache_sling-org-apache-sling-models-api=4=new_coverage=list)
 [0.0% 
Coverage](https://sonarcloud.io/component_measures?id=apache_sling-org-apache-sling-models-api=4=new_coverage=list)
  
   
[![0.0%](https://sonarsource.github.io/sonarcloud-github-static-resources/v2/checks/Duplications/3-16px.png
 
'0.0%')](https://sonarcloud.io/component_measures?id=apache_sling-org-apache-sling-models-api=4=new_duplicated_lines_density=list)
 [0.0% 
Duplication](https://sonarcloud.io/component_measures?id=apache_sling-org-apache-sling-models-api=4=new_duplicated_lines_density=list)
   
   


-- 
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.

To unsubscribe, e-mail: dev-unsubscr...@sling.apache.org

For queries about this service, please contact Infrastructure at:
us...@infra.apache.org

[GitHub] [sling-org-apache-sling-models-api] Buuhuu merged pull request #4: SLING-11073: Rename OriginalResource ViaProviderTpye to OriginalResourceType

[GitBox]

Buuhuu merged pull request #4:
URL: https://github.com/apache/sling-org-apache-sling-models-api/pull/4


   


-- 
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.

To unsubscribe, e-mail: dev-unsubscr...@sling.apache.org

For queries about this service, please contact Infrastructure at:
us...@infra.apache.org

[GitHub] [sling-org-apache-sling-models-api] sonarcloud[bot] commented on pull request #4: SLING-11073: Rename OriginalResource ViaProviderTpye to OriginalResourceType

[GitBox]

sonarcloud[bot] commented on pull request #4:
URL: 
https://github.com/apache/sling-org-apache-sling-models-api/pull/4#issuecomment-1031877492


   SonarCloud Quality Gate failed.  ![Quality Gate 
failed](https://sonarsource.github.io/sonarcloud-github-static-resources/v2/checks/QualityGateBadge/failed-16px.png
 'Quality Gate failed')
   
   
[![Bug](https://sonarsource.github.io/sonarcloud-github-static-resources/v2/common/bug-16px.png
 
'Bug')](https://sonarcloud.io/project/issues?id=apache_sling-org-apache-sling-models-api=4=false=BUG)
 
[![A](https://sonarsource.github.io/sonarcloud-github-static-resources/v2/checks/RatingBadge/A-16px.png
 
'A')](https://sonarcloud.io/project/issues?id=apache_sling-org-apache-sling-models-api=4=false=BUG)
 [0 
Bugs](https://sonarcloud.io/project/issues?id=apache_sling-org-apache-sling-models-api=4=false=BUG)
  
   
[![Vulnerability](https://sonarsource.github.io/sonarcloud-github-static-resources/v2/common/vulnerability-16px.png
 
'Vulnerability')](https://sonarcloud.io/project/issues?id=apache_sling-org-apache-sling-models-api=4=false=VULNERABILITY)
 
[![A](https://sonarsource.github.io/sonarcloud-github-static-resources/v2/checks/RatingBadge/A-16px.png
 
'A')](https://sonarcloud.io/project/issues?id=apache_sling-org-apache-sling-models-api=4=false=VULNERABILITY)
 [0 
Vulnerabilities](https://sonarcloud.io/project/issues?id=apache_sling-org-apache-sling-models-api=4=false=VULNERABILITY)
  
   [![Security 
Hotspot](https://sonarsource.github.io/sonarcloud-github-static-resources/v2/common/security_hotspot-16px.png
 'Security 
Hotspot')](https://sonarcloud.io/project/security_hotspots?id=apache_sling-org-apache-sling-models-api=4=false=SECURITY_HOTSPOT)
 
[![A](https://sonarsource.github.io/sonarcloud-github-static-resources/v2/checks/RatingBadge/A-16px.png
 
'A')](https://sonarcloud.io/project/security_hotspots?id=apache_sling-org-apache-sling-models-api=4=false=SECURITY_HOTSPOT)
 [0 Security 
Hotspots](https://sonarcloud.io/project/security_hotspots?id=apache_sling-org-apache-sling-models-api=4=false=SECURITY_HOTSPOT)
  
   [![Code 
Smell](https://sonarsource.github.io/sonarcloud-github-static-resources/v2/common/code_smell-16px.png
 'Code 
Smell')](https://sonarcloud.io/project/issues?id=apache_sling-org-apache-sling-models-api=4=false=CODE_SMELL)
 
[![A](https://sonarsource.github.io/sonarcloud-github-static-resources/v2/checks/RatingBadge/A-16px.png
 
'A')](https://sonarcloud.io/project/issues?id=apache_sling-org-apache-sling-models-api=4=false=CODE_SMELL)
 [0 Code 
Smells](https://sonarcloud.io/project/issues?id=apache_sling-org-apache-sling-models-api=4=false=CODE_SMELL)
   
   
[![0.0%](https://sonarsource.github.io/sonarcloud-github-static-resources/v2/checks/CoverageChart/0-16px.png
 
'0.0%')](https://sonarcloud.io/component_measures?id=apache_sling-org-apache-sling-models-api=4=new_coverage=list)
 [0.0% 
Coverage](https://sonarcloud.io/component_measures?id=apache_sling-org-apache-sling-models-api=4=new_coverage=list)
  
   
[![0.0%](https://sonarsource.github.io/sonarcloud-github-static-resources/v2/checks/Duplications/3-16px.png
 
'0.0%')](https://sonarcloud.io/component_measures?id=apache_sling-org-apache-sling-models-api=4=new_duplicated_lines_density=list)
 [0.0% 
Duplication](https://sonarcloud.io/component_measures?id=apache_sling-org-apache-sling-models-api=4=new_duplicated_lines_density=list)
   
   


-- 
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.

To unsubscribe, e-mail: dev-unsubscr...@sling.apache.org

For queries about this service, please contact Infrastructure at:
us...@infra.apache.org

[GitHub] [sling-org-apache-sling-models-api] sonarcloud[bot] removed a comment on pull request #4: SLING-11073: Rename OriginalResource ViaProviderTpye to OriginalResourceType

[GitBox]

sonarcloud[bot] removed a comment on pull request #4:
URL: 
https://github.com/apache/sling-org-apache-sling-models-api/pull/4#issuecomment-1031871416


   SonarCloud Quality Gate failed.  ![Quality Gate 
failed](https://sonarsource.github.io/sonarcloud-github-static-resources/v2/checks/QualityGateBadge/failed-16px.png
 'Quality Gate failed')
   
   
[![Bug](https://sonarsource.github.io/sonarcloud-github-static-resources/v2/common/bug-16px.png
 
'Bug')](https://sonarcloud.io/project/issues?id=apache_sling-org-apache-sling-models-api=4=false=BUG)
 
[![A](https://sonarsource.github.io/sonarcloud-github-static-resources/v2/checks/RatingBadge/A-16px.png
 
'A')](https://sonarcloud.io/project/issues?id=apache_sling-org-apache-sling-models-api=4=false=BUG)
 [0 
Bugs](https://sonarcloud.io/project/issues?id=apache_sling-org-apache-sling-models-api=4=false=BUG)
  
   
[![Vulnerability](https://sonarsource.github.io/sonarcloud-github-static-resources/v2/common/vulnerability-16px.png
 
'Vulnerability')](https://sonarcloud.io/project/issues?id=apache_sling-org-apache-sling-models-api=4=false=VULNERABILITY)
 
[![A](https://sonarsource.github.io/sonarcloud-github-static-resources/v2/checks/RatingBadge/A-16px.png
 
'A')](https://sonarcloud.io/project/issues?id=apache_sling-org-apache-sling-models-api=4=false=VULNERABILITY)
 [0 
Vulnerabilities](https://sonarcloud.io/project/issues?id=apache_sling-org-apache-sling-models-api=4=false=VULNERABILITY)
  
   [![Security 
Hotspot](https://sonarsource.github.io/sonarcloud-github-static-resources/v2/common/security_hotspot-16px.png
 'Security 
Hotspot')](https://sonarcloud.io/project/security_hotspots?id=apache_sling-org-apache-sling-models-api=4=false=SECURITY_HOTSPOT)
 
[![A](https://sonarsource.github.io/sonarcloud-github-static-resources/v2/checks/RatingBadge/A-16px.png
 
'A')](https://sonarcloud.io/project/security_hotspots?id=apache_sling-org-apache-sling-models-api=4=false=SECURITY_HOTSPOT)
 [0 Security 
Hotspots](https://sonarcloud.io/project/security_hotspots?id=apache_sling-org-apache-sling-models-api=4=false=SECURITY_HOTSPOT)
  
   [![Code 
Smell](https://sonarsource.github.io/sonarcloud-github-static-resources/v2/common/code_smell-16px.png
 'Code 
Smell')](https://sonarcloud.io/project/issues?id=apache_sling-org-apache-sling-models-api=4=false=CODE_SMELL)
 
[![A](https://sonarsource.github.io/sonarcloud-github-static-resources/v2/checks/RatingBadge/A-16px.png
 
'A')](https://sonarcloud.io/project/issues?id=apache_sling-org-apache-sling-models-api=4=false=CODE_SMELL)
 [0 Code 
Smells](https://sonarcloud.io/project/issues?id=apache_sling-org-apache-sling-models-api=4=false=CODE_SMELL)
   
   
[![0.0%](https://sonarsource.github.io/sonarcloud-github-static-resources/v2/checks/CoverageChart/0-16px.png
 
'0.0%')](https://sonarcloud.io/component_measures?id=apache_sling-org-apache-sling-models-api=4=new_coverage=list)
 [0.0% 
Coverage](https://sonarcloud.io/component_measures?id=apache_sling-org-apache-sling-models-api=4=new_coverage=list)
  
   
[![0.0%](https://sonarsource.github.io/sonarcloud-github-static-resources/v2/checks/Duplications/3-16px.png
 
'0.0%')](https://sonarcloud.io/component_measures?id=apache_sling-org-apache-sling-models-api=4=new_duplicated_lines_density=list)
 [0.0% 
Duplication](https://sonarcloud.io/component_measures?id=apache_sling-org-apache-sling-models-api=4=new_duplicated_lines_density=list)
   
   


-- 
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.

To unsubscribe, e-mail: dev-unsubscr...@sling.apache.org

For queries about this service, please contact Infrastructure at:
us...@infra.apache.org

[GitHub] [sling-org-apache-sling-models-api] sonarcloud[bot] commented on pull request #4: SLING-11073: Rename OriginalResource ViaProviderTpye to OriginalResourceType

[GitBox]

sonarcloud[bot] commented on pull request #4:
URL: 
https://github.com/apache/sling-org-apache-sling-models-api/pull/4#issuecomment-1031871416


   SonarCloud Quality Gate failed.  ![Quality Gate 
failed](https://sonarsource.github.io/sonarcloud-github-static-resources/v2/checks/QualityGateBadge/failed-16px.png
 'Quality Gate failed')
   
   
[![Bug](https://sonarsource.github.io/sonarcloud-github-static-resources/v2/common/bug-16px.png
 
'Bug')](https://sonarcloud.io/project/issues?id=apache_sling-org-apache-sling-models-api=4=false=BUG)
 
[![A](https://sonarsource.github.io/sonarcloud-github-static-resources/v2/checks/RatingBadge/A-16px.png
 
'A')](https://sonarcloud.io/project/issues?id=apache_sling-org-apache-sling-models-api=4=false=BUG)
 [0 
Bugs](https://sonarcloud.io/project/issues?id=apache_sling-org-apache-sling-models-api=4=false=BUG)
  
   
[![Vulnerability](https://sonarsource.github.io/sonarcloud-github-static-resources/v2/common/vulnerability-16px.png
 
'Vulnerability')](https://sonarcloud.io/project/issues?id=apache_sling-org-apache-sling-models-api=4=false=VULNERABILITY)
 
[![A](https://sonarsource.github.io/sonarcloud-github-static-resources/v2/checks/RatingBadge/A-16px.png
 
'A')](https://sonarcloud.io/project/issues?id=apache_sling-org-apache-sling-models-api=4=false=VULNERABILITY)
 [0 
Vulnerabilities](https://sonarcloud.io/project/issues?id=apache_sling-org-apache-sling-models-api=4=false=VULNERABILITY)
  
   [![Security 
Hotspot](https://sonarsource.github.io/sonarcloud-github-static-resources/v2/common/security_hotspot-16px.png
 'Security 
Hotspot')](https://sonarcloud.io/project/security_hotspots?id=apache_sling-org-apache-sling-models-api=4=false=SECURITY_HOTSPOT)
 
[![A](https://sonarsource.github.io/sonarcloud-github-static-resources/v2/checks/RatingBadge/A-16px.png
 
'A')](https://sonarcloud.io/project/security_hotspots?id=apache_sling-org-apache-sling-models-api=4=false=SECURITY_HOTSPOT)
 [0 Security 
Hotspots](https://sonarcloud.io/project/security_hotspots?id=apache_sling-org-apache-sling-models-api=4=false=SECURITY_HOTSPOT)
  
   [![Code 
Smell](https://sonarsource.github.io/sonarcloud-github-static-resources/v2/common/code_smell-16px.png
 'Code 
Smell')](https://sonarcloud.io/project/issues?id=apache_sling-org-apache-sling-models-api=4=false=CODE_SMELL)
 
[![A](https://sonarsource.github.io/sonarcloud-github-static-resources/v2/checks/RatingBadge/A-16px.png
 
'A')](https://sonarcloud.io/project/issues?id=apache_sling-org-apache-sling-models-api=4=false=CODE_SMELL)
 [0 Code 
Smells](https://sonarcloud.io/project/issues?id=apache_sling-org-apache-sling-models-api=4=false=CODE_SMELL)
   
   
[![0.0%](https://sonarsource.github.io/sonarcloud-github-static-resources/v2/checks/CoverageChart/0-16px.png
 
'0.0%')](https://sonarcloud.io/component_measures?id=apache_sling-org-apache-sling-models-api=4=new_coverage=list)
 [0.0% 
Coverage](https://sonarcloud.io/component_measures?id=apache_sling-org-apache-sling-models-api=4=new_coverage=list)
  
   
[![0.0%](https://sonarsource.github.io/sonarcloud-github-static-resources/v2/checks/Duplications/3-16px.png
 
'0.0%')](https://sonarcloud.io/component_measures?id=apache_sling-org-apache-sling-models-api=4=new_duplicated_lines_density=list)
 [0.0% 
Duplication](https://sonarcloud.io/component_measures?id=apache_sling-org-apache-sling-models-api=4=new_duplicated_lines_density=list)
   
   


-- 
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.

To unsubscribe, e-mail: dev-unsubscr...@sling.apache.org

For queries about this service, please contact Infrastructure at:
us...@infra.apache.org

[GitHub] [sling-org-apache-sling-models-api] Buuhuu opened a new pull request #4: SLING-11073: Rename OriginalResource ViaProviderTpye to OriginalResourceType

[GitBox]

Buuhuu opened a new pull request #4:
URL: https://github.com/apache/sling-org-apache-sling-models-api/pull/4


   In order to make it clear that the `OriginalResourceType` relates to the 
`ResourceSuperType` and the `ForcedResourceType` ViaProviderTypes.


-- 
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.

To unsubscribe, e-mail: dev-unsubscr...@sling.apache.org

For queries about this service, please contact Infrastructure at:
us...@infra.apache.org

[jira] [Updated] (SLING-11073) Support for Via "Original Resource Type"

[Dirk Rudolph (Jira)]

 [ 
https://issues.apache.org/jira/browse/SLING-11073?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel
 ]

Dirk Rudolph updated SLING-11073:
-
Summary: Support for Via "Original Resource Type"  (was: Support for Via 
"Original Resource")

> Support for Via "Original Resource Type"
> 
>
> Key: SLING-11073
> URL: https://issues.apache.org/jira/browse/SLING-11073
> Project: Sling
>  Issue Type: Improvement
>  Components: Sling Models
>Reporter: Dirk Rudolph
>Assignee: Dirk Rudolph
>Priority: Major
> Fix For: Models API 1.4.2, Models Implementation 1.5.2
>
>  Time Spent: 1h 10m
>  Remaining Estimate: 0h
>
> Consider the following Models
> {code}
> interface A { }
> interface B { }
> @Model(adaptables=SlingHttpServletRequest.class, resourceType="generic")
> class AImpl implements A { @Self private B other; }
> @Model(adaptables=SlingHttpServletRequest.class, resourceType="generic")
> class BImpl implements B { }
> {code}
> If we want to extend this using the delegation pattern we could do
> {code}
> interface A1 extends A { }
> @Model(adaptables=SlingHttpServletRequest.class, resourceType="specific")
> class A1Impl implements A1 { @Self @Via(type=ResourceSuperType.class) private 
> A delegate; }
> {code}
> and additionally for B
> {code}
> interface B1 extends B { }
> @Model(adaptables=SlingHttpServletRequest.class, resourceType="specific")
> class B1Impl implements B1 { @Self @Via(type=ResourceSuperType.class) private 
> B delegate; }
> {code}
> This will still inject {{BImpl}} into the instance of {{AImpl}} (the delegate 
> in {{A1Impl}}) when adapting a request on a resource with 
> resourceType="specific" even though there is a more specific implementation 
> of it that would match the original resourceType (would be {{B1Impl}}). The 
> reason is that the ResourceTypeBasedResourcePicker picks {{BImpl}} based on 
> the resourceType forced by the ResourceSuperTypeViaProvider.
> This behaviour may be desired in some cases but not in others. That's why I 
> propose to introduce a OriginalResourceViaProvider which unwraps the changes 
> made by the AbstractResourceTypeViaProvider. This can explicitly be specified 
> to enable it.
> {code}
> class AImpl implements A {
>  @Self 
>  @Via(type = OriginalResource.class) // undo any forced resourceTypes
>  private B other;
> }
> {code}
> Which then would inject {{B1Impl}}, the one for the original "specific" 
> resoruceType.



--
This message was sent by Atlassian Jira
(v8.20.1#820001)

[jira] [Resolved] (SLING-11073) Support for Via "Original Resource"

[Dirk Rudolph (Jira)]

 [ 
https://issues.apache.org/jira/browse/SLING-11073?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel
 ]

Dirk Rudolph resolved SLING-11073.
--
Resolution: Fixed

> Support for Via "Original Resource"
> ---
>
> Key: SLING-11073
> URL: https://issues.apache.org/jira/browse/SLING-11073
> Project: Sling
>  Issue Type: Improvement
>  Components: Sling Models
>Reporter: Dirk Rudolph
>Assignee: Dirk Rudolph
>Priority: Major
> Fix For: Models API 1.4.2, Models Implementation 1.5.2
>
>  Time Spent: 1h 10m
>  Remaining Estimate: 0h
>
> Consider the following Models
> {code}
> interface A { }
> interface B { }
> @Model(adaptables=SlingHttpServletRequest.class, resourceType="generic")
> class AImpl implements A { @Self private B other; }
> @Model(adaptables=SlingHttpServletRequest.class, resourceType="generic")
> class BImpl implements B { }
> {code}
> If we want to extend this using the delegation pattern we could do
> {code}
> interface A1 extends A { }
> @Model(adaptables=SlingHttpServletRequest.class, resourceType="specific")
> class A1Impl implements A1 { @Self @Via(type=ResourceSuperType.class) private 
> A delegate; }
> {code}
> and additionally for B
> {code}
> interface B1 extends B { }
> @Model(adaptables=SlingHttpServletRequest.class, resourceType="specific")
> class B1Impl implements B1 { @Self @Via(type=ResourceSuperType.class) private 
> B delegate; }
> {code}
> This will still inject {{BImpl}} into the instance of {{AImpl}} (the delegate 
> in {{A1Impl}}) when adapting a request on a resource with 
> resourceType="specific" even though there is a more specific implementation 
> of it that would match the original resourceType (would be {{B1Impl}}). The 
> reason is that the ResourceTypeBasedResourcePicker picks {{BImpl}} based on 
> the resourceType forced by the ResourceSuperTypeViaProvider.
> This behaviour may be desired in some cases but not in others. That's why I 
> propose to introduce a OriginalResourceViaProvider which unwraps the changes 
> made by the AbstractResourceTypeViaProvider. This can explicitly be specified 
> to enable it.
> {code}
> class AImpl implements A {
>  @Self 
>  @Via(type = OriginalResource.class) // undo any forced resourceTypes
>  private B other;
> }
> {code}
> Which then would inject {{B1Impl}}, the one for the original "specific" 
> resoruceType.



--
This message was sent by Atlassian Jira
(v8.20.1#820001)

[jira] [Updated] (SLING-11073) Support for Via "Original Resource"

[Dirk Rudolph (Jira)]

 [ 
https://issues.apache.org/jira/browse/SLING-11073?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel
 ]

Dirk Rudolph updated SLING-11073:
-
Description: 
Consider the following Models

{code}
interface A { }
interface B { }

@Model(adaptables=SlingHttpServletRequest.class, resourceType="generic")
class AImpl implements A { @Self private B other; }

@Model(adaptables=SlingHttpServletRequest.class, resourceType="generic")
class BImpl implements B { }
{code}

If we want to extend this using the delegation pattern we could do

{code}
interface A1 extends A { }

@Model(adaptables=SlingHttpServletRequest.class, resourceType="specific")
class A1Impl implements A1 { @Self @Via(type=ResourceSuperType.class) private A 
delegate; }
{code}

and additionally for B

{code}
interface B1 extends B { }

@Model(adaptables=SlingHttpServletRequest.class, resourceType="specific")
class B1Impl implements B1 { @Self @Via(type=ResourceSuperType.class) private B 
delegate; }
{code}

This will still inject {{BImpl}} into the instance of {{AImpl}} (the delegate 
in {{A1Impl}}) when adapting a request on a resource with 
resourceType="specific" even though there is a more specific implementation of 
it that would match the original resourceType (would be {{B1Impl}}). The reason 
is that the ResourceTypeBasedResourcePicker picks {{BImpl}} based on the 
resourceType forced by the ResourceSuperTypeViaProvider.

This behaviour may be desired in some cases but not in others. That's why I 
propose to introduce a OriginalResourceViaProvider which unwraps the changes 
made by the AbstractResourceTypeViaProvider. This can explicitly be specified 
to enable it.

{code}
class AImpl implements A {
 @Self 
 @Via(type = OriginalResource.class) // undo any forced resourceTypes
 private B other;
}
{code}

Which then would inject {{B1Impl}}, the one for the original "specific" 
resoruceType.

  was:
Consider the following Models

{code}
interface A { }
interface B { }

@Model(adaptables=SlingHttpServletRequest.class, resourceType="generic")
class AImpl implements A { @Self private B other; }

@Model(adaptables=SlingHttpServletRequest.class, resourceType="generic")
class BImpl implements B { }
{code}

If we want to extend this using the delegation pattern we could do

{code}
interface A1 extends A { }

@Model(adaptables=SlingHttpServletRequest.class, resourceType="specific")
class A1Impl implements A1 { @Self @Via(type=ResourceSuperType.class) private A 
delegate; }
{code}

and additionally for B

{code}
interface B1 extends B { }

@Model(adaptables=SlingHttpServletRequest.class, resourceType="specific")
class B1Impl implements B1 { @Self @Via(type=ResourceSuperType.class) private B 
delegate; }
{code}

This will however still inject {{BImpl}} into the instance of {{AImpl}} (the 
delegate in {{A1Impl}}) when adapting a request on a resource with 
resourceType="specific" even though there is a more specific implementation of 
it that would match the original resourceType (would be {{B1Impl}}). The reason 
is that the ResourceTypeBasedResourcePicker picks {{BImpl}} based on the 
resourceType forced by the ResourceSuperTypeViaProvider.

This behaviour may be desired in some cases but not in others. That's why I 
propose to introduce a OriginalResourceViaProvider which unwraps the changes 
made by the AbstractResourceTypeViaProvider. This can explicitly be specified 
to enable it.

{code}
class AImpl implements A {
 @Self 
 @Via(type = OriginalResource.class) // undo any forced resourceTypes
 private B other;
}
{code}

Which then would inject {{B1Impl}}, the one for the original "specific" 
resoruceType.


> Support for Via "Original Resource"
> ---
>
> Key: SLING-11073
> URL: https://issues.apache.org/jira/browse/SLING-11073
> Project: Sling
>  Issue Type: Improvement
>  Components: Sling Models
>Reporter: Dirk Rudolph
>Assignee: Dirk Rudolph
>Priority: Major
> Fix For: Models API 1.4.2, Models Implementation 1.5.2
>
>  Time Spent: 1h 10m
>  Remaining Estimate: 0h
>
> Consider the following Models
> {code}
> interface A { }
> interface B { }
> @Model(adaptables=SlingHttpServletRequest.class, resourceType="generic")
> class AImpl implements A { @Self private B other; }
> @Model(adaptables=SlingHttpServletRequest.class, resourceType="generic")
> class BImpl implements B { }
> {code}
> If we want to extend this using the delegation pattern we could do
> {code}
> interface A1 extends A { }
> @Model(adaptables=SlingHttpServletRequest.class, resourceType="specific")
> class A1Impl implements A1 { @Self @Via(type=ResourceSuperType.class) private 
> A delegate; }
> {code}
> and additionally for B
> {code}
> interface B1 extends B { }
> @Model(adaptables=SlingHttpServletRequest.class, resourceType="specific")
> class B1Impl implements B1 { @Self 

[GitHub] [sling-org-apache-sling-models-integration-tests] Buuhuu merged pull request #2: SLING-11073: add integration tests for via OriginalResource

[GitBox]

Buuhuu merged pull request #2:
URL: 
https://github.com/apache/sling-org-apache-sling-models-integration-tests/pull/2


   


-- 
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.

To unsubscribe, e-mail: dev-unsubscr...@sling.apache.org

For queries about this service, please contact Infrastructure at:
us...@infra.apache.org

[jira] [Updated] (SLING-11073) Support for Via "Original Resource"

[Dirk Rudolph (Jira)]

 [ 
https://issues.apache.org/jira/browse/SLING-11073?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel
 ]

Dirk Rudolph updated SLING-11073:
-
Fix Version/s: Models API 1.4.2
   Models Implementation 1.5.2

> Support for Via "Original Resource"
> ---
>
> Key: SLING-11073
> URL: https://issues.apache.org/jira/browse/SLING-11073
> Project: Sling
>  Issue Type: Improvement
>  Components: Sling Models
>Reporter: Dirk Rudolph
>Assignee: Dirk Rudolph
>Priority: Major
> Fix For: Models API 1.4.2, Models Implementation 1.5.2
>
>  Time Spent: 50m
>  Remaining Estimate: 0h
>
> Consider the following Models
> {code}
> interface A { }
> interface B { }
> @Model(adaptables=SlingHttpServletRequest.class, resourceType="generic")
> class AImpl implements A { @Self private B other; }
> @Model(adaptables=SlingHttpServletRequest.class, resourceType="generic")
> class BImpl implements B { }
> {code}
> If we want to extend this using the delegation pattern we could do
> {code}
> interface A1 extends A { }
> @Model(adaptables=SlingHttpServletRequest.class, resourceType="specific")
> class A1Impl implements A1 { @Self @Via(type=ResourceSuperType.class) private 
> A delegate; }
> {code}
> and additionally for B
> {code}
> interface B1 extends B { }
> @Model(adaptables=SlingHttpServletRequest.class, resourceType="specific")
> class B1Impl implements B1 { @Self @Via(type=ResourceSuperType.class) private 
> B delegate; }
> {code}
> This will however still inject {{BImpl}} into the instance of {{AImpl}} (the 
> delegate in {{A1Impl}}) when adapting a request on a resource with 
> resourceType="specific" even though there is a more specific implementation 
> of it that would match the original resourceType (would be {{B1Impl}}). The 
> reason is that the ResourceTypeBasedResourcePicker picks {{BImpl}} based on 
> the resourceType forced by the ResourceSuperTypeViaProvider.
> This behaviour may be desired in some cases but not in others. That's why I 
> propose to introduce a OriginalResourceViaProvider which unwraps the changes 
> made by the AbstractResourceTypeViaProvider. This can explicitly be specified 
> to enable it.
> {code}
> class AImpl implements A {
>  @Self 
>  @Via(type = OriginalResource.class) // undo any forced resourceTypes
>  private B other;
> }
> {code}
> Which then would inject {{B1Impl}}, the one for the original "specific" 
> resoruceType.



--
This message was sent by Atlassian Jira
(v8.20.1#820001)

[GitHub] [sling-org-apache-sling-models-impl] Buuhuu merged pull request #31: SLING-11073: add OriginalResourceViaProvider

[GitBox]

Buuhuu merged pull request #31:
URL: https://github.com/apache/sling-org-apache-sling-models-impl/pull/31


   


-- 
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.

To unsubscribe, e-mail: dev-unsubscr...@sling.apache.org

For queries about this service, please contact Infrastructure at:
us...@infra.apache.org

[GitHub] [sling-org-apache-sling-models-api] Buuhuu merged pull request #3: SLING-11073: add OriginalResource ViaProviderType

[GitBox]

Buuhuu merged pull request #3:
URL: https://github.com/apache/sling-org-apache-sling-models-api/pull/3


   


-- 
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.

To unsubscribe, e-mail: dev-unsubscr...@sling.apache.org

For queries about this service, please contact Infrastructure at:
us...@infra.apache.org

Re: [VOTE] Release Apache Sling Testing Clients version 3.0.10

[Carsten Ziegeler]

+1

Thanks!

Carsten

Am 07.02.2022 um 17:41 schrieb Andrei Dulvac:

We solved 1 issues in this release:
https://issues.apache.org/jira/projects/SLING/versions/12351312

Staging repository:
https://repository.apache.org/content/repositories/orgapachesling-2594

You can use this UNIX script to download the release and verify the
signatures:
https://gitbox.apache.org/repos/asf?p=sling-tooling-release.git;a=blob;f=check_staged_release.sh;hb=HEAD

Usage:
sh check_staged_release.sh 2594 /tmp/sling-staging

Please vote to approve this release:

   [ ] +1 Approve the release
   [ ]  0 Don't care
   [ ] -1 Don't release, because ...

This majority vote is open for at least 72 hours.



--
Carsten Ziegeler
Adobe
cziege...@apache.org

[VOTE] Release Apache Sling Testing Clients version 3.0.10

[Andrei Dulvac]

We solved 1 issues in this release:
https://issues.apache.org/jira/projects/SLING/versions/12351312

Staging repository:
https://repository.apache.org/content/repositories/orgapachesling-2594

You can use this UNIX script to download the release and verify the
signatures:
https://gitbox.apache.org/repos/asf?p=sling-tooling-release.git;a=blob;f=check_staged_release.sh;hb=HEAD

Usage:
sh check_staged_release.sh 2594 /tmp/sling-staging

Please vote to approve this release:

  [ ] +1 Approve the release
  [ ]  0 Don't care
  [ ] -1 Don't release, because ...

This majority vote is open for at least 72 hours.

[jira] [Updated] (SLING-11091) Expose the number of scheduled jobs

[Joerg Hoh (Jira)]

 [ 
https://issues.apache.org/jira/browse/SLING-11091?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel
 ]

Joerg Hoh updated SLING-11091:
--
Fix Version/s: Event 4.2.26

> Expose the number of scheduled jobs
> ---
>
> Key: SLING-11091
> URL: https://issues.apache.org/jira/browse/SLING-11091
> Project: Sling
>  Issue Type: Improvement
>  Components: Event
>Affects Versions: Event 4.2.24
>Reporter: Joerg Hoh
>Assignee: Joerg Hoh
>Priority: Major
> Fix For: Event 4.2.26
>
>  Time Spent: 1.5h
>  Remaining Estimate: 0h
>
> Eventing should expose the total number of scheduled jobs as a metric; I have 
> seen cases where to incorrectly unscheduling the total number of scheduled 
> jobs was getting huge (> 10k), thus overloading the system.



--
This message was sent by Atlassian Jira
(v8.20.1#820001)

[jira] [Comment Edited] (SLING-11091) Expose the number of scheduled jobs

[Joerg Hoh (Jira)]

[ 
https://issues.apache.org/jira/browse/SLING-11091?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel=17487146#comment-17487146
 ] 

Joerg Hoh edited comment on SLING-11091 at 2/7/22, 4:07 PM:


https://github.com/apache/sling-org-apache-sling-event/pull/16 merged


was (Author: joerghoh):
https://github.com/apache/sling-org-apache-sling-event/pull/16

> Expose the number of scheduled jobs
> ---
>
> Key: SLING-11091
> URL: https://issues.apache.org/jira/browse/SLING-11091
> Project: Sling
>  Issue Type: Improvement
>  Components: Event
>Affects Versions: Event 4.2.24
>Reporter: Joerg Hoh
>Assignee: Joerg Hoh
>Priority: Major
>  Time Spent: 1.5h
>  Remaining Estimate: 0h
>
> Eventing should expose the total number of scheduled jobs as a metric; I have 
> seen cases where to incorrectly unscheduling the total number of scheduled 
> jobs was getting huge (> 10k), thus overloading the system.



--
This message was sent by Atlassian Jira
(v8.20.1#820001)

[jira] [Resolved] (SLING-11091) Expose the number of scheduled jobs

[Joerg Hoh (Jira)]

 [ 
https://issues.apache.org/jira/browse/SLING-11091?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel
 ]

Joerg Hoh resolved SLING-11091.
---
Resolution: Fixed

> Expose the number of scheduled jobs
> ---
>
> Key: SLING-11091
> URL: https://issues.apache.org/jira/browse/SLING-11091
> Project: Sling
>  Issue Type: Improvement
>  Components: Event
>Affects Versions: Event 4.2.24
>Reporter: Joerg Hoh
>Assignee: Joerg Hoh
>Priority: Major
> Fix For: Event 4.2.26
>
>  Time Spent: 1.5h
>  Remaining Estimate: 0h
>
> Eventing should expose the total number of scheduled jobs as a metric; I have 
> seen cases where to incorrectly unscheduling the total number of scheduled 
> jobs was getting huge (> 10k), thus overloading the system.



--
This message was sent by Atlassian Jira
(v8.20.1#820001)

[GitHub] [sling-org-apache-sling-event] joerghoh merged pull request #16: SLING-11091: expose the number of scheduled jobs as metric

[GitBox]

joerghoh merged pull request #16:
URL: https://github.com/apache/sling-org-apache-sling-event/pull/16


   


-- 
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.

To unsubscribe, e-mail: dev-unsubscr...@sling.apache.org

For queries about this service, please contact Infrastructure at:
us...@infra.apache.org

[GitHub] [sling-org-apache-sling-testing-clients] dulvac merged pull request #27: SLING-11124 - Remove Guava Dependency for CVE CVE-2018-10237 and CVE-2020-8908

[GitBox]

dulvac merged pull request #27:
URL: https://github.com/apache/sling-org-apache-sling-testing-clients/pull/27


   


-- 
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.

To unsubscribe, e-mail: dev-unsubscr...@sling.apache.org

For queries about this service, please contact Infrastructure at:
us...@infra.apache.org

[GitHub] [sling-org-apache-sling-testing-clients] sonarcloud[bot] removed a comment on pull request #27: SLING-11124 - Remove Guava Dependency for CVE CVE-2018-10237 and CVE-2020-8908

[GitBox]

sonarcloud[bot] removed a comment on pull request #27:
URL: 
https://github.com/apache/sling-org-apache-sling-testing-clients/pull/27#issuecomment-1031621067


   Kudos, SonarCloud Quality Gate passed!  ![Quality Gate 
passed](https://sonarsource.github.io/sonarcloud-github-static-resources/v2/checks/QualityGateBadge/passed-16px.png
 'Quality Gate passed')
   
   
[![Bug](https://sonarsource.github.io/sonarcloud-github-static-resources/v2/common/bug-16px.png
 
'Bug')](https://sonarcloud.io/project/issues?id=apache_sling-org-apache-sling-testing-clients=27=false=BUG)
 
[![A](https://sonarsource.github.io/sonarcloud-github-static-resources/v2/checks/RatingBadge/A-16px.png
 
'A')](https://sonarcloud.io/project/issues?id=apache_sling-org-apache-sling-testing-clients=27=false=BUG)
 [0 
Bugs](https://sonarcloud.io/project/issues?id=apache_sling-org-apache-sling-testing-clients=27=false=BUG)
  
   
[![Vulnerability](https://sonarsource.github.io/sonarcloud-github-static-resources/v2/common/vulnerability-16px.png
 
'Vulnerability')](https://sonarcloud.io/project/issues?id=apache_sling-org-apache-sling-testing-clients=27=false=VULNERABILITY)
 
[![A](https://sonarsource.github.io/sonarcloud-github-static-resources/v2/checks/RatingBadge/A-16px.png
 
'A')](https://sonarcloud.io/project/issues?id=apache_sling-org-apache-sling-testing-clients=27=false=VULNERABILITY)
 [0 
Vulnerabilities](https://sonarcloud.io/project/issues?id=apache_sling-org-apache-sling-testing-clients=27=false=VULNERABILITY)
  
   [![Security 
Hotspot](https://sonarsource.github.io/sonarcloud-github-static-resources/v2/common/security_hotspot-16px.png
 'Security 
Hotspot')](https://sonarcloud.io/project/security_hotspots?id=apache_sling-org-apache-sling-testing-clients=27=false=SECURITY_HOTSPOT)
 
[![A](https://sonarsource.github.io/sonarcloud-github-static-resources/v2/checks/RatingBadge/A-16px.png
 
'A')](https://sonarcloud.io/project/security_hotspots?id=apache_sling-org-apache-sling-testing-clients=27=false=SECURITY_HOTSPOT)
 [0 Security 
Hotspots](https://sonarcloud.io/project/security_hotspots?id=apache_sling-org-apache-sling-testing-clients=27=false=SECURITY_HOTSPOT)
  
   [![Code 
Smell](https://sonarsource.github.io/sonarcloud-github-static-resources/v2/common/code_smell-16px.png
 'Code 
Smell')](https://sonarcloud.io/project/issues?id=apache_sling-org-apache-sling-testing-clients=27=false=CODE_SMELL)
 
[![A](https://sonarsource.github.io/sonarcloud-github-static-resources/v2/checks/RatingBadge/A-16px.png
 
'A')](https://sonarcloud.io/project/issues?id=apache_sling-org-apache-sling-testing-clients=27=false=CODE_SMELL)
 [0 Code 
Smells](https://sonarcloud.io/project/issues?id=apache_sling-org-apache-sling-testing-clients=27=false=CODE_SMELL)
   
   
[![87.5%](https://sonarsource.github.io/sonarcloud-github-static-resources/v2/checks/CoverageChart/60-16px.png
 
'87.5%')](https://sonarcloud.io/component_measures?id=apache_sling-org-apache-sling-testing-clients=27=new_coverage=list)
 [87.5% 
Coverage](https://sonarcloud.io/component_measures?id=apache_sling-org-apache-sling-testing-clients=27=new_coverage=list)
  
   
[![0.0%](https://sonarsource.github.io/sonarcloud-github-static-resources/v2/checks/Duplications/3-16px.png
 
'0.0%')](https://sonarcloud.io/component_measures?id=apache_sling-org-apache-sling-testing-clients=27=new_duplicated_lines_density=list)
 [0.0% 
Duplication](https://sonarcloud.io/component_measures?id=apache_sling-org-apache-sling-testing-clients=27=new_duplicated_lines_density=list)
   
   


-- 
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.

To unsubscribe, e-mail: dev-unsubscr...@sling.apache.org

For queries about this service, please contact Infrastructure at:
us...@infra.apache.org

[GitHub] [sling-org-apache-sling-testing-clients] sonarcloud[bot] commented on pull request #27: SLING-11124 - Remove Guava Dependency for CVE CVE-2018-10237 and CVE-2020-8908

[GitBox]

sonarcloud[bot] commented on pull request #27:
URL: 
https://github.com/apache/sling-org-apache-sling-testing-clients/pull/27#issuecomment-1031625084


   Kudos, SonarCloud Quality Gate passed!  ![Quality Gate 
passed](https://sonarsource.github.io/sonarcloud-github-static-resources/v2/checks/QualityGateBadge/passed-16px.png
 'Quality Gate passed')
   
   
[![Bug](https://sonarsource.github.io/sonarcloud-github-static-resources/v2/common/bug-16px.png
 
'Bug')](https://sonarcloud.io/project/issues?id=apache_sling-org-apache-sling-testing-clients=27=false=BUG)
 
[![A](https://sonarsource.github.io/sonarcloud-github-static-resources/v2/checks/RatingBadge/A-16px.png
 
'A')](https://sonarcloud.io/project/issues?id=apache_sling-org-apache-sling-testing-clients=27=false=BUG)
 [0 
Bugs](https://sonarcloud.io/project/issues?id=apache_sling-org-apache-sling-testing-clients=27=false=BUG)
  
   
[![Vulnerability](https://sonarsource.github.io/sonarcloud-github-static-resources/v2/common/vulnerability-16px.png
 
'Vulnerability')](https://sonarcloud.io/project/issues?id=apache_sling-org-apache-sling-testing-clients=27=false=VULNERABILITY)
 
[![A](https://sonarsource.github.io/sonarcloud-github-static-resources/v2/checks/RatingBadge/A-16px.png
 
'A')](https://sonarcloud.io/project/issues?id=apache_sling-org-apache-sling-testing-clients=27=false=VULNERABILITY)
 [0 
Vulnerabilities](https://sonarcloud.io/project/issues?id=apache_sling-org-apache-sling-testing-clients=27=false=VULNERABILITY)
  
   [![Security 
Hotspot](https://sonarsource.github.io/sonarcloud-github-static-resources/v2/common/security_hotspot-16px.png
 'Security 
Hotspot')](https://sonarcloud.io/project/security_hotspots?id=apache_sling-org-apache-sling-testing-clients=27=false=SECURITY_HOTSPOT)
 
[![A](https://sonarsource.github.io/sonarcloud-github-static-resources/v2/checks/RatingBadge/A-16px.png
 
'A')](https://sonarcloud.io/project/security_hotspots?id=apache_sling-org-apache-sling-testing-clients=27=false=SECURITY_HOTSPOT)
 [0 Security 
Hotspots](https://sonarcloud.io/project/security_hotspots?id=apache_sling-org-apache-sling-testing-clients=27=false=SECURITY_HOTSPOT)
  
   [![Code 
Smell](https://sonarsource.github.io/sonarcloud-github-static-resources/v2/common/code_smell-16px.png
 'Code 
Smell')](https://sonarcloud.io/project/issues?id=apache_sling-org-apache-sling-testing-clients=27=false=CODE_SMELL)
 
[![A](https://sonarsource.github.io/sonarcloud-github-static-resources/v2/checks/RatingBadge/A-16px.png
 
'A')](https://sonarcloud.io/project/issues?id=apache_sling-org-apache-sling-testing-clients=27=false=CODE_SMELL)
 [0 Code 
Smells](https://sonarcloud.io/project/issues?id=apache_sling-org-apache-sling-testing-clients=27=false=CODE_SMELL)
   
   
[![100.0%](https://sonarsource.github.io/sonarcloud-github-static-resources/v2/checks/CoverageChart/100-16px.png
 
'100.0%')](https://sonarcloud.io/component_measures?id=apache_sling-org-apache-sling-testing-clients=27=new_coverage=list)
 [100.0% 
Coverage](https://sonarcloud.io/component_measures?id=apache_sling-org-apache-sling-testing-clients=27=new_coverage=list)
  
   
[![0.0%](https://sonarsource.github.io/sonarcloud-github-static-resources/v2/checks/Duplications/3-16px.png
 
'0.0%')](https://sonarcloud.io/component_measures?id=apache_sling-org-apache-sling-testing-clients=27=new_duplicated_lines_density=list)
 [0.0% 
Duplication](https://sonarcloud.io/component_measures?id=apache_sling-org-apache-sling-testing-clients=27=new_duplicated_lines_density=list)
   
   


-- 
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.

To unsubscribe, e-mail: dev-unsubscr...@sling.apache.org

For queries about this service, please contact Infrastructure at:
us...@infra.apache.org

[jira] [Resolved] (SLING-11128) Escape tenant id

[Carsten Ziegeler (Jira)]

 [ 
https://issues.apache.org/jira/browse/SLING-11128?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel
 ]

Carsten Ziegeler resolved SLING-11128.
--
Resolution: Fixed

Fixed in 
https://github.com/apache/sling-org-apache-sling-tenant/commit/86af378cba3648e8356bcbc91a5d4a84304eb1fc
 by using the XSSAPI to escape the id.
In addition, updated to latest parent pom and fixed a bug in getting a tenant 
based on the id if the id contains special characters

> Escape tenant id
> 
>
> Key: SLING-11128
> URL: https://issues.apache.org/jira/browse/SLING-11128
> Project: Sling
>  Issue Type: Improvement
>  Components: General
>Affects Versions: Tenant 1.1.4
>Reporter: Carsten Ziegeler
>Assignee: Carsten Ziegeler
>Priority: Major
> Fix For: Tenant 1.1.6
>
>
> The id of a tenant is not properly escaped in all place (printForm is 
> missing). This can lead to corrupted html



--
This message was sent by Atlassian Jira
(v8.20.1#820001)

[GitHub] [sling-org-apache-sling-testing-clients] sonarcloud[bot] commented on pull request #27: SLING-11124 - Remove Guava Dependency for CVE CVE-2018-10237 and CVE-2020-8908

[GitBox]

sonarcloud[bot] commented on pull request #27:
URL: 
https://github.com/apache/sling-org-apache-sling-testing-clients/pull/27#issuecomment-1031621067


   Kudos, SonarCloud Quality Gate passed!  ![Quality Gate 
passed](https://sonarsource.github.io/sonarcloud-github-static-resources/v2/checks/QualityGateBadge/passed-16px.png
 'Quality Gate passed')
   
   
[![Bug](https://sonarsource.github.io/sonarcloud-github-static-resources/v2/common/bug-16px.png
 
'Bug')](https://sonarcloud.io/project/issues?id=apache_sling-org-apache-sling-testing-clients=27=false=BUG)
 
[![A](https://sonarsource.github.io/sonarcloud-github-static-resources/v2/checks/RatingBadge/A-16px.png
 
'A')](https://sonarcloud.io/project/issues?id=apache_sling-org-apache-sling-testing-clients=27=false=BUG)
 [0 
Bugs](https://sonarcloud.io/project/issues?id=apache_sling-org-apache-sling-testing-clients=27=false=BUG)
  
   
[![Vulnerability](https://sonarsource.github.io/sonarcloud-github-static-resources/v2/common/vulnerability-16px.png
 
'Vulnerability')](https://sonarcloud.io/project/issues?id=apache_sling-org-apache-sling-testing-clients=27=false=VULNERABILITY)
 
[![A](https://sonarsource.github.io/sonarcloud-github-static-resources/v2/checks/RatingBadge/A-16px.png
 
'A')](https://sonarcloud.io/project/issues?id=apache_sling-org-apache-sling-testing-clients=27=false=VULNERABILITY)
 [0 
Vulnerabilities](https://sonarcloud.io/project/issues?id=apache_sling-org-apache-sling-testing-clients=27=false=VULNERABILITY)
  
   [![Security 
Hotspot](https://sonarsource.github.io/sonarcloud-github-static-resources/v2/common/security_hotspot-16px.png
 'Security 
Hotspot')](https://sonarcloud.io/project/security_hotspots?id=apache_sling-org-apache-sling-testing-clients=27=false=SECURITY_HOTSPOT)
 
[![A](https://sonarsource.github.io/sonarcloud-github-static-resources/v2/checks/RatingBadge/A-16px.png
 
'A')](https://sonarcloud.io/project/security_hotspots?id=apache_sling-org-apache-sling-testing-clients=27=false=SECURITY_HOTSPOT)
 [0 Security 
Hotspots](https://sonarcloud.io/project/security_hotspots?id=apache_sling-org-apache-sling-testing-clients=27=false=SECURITY_HOTSPOT)
  
   [![Code 
Smell](https://sonarsource.github.io/sonarcloud-github-static-resources/v2/common/code_smell-16px.png
 'Code 
Smell')](https://sonarcloud.io/project/issues?id=apache_sling-org-apache-sling-testing-clients=27=false=CODE_SMELL)
 
[![A](https://sonarsource.github.io/sonarcloud-github-static-resources/v2/checks/RatingBadge/A-16px.png
 
'A')](https://sonarcloud.io/project/issues?id=apache_sling-org-apache-sling-testing-clients=27=false=CODE_SMELL)
 [0 Code 
Smells](https://sonarcloud.io/project/issues?id=apache_sling-org-apache-sling-testing-clients=27=false=CODE_SMELL)
   
   
[![87.5%](https://sonarsource.github.io/sonarcloud-github-static-resources/v2/checks/CoverageChart/60-16px.png
 
'87.5%')](https://sonarcloud.io/component_measures?id=apache_sling-org-apache-sling-testing-clients=27=new_coverage=list)
 [87.5% 
Coverage](https://sonarcloud.io/component_measures?id=apache_sling-org-apache-sling-testing-clients=27=new_coverage=list)
  
   
[![0.0%](https://sonarsource.github.io/sonarcloud-github-static-resources/v2/checks/Duplications/3-16px.png
 
'0.0%')](https://sonarcloud.io/component_measures?id=apache_sling-org-apache-sling-testing-clients=27=new_duplicated_lines_density=list)
 [0.0% 
Duplication](https://sonarcloud.io/component_measures?id=apache_sling-org-apache-sling-testing-clients=27=new_duplicated_lines_density=list)
   
   


-- 
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.

To unsubscribe, e-mail: dev-unsubscr...@sling.apache.org

For queries about this service, please contact Infrastructure at:
us...@infra.apache.org

[jira] [Resolved] (SLING-7626) disclosure vulnerability affecting Apache Sling Servlets Post 2.3.6 and earlier versions

[Robert Munteanu (Jira)]

 [ 
https://issues.apache.org/jira/browse/SLING-7626?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel
 ]

Robert Munteanu resolved SLING-7626.

Resolution: Not A Problem

No feedback in 3+ years, closing.

> disclosure vulnerability affecting Apache Sling Servlets Post 2.3.6 and 
> earlier versions
> 
>
> Key: SLING-7626
> URL: https://issues.apache.org/jira/browse/SLING-7626
> Project: Sling
>  Issue Type: Task
>Affects Versions: Testing JCR Mock 1.3.2, Servlet Helpers 1.1.4, Testing 
> Sling Mock 2.2.18
>Reporter: Andy
>Priority: Blocker
>
> There is a high security vulnerability from OWASP dependencies check scan 
> affecting Apache Sling Servlets Post 2.3.6 and earlier versions. Please 
> update to Apache Sling Servlets Post 2.3.8.
> This is the Adobe fixes for reference, but the following modules need to 
> address this
> https://helpx.adobe.com/security/products/experience-manager/apsb16-05.html 
> org.apache.sling.servlet-helpers-1.1.4.jar
> org.apache.sling.testing.sling-mock-2.2.18.jar
> org.apache.sling.testing.jcr-mock-1.3.2.jar
>  



--
This message was sent by Atlassian Jira
(v8.20.1#820001)

[jira] [Commented] (SLING-8595) Update of sling parent pom

[Robert Munteanu (Jira)]

[ 
https://issues.apache.org/jira/browse/SLING-8595?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel=17488185#comment-17488185
 ] 

Robert Munteanu commented on SLING-8595:


Any updates on this? [~joerghoh] submitted a pretty big PR and it's slowly 
drifting away due to conflicts.

> Update of sling parent pom
> --
>
> Key: SLING-8595
> URL: https://issues.apache.org/jira/browse/SLING-8595
> Project: Sling
>  Issue Type: Sub-task
>  Components: Content Distribution
>Reporter: Christian Schneider
>Assignee: Christian Schneider
>Priority: Blocker
> Fix For: Content Distribution Core 0.4.10
>
>  Time Spent: 1h
>  Remaining Estimate: 0h
>
> When running upstream modules together with sling distribution core in 
> eclipse I got issues as the outdated osgi core jar slipped into the build 
> dependencies of the upstream module.
> I found that updating the parent pom fixed the issue. 



--
This message was sent by Atlassian Jira
(v8.20.1#820001)

[GitHub] [sling-org-apache-sling-event] stefan-egli commented on pull request #16: SLING-11091: expose the number of scheduled jobs as metric

[GitBox]

stefan-egli commented on pull request #16:
URL: 
https://github.com/apache/sling-org-apache-sling-event/pull/16#issuecomment-1031597180


   +1, lgtm


-- 
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.

To unsubscribe, e-mail: dev-unsubscr...@sling.apache.org

For queries about this service, please contact Infrastructure at:
us...@infra.apache.org

[GitHub] [sling-org-apache-sling-event] stefan-egli commented on a change in pull request #16: SLING-11091: expose the number of scheduled jobs as metric

[GitBox]

stefan-egli commented on a change in pull request #16:
URL: 
https://github.com/apache/sling-org-apache-sling-event/pull/16#discussion_r800775577



##
File path: 
src/main/java/org/apache/sling/event/impl/jobs/scheduling/JobSchedulerImpl.java
##
@@ -455,6 +455,14 @@ private boolean match(final ScheduledJobInfoImpl job, 
final Map
 }
 return jobs;
 }
+
+/**
+ * Provide the total number of jobs registered in the system, irrespective 
of topics
+ * @return the total number of scheduled jobs
+ */
+public int getTotalNumberOfScheduledJobs() {
+   return this.scheduledJobs.size(); 

Review comment:
   good point, it's a bit of overly cautious to make it synchronous indeed 
.. oh well, iiuc this is mostly not synchronized unless a new schedule is added 
or removed. so it should indeed not impact noticeably




-- 
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.

To unsubscribe, e-mail: dev-unsubscr...@sling.apache.org

For queries about this service, please contact Infrastructure at:
us...@infra.apache.org

[GitHub] [sling-org-apache-sling-testing-clients] dulvac commented on a change in pull request #27: SLING-11124 - Remove Guava Dependency for CVE CVE-2018-10237 and CVE-2020-8908

[GitBox]

dulvac commented on a change in pull request #27:
URL: 
https://github.com/apache/sling-org-apache-sling-testing-clients/pull/27#discussion_r800767667



##
File path: src/main/java/org/apache/sling/testing/clients/SlingClientConfig.java
##
@@ -171,8 +170,8 @@ public Builder setUrl(String url) throws URISyntaxException 
{
 public Builder setUrl(URI url) {
 this.url = url;
 // Add / as path if none is present
-if (Strings.isNullOrEmpty(this.url.getPath()) || 
!this.url.getPath().endsWith("/")) {
-this.url = 
this.url.resolve(Strings.nullToEmpty(this.url.getPath()) + "/");
+if (StringUtils.isEmpty(this.url.getPath()) || 
!this.url.getPath().endsWith("/")) {
+this.url = this.url.resolve((this.url.getPath() == null ? "" : 
this.url.getPath()) + "/");

Review comment:
   @andreituicu can you use optionals instead?
   ```suggestion
   this.url = 
this.url.resolve(Optional.ofNullable(this.url.getPath()).orElse("") + "/");
   ```




-- 
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.

To unsubscribe, e-mail: dev-unsubscr...@sling.apache.org

For queries about this service, please contact Infrastructure at:
us...@infra.apache.org

[jira] [Commented] (SLING-11124) Remove Guava Dependency for CVE CVE-2018-10237 and CVE-2020-8908

[Andrei Tuicu (Jira)]

[ 
https://issues.apache.org/jira/browse/SLING-11124?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel=17488172#comment-17488172
 ] 

Andrei Tuicu commented on SLING-11124:
--

Created new PR to remove the dependency 
https://github.com/apache/sling-org-apache-sling-testing-clients/pull/27.

> Remove Guava Dependency for CVE CVE-2018-10237 and CVE-2020-8908
> 
>
> Key: SLING-11124
> URL: https://issues.apache.org/jira/browse/SLING-11124
> Project: Sling
>  Issue Type: Task
>  Components: Apache Sling Testing Clients
>Affects Versions: Apache Sling Testing Clients 3.0.10
>Reporter: Andrei Tuicu
>Assignee: Andrei Dulvac
>Priority: Major
> Fix For: Apache Sling Testing Clients 3.0.10
>
>  Time Spent: 40m
>  Remaining Estimate: 0h
>
> Sling testing clients are using com.google.guava guava 14.0.1 which is 
> vulnerable to CVE-2018-10237(MEDIUM) [1] and CVE-2020-8908(LOW) [2].
> Mitigation: remove the guava dependency.
> [1] https://www.cvedetails.com/cve/CVE-2018-10237/
> [2] https://www.cvedetails.com/cve/CVE-2020-8908/



--
This message was sent by Atlassian Jira
(v8.20.1#820001)

[jira] [Assigned] (SLING-11128) Escape tenant id

[Carsten Ziegeler (Jira)]

 [ 
https://issues.apache.org/jira/browse/SLING-11128?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel
 ]

Carsten Ziegeler reassigned SLING-11128:


Assignee: Carsten Ziegeler

> Escape tenant id
> 
>
> Key: SLING-11128
> URL: https://issues.apache.org/jira/browse/SLING-11128
> Project: Sling
>  Issue Type: Improvement
>  Components: General
>Affects Versions: Tenant 1.1.4
>Reporter: Carsten Ziegeler
>Assignee: Carsten Ziegeler
>Priority: Major
> Fix For: Tenant 1.1.6
>
>
> The id of a tenant is not properly escaped in all place (printForm is 
> missing). This can lead to corrupted html



--
This message was sent by Atlassian Jira
(v8.20.1#820001)

[jira] [Updated] (SLING-11124) Remove Guava Dependency for CVE CVE-2018-10237 and CVE-2020-8908

[Andrei Tuicu (Jira)]

 [ 
https://issues.apache.org/jira/browse/SLING-11124?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel
 ]

Andrei Tuicu updated SLING-11124:
-
Summary: Remove Guava Dependency for CVE CVE-2018-10237 and CVE-2020-8908  
(was: Update Guava Dependency for CVE CVE-2018-10237 and CVE-2020-8908)

> Remove Guava Dependency for CVE CVE-2018-10237 and CVE-2020-8908
> 
>
> Key: SLING-11124
> URL: https://issues.apache.org/jira/browse/SLING-11124
> Project: Sling
>  Issue Type: Task
>  Components: Apache Sling Testing Clients
>Affects Versions: Apache Sling Testing Clients 3.0.10
>Reporter: Andrei Tuicu
>Assignee: Andrei Dulvac
>Priority: Major
> Fix For: Apache Sling Testing Clients 3.0.10
>
>  Time Spent: 40m
>  Remaining Estimate: 0h
>
> Sling testing clients are using com.google.guava guava 14.0.1 which is 
> vulnerable to CVE-2018-10237(MEDIUM) [1] and CVE-2020-8908(LOW) [2].
> Mitigation: update to latest guava 31.0.1-android
> [1] https://www.cvedetails.com/cve/CVE-2018-10237/
> [2] https://www.cvedetails.com/cve/CVE-2020-8908/



--
This message was sent by Atlassian Jira
(v8.20.1#820001)

[jira] [Updated] (SLING-11124) Remove Guava Dependency for CVE CVE-2018-10237 and CVE-2020-8908

[Andrei Tuicu (Jira)]

 [ 
https://issues.apache.org/jira/browse/SLING-11124?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel
 ]

Andrei Tuicu updated SLING-11124:
-
Description: 
Sling testing clients are using com.google.guava guava 14.0.1 which is 
vulnerable to CVE-2018-10237(MEDIUM) [1] and CVE-2020-8908(LOW) [2].

Mitigation: remove the guava dependency.

[1] https://www.cvedetails.com/cve/CVE-2018-10237/
[2] https://www.cvedetails.com/cve/CVE-2020-8908/

  was:
Sling testing clients are using com.google.guava guava 14.0.1 which is 
vulnerable to CVE-2018-10237(MEDIUM) [1] and CVE-2020-8908(LOW) [2].

Mitigation: update to latest guava 31.0.1-android

[1] https://www.cvedetails.com/cve/CVE-2018-10237/
[2] https://www.cvedetails.com/cve/CVE-2020-8908/


> Remove Guava Dependency for CVE CVE-2018-10237 and CVE-2020-8908
> 
>
> Key: SLING-11124
> URL: https://issues.apache.org/jira/browse/SLING-11124
> Project: Sling
>  Issue Type: Task
>  Components: Apache Sling Testing Clients
>Affects Versions: Apache Sling Testing Clients 3.0.10
>Reporter: Andrei Tuicu
>Assignee: Andrei Dulvac
>Priority: Major
> Fix For: Apache Sling Testing Clients 3.0.10
>
>  Time Spent: 40m
>  Remaining Estimate: 0h
>
> Sling testing clients are using com.google.guava guava 14.0.1 which is 
> vulnerable to CVE-2018-10237(MEDIUM) [1] and CVE-2020-8908(LOW) [2].
> Mitigation: remove the guava dependency.
> [1] https://www.cvedetails.com/cve/CVE-2018-10237/
> [2] https://www.cvedetails.com/cve/CVE-2020-8908/



--
This message was sent by Atlassian Jira
(v8.20.1#820001)

[jira] [Created] (SLING-11128) Escape tenant id

[Carsten Ziegeler (Jira)]

Carsten Ziegeler created SLING-11128:


 Summary: Escape tenant id
 Key: SLING-11128
 URL: https://issues.apache.org/jira/browse/SLING-11128
 Project: Sling
  Issue Type: Improvement
  Components: General
Affects Versions: Tenant 1.1.4
Reporter: Carsten Ziegeler
 Fix For: Tenant 1.1.6


The id of a tenant is not properly escaped in all place (printForm is missing). 
This can lead to corrupted html



--
This message was sent by Atlassian Jira
(v8.20.1#820001)

Re: [Scripting] Bindings returning null

[Nicolas Peltier]

+1

Le lun. 7 févr. 2022 à 12:20, Stefan Seifert
 a écrit :

> i agree with your opinion, and it's backed by the spec/javadocs.
> in most cases the consumer will access the bindings from an actual script
> (e.g. HTL), and in that case it should not make any difference for them.
>
> stefan
>
> >-Original Message-
> >From: Jörg Hoh 
> >Sent: Friday, February 4, 2022 12:01 PM
> >To: Sling Developers List 
> >Subject: [Scripting] Bindings returning null
> >
> >Hi,
> >
> >I am currently working on a number of smaller performance improvements,
> and
> >I found that some BindingsValuesProvider could benefit from providings
> >lazily. In that case the binding is added, but the value is only resolved
> >when the value of the binding is actually needed, instead of resolving
> them
> >when adding the binding [1]. As these bindings are added very often, but
> >not always used, a small improvement in the area of a few hundred
> >microseconds can accumulate to a 2-digit number of milliseconds for a
> >complex request;
> >
> >The implementations of the BindingValuesProvider#addBindings() currently
> >often perform checks if the binding should be added at all. In the case of
> >a failed check the binding would not be added at all.
> > With the dynamic resolution this is hardly possible, it would defeat the
> >purpose of delaying the resolution (including these checks) to a time when
> >it's absolutely necessary. In the case of the dynamic resolution with a
> >failed check this just leaves the option to return "null" for that
> binding.
> >
> >The javax.script.Bindings#get spec [2] allows to return null in 2 cases:
> >* the mapping is not present
> >* the mapping returns a null
> >
> >So technically this change is covered by the spec, but I don't know if all
> >users of the bindings always check for null but have used some other
> >approach instead:
> >
> >if (bindings.containsKey(BINDING)) {
> >  Object o = bindings.get(BINDING);
> >  assertNotNull(o);
> >}
> >
> >which is incorrect according to the spec, but might have worked in the
> >past.
> >
> >In my opinion we should adjust these BindingsValuesProviders and require
> >the consumers of these bindings to make sure that they do the null-check
> as
> >required by the spec.
> >
> >WDYT?
> >
> >
> >Jörg
> >
> >
> >[1]
> >https://github.com/apache/sling-org-apache-sling-
>
> >api/blob/master/src/main/java/org/apache/sling/api/scripting/LazyBindings.j
> >ava
> >[2]
> >https://docs.oracle.com/javase/8/docs/api/javax/script/Bindings.html#get-
> >java.lang.Object-
> >
> >
> >--
> >Cheers,
> >Jörg Hoh,
> >
> >https://cqdump.joerghoh.de
> >Twitter: @joerghoh
>

[jira] [Resolved] (SLING-8332) Add a new MOJO which is able to detect the differences between two different versions of the same Feature Model file

[Carsten Ziegeler (Jira)]

 [ 
https://issues.apache.org/jira/browse/SLING-8332?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel
 ]

Carsten Ziegeler resolved SLING-8332.
-
Resolution: Implemented

This is already part of the maven plugin

> Add a new MOJO which is able to detect the differences between two different 
> versions of the same Feature Model file
> 
>
> Key: SLING-8332
> URL: https://issues.apache.org/jira/browse/SLING-8332
> Project: Sling
>  Issue Type: New Feature
>  Components: Feature Model, Maven Plugins and Archetypes
>Reporter: Simone Tripodi
>Assignee: Simone Tripodi
>Priority: Major
>
> I started developing, initially for the sake of satisfying my curiosity, a 
> simple (yet useful) MOJO which is able to report, in a JSON file (which 
> syntax is pretty close to the Feature Model format) the differences between 
> two different versions of the same Feature Model files.
> The MOJO tracks ATM differences between Bundles, OSGi configurations, 
> Artifacts/Text/JSON extensions, api-regions... enlisting 3 sections each:
>  * removed: items that, compared to the previous version, disappeared;
>  * added: new items not present in the previous version;
>  * updated: items that have changed since the previous version, showing the 
> diff.
> It is not complete but codebase is clean enough already to be pushed in the 
> repository.
> [~bosschaert] [~cziegeler] WDYT, is it interesting enough that can be pushed 
> in the current plugin codebase?
> TIA!



--
This message was sent by Atlassian Jira
(v8.20.1#820001)

[jira] [Resolved] (SLING-8261) Add a validator which performs syntax checks on repoinit instructions

[Carsten Ziegeler (Jira)]

 [ 
https://issues.apache.org/jira/browse/SLING-8261?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel
 ]

Carsten Ziegeler resolved SLING-8261.
-
Resolution: Not A Problem

Already implemented some time ago

> Add a validator which performs syntax checks on repoinit instructions
> -
>
> Key: SLING-8261
> URL: https://issues.apache.org/jira/browse/SLING-8261
> Project: Sling
>  Issue Type: Improvement
>  Components: Feature Model
>Reporter: Robert Munteanu
>Priority: Major
>
> It would be great to have a validator that performs to syntax checks on the 
> repoinit section of a feature model.
> This would move (some) of the runtime problems to build time.



--
This message was sent by Atlassian Jira
(v8.20.1#820001)

[jira] [Resolved] (SLING-10749) Update repoinit parser in Feature Analyser

[Carsten Ziegeler (Jira)]

 [ 
https://issues.apache.org/jira/browse/SLING-10749?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel
 ]

Carsten Ziegeler resolved SLING-10749.
--
Resolution: Not A Problem

Dependency has already been updated

> Update repoinit parser in Feature Analyser
> --
>
> Key: SLING-10749
> URL: https://issues.apache.org/jira/browse/SLING-10749
> Project: Sling
>  Issue Type: Improvement
>  Components: Feature Model Analyser
>Affects Versions: Feature Model Analyser 1.3.34
>Reporter: Bertrand Delacretaz
>Assignee: Bertrand Delacretaz
>Priority: Minor
>
> The feature analyser should be updated to the latest 
> {{org.apache.sling.repoinit.parser}} version, which is currently 1.6.10



--
This message was sent by Atlassian Jira
(v8.20.1#820001)

[CANCELLED][VOTE] Release Apache Sling Testing Clients version 3.0.8

[Andrei Dulvac]

Hi all.

Following the discussion in the comments on
https://issues.apache.org/jira/browse/SLING-11124 I decided to cancel this
release and will soon start a vote again with a new version.

- Andrei

On Mon, Feb 7, 2022 at 10:44 AM Andrei Dulvac  wrote:

> Here's my +1
> - Andrei
>
> On Fri, Feb 4, 2022 at 5:42 PM Andrei Dulvac  wrote:
>
>>
>> We solved 1 issues in this release:
>> https://issues.apache.org/jira/projects/SLING/versions/12351312
>> 
>> Staging repository:
>> https://repository.apache.org/content/repositories/orgapachesling-2593
>> 
>> You can use this UNIX script to download the release and verify the
>> signatures:
>>
>> https://gitbox.apache.org/repos/asf?p=sling-tooling-release.git;a=blob;f=check_staged_release.sh;hb=HEAD
>>
>> Usage:
>> sh check_staged_release.sh 2593 /tmp/sling-staging
>>
>> Please vote to approve this release:
>>
>>   [ ] +1 Approve the release
>>   [ ]  0 Don't care
>>   [ ] -1 Don't release, because ...
>>
>> This majority vote is open for at least 72 hours.
>>
>

[jira] [Commented] (SLING-11124) Update Guava Dependency for CVE CVE-2018-10237 and CVE-2020-8908

[Andrei Dulvac (Jira)]

[ 
https://issues.apache.org/jira/browse/SLING-11124?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel=17488087#comment-17488087
 ] 

Andrei Dulvac commented on SLING-11124:
---

bq. I prefer to rather remove that guava dependency alltogether

That actually makes sense in this particular case, I agree

> Update Guava Dependency for CVE CVE-2018-10237 and CVE-2020-8908
> 
>
> Key: SLING-11124
> URL: https://issues.apache.org/jira/browse/SLING-11124
> Project: Sling
>  Issue Type: Task
>  Components: Apache Sling Testing Clients
>Affects Versions: Apache Sling Testing Clients 3.0.8
>Reporter: Andrei Tuicu
>Assignee: Andrei Dulvac
>Priority: Major
> Fix For: Apache Sling Testing Clients 3.0.8
>
>  Time Spent: 40m
>  Remaining Estimate: 0h
>
> Sling testing clients are using com.google.guava guava 14.0.1 which is 
> vulnerable to CVE-2018-10237(MEDIUM) [1] and CVE-2020-8908(LOW) [2].
> Mitigation: update to latest guava 31.0.1-android
> [1] https://www.cvedetails.com/cve/CVE-2018-10237/
> [2] https://www.cvedetails.com/cve/CVE-2020-8908/



--
This message was sent by Atlassian Jira
(v8.20.1#820001)

[GitHub] [sling-org-apache-sling-event] sonarcloud[bot] commented on pull request #16: SLING-11091: expose the number of scheduled jobs as metric

[GitBox]

sonarcloud[bot] commented on pull request #16:
URL: 
https://github.com/apache/sling-org-apache-sling-event/pull/16#issuecomment-1031440201


   SonarCloud Quality Gate failed.  ![Quality Gate 
failed](https://sonarsource.github.io/sonarcloud-github-static-resources/v2/checks/QualityGateBadge/failed-16px.png
 'Quality Gate failed')
   
   
[![Bug](https://sonarsource.github.io/sonarcloud-github-static-resources/v2/common/bug-16px.png
 
'Bug')](https://sonarcloud.io/project/issues?id=apache_sling-org-apache-sling-event=16=false=BUG)
 
[![A](https://sonarsource.github.io/sonarcloud-github-static-resources/v2/checks/RatingBadge/A-16px.png
 
'A')](https://sonarcloud.io/project/issues?id=apache_sling-org-apache-sling-event=16=false=BUG)
 [0 
Bugs](https://sonarcloud.io/project/issues?id=apache_sling-org-apache-sling-event=16=false=BUG)
  
   
[![Vulnerability](https://sonarsource.github.io/sonarcloud-github-static-resources/v2/common/vulnerability-16px.png
 
'Vulnerability')](https://sonarcloud.io/project/issues?id=apache_sling-org-apache-sling-event=16=false=VULNERABILITY)
 
[![A](https://sonarsource.github.io/sonarcloud-github-static-resources/v2/checks/RatingBadge/A-16px.png
 
'A')](https://sonarcloud.io/project/issues?id=apache_sling-org-apache-sling-event=16=false=VULNERABILITY)
 [0 
Vulnerabilities](https://sonarcloud.io/project/issues?id=apache_sling-org-apache-sling-event=16=false=VULNERABILITY)
  
   [![Security 
Hotspot](https://sonarsource.github.io/sonarcloud-github-static-resources/v2/common/security_hotspot-16px.png
 'Security 
Hotspot')](https://sonarcloud.io/project/security_hotspots?id=apache_sling-org-apache-sling-event=16=false=SECURITY_HOTSPOT)
 
[![A](https://sonarsource.github.io/sonarcloud-github-static-resources/v2/checks/RatingBadge/A-16px.png
 
'A')](https://sonarcloud.io/project/security_hotspots?id=apache_sling-org-apache-sling-event=16=false=SECURITY_HOTSPOT)
 [0 Security 
Hotspots](https://sonarcloud.io/project/security_hotspots?id=apache_sling-org-apache-sling-event=16=false=SECURITY_HOTSPOT)
  
   [![Code 
Smell](https://sonarsource.github.io/sonarcloud-github-static-resources/v2/common/code_smell-16px.png
 'Code 
Smell')](https://sonarcloud.io/project/issues?id=apache_sling-org-apache-sling-event=16=false=CODE_SMELL)
 
[![A](https://sonarsource.github.io/sonarcloud-github-static-resources/v2/checks/RatingBadge/A-16px.png
 
'A')](https://sonarcloud.io/project/issues?id=apache_sling-org-apache-sling-event=16=false=CODE_SMELL)
 [0 Code 
Smells](https://sonarcloud.io/project/issues?id=apache_sling-org-apache-sling-event=16=false=CODE_SMELL)
   
   
[![63.6%](https://sonarsource.github.io/sonarcloud-github-static-resources/v2/checks/CoverageChart/60-16px.png
 
'63.6%')](https://sonarcloud.io/component_measures?id=apache_sling-org-apache-sling-event=16=new_coverage=list)
 [63.6% 
Coverage](https://sonarcloud.io/component_measures?id=apache_sling-org-apache-sling-event=16=new_coverage=list)
  
   
[![0.0%](https://sonarsource.github.io/sonarcloud-github-static-resources/v2/checks/Duplications/3-16px.png
 
'0.0%')](https://sonarcloud.io/component_measures?id=apache_sling-org-apache-sling-event=16=new_duplicated_lines_density=list)
 [0.0% 
Duplication](https://sonarcloud.io/component_measures?id=apache_sling-org-apache-sling-event=16=new_duplicated_lines_density=list)
   
   


-- 
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.

To unsubscribe, e-mail: dev-unsubscr...@sling.apache.org

For queries about this service, please contact Infrastructure at:
us...@infra.apache.org

[GitHub] [sling-org-apache-sling-event] sonarcloud[bot] removed a comment on pull request #16: SLING-11091: expose the number of scheduled jobs as metric

[GitBox]

sonarcloud[bot] removed a comment on pull request #16:
URL: 
https://github.com/apache/sling-org-apache-sling-event/pull/16#issuecomment-1030159426


   SonarCloud Quality Gate failed.  ![Quality Gate 
failed](https://sonarsource.github.io/sonarcloud-github-static-resources/v2/checks/QualityGateBadge/failed-16px.png
 'Quality Gate failed')
   
   
[![Bug](https://sonarsource.github.io/sonarcloud-github-static-resources/v2/common/bug-16px.png
 
'Bug')](https://sonarcloud.io/project/issues?id=apache_sling-org-apache-sling-event=16=false=BUG)
 
[![A](https://sonarsource.github.io/sonarcloud-github-static-resources/v2/checks/RatingBadge/A-16px.png
 
'A')](https://sonarcloud.io/project/issues?id=apache_sling-org-apache-sling-event=16=false=BUG)
 [0 
Bugs](https://sonarcloud.io/project/issues?id=apache_sling-org-apache-sling-event=16=false=BUG)
  
   
[![Vulnerability](https://sonarsource.github.io/sonarcloud-github-static-resources/v2/common/vulnerability-16px.png
 
'Vulnerability')](https://sonarcloud.io/project/issues?id=apache_sling-org-apache-sling-event=16=false=VULNERABILITY)
 
[![A](https://sonarsource.github.io/sonarcloud-github-static-resources/v2/checks/RatingBadge/A-16px.png
 
'A')](https://sonarcloud.io/project/issues?id=apache_sling-org-apache-sling-event=16=false=VULNERABILITY)
 [0 
Vulnerabilities](https://sonarcloud.io/project/issues?id=apache_sling-org-apache-sling-event=16=false=VULNERABILITY)
  
   [![Security 
Hotspot](https://sonarsource.github.io/sonarcloud-github-static-resources/v2/common/security_hotspot-16px.png
 'Security 
Hotspot')](https://sonarcloud.io/project/security_hotspots?id=apache_sling-org-apache-sling-event=16=false=SECURITY_HOTSPOT)
 
[![A](https://sonarsource.github.io/sonarcloud-github-static-resources/v2/checks/RatingBadge/A-16px.png
 
'A')](https://sonarcloud.io/project/security_hotspots?id=apache_sling-org-apache-sling-event=16=false=SECURITY_HOTSPOT)
 [0 Security 
Hotspots](https://sonarcloud.io/project/security_hotspots?id=apache_sling-org-apache-sling-event=16=false=SECURITY_HOTSPOT)
  
   [![Code 
Smell](https://sonarsource.github.io/sonarcloud-github-static-resources/v2/common/code_smell-16px.png
 'Code 
Smell')](https://sonarcloud.io/project/issues?id=apache_sling-org-apache-sling-event=16=false=CODE_SMELL)
 
[![A](https://sonarsource.github.io/sonarcloud-github-static-resources/v2/checks/RatingBadge/A-16px.png
 
'A')](https://sonarcloud.io/project/issues?id=apache_sling-org-apache-sling-event=16=false=CODE_SMELL)
 [0 Code 
Smells](https://sonarcloud.io/project/issues?id=apache_sling-org-apache-sling-event=16=false=CODE_SMELL)
   
   
[![70.0%](https://sonarsource.github.io/sonarcloud-github-static-resources/v2/checks/CoverageChart/60-16px.png
 
'70.0%')](https://sonarcloud.io/component_measures?id=apache_sling-org-apache-sling-event=16=new_coverage=list)
 [70.0% 
Coverage](https://sonarcloud.io/component_measures?id=apache_sling-org-apache-sling-event=16=new_coverage=list)
  
   
[![0.0%](https://sonarsource.github.io/sonarcloud-github-static-resources/v2/checks/Duplications/3-16px.png
 
'0.0%')](https://sonarcloud.io/component_measures?id=apache_sling-org-apache-sling-event=16=new_duplicated_lines_density=list)
 [0.0% 
Duplication](https://sonarcloud.io/component_measures?id=apache_sling-org-apache-sling-event=16=new_duplicated_lines_density=list)
   
   


-- 
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.

To unsubscribe, e-mail: dev-unsubscr...@sling.apache.org

For queries about this service, please contact Infrastructure at:
us...@infra.apache.org

[jira] [Updated] (SLING-11119) Optimise service retrieval for bundled scripts

[Radu Cotescu (Jira)]

 [ 
https://issues.apache.org/jira/browse/SLING-9?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel
 ]

Radu Cotescu updated SLING-9:
-
Description: The bundled scripts currently have an OSGi service cache per 
instance, however in the 
{{org.apache.sling.scripting.core.impl.bundled.ScriptContextProvider}} there's 
already a service cache per bundle context which could be reused. This would 
save significant memory in systems where there are a lot of bundled scripts.  
(was: The current implementation of 
{{org.apache.sling.scripting.sightly.impl.engine.bundled.BundledUnitManagerImpl}}
 relies on the actual {{BundledRenderUnit}} to retrieve OSGi services that are 
used by the bundled (precompiled) script. That implementation is provided by 
the 
{{org.apache.sling.scripting.core.impl.bundled.AbstractBundledRenderUnit#getService}}
 method, but, given its execution context, it has a shorter lived cache in 
which OSGi services are kept. In addition, that implementation is currently 
affected by SLING-8.

Since the 
{{org.apache.sling.scripting.core.impl.bundled.ScriptContextProvider}} service 
actually provides a {{org.apache.sling.scripting.core.ScriptHelper}} 
implementation capable of retrieving OSGi services with the correct classloader 
that provides the bundled (precompiled) script, the HTL 
{{org.apache.sling.scripting.sightly.impl.engine.extension.use.JavaUseProvider}}
 should try to use the {{ScriptHelper}} in this scenario, if one is available, 
otherwise fallback to the {{BundledRenderUnit}} like before.)

> Optimise service retrieval for bundled scripts
> --
>
> Key: SLING-9
> URL: https://issues.apache.org/jira/browse/SLING-9
> Project: Sling
>  Issue Type: Improvement
>  Components: Scripting
>Reporter: Radu Cotescu
>Assignee: Radu Cotescu
>Priority: Major
> Fix For: Scripting Core 2.4.4
>
>
> The bundled scripts currently have an OSGi service cache per instance, 
> however in the 
> {{org.apache.sling.scripting.core.impl.bundled.ScriptContextProvider}} 
> there's already a service cache per bundle context which could be reused. 
> This would save significant memory in systems where there are a lot of 
> bundled scripts.



--
This message was sent by Atlassian Jira
(v8.20.1#820001)

[jira] [Updated] (SLING-11119) Optimise service retrieval for HTL bundled scripts

[Radu Cotescu (Jira)]

 [ 
https://issues.apache.org/jira/browse/SLING-9?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel
 ]

Radu Cotescu updated SLING-9:
-
Fix Version/s: Scripting Core 2.4.4
   (was: Scripting HTL Engine 1.4.18-1.4.0)

> Optimise service retrieval for HTL bundled scripts
> --
>
> Key: SLING-9
> URL: https://issues.apache.org/jira/browse/SLING-9
> Project: Sling
>  Issue Type: Improvement
>  Components: Scripting
>Reporter: Radu Cotescu
>Assignee: Radu Cotescu
>Priority: Major
> Fix For: Scripting Core 2.4.4
>
>
> The current implementation of 
> {{org.apache.sling.scripting.sightly.impl.engine.bundled.BundledUnitManagerImpl}}
>  relies on the actual {{BundledRenderUnit}} to retrieve OSGi services that 
> are used by the bundled (precompiled) script. That implementation is provided 
> by the 
> {{org.apache.sling.scripting.core.impl.bundled.AbstractBundledRenderUnit#getService}}
>  method, but, given its execution context, it has a shorter lived cache in 
> which OSGi services are kept. In addition, that implementation is currently 
> affected by SLING-8.
> Since the 
> {{org.apache.sling.scripting.core.impl.bundled.ScriptContextProvider}} 
> service actually provides a {{org.apache.sling.scripting.core.ScriptHelper}} 
> implementation capable of retrieving OSGi services with the correct 
> classloader that provides the bundled (precompiled) script, the HTL 
> {{org.apache.sling.scripting.sightly.impl.engine.extension.use.JavaUseProvider}}
>  should try to use the {{ScriptHelper}} in this scenario, if one is 
> available, otherwise fallback to the {{BundledRenderUnit}} like before.



--
This message was sent by Atlassian Jira
(v8.20.1#820001)

[jira] [Updated] (SLING-11119) Optimise service retrieval for bundled scripts

[Radu Cotescu (Jira)]

 [ 
https://issues.apache.org/jira/browse/SLING-9?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel
 ]

Radu Cotescu updated SLING-9:
-
Summary: Optimise service retrieval for bundled scripts  (was: Optimise 
service retrieval for HTL bundled scripts)

> Optimise service retrieval for bundled scripts
> --
>
> Key: SLING-9
> URL: https://issues.apache.org/jira/browse/SLING-9
> Project: Sling
>  Issue Type: Improvement
>  Components: Scripting
>Reporter: Radu Cotescu
>Assignee: Radu Cotescu
>Priority: Major
> Fix For: Scripting Core 2.4.4
>
>
> The current implementation of 
> {{org.apache.sling.scripting.sightly.impl.engine.bundled.BundledUnitManagerImpl}}
>  relies on the actual {{BundledRenderUnit}} to retrieve OSGi services that 
> are used by the bundled (precompiled) script. That implementation is provided 
> by the 
> {{org.apache.sling.scripting.core.impl.bundled.AbstractBundledRenderUnit#getService}}
>  method, but, given its execution context, it has a shorter lived cache in 
> which OSGi services are kept. In addition, that implementation is currently 
> affected by SLING-8.
> Since the 
> {{org.apache.sling.scripting.core.impl.bundled.ScriptContextProvider}} 
> service actually provides a {{org.apache.sling.scripting.core.ScriptHelper}} 
> implementation capable of retrieving OSGi services with the correct 
> classloader that provides the bundled (precompiled) script, the HTL 
> {{org.apache.sling.scripting.sightly.impl.engine.extension.use.JavaUseProvider}}
>  should try to use the {{ScriptHelper}} in this scenario, if one is 
> available, otherwise fallback to the {{BundledRenderUnit}} like before.



--
This message was sent by Atlassian Jira
(v8.20.1#820001)

[jira] [Resolved] (SLING-11109) ResourceResolver - file name for vanity path bloom filter is misleading

[Carsten Ziegeler (Jira)]

 [ 
https://issues.apache.org/jira/browse/SLING-11109?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel
 ]

Carsten Ziegeler resolved SLING-11109.
--
Resolution: Won't Fix

> ResourceResolver - file name for vanity path bloom filter is misleading
> ---
>
> Key: SLING-11109
> URL: https://issues.apache.org/jira/browse/SLING-11109
> Project: Sling
>  Issue Type: Improvement
>  Components: ResourceResolver
>Reporter: Julian Reschke
>Priority: Minor
>  Time Spent: 10m
>  Remaining Estimate: 0h
>
> It's "vanityBloomFilter.txt", but the file is a persistested byte array.
>  
> (If we fix this, we'll have to fix documentation as well)



--
This message was sent by Atlassian Jira
(v8.20.1#820001)

[jira] [Updated] (SLING-11113) resource resolver: bloom filter might be out of sync on startup

[Julian Reschke (Jira)]

 [ 
https://issues.apache.org/jira/browse/SLING-3?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel
 ]

Julian Reschke updated SLING-3:
---
Affects Version/s: Resource Resolver 1.8.2

> resource resolver: bloom filter might be out of sync on startup
> ---
>
> Key: SLING-3
> URL: https://issues.apache.org/jira/browse/SLING-3
> Project: Sling
>  Issue Type: Bug
>  Components: ResourceResolver
>Affects Versions: Resource Resolver 1.8.2
>Reporter: Julian Reschke
>Assignee: Carsten Ziegeler
>Priority: Major
> Fix For: Resource Resolver 1.8.4
>
> Attachments: SLING-3.diff
>
>  Time Spent: 2h 40m
>  Remaining Estimate: 0h
>
> It appears that the bloom filter can be out of sync with the repo on startup.
> Upon startup, when not present, it get's created, and updated with all vanity 
> paths found in the repo. If present, it is used as is.
> So for a restart of a node, there's a time window (up to save interval of 60s 
> plus downtime) during which the addition of vanity paths will not be 
> reflected in the bloom filter.
> Now the bloom filter is only relevant if the number of vanity paths exceeds 
> the maximum number, so this problem might be hard to observe.
> AFAIU, the *intent* of persisting the bloom filter is to avoid the cost of 
> re-filling it on startup. However, we already know that *finding* the vanity 
> paths (doing the query, getting the resources and processing the properties) 
> is already costly. It's dubious that avoiding the cost if updating the filter 
> helps here.
> Proposal: get rid of the persistence of the bloom filter altogether, reducing 
> the complexity of the code significantly.
>  



--
This message was sent by Atlassian Jira
(v8.20.1#820001)

[GitHub] [sling-org-apache-sling-resourceresolver] reschke commented on pull request #60: SLING-11113: remove bloom filter persistence

[GitBox]

reschke commented on pull request #60:
URL: 
https://github.com/apache/sling-org-apache-sling-resourceresolver/pull/60#issuecomment-1031408821


   Thanks!


-- 
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.

To unsubscribe, e-mail: dev-unsubscr...@sling.apache.org

For queries about this service, please contact Infrastructure at:
us...@infra.apache.org

[jira] [Commented] (SLING-11113) resource resolver: bloom filter might be out of sync on startup

[Carsten Ziegeler (Jira)]

[ 
https://issues.apache.org/jira/browse/SLING-3?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel=17488057#comment-17488057
 ] 

Carsten Ziegeler commented on SLING-3:
--

Applied PR to site: https://github.com/apache/sling-site/pull/81

Thanks [~reschke]

> resource resolver: bloom filter might be out of sync on startup
> ---
>
> Key: SLING-3
> URL: https://issues.apache.org/jira/browse/SLING-3
> Project: Sling
>  Issue Type: Bug
>  Components: ResourceResolver
>Reporter: Julian Reschke
>Assignee: Carsten Ziegeler
>Priority: Major
> Fix For: Resource Resolver 1.8.4
>
> Attachments: SLING-3.diff
>
>  Time Spent: 2.5h
>  Remaining Estimate: 0h
>
> It appears that the bloom filter can be out of sync with the repo on startup.
> Upon startup, when not present, it get's created, and updated with all vanity 
> paths found in the repo. If present, it is used as is.
> So for a restart of a node, there's a time window (up to save interval of 60s 
> plus downtime) during which the addition of vanity paths will not be 
> reflected in the bloom filter.
> Now the bloom filter is only relevant if the number of vanity paths exceeds 
> the maximum number, so this problem might be hard to observe.
> AFAIU, the *intent* of persisting the bloom filter is to avoid the cost of 
> re-filling it on startup. However, we already know that *finding* the vanity 
> paths (doing the query, getting the resources and processing the properties) 
> is already costly. It's dubious that avoiding the cost if updating the filter 
> helps here.
> Proposal: get rid of the persistence of the bloom filter altogether, reducing 
> the complexity of the code significantly.
>  



--
This message was sent by Atlassian Jira
(v8.20.1#820001)

[jira] [Resolved] (SLING-11113) resource resolver: bloom filter might be out of sync on startup

[Carsten Ziegeler (Jira)]

 [ 
https://issues.apache.org/jira/browse/SLING-3?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel
 ]

Carsten Ziegeler resolved SLING-3.
--
Resolution: Fixed

> resource resolver: bloom filter might be out of sync on startup
> ---
>
> Key: SLING-3
> URL: https://issues.apache.org/jira/browse/SLING-3
> Project: Sling
>  Issue Type: Bug
>  Components: ResourceResolver
>Reporter: Julian Reschke
>Assignee: Carsten Ziegeler
>Priority: Major
> Fix For: Resource Resolver 1.8.4
>
> Attachments: SLING-3.diff
>
>  Time Spent: 2.5h
>  Remaining Estimate: 0h
>
> It appears that the bloom filter can be out of sync with the repo on startup.
> Upon startup, when not present, it get's created, and updated with all vanity 
> paths found in the repo. If present, it is used as is.
> So for a restart of a node, there's a time window (up to save interval of 60s 
> plus downtime) during which the addition of vanity paths will not be 
> reflected in the bloom filter.
> Now the bloom filter is only relevant if the number of vanity paths exceeds 
> the maximum number, so this problem might be hard to observe.
> AFAIU, the *intent* of persisting the bloom filter is to avoid the cost of 
> re-filling it on startup. However, we already know that *finding* the vanity 
> paths (doing the query, getting the resources and processing the properties) 
> is already costly. It's dubious that avoiding the cost if updating the filter 
> helps here.
> Proposal: get rid of the persistence of the bloom filter altogether, reducing 
> the complexity of the code significantly.
>  



--
This message was sent by Atlassian Jira
(v8.20.1#820001)

[GitHub] [sling-site] cziegeler merged pull request #81: Remove mention of persisted bloom filter

[GitBox]

cziegeler merged pull request #81:
URL: https://github.com/apache/sling-site/pull/81


   


-- 
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.

To unsubscribe, e-mail: dev-unsubscr...@sling.apache.org

For queries about this service, please contact Infrastructure at:
us...@infra.apache.org

[GitHub] [sling-org-apache-sling-resourceresolver] cziegeler merged pull request #60: SLING-11113: remove bloom filter persistence

[GitBox]

cziegeler merged pull request #60:
URL: https://github.com/apache/sling-org-apache-sling-resourceresolver/pull/60


   


-- 
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.

To unsubscribe, e-mail: dev-unsubscr...@sling.apache.org

For queries about this service, please contact Infrastructure at:
us...@infra.apache.org

[jira] [Updated] (SLING-11113) resource resolver: bloom filter might be out of sync on startup

[Carsten Ziegeler (Jira)]

 [ 
https://issues.apache.org/jira/browse/SLING-3?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel
 ]

Carsten Ziegeler updated SLING-3:
-
Fix Version/s: Resource Resolver 1.8.4

> resource resolver: bloom filter might be out of sync on startup
> ---
>
> Key: SLING-3
> URL: https://issues.apache.org/jira/browse/SLING-3
> Project: Sling
>  Issue Type: Bug
>  Components: ResourceResolver
>Reporter: Julian Reschke
>Assignee: Carsten Ziegeler
>Priority: Major
> Fix For: Resource Resolver 1.8.4
>
> Attachments: SLING-3.diff
>
>  Time Spent: 2h
>  Remaining Estimate: 0h
>
> It appears that the bloom filter can be out of sync with the repo on startup.
> Upon startup, when not present, it get's created, and updated with all vanity 
> paths found in the repo. If present, it is used as is.
> So for a restart of a node, there's a time window (up to save interval of 60s 
> plus downtime) during which the addition of vanity paths will not be 
> reflected in the bloom filter.
> Now the bloom filter is only relevant if the number of vanity paths exceeds 
> the maximum number, so this problem might be hard to observe.
> AFAIU, the *intent* of persisting the bloom filter is to avoid the cost of 
> re-filling it on startup. However, we already know that *finding* the vanity 
> paths (doing the query, getting the resources and processing the properties) 
> is already costly. It's dubious that avoiding the cost if updating the filter 
> helps here.
> Proposal: get rid of the persistence of the bloom filter altogether, reducing 
> the complexity of the code significantly.
>  



--
This message was sent by Atlassian Jira
(v8.20.1#820001)

[GitHub] [sling-org-apache-sling-resourceresolver] sonarcloud[bot] removed a comment on pull request #60: SLING-11113: remove bloom filter persistence

[GitBox]

sonarcloud[bot] removed a comment on pull request #60:
URL: 
https://github.com/apache/sling-org-apache-sling-resourceresolver/pull/60#issuecomment-1031377129


   SonarCloud Quality Gate failed.  ![Quality Gate 
failed](https://sonarsource.github.io/sonarcloud-github-static-resources/v2/checks/QualityGateBadge/failed-16px.png
 'Quality Gate failed')
   
   
[![Bug](https://sonarsource.github.io/sonarcloud-github-static-resources/v2/common/bug-16px.png
 
'Bug')](https://sonarcloud.io/project/issues?id=apache_sling-org-apache-sling-resourceresolver=60=false=BUG)
 
[![A](https://sonarsource.github.io/sonarcloud-github-static-resources/v2/checks/RatingBadge/A-16px.png
 
'A')](https://sonarcloud.io/project/issues?id=apache_sling-org-apache-sling-resourceresolver=60=false=BUG)
 [0 
Bugs](https://sonarcloud.io/project/issues?id=apache_sling-org-apache-sling-resourceresolver=60=false=BUG)
  
   
[![Vulnerability](https://sonarsource.github.io/sonarcloud-github-static-resources/v2/common/vulnerability-16px.png
 
'Vulnerability')](https://sonarcloud.io/project/issues?id=apache_sling-org-apache-sling-resourceresolver=60=false=VULNERABILITY)
 
[![A](https://sonarsource.github.io/sonarcloud-github-static-resources/v2/checks/RatingBadge/A-16px.png
 
'A')](https://sonarcloud.io/project/issues?id=apache_sling-org-apache-sling-resourceresolver=60=false=VULNERABILITY)
 [0 
Vulnerabilities](https://sonarcloud.io/project/issues?id=apache_sling-org-apache-sling-resourceresolver=60=false=VULNERABILITY)
  
   [![Security 
Hotspot](https://sonarsource.github.io/sonarcloud-github-static-resources/v2/common/security_hotspot-16px.png
 'Security 
Hotspot')](https://sonarcloud.io/project/security_hotspots?id=apache_sling-org-apache-sling-resourceresolver=60=false=SECURITY_HOTSPOT)
 
[![A](https://sonarsource.github.io/sonarcloud-github-static-resources/v2/checks/RatingBadge/A-16px.png
 
'A')](https://sonarcloud.io/project/security_hotspots?id=apache_sling-org-apache-sling-resourceresolver=60=false=SECURITY_HOTSPOT)
 [0 Security 
Hotspots](https://sonarcloud.io/project/security_hotspots?id=apache_sling-org-apache-sling-resourceresolver=60=false=SECURITY_HOTSPOT)
  
   [![Code 
Smell](https://sonarsource.github.io/sonarcloud-github-static-resources/v2/common/code_smell-16px.png
 'Code 
Smell')](https://sonarcloud.io/project/issues?id=apache_sling-org-apache-sling-resourceresolver=60=false=CODE_SMELL)
 
[![B](https://sonarsource.github.io/sonarcloud-github-static-resources/v2/checks/RatingBadge/B-16px.png
 
'B')](https://sonarcloud.io/project/issues?id=apache_sling-org-apache-sling-resourceresolver=60=false=CODE_SMELL)
 [2 Code 
Smells](https://sonarcloud.io/project/issues?id=apache_sling-org-apache-sling-resourceresolver=60=false=CODE_SMELL)
   
   
[![85.7%](https://sonarsource.github.io/sonarcloud-github-static-resources/v2/checks/CoverageChart/60-16px.png
 
'85.7%')](https://sonarcloud.io/component_measures?id=apache_sling-org-apache-sling-resourceresolver=60=new_coverage=list)
 [85.7% 
Coverage](https://sonarcloud.io/component_measures?id=apache_sling-org-apache-sling-resourceresolver=60=new_coverage=list)
  
   
[![0.0%](https://sonarsource.github.io/sonarcloud-github-static-resources/v2/checks/Duplications/3-16px.png
 
'0.0%')](https://sonarcloud.io/component_measures?id=apache_sling-org-apache-sling-resourceresolver=60=new_duplicated_lines_density=list)
 [0.0% 
Duplication](https://sonarcloud.io/component_measures?id=apache_sling-org-apache-sling-resourceresolver=60=new_duplicated_lines_density=list)
   
   


-- 
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.

To unsubscribe, e-mail: dev-unsubscr...@sling.apache.org

For queries about this service, please contact Infrastructure at:
us...@infra.apache.org

[GitHub] [sling-org-apache-sling-resourceresolver] sonarcloud[bot] commented on pull request #60: SLING-11113: remove bloom filter persistence

[GitBox]

sonarcloud[bot] commented on pull request #60:
URL: 
https://github.com/apache/sling-org-apache-sling-resourceresolver/pull/60#issuecomment-1031402589


   SonarCloud Quality Gate failed.  ![Quality Gate 
failed](https://sonarsource.github.io/sonarcloud-github-static-resources/v2/checks/QualityGateBadge/failed-16px.png
 'Quality Gate failed')
   
   
[![Bug](https://sonarsource.github.io/sonarcloud-github-static-resources/v2/common/bug-16px.png
 
'Bug')](https://sonarcloud.io/project/issues?id=apache_sling-org-apache-sling-resourceresolver=60=false=BUG)
 
[![A](https://sonarsource.github.io/sonarcloud-github-static-resources/v2/checks/RatingBadge/A-16px.png
 
'A')](https://sonarcloud.io/project/issues?id=apache_sling-org-apache-sling-resourceresolver=60=false=BUG)
 [0 
Bugs](https://sonarcloud.io/project/issues?id=apache_sling-org-apache-sling-resourceresolver=60=false=BUG)
  
   
[![Vulnerability](https://sonarsource.github.io/sonarcloud-github-static-resources/v2/common/vulnerability-16px.png
 
'Vulnerability')](https://sonarcloud.io/project/issues?id=apache_sling-org-apache-sling-resourceresolver=60=false=VULNERABILITY)
 
[![A](https://sonarsource.github.io/sonarcloud-github-static-resources/v2/checks/RatingBadge/A-16px.png
 
'A')](https://sonarcloud.io/project/issues?id=apache_sling-org-apache-sling-resourceresolver=60=false=VULNERABILITY)
 [0 
Vulnerabilities](https://sonarcloud.io/project/issues?id=apache_sling-org-apache-sling-resourceresolver=60=false=VULNERABILITY)
  
   [![Security 
Hotspot](https://sonarsource.github.io/sonarcloud-github-static-resources/v2/common/security_hotspot-16px.png
 'Security 
Hotspot')](https://sonarcloud.io/project/security_hotspots?id=apache_sling-org-apache-sling-resourceresolver=60=false=SECURITY_HOTSPOT)
 
[![A](https://sonarsource.github.io/sonarcloud-github-static-resources/v2/checks/RatingBadge/A-16px.png
 
'A')](https://sonarcloud.io/project/security_hotspots?id=apache_sling-org-apache-sling-resourceresolver=60=false=SECURITY_HOTSPOT)
 [0 Security 
Hotspots](https://sonarcloud.io/project/security_hotspots?id=apache_sling-org-apache-sling-resourceresolver=60=false=SECURITY_HOTSPOT)
  
   [![Code 
Smell](https://sonarsource.github.io/sonarcloud-github-static-resources/v2/common/code_smell-16px.png
 'Code 
Smell')](https://sonarcloud.io/project/issues?id=apache_sling-org-apache-sling-resourceresolver=60=false=CODE_SMELL)
 
[![B](https://sonarsource.github.io/sonarcloud-github-static-resources/v2/checks/RatingBadge/B-16px.png
 
'B')](https://sonarcloud.io/project/issues?id=apache_sling-org-apache-sling-resourceresolver=60=false=CODE_SMELL)
 [2 Code 
Smells](https://sonarcloud.io/project/issues?id=apache_sling-org-apache-sling-resourceresolver=60=false=CODE_SMELL)
   
   
[![85.7%](https://sonarsource.github.io/sonarcloud-github-static-resources/v2/checks/CoverageChart/60-16px.png
 
'85.7%')](https://sonarcloud.io/component_measures?id=apache_sling-org-apache-sling-resourceresolver=60=new_coverage=list)
 [85.7% 
Coverage](https://sonarcloud.io/component_measures?id=apache_sling-org-apache-sling-resourceresolver=60=new_coverage=list)
  
   
[![0.0%](https://sonarsource.github.io/sonarcloud-github-static-resources/v2/checks/Duplications/3-16px.png
 
'0.0%')](https://sonarcloud.io/component_measures?id=apache_sling-org-apache-sling-resourceresolver=60=new_duplicated_lines_density=list)
 [0.0% 
Duplication](https://sonarcloud.io/component_measures?id=apache_sling-org-apache-sling-resourceresolver=60=new_duplicated_lines_density=list)
   
   


-- 
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.

To unsubscribe, e-mail: dev-unsubscr...@sling.apache.org

For queries about this service, please contact Infrastructure at:
us...@infra.apache.org

[jira] [Assigned] (SLING-11113) resource resolver: bloom filter might be out of sync on startup

[Carsten Ziegeler (Jira)]

 [ 
https://issues.apache.org/jira/browse/SLING-3?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel
 ]

Carsten Ziegeler reassigned SLING-3:


Assignee: Carsten Ziegeler

> resource resolver: bloom filter might be out of sync on startup
> ---
>
> Key: SLING-3
> URL: https://issues.apache.org/jira/browse/SLING-3
> Project: Sling
>  Issue Type: Bug
>  Components: ResourceResolver
>Reporter: Julian Reschke
>Assignee: Carsten Ziegeler
>Priority: Major
> Attachments: SLING-3.diff
>
>  Time Spent: 2h
>  Remaining Estimate: 0h
>
> It appears that the bloom filter can be out of sync with the repo on startup.
> Upon startup, when not present, it get's created, and updated with all vanity 
> paths found in the repo. If present, it is used as is.
> So for a restart of a node, there's a time window (up to save interval of 60s 
> plus downtime) during which the addition of vanity paths will not be 
> reflected in the bloom filter.
> Now the bloom filter is only relevant if the number of vanity paths exceeds 
> the maximum number, so this problem might be hard to observe.
> AFAIU, the *intent* of persisting the bloom filter is to avoid the cost of 
> re-filling it on startup. However, we already know that *finding* the vanity 
> paths (doing the query, getting the resources and processing the properties) 
> is already costly. It's dubious that avoiding the cost if updating the filter 
> helps here.
> Proposal: get rid of the persistence of the bloom filter altogether, reducing 
> the complexity of the code significantly.
>  



--
This message was sent by Atlassian Jira
(v8.20.1#820001)

[GitHub] [sling-org-apache-sling-resourceresolver] reschke commented on a change in pull request #60: SLING-11113: remove bloom filter persistence

[GitBox]

reschke commented on a change in pull request #60:
URL: 
https://github.com/apache/sling-org-apache-sling-resourceresolver/pull/60#discussion_r800593361



##
File path: 
src/main/java/org/apache/sling/resourceresolver/impl/mapping/MapEntries.java
##
@@ -146,14 +138,10 @@
 
 private final AtomicLong vanityCounter;
 
-private final File vanityBloomFilterFile;
-
 private byte[] vanityBloomFilter;
 
 private Timer timer;

Review comment:
   gone it is




-- 
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.

To unsubscribe, e-mail: dev-unsubscr...@sling.apache.org

For queries about this service, please contact Infrastructure at:
us...@infra.apache.org

[GitHub] [sling-org-apache-sling-resourceresolver] reschke commented on a change in pull request #60: SLING-11113: remove bloom filter persistence

[GitBox]

reschke commented on a change in pull request #60:
URL: 
https://github.com/apache/sling-org-apache-sling-resourceresolver/pull/60#discussion_r800591372



##
File path: 
src/main/java/org/apache/sling/resourceresolver/impl/mapping/MapEntries.java
##
@@ -146,14 +138,10 @@
 
 private final AtomicLong vanityCounter;
 
-private final File vanityBloomFilterFile;
-
 private byte[] vanityBloomFilter;
 
 private Timer timer;

Review comment:
   good q
   




-- 
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.

To unsubscribe, e-mail: dev-unsubscr...@sling.apache.org

For queries about this service, please contact Infrastructure at:
us...@infra.apache.org

[GitHub] [sling-org-apache-sling-resourceresolver] cziegeler commented on a change in pull request #60: SLING-11113: remove bloom filter persistence

[GitBox]

cziegeler commented on a change in pull request #60:
URL: 
https://github.com/apache/sling-org-apache-sling-resourceresolver/pull/60#discussion_r800590549



##
File path: 
src/main/java/org/apache/sling/resourceresolver/impl/mapping/MapEntries.java
##
@@ -146,14 +138,10 @@
 
 private final AtomicLong vanityCounter;
 
-private final File vanityBloomFilterFile;
-
 private byte[] vanityBloomFilter;
 
 private Timer timer;

Review comment:
   Is the timer still needed?




-- 
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.

To unsubscribe, e-mail: dev-unsubscr...@sling.apache.org

For queries about this service, please contact Infrastructure at:
us...@infra.apache.org

[GitHub] [sling-site] reschke opened a new pull request #81: Remove mention of persisted bloom filter

[GitBox]

reschke opened a new pull request #81:
URL: https://github.com/apache/sling-site/pull/81


   (see https://issues.apache.org/jira/browse/SLING-3)


-- 
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.

To unsubscribe, e-mail: dev-unsubscr...@sling.apache.org

For queries about this service, please contact Infrastructure at:
us...@infra.apache.org

[GitHub] [sling-org-apache-sling-event] joerghoh commented on a change in pull request #16: SLING-11091: expose the number of scheduled jobs as metric

[GitBox]

joerghoh commented on a change in pull request #16:
URL: 
https://github.com/apache/sling-org-apache-sling-event/pull/16#discussion_r800581276



##
File path: src/main/java/org/apache/sling/event/impl/jobs/JobManagerImpl.java
##
@@ -91,6 +95,8 @@
 })
 public class JobManagerImpl
 implements JobManager, EventHandler, Runnable {
+
+private static final String GAUGE_TOTAL_SCHEDULED_JOBS = 
"totalScheduledJobs";

Review comment:
   sounds good, will change it to ```event.scheduledJobs.count```.




-- 
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.

To unsubscribe, e-mail: dev-unsubscr...@sling.apache.org

For queries about this service, please contact Infrastructure at:
us...@infra.apache.org

[GitHub] [sling-org-apache-sling-event] joerghoh commented on a change in pull request #16: SLING-11091: expose the number of scheduled jobs as metric

[GitBox]

joerghoh commented on a change in pull request #16:
URL: 
https://github.com/apache/sling-org-apache-sling-event/pull/16#discussion_r800580337



##
File path: 
src/main/java/org/apache/sling/event/impl/jobs/scheduling/JobSchedulerImpl.java
##
@@ -455,6 +455,14 @@ private boolean match(final ScheduledJobInfoImpl job, 
final Map
 }
 return jobs;
 }
+
+/**
+ * Provide the total number of jobs registered in the system, irrespective 
of topics
+ * @return the total number of scheduled jobs
+ */
+public int getTotalNumberOfScheduledJobs() {
+   return this.scheduledJobs.size(); 

Review comment:
   sure, to deliver precise results it would need synchronization. But this 
is "just" metrics, so not always 100% accurate would be totally ok.
   On the other hand I the overhead is probably very minor, because it is 
expected that this map does not change a lot.
   
   I will add this synchronization.




-- 
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.

To unsubscribe, e-mail: dev-unsubscr...@sling.apache.org

For queries about this service, please contact Infrastructure at:
us...@infra.apache.org

[GitHub] [sling-org-apache-sling-event] stefan-egli commented on a change in pull request #16: SLING-11091: expose the number of scheduled jobs as metric

[GitBox]

stefan-egli commented on a change in pull request #16:
URL: 
https://github.com/apache/sling-org-apache-sling-event/pull/16#discussion_r800572442



##
File path: 
src/main/java/org/apache/sling/event/impl/jobs/scheduling/JobSchedulerImpl.java
##
@@ -455,6 +455,14 @@ private boolean match(final ScheduledJobInfoImpl job, 
final Map
 }
 return jobs;
 }
+
+/**
+ * Provide the total number of jobs registered in the system, irrespective 
of topics
+ * @return the total number of scheduled jobs
+ */
+public int getTotalNumberOfScheduledJobs() {
+   return this.scheduledJobs.size(); 

Review comment:
   synchronized ( this.scheduledJobs ) {
   return this.scheduledJobs.size();
   }

##
File path: src/main/java/org/apache/sling/event/impl/jobs/JobManagerImpl.java
##
@@ -91,6 +95,8 @@
 })
 public class JobManagerImpl
 implements JobManager, EventHandler, Runnable {
+
+private static final String GAUGE_TOTAL_SCHEDULED_JOBS = 
"totalScheduledJobs";

Review comment:
   regarding the naming here, I was wondering if we should prefix similar 
to the 
[GAUGE_PREFIX](https://github.com/apache/sling-org-apache-sling-event/blob/master/src/main/java/org/apache/sling/event/impl/jobs/stats/GaugeSupport.java#L35)
 - or maybe a sibling `"event.scheduledjobs"` to avoid any chance of naming 
conflict?

##
File path: 
src/main/java/org/apache/sling/event/impl/jobs/scheduling/JobSchedulerImpl.java
##
@@ -455,6 +455,14 @@ private boolean match(final ScheduledJobInfoImpl job, 
final Map
 }
 return jobs;
 }
+
+/**
+ * Provide the total number of jobs registered in the system, irrespective 
of topics
+ * @return the total number of scheduled jobs
+ */
+public int getTotalNumberOfScheduledJobs() {
+   return this.scheduledJobs.size(); 

Review comment:
   I think the above needs synchronized protection. Which is somewhat of a 
performance hit, but I think that's reasonable (unless we'd rewrite it to be a 
ConcurrentHashMap)




-- 
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.

To unsubscribe, e-mail: dev-unsubscr...@sling.apache.org

For queries about this service, please contact Infrastructure at:
us...@infra.apache.org

[GitHub] [sling-org-apache-sling-resourceresolver] sonarcloud[bot] removed a comment on pull request #60: SLING-11113: remove bloom filter persistence

[GitBox]

sonarcloud[bot] removed a comment on pull request #60:
URL: 
https://github.com/apache/sling-org-apache-sling-resourceresolver/pull/60#issuecomment-1031373975


   SonarCloud Quality Gate failed.  ![Quality Gate 
failed](https://sonarsource.github.io/sonarcloud-github-static-resources/v2/checks/QualityGateBadge/failed-16px.png
 'Quality Gate failed')
   
   
[![Bug](https://sonarsource.github.io/sonarcloud-github-static-resources/v2/common/bug-16px.png
 
'Bug')](https://sonarcloud.io/project/issues?id=apache_sling-org-apache-sling-resourceresolver=60=false=BUG)
 
[![A](https://sonarsource.github.io/sonarcloud-github-static-resources/v2/checks/RatingBadge/A-16px.png
 
'A')](https://sonarcloud.io/project/issues?id=apache_sling-org-apache-sling-resourceresolver=60=false=BUG)
 [0 
Bugs](https://sonarcloud.io/project/issues?id=apache_sling-org-apache-sling-resourceresolver=60=false=BUG)
  
   
[![Vulnerability](https://sonarsource.github.io/sonarcloud-github-static-resources/v2/common/vulnerability-16px.png
 
'Vulnerability')](https://sonarcloud.io/project/issues?id=apache_sling-org-apache-sling-resourceresolver=60=false=VULNERABILITY)
 
[![A](https://sonarsource.github.io/sonarcloud-github-static-resources/v2/checks/RatingBadge/A-16px.png
 
'A')](https://sonarcloud.io/project/issues?id=apache_sling-org-apache-sling-resourceresolver=60=false=VULNERABILITY)
 [0 
Vulnerabilities](https://sonarcloud.io/project/issues?id=apache_sling-org-apache-sling-resourceresolver=60=false=VULNERABILITY)
  
   [![Security 
Hotspot](https://sonarsource.github.io/sonarcloud-github-static-resources/v2/common/security_hotspot-16px.png
 'Security 
Hotspot')](https://sonarcloud.io/project/security_hotspots?id=apache_sling-org-apache-sling-resourceresolver=60=false=SECURITY_HOTSPOT)
 
[![A](https://sonarsource.github.io/sonarcloud-github-static-resources/v2/checks/RatingBadge/A-16px.png
 
'A')](https://sonarcloud.io/project/security_hotspots?id=apache_sling-org-apache-sling-resourceresolver=60=false=SECURITY_HOTSPOT)
 [0 Security 
Hotspots](https://sonarcloud.io/project/security_hotspots?id=apache_sling-org-apache-sling-resourceresolver=60=false=SECURITY_HOTSPOT)
  
   [![Code 
Smell](https://sonarsource.github.io/sonarcloud-github-static-resources/v2/common/code_smell-16px.png
 'Code 
Smell')](https://sonarcloud.io/project/issues?id=apache_sling-org-apache-sling-resourceresolver=60=false=CODE_SMELL)
 
[![B](https://sonarsource.github.io/sonarcloud-github-static-resources/v2/checks/RatingBadge/B-16px.png
 
'B')](https://sonarcloud.io/project/issues?id=apache_sling-org-apache-sling-resourceresolver=60=false=CODE_SMELL)
 [2 Code 
Smells](https://sonarcloud.io/project/issues?id=apache_sling-org-apache-sling-resourceresolver=60=false=CODE_SMELL)
   
   
[![85.7%](https://sonarsource.github.io/sonarcloud-github-static-resources/v2/checks/CoverageChart/60-16px.png
 
'85.7%')](https://sonarcloud.io/component_measures?id=apache_sling-org-apache-sling-resourceresolver=60=new_coverage=list)
 [85.7% 
Coverage](https://sonarcloud.io/component_measures?id=apache_sling-org-apache-sling-resourceresolver=60=new_coverage=list)
  
   
[![0.0%](https://sonarsource.github.io/sonarcloud-github-static-resources/v2/checks/Duplications/3-16px.png
 
'0.0%')](https://sonarcloud.io/component_measures?id=apache_sling-org-apache-sling-resourceresolver=60=new_duplicated_lines_density=list)
 [0.0% 
Duplication](https://sonarcloud.io/component_measures?id=apache_sling-org-apache-sling-resourceresolver=60=new_duplicated_lines_density=list)
   
   


-- 
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.

To unsubscribe, e-mail: dev-unsubscr...@sling.apache.org

For queries about this service, please contact Infrastructure at:
us...@infra.apache.org

[GitHub] [sling-org-apache-sling-resourceresolver] sonarcloud[bot] commented on pull request #60: SLING-11113: remove bloom filter persistence

[GitBox]

sonarcloud[bot] commented on pull request #60:
URL: 
https://github.com/apache/sling-org-apache-sling-resourceresolver/pull/60#issuecomment-1031377129


   SonarCloud Quality Gate failed.  ![Quality Gate 
failed](https://sonarsource.github.io/sonarcloud-github-static-resources/v2/checks/QualityGateBadge/failed-16px.png
 'Quality Gate failed')
   
   
[![Bug](https://sonarsource.github.io/sonarcloud-github-static-resources/v2/common/bug-16px.png
 
'Bug')](https://sonarcloud.io/project/issues?id=apache_sling-org-apache-sling-resourceresolver=60=false=BUG)
 
[![A](https://sonarsource.github.io/sonarcloud-github-static-resources/v2/checks/RatingBadge/A-16px.png
 
'A')](https://sonarcloud.io/project/issues?id=apache_sling-org-apache-sling-resourceresolver=60=false=BUG)
 [0 
Bugs](https://sonarcloud.io/project/issues?id=apache_sling-org-apache-sling-resourceresolver=60=false=BUG)
  
   
[![Vulnerability](https://sonarsource.github.io/sonarcloud-github-static-resources/v2/common/vulnerability-16px.png
 
'Vulnerability')](https://sonarcloud.io/project/issues?id=apache_sling-org-apache-sling-resourceresolver=60=false=VULNERABILITY)
 
[![A](https://sonarsource.github.io/sonarcloud-github-static-resources/v2/checks/RatingBadge/A-16px.png
 
'A')](https://sonarcloud.io/project/issues?id=apache_sling-org-apache-sling-resourceresolver=60=false=VULNERABILITY)
 [0 
Vulnerabilities](https://sonarcloud.io/project/issues?id=apache_sling-org-apache-sling-resourceresolver=60=false=VULNERABILITY)
  
   [![Security 
Hotspot](https://sonarsource.github.io/sonarcloud-github-static-resources/v2/common/security_hotspot-16px.png
 'Security 
Hotspot')](https://sonarcloud.io/project/security_hotspots?id=apache_sling-org-apache-sling-resourceresolver=60=false=SECURITY_HOTSPOT)
 
[![A](https://sonarsource.github.io/sonarcloud-github-static-resources/v2/checks/RatingBadge/A-16px.png
 
'A')](https://sonarcloud.io/project/security_hotspots?id=apache_sling-org-apache-sling-resourceresolver=60=false=SECURITY_HOTSPOT)
 [0 Security 
Hotspots](https://sonarcloud.io/project/security_hotspots?id=apache_sling-org-apache-sling-resourceresolver=60=false=SECURITY_HOTSPOT)
  
   [![Code 
Smell](https://sonarsource.github.io/sonarcloud-github-static-resources/v2/common/code_smell-16px.png
 'Code 
Smell')](https://sonarcloud.io/project/issues?id=apache_sling-org-apache-sling-resourceresolver=60=false=CODE_SMELL)
 
[![B](https://sonarsource.github.io/sonarcloud-github-static-resources/v2/checks/RatingBadge/B-16px.png
 
'B')](https://sonarcloud.io/project/issues?id=apache_sling-org-apache-sling-resourceresolver=60=false=CODE_SMELL)
 [2 Code 
Smells](https://sonarcloud.io/project/issues?id=apache_sling-org-apache-sling-resourceresolver=60=false=CODE_SMELL)
   
   
[![85.7%](https://sonarsource.github.io/sonarcloud-github-static-resources/v2/checks/CoverageChart/60-16px.png
 
'85.7%')](https://sonarcloud.io/component_measures?id=apache_sling-org-apache-sling-resourceresolver=60=new_coverage=list)
 [85.7% 
Coverage](https://sonarcloud.io/component_measures?id=apache_sling-org-apache-sling-resourceresolver=60=new_coverage=list)
  
   
[![0.0%](https://sonarsource.github.io/sonarcloud-github-static-resources/v2/checks/Duplications/3-16px.png
 
'0.0%')](https://sonarcloud.io/component_measures?id=apache_sling-org-apache-sling-resourceresolver=60=new_duplicated_lines_density=list)
 [0.0% 
Duplication](https://sonarcloud.io/component_measures?id=apache_sling-org-apache-sling-resourceresolver=60=new_duplicated_lines_density=list)
   
   


-- 
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.

To unsubscribe, e-mail: dev-unsubscr...@sling.apache.org

For queries about this service, please contact Infrastructure at:
us...@infra.apache.org

[jira] [Commented] (SLING-11113) resource resolver: bloom filter might be out of sync on startup

[Julian Reschke (Jira)]

[ 
https://issues.apache.org/jira/browse/SLING-3?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel=17488051#comment-17488051
 ] 

Julian Reschke commented on SLING-3:


There's probably a place in the documentation that talks about bloom filter 
persistence we'd need to update as well (pointers appreciated)

> resource resolver: bloom filter might be out of sync on startup
> ---
>
> Key: SLING-3
> URL: https://issues.apache.org/jira/browse/SLING-3
> Project: Sling
>  Issue Type: Bug
>  Components: ResourceResolver
>Reporter: Julian Reschke
>Priority: Major
> Attachments: SLING-3.diff
>
>  Time Spent: 1h 10m
>  Remaining Estimate: 0h
>
> It appears that the bloom filter can be out of sync with the repo on startup.
> Upon startup, when not present, it get's created, and updated with all vanity 
> paths found in the repo. If present, it is used as is.
> So for a restart of a node, there's a time window (up to save interval of 60s 
> plus downtime) during which the addition of vanity paths will not be 
> reflected in the bloom filter.
> Now the bloom filter is only relevant if the number of vanity paths exceeds 
> the maximum number, so this problem might be hard to observe.
> AFAIU, the *intent* of persisting the bloom filter is to avoid the cost of 
> re-filling it on startup. However, we already know that *finding* the vanity 
> paths (doing the query, getting the resources and processing the properties) 
> is already costly. It's dubious that avoiding the cost if updating the filter 
> helps here.
> Proposal: get rid of the persistence of the bloom filter altogether, reducing 
> the complexity of the code significantly.
>  



--
This message was sent by Atlassian Jira
(v8.20.1#820001)

[GitHub] [sling-org-apache-sling-resourceresolver] sonarcloud[bot] commented on pull request #60: SLING-11113: remove bloom filter persistence

[GitBox]

sonarcloud[bot] commented on pull request #60:
URL: 
https://github.com/apache/sling-org-apache-sling-resourceresolver/pull/60#issuecomment-1031373975


   SonarCloud Quality Gate failed.  ![Quality Gate 
failed](https://sonarsource.github.io/sonarcloud-github-static-resources/v2/checks/QualityGateBadge/failed-16px.png
 'Quality Gate failed')
   
   
[![Bug](https://sonarsource.github.io/sonarcloud-github-static-resources/v2/common/bug-16px.png
 
'Bug')](https://sonarcloud.io/project/issues?id=apache_sling-org-apache-sling-resourceresolver=60=false=BUG)
 
[![A](https://sonarsource.github.io/sonarcloud-github-static-resources/v2/checks/RatingBadge/A-16px.png
 
'A')](https://sonarcloud.io/project/issues?id=apache_sling-org-apache-sling-resourceresolver=60=false=BUG)
 [0 
Bugs](https://sonarcloud.io/project/issues?id=apache_sling-org-apache-sling-resourceresolver=60=false=BUG)
  
   
[![Vulnerability](https://sonarsource.github.io/sonarcloud-github-static-resources/v2/common/vulnerability-16px.png
 
'Vulnerability')](https://sonarcloud.io/project/issues?id=apache_sling-org-apache-sling-resourceresolver=60=false=VULNERABILITY)
 
[![A](https://sonarsource.github.io/sonarcloud-github-static-resources/v2/checks/RatingBadge/A-16px.png
 
'A')](https://sonarcloud.io/project/issues?id=apache_sling-org-apache-sling-resourceresolver=60=false=VULNERABILITY)
 [0 
Vulnerabilities](https://sonarcloud.io/project/issues?id=apache_sling-org-apache-sling-resourceresolver=60=false=VULNERABILITY)
  
   [![Security 
Hotspot](https://sonarsource.github.io/sonarcloud-github-static-resources/v2/common/security_hotspot-16px.png
 'Security 
Hotspot')](https://sonarcloud.io/project/security_hotspots?id=apache_sling-org-apache-sling-resourceresolver=60=false=SECURITY_HOTSPOT)
 
[![A](https://sonarsource.github.io/sonarcloud-github-static-resources/v2/checks/RatingBadge/A-16px.png
 
'A')](https://sonarcloud.io/project/security_hotspots?id=apache_sling-org-apache-sling-resourceresolver=60=false=SECURITY_HOTSPOT)
 [0 Security 
Hotspots](https://sonarcloud.io/project/security_hotspots?id=apache_sling-org-apache-sling-resourceresolver=60=false=SECURITY_HOTSPOT)
  
   [![Code 
Smell](https://sonarsource.github.io/sonarcloud-github-static-resources/v2/common/code_smell-16px.png
 'Code 
Smell')](https://sonarcloud.io/project/issues?id=apache_sling-org-apache-sling-resourceresolver=60=false=CODE_SMELL)
 
[![B](https://sonarsource.github.io/sonarcloud-github-static-resources/v2/checks/RatingBadge/B-16px.png
 
'B')](https://sonarcloud.io/project/issues?id=apache_sling-org-apache-sling-resourceresolver=60=false=CODE_SMELL)
 [2 Code 
Smells](https://sonarcloud.io/project/issues?id=apache_sling-org-apache-sling-resourceresolver=60=false=CODE_SMELL)
   
   
[![85.7%](https://sonarsource.github.io/sonarcloud-github-static-resources/v2/checks/CoverageChart/60-16px.png
 
'85.7%')](https://sonarcloud.io/component_measures?id=apache_sling-org-apache-sling-resourceresolver=60=new_coverage=list)
 [85.7% 
Coverage](https://sonarcloud.io/component_measures?id=apache_sling-org-apache-sling-resourceresolver=60=new_coverage=list)
  
   
[![0.0%](https://sonarsource.github.io/sonarcloud-github-static-resources/v2/checks/Duplications/3-16px.png
 
'0.0%')](https://sonarcloud.io/component_measures?id=apache_sling-org-apache-sling-resourceresolver=60=new_duplicated_lines_density=list)
 [0.0% 
Duplication](https://sonarcloud.io/component_measures?id=apache_sling-org-apache-sling-resourceresolver=60=new_duplicated_lines_density=list)
   
   


-- 
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.

To unsubscribe, e-mail: dev-unsubscr...@sling.apache.org

For queries about this service, please contact Infrastructure at:
us...@infra.apache.org

[GitHub] [sling-org-apache-sling-resourceresolver] sonarcloud[bot] removed a comment on pull request #60: SLING-11113: remove bloom filter persistence

[GitBox]

sonarcloud[bot] removed a comment on pull request #60:
URL: 
https://github.com/apache/sling-org-apache-sling-resourceresolver/pull/60#issuecomment-1029100922


   Kudos, SonarCloud Quality Gate passed!  ![Quality Gate 
passed](https://sonarsource.github.io/sonarcloud-github-static-resources/v2/checks/QualityGateBadge/passed-16px.png
 'Quality Gate passed')
   
   
[![Bug](https://sonarsource.github.io/sonarcloud-github-static-resources/v2/common/bug-16px.png
 
'Bug')](https://sonarcloud.io/project/issues?id=apache_sling-org-apache-sling-resourceresolver=60=false=BUG)
 
[![A](https://sonarsource.github.io/sonarcloud-github-static-resources/v2/checks/RatingBadge/A-16px.png
 
'A')](https://sonarcloud.io/project/issues?id=apache_sling-org-apache-sling-resourceresolver=60=false=BUG)
 [0 
Bugs](https://sonarcloud.io/project/issues?id=apache_sling-org-apache-sling-resourceresolver=60=false=BUG)
  
   
[![Vulnerability](https://sonarsource.github.io/sonarcloud-github-static-resources/v2/common/vulnerability-16px.png
 
'Vulnerability')](https://sonarcloud.io/project/issues?id=apache_sling-org-apache-sling-resourceresolver=60=false=VULNERABILITY)
 
[![A](https://sonarsource.github.io/sonarcloud-github-static-resources/v2/checks/RatingBadge/A-16px.png
 
'A')](https://sonarcloud.io/project/issues?id=apache_sling-org-apache-sling-resourceresolver=60=false=VULNERABILITY)
 [0 
Vulnerabilities](https://sonarcloud.io/project/issues?id=apache_sling-org-apache-sling-resourceresolver=60=false=VULNERABILITY)
  
   [![Security 
Hotspot](https://sonarsource.github.io/sonarcloud-github-static-resources/v2/common/security_hotspot-16px.png
 'Security 
Hotspot')](https://sonarcloud.io/project/security_hotspots?id=apache_sling-org-apache-sling-resourceresolver=60=false=SECURITY_HOTSPOT)
 
[![A](https://sonarsource.github.io/sonarcloud-github-static-resources/v2/checks/RatingBadge/A-16px.png
 
'A')](https://sonarcloud.io/project/security_hotspots?id=apache_sling-org-apache-sling-resourceresolver=60=false=SECURITY_HOTSPOT)
 [0 Security 
Hotspots](https://sonarcloud.io/project/security_hotspots?id=apache_sling-org-apache-sling-resourceresolver=60=false=SECURITY_HOTSPOT)
  
   [![Code 
Smell](https://sonarsource.github.io/sonarcloud-github-static-resources/v2/common/code_smell-16px.png
 'Code 
Smell')](https://sonarcloud.io/project/issues?id=apache_sling-org-apache-sling-resourceresolver=60=false=CODE_SMELL)
 
[![A](https://sonarsource.github.io/sonarcloud-github-static-resources/v2/checks/RatingBadge/A-16px.png
 
'A')](https://sonarcloud.io/project/issues?id=apache_sling-org-apache-sling-resourceresolver=60=false=CODE_SMELL)
 [2 Code 
Smells](https://sonarcloud.io/project/issues?id=apache_sling-org-apache-sling-resourceresolver=60=false=CODE_SMELL)
   
   
[![85.7%](https://sonarsource.github.io/sonarcloud-github-static-resources/v2/checks/CoverageChart/60-16px.png
 
'85.7%')](https://sonarcloud.io/component_measures?id=apache_sling-org-apache-sling-resourceresolver=60=new_coverage=list)
 [85.7% 
Coverage](https://sonarcloud.io/component_measures?id=apache_sling-org-apache-sling-resourceresolver=60=new_coverage=list)
  
   
[![0.0%](https://sonarsource.github.io/sonarcloud-github-static-resources/v2/checks/Duplications/3-16px.png
 
'0.0%')](https://sonarcloud.io/component_measures?id=apache_sling-org-apache-sling-resourceresolver=60=new_duplicated_lines_density=list)
 [0.0% 
Duplication](https://sonarcloud.io/component_measures?id=apache_sling-org-apache-sling-resourceresolver=60=new_duplicated_lines_density=list)
   
   


-- 
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.

To unsubscribe, e-mail: dev-unsubscr...@sling.apache.org

For queries about this service, please contact Infrastructure at:
us...@infra.apache.org

[GitHub] [sling-org-apache-sling-caconfig-impl] joerghoh commented on pull request #5: SLING-11114 Use a LazySupplier for the caconfig binding

[GitBox]

joerghoh commented on pull request #5:
URL: 
https://github.com/apache/sling-org-apache-sling-caconfig-impl/pull/5#issuecomment-1031372394


   Thanks @stefanseifert, I will take care of that.


-- 
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.

To unsubscribe, e-mail: dev-unsubscr...@sling.apache.org

For queries about this service, please contact Infrastructure at:
us...@infra.apache.org

[GitHub] [sling-org-apache-sling-resourceresolver] reschke commented on a change in pull request #60: SLING-11113: remove bloom filter persistence

[GitBox]

reschke commented on a change in pull request #60:
URL: 
https://github.com/apache/sling-org-apache-sling-resourceresolver/pull/60#discussion_r800562099



##
File path: 
src/main/java/org/apache/sling/resourceresolver/impl/mapping/MapEntries.java
##
@@ -18,34 +18,6 @@
  */
 package org.apache.sling.resourceresolver.impl.mapping;
 
-import org.apache.commons.lang3.StringUtils;

Review comment:
   will do




-- 
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.

To unsubscribe, e-mail: dev-unsubscr...@sling.apache.org

For queries about this service, please contact Infrastructure at:
us...@infra.apache.org

[jira] [Resolved] (SLING-11062) javadoc errors when releasing the bundle

[Carsten Ziegeler (Jira)]

 [ 
https://issues.apache.org/jira/browse/SLING-11062?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel
 ]

Carsten Ziegeler resolved SLING-11062.
--
Resolution: Fixed

> javadoc errors when releasing the bundle
> 
>
> Key: SLING-11062
> URL: https://issues.apache.org/jira/browse/SLING-11062
> Project: Sling
>  Issue Type: Bug
>  Components: ResourceResolver
>Affects Versions: Resource Resolver 1.8.0
>Reporter: Joerg Hoh
>Priority: Major
> Fix For: Resource Resolver 1.8.4
>
>
> When releasing the ResourceResolver bundle I had to ignore javadoc errors. 
> These should be fixed before the next release.



--
This message was sent by Atlassian Jira
(v8.20.1#820001)

[jira] [Assigned] (SLING-11062) javadoc errors when releasing the bundle

[Carsten Ziegeler (Jira)]

 [ 
https://issues.apache.org/jira/browse/SLING-11062?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel
 ]

Carsten Ziegeler reassigned SLING-11062:


Assignee: Carsten Ziegeler

> javadoc errors when releasing the bundle
> 
>
> Key: SLING-11062
> URL: https://issues.apache.org/jira/browse/SLING-11062
> Project: Sling
>  Issue Type: Bug
>  Components: ResourceResolver
>Affects Versions: Resource Resolver 1.8.0
>Reporter: Joerg Hoh
>Assignee: Carsten Ziegeler
>Priority: Major
> Fix For: Resource Resolver 1.8.4
>
>
> When releasing the ResourceResolver bundle I had to ignore javadoc errors. 
> These should be fixed before the next release.



--
This message was sent by Atlassian Jira
(v8.20.1#820001)

RE: [Scripting] Bindings returning null

[Stefan Seifert]

i agree with your opinion, and it's backed by the spec/javadocs.
in most cases the consumer will access the bindings from an actual script (e.g. 
HTL), and in that case it should not make any difference for them.

stefan

>-Original Message-
>From: Jörg Hoh 
>Sent: Friday, February 4, 2022 12:01 PM
>To: Sling Developers List 
>Subject: [Scripting] Bindings returning null
>
>Hi,
>
>I am currently working on a number of smaller performance improvements, and
>I found that some BindingsValuesProvider could benefit from providings
>lazily. In that case the binding is added, but the value is only resolved
>when the value of the binding is actually needed, instead of resolving them
>when adding the binding [1]. As these bindings are added very often, but
>not always used, a small improvement in the area of a few hundred
>microseconds can accumulate to a 2-digit number of milliseconds for a
>complex request;
>
>The implementations of the BindingValuesProvider#addBindings() currently
>often perform checks if the binding should be added at all. In the case of
>a failed check the binding would not be added at all.
> With the dynamic resolution this is hardly possible, it would defeat the
>purpose of delaying the resolution (including these checks) to a time when
>it's absolutely necessary. In the case of the dynamic resolution with a
>failed check this just leaves the option to return "null" for that binding.
>
>The javax.script.Bindings#get spec [2] allows to return null in 2 cases:
>* the mapping is not present
>* the mapping returns a null
>
>So technically this change is covered by the spec, but I don't know if all
>users of the bindings always check for null but have used some other
>approach instead:
>
>if (bindings.containsKey(BINDING)) {
>  Object o = bindings.get(BINDING);
>  assertNotNull(o);
>}
>
>which is incorrect according to the spec, but might have worked in the
>past.
>
>In my opinion we should adjust these BindingsValuesProviders and require
>the consumers of these bindings to make sure that they do the null-check as
>required by the spec.
>
>WDYT?
>
>
>Jörg
>
>
>[1]
>https://github.com/apache/sling-org-apache-sling-
>api/blob/master/src/main/java/org/apache/sling/api/scripting/LazyBindings.j
>ava
>[2]
>https://docs.oracle.com/javase/8/docs/api/javax/script/Bindings.html#get-
>java.lang.Object-
>
>
>--
>Cheers,
>Jörg Hoh,
>
>https://cqdump.joerghoh.de
>Twitter: @joerghoh

[jira] [Commented] (SLING-11062) javadoc errors when releasing the bundle

[Joerg Hoh (Jira)]

[ 
https://issues.apache.org/jira/browse/SLING-11062?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel=17488046#comment-17488046
 ] 

Joerg Hoh commented on SLING-11062:
---

created SLING-11127 to address such issues at the level of the parent.

> javadoc errors when releasing the bundle
> 
>
> Key: SLING-11062
> URL: https://issues.apache.org/jira/browse/SLING-11062
> Project: Sling
>  Issue Type: Bug
>  Components: ResourceResolver
>Affects Versions: Resource Resolver 1.8.0
>Reporter: Joerg Hoh
>Priority: Major
> Fix For: Resource Resolver 1.8.4
>
>
> When releasing the ResourceResolver bundle I had to ignore javadoc errors. 
> These should be fixed before the next release.



--
This message was sent by Atlassian Jira
(v8.20.1#820001)

[jira] [Created] (SLING-11127) javadoc should be checked during builds

[Joerg Hoh (Jira)]

Joerg Hoh created SLING-11127:
-

 Summary: javadoc should be checked during builds
 Key: SLING-11127
 URL: https://issues.apache.org/jira/browse/SLING-11127
 Project: Sling
  Issue Type: Improvement
  Components: Build and Source Control
Affects Versions: Bundle Parent 47
Reporter: Joerg Hoh


During regular builds we don't run the javadoc plugin, so depending on your 
local the release process can fail with javadoc errors without noticing it 
before.

We should always explicitly run {{javadoc:javadoc}} during a regular build to 
spot such issues early on.



--
This message was sent by Atlassian Jira
(v8.20.1#820001)

[jira] [Commented] (SLING-11113) resource resolver: bloom filter might be out of sync on startup

[Thomas Mueller (Jira)]

[ 
https://issues.apache.org/jira/browse/SLING-3?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel=17488044#comment-17488044
 ] 

Thomas Mueller commented on SLING-3:


I think what [~reschke] is saying is: we don't actually know why the Bloom 
filter was persisted at all. That's also kind of a mystery to me... it is 
persisted, but not used until it is fully re-built... So why persist it?

> the bloom-filter can't be guaranteed to be accurate

I think it is currently guaranteed to be accurate once it is re-built. But, 
there is no guarantee before that. But as it's not used (for lookups) before 
it's rebuilt, it is fine.

> the fix to make it accurate essentially will kill the optimization the 
> bloom-filter was intended to deliver

I far as I know, the reason we added a Bloom filter was to reduce memory usage 
in case there are many vanity paths. And doing so without affecting request 
performance greatly.

I think not persisting the Bloom filter sounds like a good idea. Instead of 
persisting it, we can build it at (or slightly after) startup.

Now we want to avoid blocking startup if there are many entries (more than e.g. 
50'000). To do that, we could set all bits in the Bloom filter to 1 (so we have 
a 100% false positive rate for some time), and then re-build the correct Bloom 
filter slightly _after_ startup, in a separate thread. That would have the 
following effect:

* If there are more than 50'000 vanity path (and only then):
* Startup wouldn't be blocked until all vanity paths are read.
* Requests right after startup would be a bit slower, because the to the Bloom 
filter has a 100% false positive rate.
* I would probably add a small cache for the false-positives (in any case), for 
example 1000 entries. We can discuss this. This cache would be fully in memory. 
Such caches are a common approach with Bloom filters. Just a LinkedHashMap 
(maybe synchronized). When adding an entry to the vanity path, this cache would 
need to be cleared (well it would be enough to just remove the one entry, but I 
wouldn't bother with the complexity of that really - adding vanity paths right 
after startup is rare I assume).
* Then, just after startup is complete, we re-build the Bloom filter. So this 
high false-positive rate would only be temporary.



> resource resolver: bloom filter might be out of sync on startup
> ---
>
> Key: SLING-3
> URL: https://issues.apache.org/jira/browse/SLING-3
> Project: Sling
>  Issue Type: Bug
>  Components: ResourceResolver
>Reporter: Julian Reschke
>Priority: Major
> Attachments: SLING-3.diff
>
>  Time Spent: 40m
>  Remaining Estimate: 0h
>
> It appears that the bloom filter can be out of sync with the repo on startup.
> Upon startup, when not present, it get's created, and updated with all vanity 
> paths found in the repo. If present, it is used as is.
> So for a restart of a node, there's a time window (up to save interval of 60s 
> plus downtime) during which the addition of vanity paths will not be 
> reflected in the bloom filter.
> Now the bloom filter is only relevant if the number of vanity paths exceeds 
> the maximum number, so this problem might be hard to observe.
> AFAIU, the *intent* of persisting the bloom filter is to avoid the cost of 
> re-filling it on startup. However, we already know that *finding* the vanity 
> paths (doing the query, getting the resources and processing the properties) 
> is already costly. It's dubious that avoiding the cost if updating the filter 
> helps here.
> Proposal: get rid of the persistence of the bloom filter altogether, reducing 
> the complexity of the code significantly.
>  



--
This message was sent by Atlassian Jira
(v8.20.1#820001)

[jira] [Commented] (SLING-11113) resource resolver: bloom filter might be out of sync on startup

[Carsten Ziegeler (Jira)]

[ 
https://issues.apache.org/jira/browse/SLING-3?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel=17488043#comment-17488043
 ] 

Carsten Ziegeler commented on SLING-3:
--

I think not having to persist the bloom filter is a good thing as this 
simplifies the code. As the persisted bloom filter might be out of date anyway 
and all information is currently re-read on startup, I think the persisted 
bloom filter is not really an improvement

> resource resolver: bloom filter might be out of sync on startup
> ---
>
> Key: SLING-3
> URL: https://issues.apache.org/jira/browse/SLING-3
> Project: Sling
>  Issue Type: Bug
>  Components: ResourceResolver
>Reporter: Julian Reschke
>Priority: Major
> Attachments: SLING-3.diff
>
>  Time Spent: 40m
>  Remaining Estimate: 0h
>
> It appears that the bloom filter can be out of sync with the repo on startup.
> Upon startup, when not present, it get's created, and updated with all vanity 
> paths found in the repo. If present, it is used as is.
> So for a restart of a node, there's a time window (up to save interval of 60s 
> plus downtime) during which the addition of vanity paths will not be 
> reflected in the bloom filter.
> Now the bloom filter is only relevant if the number of vanity paths exceeds 
> the maximum number, so this problem might be hard to observe.
> AFAIU, the *intent* of persisting the bloom filter is to avoid the cost of 
> re-filling it on startup. However, we already know that *finding* the vanity 
> paths (doing the query, getting the resources and processing the properties) 
> is already costly. It's dubious that avoiding the cost if updating the filter 
> helps here.
> Proposal: get rid of the persistence of the bloom filter altogether, reducing 
> the complexity of the code significantly.
>  



--
This message was sent by Atlassian Jira
(v8.20.1#820001)

[GitHub] [sling-org-apache-sling-resourceresolver] cziegeler commented on a change in pull request #60: SLING-11113: remove bloom filter persistence

[GitBox]

cziegeler commented on a change in pull request #60:
URL: 
https://github.com/apache/sling-org-apache-sling-resourceresolver/pull/60#discussion_r800549273



##
File path: 
src/main/java/org/apache/sling/resourceresolver/impl/mapping/MapEntries.java
##
@@ -18,34 +18,6 @@
  */
 package org.apache.sling.resourceresolver.impl.mapping;
 
-import org.apache.commons.lang3.StringUtils;

Review comment:
   The PR is reordering imports - it would be good to avoid this to see the 
real changes




-- 
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.

To unsubscribe, e-mail: dev-unsubscr...@sling.apache.org

For queries about this service, please contact Infrastructure at:
us...@infra.apache.org

[jira] [Closed] (SLING-4731) bgservlet consumes all memory during large uploads in background

[Joerg Hoh (Jira)]

 [ 
https://issues.apache.org/jira/browse/SLING-4731?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel
 ]

Joerg Hoh closed SLING-4731.


> bgservlet consumes all memory during large uploads in background
> 
>
> Key: SLING-4731
> URL: https://issues.apache.org/jira/browse/SLING-4731
> Project: Sling
>  Issue Type: Bug
>  Components: Extensions
>Affects Versions: Background Servlets 1.0.0
>Reporter: Joerg Hoh
>Priority: Major
>
> When you do an upload of a large file with "sling:bg=true" appended, the 
> BackgroundHttpServletRequest loads the complete inputstream into memory.
> Would it be possible to have something less memory-intensive? Of course a 
> file upload in the background is questionable ...
> {code}
> 21.05.2015 10:59:53.290 *ERROR* [pool-28-thread-7] 
> org.apache.sling.engine.impl.SlingRequestProcessorImpl service: Uncaught 
> Throwable
> java.lang.OutOfMemoryError: Java heap space
> at 
> java.lang.StringBuffer.ensureCapacityImpl(StringBuffer.java:338)
> at java.lang.StringBuffer.append(StringBuffer.java:131)
> at java.net.URLEncoder.encode(URLEncoder.java:211)
> at 
> org.apache.sling.bgservlets.BackgroundHttpServletRequest.encode(BackgroundHttpServletRequest.java:260)
> at 
> org.apache.sling.bgservlets.BackgroundHttpServletRequest.append(BackgroundHttpServletRequest.java:272)
> at 
> org.apache.sling.bgservlets.BackgroundHttpServletRequest.getInputStream(BackgroundHttpServletRequest.java:283)
> at 
> org.apache.commons.fileupload.servlet.ServletRequestContext.getInputStream(ServletRequestContext.java:112)
> at 
> org.apache.commons.fileupload.FileUploadBase$FileItemIteratorImpl.(FileUploadBase.java:952)
> at 
> org.apache.commons.fileupload.FileUploadBase.getItemIterator(FileUploadBase.java:310)
> at 
> org.apache.commons.fileupload.FileUploadBase.parseRequest(FileUploadBase.java:334)
> at 
> org.apache.sling.engine.impl.parameters.ParameterSupport.parseMultiPartPost(ParameterSupport.java:349)
> at 
> org.apache.sling.engine.impl.parameters.ParameterSupport.getRequestParameterMapInternal(ParameterSupport.java:279)
> at 
> org.apache.sling.engine.impl.parameters.ParameterSupport.getParameter(ParameterSupport.java:173)
> at 
> org.apache.sling.engine.impl.SlingHttpServletRequestImpl.getParameter(SlingHttpServletRequestImpl.java:142)
> at 
> org.apache.sling.bgservlets.impl.BackgroundServletStarterFilter.doFilter(BackgroundServletStarterFilter.java:105)
> at 
> org.apache.sling.engine.impl.filter.AbstractSlingFilterChain.doFilter(AbstractSlingFilterChain.java:60)
> at 
> com.adobe.cq.social.commons.security.SaferSlingPostServlet.doFilter(SaferSlingPostServlet.java:132)
> at 
> org.apache.sling.engine.impl.filter.AbstractSlingFilterChain.doFilter(AbstractSlingFilterChain.java:60)
> at 
> com.adobe.granite.requests.logging.impl.RequestLoggerImpl.doFilter(RequestLoggerImpl.java:124)
> at 
> org.apache.sling.engine.impl.filter.AbstractSlingFilterChain.doFilter(AbstractSlingFilterChain.java:60)
> at 
> org.apache.sling.engine.impl.SlingRequestProcessorImpl.doProcessRequest(SlingRequestProcessorImpl.java:151)
> at 
> org.apache.sling.engine.impl.SlingRequestProcessorImpl.processRequest(SlingRequestProcessorImpl.java:247)
> at 
> org.apache.sling.bgservlets.impl.BackgroundRequestExecutionJob.run(BackgroundRequestExecutionJob.java:99)
> at 
> org.apache.sling.bgservlets.impl.ExecutionEngineImpl$RunnableWrapper.run(ExecutionEngineImpl.java:87)
> at 
> java.util.concurrent.ThreadPoolExecutor$Worker.runTask(ThreadPoolExecutor.java:906)
> at 
> java.util.concurrent.ThreadPoolExecutor$Worker.run(ThreadPoolExecutor.java:929)
> at java.lang.Thread.run(Thread.java:761)
> {code}



--
This message was sent by Atlassian Jira
(v8.20.1#820001)

[jira] [Resolved] (SLING-4731) bgservlet consumes all memory during large uploads in background

[Joerg Hoh (Jira)]

 [ 
https://issues.apache.org/jira/browse/SLING-4731?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel
 ]

Joerg Hoh resolved SLING-4731.
--
Resolution: Won't Fix

bgservlets are no longer maintained

> bgservlet consumes all memory during large uploads in background
> 
>
> Key: SLING-4731
> URL: https://issues.apache.org/jira/browse/SLING-4731
> Project: Sling
>  Issue Type: Bug
>  Components: Extensions
>Affects Versions: Background Servlets 1.0.0
>Reporter: Joerg Hoh
>Priority: Major
>
> When you do an upload of a large file with "sling:bg=true" appended, the 
> BackgroundHttpServletRequest loads the complete inputstream into memory.
> Would it be possible to have something less memory-intensive? Of course a 
> file upload in the background is questionable ...
> {code}
> 21.05.2015 10:59:53.290 *ERROR* [pool-28-thread-7] 
> org.apache.sling.engine.impl.SlingRequestProcessorImpl service: Uncaught 
> Throwable
> java.lang.OutOfMemoryError: Java heap space
> at 
> java.lang.StringBuffer.ensureCapacityImpl(StringBuffer.java:338)
> at java.lang.StringBuffer.append(StringBuffer.java:131)
> at java.net.URLEncoder.encode(URLEncoder.java:211)
> at 
> org.apache.sling.bgservlets.BackgroundHttpServletRequest.encode(BackgroundHttpServletRequest.java:260)
> at 
> org.apache.sling.bgservlets.BackgroundHttpServletRequest.append(BackgroundHttpServletRequest.java:272)
> at 
> org.apache.sling.bgservlets.BackgroundHttpServletRequest.getInputStream(BackgroundHttpServletRequest.java:283)
> at 
> org.apache.commons.fileupload.servlet.ServletRequestContext.getInputStream(ServletRequestContext.java:112)
> at 
> org.apache.commons.fileupload.FileUploadBase$FileItemIteratorImpl.(FileUploadBase.java:952)
> at 
> org.apache.commons.fileupload.FileUploadBase.getItemIterator(FileUploadBase.java:310)
> at 
> org.apache.commons.fileupload.FileUploadBase.parseRequest(FileUploadBase.java:334)
> at 
> org.apache.sling.engine.impl.parameters.ParameterSupport.parseMultiPartPost(ParameterSupport.java:349)
> at 
> org.apache.sling.engine.impl.parameters.ParameterSupport.getRequestParameterMapInternal(ParameterSupport.java:279)
> at 
> org.apache.sling.engine.impl.parameters.ParameterSupport.getParameter(ParameterSupport.java:173)
> at 
> org.apache.sling.engine.impl.SlingHttpServletRequestImpl.getParameter(SlingHttpServletRequestImpl.java:142)
> at 
> org.apache.sling.bgservlets.impl.BackgroundServletStarterFilter.doFilter(BackgroundServletStarterFilter.java:105)
> at 
> org.apache.sling.engine.impl.filter.AbstractSlingFilterChain.doFilter(AbstractSlingFilterChain.java:60)
> at 
> com.adobe.cq.social.commons.security.SaferSlingPostServlet.doFilter(SaferSlingPostServlet.java:132)
> at 
> org.apache.sling.engine.impl.filter.AbstractSlingFilterChain.doFilter(AbstractSlingFilterChain.java:60)
> at 
> com.adobe.granite.requests.logging.impl.RequestLoggerImpl.doFilter(RequestLoggerImpl.java:124)
> at 
> org.apache.sling.engine.impl.filter.AbstractSlingFilterChain.doFilter(AbstractSlingFilterChain.java:60)
> at 
> org.apache.sling.engine.impl.SlingRequestProcessorImpl.doProcessRequest(SlingRequestProcessorImpl.java:151)
> at 
> org.apache.sling.engine.impl.SlingRequestProcessorImpl.processRequest(SlingRequestProcessorImpl.java:247)
> at 
> org.apache.sling.bgservlets.impl.BackgroundRequestExecutionJob.run(BackgroundRequestExecutionJob.java:99)
> at 
> org.apache.sling.bgservlets.impl.ExecutionEngineImpl$RunnableWrapper.run(ExecutionEngineImpl.java:87)
> at 
> java.util.concurrent.ThreadPoolExecutor$Worker.runTask(ThreadPoolExecutor.java:906)
> at 
> java.util.concurrent.ThreadPoolExecutor$Worker.run(ThreadPoolExecutor.java:929)
> at java.lang.Thread.run(Thread.java:761)
> {code}



--
This message was sent by Atlassian Jira
(v8.20.1#820001)

[jira] [Commented] (SLING-11124) Update Guava Dependency for CVE CVE-2018-10237 and CVE-2020-8908

[Carsten Ziegeler (Jira)]

[ 
https://issues.apache.org/jira/browse/SLING-11124?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel=17488021#comment-17488021
 ] 

Carsten Ziegeler commented on SLING-11124:
--

[~andrei.dulvac] The dependencies are not embedded - and there is only a single 
usage of guava in the code: two minor string util methods from Strings class . 
I prefer to rather remove that guava dependency alltogether to avoid any 
trouble as [~enorman] points out 

> Update Guava Dependency for CVE CVE-2018-10237 and CVE-2020-8908
> 
>
> Key: SLING-11124
> URL: https://issues.apache.org/jira/browse/SLING-11124
> Project: Sling
>  Issue Type: Task
>  Components: Apache Sling Testing Clients
>Affects Versions: Apache Sling Testing Clients 3.0.8
>Reporter: Andrei Tuicu
>Assignee: Andrei Dulvac
>Priority: Major
> Fix For: Apache Sling Testing Clients 3.0.8
>
>  Time Spent: 40m
>  Remaining Estimate: 0h
>
> Sling testing clients are using com.google.guava guava 14.0.1 which is 
> vulnerable to CVE-2018-10237(MEDIUM) [1] and CVE-2020-8908(LOW) [2].
> Mitigation: update to latest guava 31.0.1-android
> [1] https://www.cvedetails.com/cve/CVE-2018-10237/
> [2] https://www.cvedetails.com/cve/CVE-2020-8908/



--
This message was sent by Atlassian Jira
(v8.20.1#820001)

[jira] [Commented] (SLING-11113) resource resolver: bloom filter might be out of sync on startup

[Julian Reschke (Jira)]

[ 
https://issues.apache.org/jira/browse/SLING-3?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel=17488016#comment-17488016
 ] 

Julian Reschke commented on SLING-3:


FWIW, a good question is whether the optimization not to re-initialize the 
bloom filter on repo startup makes sense, given the amount of work the system 
already has to do to find the nodes (JCR query), read them, and process their 
attributes...

> resource resolver: bloom filter might be out of sync on startup
> ---
>
> Key: SLING-3
> URL: https://issues.apache.org/jira/browse/SLING-3
> Project: Sling
>  Issue Type: Bug
>  Components: ResourceResolver
>Reporter: Julian Reschke
>Priority: Major
> Attachments: SLING-3.diff
>
>  Time Spent: 0.5h
>  Remaining Estimate: 0h
>
> It appears that the bloom filter can be out of sync with the repo on startup.
> Upon startup, when not present, it get's created, and updated with all vanity 
> paths found in the repo. If present, it is used as is.
> So for a restart of a node, there's a time window (up to save interval of 60s 
> plus downtime) during which the addition of vanity paths will not be 
> reflected in the bloom filter.
> Now the bloom filter is only relevant if the number of vanity paths exceeds 
> the maximum number, so this problem might be hard to observe.
> AFAIU, the *intent* of persisting the bloom filter is to avoid the cost of 
> re-filling it on startup. However, we already know that *finding* the vanity 
> paths (doing the query, getting the resources and processing the properties) 
> is already costly. It's dubious that avoiding the cost if updating the filter 
> helps here.
> Proposal: get rid of the persistence of the bloom filter altogether, reducing 
> the complexity of the code significantly.
>  



--
This message was sent by Atlassian Jira
(v8.20.1#820001)

[jira] [Resolved] (SLING-11117) Inconsistent formatting and minor improvements

[Angela Schreiber (Jira)]

 [ 
https://issues.apache.org/jira/browse/SLING-7?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel
 ]

Angela Schreiber resolved SLING-7.
--
Resolution: Fixed

> Inconsistent formatting and minor improvements
> --
>
> Key: SLING-7
> URL: https://issues.apache.org/jira/browse/SLING-7
> Project: Sling
>  Issue Type: Improvement
>  Components: Sling Security
>Reporter: Angela Schreiber
>Assignee: Angela Schreiber
>Priority: Trivial
> Fix For: Security 1.1.24
>
>  Time Spent: 1h
>  Remaining Estimate: 0h
>
> looking at the code in _org.apache.sling.security.impl_ for SLING-5 i 
> found formatting inconsistencies and some candidates for minor improvements.



--
This message was sent by Atlassian Jira
(v8.20.1#820001)

[GitHub] [sling-org-apache-sling-security] cziegeler merged pull request #5: SLING-11117 : Inconsistent formatting and minor improvements

[GitBox]

cziegeler merged pull request #5:
URL: https://github.com/apache/sling-org-apache-sling-security/pull/5


   


-- 
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.

To unsubscribe, e-mail: dev-unsubscr...@sling.apache.org

For queries about this service, please contact Infrastructure at:
us...@infra.apache.org

[jira] [Resolved] (SLING-3743) BackgroundHttpServletResponse don't flushes the Writer

[Joerg Hoh (Jira)]

 [ 
https://issues.apache.org/jira/browse/SLING-3743?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel
 ]

Joerg Hoh resolved SLING-3743.
--
Resolution: Won't Fix

Closing as won't fix, because the bgservlets bundle is no longer maintained.

> BackgroundHttpServletResponse don't flushes the Writer
> --
>
> Key: SLING-3743
> URL: https://issues.apache.org/jira/browse/SLING-3743
> Project: Sling
>  Issue Type: Bug
>Reporter: Alexander Berndt
>Priority: Minor
>  Labels: easyfix, good-first-issue
>   Original Estimate: 2h
>  Remaining Estimate: 2h
>
> A sling servlet request can be run as a background service, while appending a 
> ?sling:bg=true to the request. This is done in the 
> BackgroundServletStarterFilter.
> Unfortunatily this doesn't work for servlets, that use request.getWriter() to 
> create the output. The provided BackgroundHttpServletResponse provides also a 
> writer, but this isn't flushed during the clean-up.
> So the current code:
> public BackgroundHttpServletResponse(HttpServletResponse hsr, OutputStream os)
> throws IOException {
> stream = new ServletOutputStreamWrapper(os);
> writer = new PrintWriter(new OutputStreamWriter(stream));
> }
> public void cleanup() throws IOException {
> stream.flush();
> stream.close();
> }
> should be changed to:
> public void cleanup() throws IOException {
> writer.flush();
> writer.close();
> }
> as the writer also flushes and closes the underlying stream.
> kind regards,
> Alexander Berndt



--
This message was sent by Atlassian Jira
(v8.20.1#820001)

[jira] [Closed] (SLING-3743) BackgroundHttpServletResponse don't flushes the Writer

[Joerg Hoh (Jira)]

 [ 
https://issues.apache.org/jira/browse/SLING-3743?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel
 ]

Joerg Hoh closed SLING-3743.


> BackgroundHttpServletResponse don't flushes the Writer
> --
>
> Key: SLING-3743
> URL: https://issues.apache.org/jira/browse/SLING-3743
> Project: Sling
>  Issue Type: Bug
>Reporter: Alexander Berndt
>Priority: Minor
>  Labels: easyfix, good-first-issue
>   Original Estimate: 2h
>  Remaining Estimate: 2h
>
> A sling servlet request can be run as a background service, while appending a 
> ?sling:bg=true to the request. This is done in the 
> BackgroundServletStarterFilter.
> Unfortunatily this doesn't work for servlets, that use request.getWriter() to 
> create the output. The provided BackgroundHttpServletResponse provides also a 
> writer, but this isn't flushed during the clean-up.
> So the current code:
> public BackgroundHttpServletResponse(HttpServletResponse hsr, OutputStream os)
> throws IOException {
> stream = new ServletOutputStreamWrapper(os);
> writer = new PrintWriter(new OutputStreamWriter(stream));
> }
> public void cleanup() throws IOException {
> stream.flush();
> stream.close();
> }
> should be changed to:
> public void cleanup() throws IOException {
> writer.flush();
> writer.close();
> }
> as the writer also flushes and closes the underlying stream.
> kind regards,
> Alexander Berndt



--
This message was sent by Atlassian Jira
(v8.20.1#820001)

[jira] [Updated] (SLING-11114) Use LazySupplier in ConfigurationBindingsValueProvider

[Joerg Hoh (Jira)]

 [ 
https://issues.apache.org/jira/browse/SLING-4?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel
 ]

Joerg Hoh updated SLING-4:
--
Description: 
When adding the bindings some logic is executed independent if the caconfig 
binding is used or not. In case the provided Bindings object is of type 
{{LazyBindings}}, a {{LazyBindings.Supplier}} can be used, which will only be 
resolved if the binding is actually used.


  was:
When adding the bindings some logic is executed independent if the caconfig 
binding is used or not. In case the provided Bindings object is of type 
{{LazyBindings}}, a LazySupplier can be added, which will only be resolved if 
the binding is actually used.



> Use LazySupplier in ConfigurationBindingsValueProvider
> --
>
> Key: SLING-4
> URL: https://issues.apache.org/jira/browse/SLING-4
> Project: Sling
>  Issue Type: Improvement
>  Components: Extensions
>Affects Versions: Context-Aware Configuration Impl 1.6.0
>Reporter: Joerg Hoh
>Assignee: Joerg Hoh
>Priority: Major
>  Time Spent: 40m
>  Remaining Estimate: 0h
>
> When adding the bindings some logic is executed independent if the caconfig 
> binding is used or not. In case the provided Bindings object is of type 
> {{LazyBindings}}, a {{LazyBindings.Supplier}} can be used, which will only be 
> resolved if the binding is actually used.



--
This message was sent by Atlassian Jira
(v8.20.1#820001)

[jira] [Resolved] (SLING-11027) JspServletWrapper does not propagate exception message

[Joerg Hoh (Jira)]

 [ 
https://issues.apache.org/jira/browse/SLING-11027?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel
 ]

Joerg Hoh resolved SLING-11027.
---
Resolution: Fixed

> JspServletWrapper does not propagate exception message
> --
>
> Key: SLING-11027
> URL: https://issues.apache.org/jira/browse/SLING-11027
> Project: Sling
>  Issue Type: Improvement
>  Components: Scripting
>Affects Versions: Scripting JSP 2.5.2
>Reporter: Joerg Hoh
>Assignee: Joerg Hoh
>Priority: Major
> Fix For: Scripting JSP 2.5.6
>
>  Time Spent: 20m
>  Remaining Estimate: 0h
>
> The JspServletWrapper does not propagate the correct exception message, which 
> requires to have the entire exception stack logged and preserved in order to 
> analyze the issue.
> {noformat}
> Caused by: org.apache.sling.api.SlingException:
> at 
> org.apache.sling.scripting.jsp.jasper.servlet.JspServletWrapper.handleJspExceptionInternal(JspServletWrapper.java:685)
>  [org.apache.sling.scripting.jsp:2.5.2]
> at 
> org.apache.sling.scripting.jsp.jasper.servlet.JspServletWrapper.handleJspException(JspServletWrapper.java:602)
>  [org.apache.sling.scripting.jsp:2.5.2]
> at 
> org.apache.sling.scripting.jsp.jasper.servlet.JspServletWrapper.service(JspServletWrapper.java:527)
>  [org.apache.sling.scripting.jsp:2.5.2]
> at 
> org.apache.sling.scripting.jsp.jasper.servlet.JspServletWrapper.service(JspServletWrapper.java:445)
>  [org.apache.sling.scripting.jsp:2.5.2]
> at 
> org.apache.sling.scripting.jsp.JspScriptEngineFactory$JspScriptEngine.callJsp(JspScriptEngineFactory.java:501)
>  [org.apache.sling.scripting.jsp:2.5.2]
> at 
> org.apache.sling.scripting.jsp.JspScriptEngineFactory$JspScriptEngine.eval(JspScriptEngineFactory.java:586)
>  [org.apache.sling.scripting.jsp:2.5.2]
> at 
> org.apache.sling.scripting.core.impl.DefaultSlingScript.call(DefaultSlingScript.java:391)
>  [org.apache.sling.scripting.core:2.4.1.T20211122115952-1fa8067]
> ... 91 common frames omitted
> Caused by: org.apache.sling.api.resource.ResourceNotFoundException: Resource 
> at '/content/foo.html' not found: No resource found
> at 
> org.apache.sling.servlets.get.impl.DefaultGetServlet.doGet(DefaultGetServlet.java:288)
>  [org.apache.sling.servlets.get:2.1.44]
> at 
> org.apache.sling.api.servlets.SlingSafeMethodsServlet.mayService(SlingSafeMethodsServlet.java:266)
>  [org.apache.sling.api:2.24.0]
> at 
> org.apache.sling.api.servlets.SlingSafeMethodsServlet.service(SlingSafeMethodsServlet.java:342)
>  [org.apache.sling.api:2.24.0]
> at 
> org.apache.sling.api.servlets.SlingSafeMethodsServlet.service(SlingSafeMethodsServlet.java:374)
>  [org.apache.sling.api:2.24.0]
> at 
> org.apache.sling.engine.impl.request.RequestData.service(RequestData.java:574)
>  [org.apache.sling.engine:2.8.0]
> at 
> org.apache.sling.engine.impl.filter.SlingComponentFilterChain.render(SlingComponentFilterChain.java:45)
>  [org.apache.sling.engine:2.8
> {noformat}



--
This message was sent by Atlassian Jira
(v8.20.1#820001)

[jira] [Comment Edited] (SLING-11027) JspServletWrapper does not propagate exception message

[Joerg Hoh (Jira)]

[ 
https://issues.apache.org/jira/browse/SLING-11027?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel=17463870#comment-17463870
 ] 

Joerg Hoh edited comment on SLING-11027 at 2/7/22, 10:08 AM:
-

PR created: 
https://github.com/apache/sling-org-apache-sling-scripting-jsp/pull/7 merged


was (Author: joerghoh):
PR created: 
https://github.com/apache/sling-org-apache-sling-scripting-jsp/pull/7

> JspServletWrapper does not propagate exception message
> --
>
> Key: SLING-11027
> URL: https://issues.apache.org/jira/browse/SLING-11027
> Project: Sling
>  Issue Type: Improvement
>  Components: Scripting
>Affects Versions: Scripting JSP 2.5.2
>Reporter: Joerg Hoh
>Assignee: Joerg Hoh
>Priority: Major
> Fix For: Scripting JSP 2.5.6
>
>  Time Spent: 20m
>  Remaining Estimate: 0h
>
> The JspServletWrapper does not propagate the correct exception message, which 
> requires to have the entire exception stack logged and preserved in order to 
> analyze the issue.
> {noformat}
> Caused by: org.apache.sling.api.SlingException:
> at 
> org.apache.sling.scripting.jsp.jasper.servlet.JspServletWrapper.handleJspExceptionInternal(JspServletWrapper.java:685)
>  [org.apache.sling.scripting.jsp:2.5.2]
> at 
> org.apache.sling.scripting.jsp.jasper.servlet.JspServletWrapper.handleJspException(JspServletWrapper.java:602)
>  [org.apache.sling.scripting.jsp:2.5.2]
> at 
> org.apache.sling.scripting.jsp.jasper.servlet.JspServletWrapper.service(JspServletWrapper.java:527)
>  [org.apache.sling.scripting.jsp:2.5.2]
> at 
> org.apache.sling.scripting.jsp.jasper.servlet.JspServletWrapper.service(JspServletWrapper.java:445)
>  [org.apache.sling.scripting.jsp:2.5.2]
> at 
> org.apache.sling.scripting.jsp.JspScriptEngineFactory$JspScriptEngine.callJsp(JspScriptEngineFactory.java:501)
>  [org.apache.sling.scripting.jsp:2.5.2]
> at 
> org.apache.sling.scripting.jsp.JspScriptEngineFactory$JspScriptEngine.eval(JspScriptEngineFactory.java:586)
>  [org.apache.sling.scripting.jsp:2.5.2]
> at 
> org.apache.sling.scripting.core.impl.DefaultSlingScript.call(DefaultSlingScript.java:391)
>  [org.apache.sling.scripting.core:2.4.1.T20211122115952-1fa8067]
> ... 91 common frames omitted
> Caused by: org.apache.sling.api.resource.ResourceNotFoundException: Resource 
> at '/content/foo.html' not found: No resource found
> at 
> org.apache.sling.servlets.get.impl.DefaultGetServlet.doGet(DefaultGetServlet.java:288)
>  [org.apache.sling.servlets.get:2.1.44]
> at 
> org.apache.sling.api.servlets.SlingSafeMethodsServlet.mayService(SlingSafeMethodsServlet.java:266)
>  [org.apache.sling.api:2.24.0]
> at 
> org.apache.sling.api.servlets.SlingSafeMethodsServlet.service(SlingSafeMethodsServlet.java:342)
>  [org.apache.sling.api:2.24.0]
> at 
> org.apache.sling.api.servlets.SlingSafeMethodsServlet.service(SlingSafeMethodsServlet.java:374)
>  [org.apache.sling.api:2.24.0]
> at 
> org.apache.sling.engine.impl.request.RequestData.service(RequestData.java:574)
>  [org.apache.sling.engine:2.8.0]
> at 
> org.apache.sling.engine.impl.filter.SlingComponentFilterChain.render(SlingComponentFilterChain.java:45)
>  [org.apache.sling.engine:2.8
> {noformat}



--
This message was sent by Atlassian Jira
(v8.20.1#820001)

[GitHub] [sling-org-apache-sling-scripting-jsp] joerghoh merged pull request #7: SLING-11027 preserve exception message

[GitBox]

joerghoh merged pull request #7:
URL: https://github.com/apache/sling-org-apache-sling-scripting-jsp/pull/7


   


-- 
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.

To unsubscribe, e-mail: dev-unsubscr...@sling.apache.org

For queries about this service, please contact Infrastructure at:
us...@infra.apache.org

[GitHub] [sling-org-apache-sling-security] anchela commented on pull request #5: SLING-11117 : Inconsistent formatting and minor improvements

[GitBox]

anchela commented on pull request #5:
URL: 
https://github.com/apache/sling-org-apache-sling-security/pull/5#issuecomment-1031278695


   @cziegeler , i resolved the merge conflicts between your and my 
improvements. i would appreciate if you could take a look if  i didn't 
introduce any issues.


-- 
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.

To unsubscribe, e-mail: dev-unsubscr...@sling.apache.org

For queries about this service, please contact Infrastructure at:
us...@infra.apache.org

[GitHub] [sling-org-apache-sling-security] sonarcloud[bot] commented on pull request #5: SLING-11117 : Inconsistent formatting and minor improvements

[GitBox]

sonarcloud[bot] commented on pull request #5:
URL: 
https://github.com/apache/sling-org-apache-sling-security/pull/5#issuecomment-1031278638


   Kudos, SonarCloud Quality Gate passed!  ![Quality Gate 
passed](https://sonarsource.github.io/sonarcloud-github-static-resources/v2/checks/QualityGateBadge/passed-16px.png
 'Quality Gate passed')
   
   
[![Bug](https://sonarsource.github.io/sonarcloud-github-static-resources/v2/common/bug-16px.png
 
'Bug')](https://sonarcloud.io/project/issues?id=apache_sling-org-apache-sling-security=5=false=BUG)
 
[![A](https://sonarsource.github.io/sonarcloud-github-static-resources/v2/checks/RatingBadge/A-16px.png
 
'A')](https://sonarcloud.io/project/issues?id=apache_sling-org-apache-sling-security=5=false=BUG)
 [0 
Bugs](https://sonarcloud.io/project/issues?id=apache_sling-org-apache-sling-security=5=false=BUG)
  
   
[![Vulnerability](https://sonarsource.github.io/sonarcloud-github-static-resources/v2/common/vulnerability-16px.png
 
'Vulnerability')](https://sonarcloud.io/project/issues?id=apache_sling-org-apache-sling-security=5=false=VULNERABILITY)
 
[![A](https://sonarsource.github.io/sonarcloud-github-static-resources/v2/checks/RatingBadge/A-16px.png
 
'A')](https://sonarcloud.io/project/issues?id=apache_sling-org-apache-sling-security=5=false=VULNERABILITY)
 [0 
Vulnerabilities](https://sonarcloud.io/project/issues?id=apache_sling-org-apache-sling-security=5=false=VULNERABILITY)
  
   [![Security 
Hotspot](https://sonarsource.github.io/sonarcloud-github-static-resources/v2/common/security_hotspot-16px.png
 'Security 
Hotspot')](https://sonarcloud.io/project/security_hotspots?id=apache_sling-org-apache-sling-security=5=false=SECURITY_HOTSPOT)
 
[![A](https://sonarsource.github.io/sonarcloud-github-static-resources/v2/checks/RatingBadge/A-16px.png
 
'A')](https://sonarcloud.io/project/security_hotspots?id=apache_sling-org-apache-sling-security=5=false=SECURITY_HOTSPOT)
 [0 Security 
Hotspots](https://sonarcloud.io/project/security_hotspots?id=apache_sling-org-apache-sling-security=5=false=SECURITY_HOTSPOT)
  
   [![Code 
Smell](https://sonarsource.github.io/sonarcloud-github-static-resources/v2/common/code_smell-16px.png
 'Code 
Smell')](https://sonarcloud.io/project/issues?id=apache_sling-org-apache-sling-security=5=false=CODE_SMELL)
 
[![A](https://sonarsource.github.io/sonarcloud-github-static-resources/v2/checks/RatingBadge/A-16px.png
 
'A')](https://sonarcloud.io/project/issues?id=apache_sling-org-apache-sling-security=5=false=CODE_SMELL)
 [0 Code 
Smells](https://sonarcloud.io/project/issues?id=apache_sling-org-apache-sling-security=5=false=CODE_SMELL)
   
   
[![92.3%](https://sonarsource.github.io/sonarcloud-github-static-resources/v2/checks/CoverageChart/90-16px.png
 
'92.3%')](https://sonarcloud.io/component_measures?id=apache_sling-org-apache-sling-security=5=new_coverage=list)
 [92.3% 
Coverage](https://sonarcloud.io/component_measures?id=apache_sling-org-apache-sling-security=5=new_coverage=list)
  
   
[![0.0%](https://sonarsource.github.io/sonarcloud-github-static-resources/v2/checks/Duplications/3-16px.png
 
'0.0%')](https://sonarcloud.io/component_measures?id=apache_sling-org-apache-sling-security=5=new_duplicated_lines_density=list)
 [0.0% 
Duplication](https://sonarcloud.io/component_measures?id=apache_sling-org-apache-sling-security=5=new_duplicated_lines_density=list)
   
   


-- 
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.

To unsubscribe, e-mail: dev-unsubscr...@sling.apache.org

For queries about this service, please contact Infrastructure at:
us...@infra.apache.org

[GitHub] [sling-org-apache-sling-security] sonarcloud[bot] removed a comment on pull request #5: SLING-11117 : Inconsistent formatting and minor improvements

[GitBox]

sonarcloud[bot] removed a comment on pull request #5:
URL: 
https://github.com/apache/sling-org-apache-sling-security/pull/5#issuecomment-1029061911


   Kudos, SonarCloud Quality Gate passed!  ![Quality Gate 
passed](https://sonarsource.github.io/sonarcloud-github-static-resources/v2/checks/QualityGateBadge/passed-16px.png
 'Quality Gate passed')
   
   
[![Bug](https://sonarsource.github.io/sonarcloud-github-static-resources/v2/common/bug-16px.png
 
'Bug')](https://sonarcloud.io/project/issues?id=apache_sling-org-apache-sling-security=5=false=BUG)
 
[![A](https://sonarsource.github.io/sonarcloud-github-static-resources/v2/checks/RatingBadge/A-16px.png
 
'A')](https://sonarcloud.io/project/issues?id=apache_sling-org-apache-sling-security=5=false=BUG)
 [0 
Bugs](https://sonarcloud.io/project/issues?id=apache_sling-org-apache-sling-security=5=false=BUG)
  
   
[![Vulnerability](https://sonarsource.github.io/sonarcloud-github-static-resources/v2/common/vulnerability-16px.png
 
'Vulnerability')](https://sonarcloud.io/project/issues?id=apache_sling-org-apache-sling-security=5=false=VULNERABILITY)
 
[![A](https://sonarsource.github.io/sonarcloud-github-static-resources/v2/checks/RatingBadge/A-16px.png
 
'A')](https://sonarcloud.io/project/issues?id=apache_sling-org-apache-sling-security=5=false=VULNERABILITY)
 [0 
Vulnerabilities](https://sonarcloud.io/project/issues?id=apache_sling-org-apache-sling-security=5=false=VULNERABILITY)
  
   [![Security 
Hotspot](https://sonarsource.github.io/sonarcloud-github-static-resources/v2/common/security_hotspot-16px.png
 'Security 
Hotspot')](https://sonarcloud.io/project/security_hotspots?id=apache_sling-org-apache-sling-security=5=false=SECURITY_HOTSPOT)
 
[![A](https://sonarsource.github.io/sonarcloud-github-static-resources/v2/checks/RatingBadge/A-16px.png
 
'A')](https://sonarcloud.io/project/security_hotspots?id=apache_sling-org-apache-sling-security=5=false=SECURITY_HOTSPOT)
 [0 Security 
Hotspots](https://sonarcloud.io/project/security_hotspots?id=apache_sling-org-apache-sling-security=5=false=SECURITY_HOTSPOT)
  
   [![Code 
Smell](https://sonarsource.github.io/sonarcloud-github-static-resources/v2/common/code_smell-16px.png
 'Code 
Smell')](https://sonarcloud.io/project/issues?id=apache_sling-org-apache-sling-security=5=false=CODE_SMELL)
 
[![A](https://sonarsource.github.io/sonarcloud-github-static-resources/v2/checks/RatingBadge/A-16px.png
 
'A')](https://sonarcloud.io/project/issues?id=apache_sling-org-apache-sling-security=5=false=CODE_SMELL)
 [0 Code 
Smells](https://sonarcloud.io/project/issues?id=apache_sling-org-apache-sling-security=5=false=CODE_SMELL)
   
   
[![92.9%](https://sonarsource.github.io/sonarcloud-github-static-resources/v2/checks/CoverageChart/90-16px.png
 
'92.9%')](https://sonarcloud.io/component_measures?id=apache_sling-org-apache-sling-security=5=new_coverage=list)
 [92.9% 
Coverage](https://sonarcloud.io/component_measures?id=apache_sling-org-apache-sling-security=5=new_coverage=list)
  
   
[![0.0%](https://sonarsource.github.io/sonarcloud-github-static-resources/v2/checks/Duplications/3-16px.png
 
'0.0%')](https://sonarcloud.io/component_measures?id=apache_sling-org-apache-sling-security=5=new_duplicated_lines_density=list)
 [0.0% 
Duplication](https://sonarcloud.io/component_measures?id=apache_sling-org-apache-sling-security=5=new_duplicated_lines_density=list)
   
   


-- 
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.

To unsubscribe, e-mail: dev-unsubscr...@sling.apache.org

For queries about this service, please contact Infrastructure at:
us...@infra.apache.org

Re: [VOTE] Release Apache Sling Testing Clients version 3.0.8

[Andrei Dulvac]

Here's my +1
- Andrei

On Fri, Feb 4, 2022 at 5:42 PM Andrei Dulvac  wrote:

>
> We solved 1 issues in this release:
> https://issues.apache.org/jira/projects/SLING/versions/12351312
> 
> Staging repository:
> https://repository.apache.org/content/repositories/orgapachesling-2593
> 
> You can use this UNIX script to download the release and verify the
> signatures:
>
> https://gitbox.apache.org/repos/asf?p=sling-tooling-release.git;a=blob;f=check_staged_release.sh;hb=HEAD
>
> Usage:
> sh check_staged_release.sh 2593 /tmp/sling-staging
>
> Please vote to approve this release:
>
>   [ ] +1 Approve the release
>   [ ]  0 Don't care
>   [ ] -1 Don't release, because ...
>
> This majority vote is open for at least 72 hours.
>

[jira] [Commented] (SLING-11124) Update Guava Dependency for CVE CVE-2018-10237 and CVE-2020-8908

[Andrei Dulvac (Jira)]

[ 
https://issues.apache.org/jira/browse/SLING-11124?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel=17487995#comment-17487995
 ] 

Andrei Dulvac commented on SLING-11124:
---

[~enorman], Thanks for pointing that out. I haven't tested it either with oak, 
but the reality is this is almost exclusively (I don't know of a use-case where 
it isn't) used as a client-side library in automated tests, even though we 
package it as an osgi bundle. Also, I think that shouldn't matter anyway, as 
dependencies in the testing clients bundle are embedded.



> Update Guava Dependency for CVE CVE-2018-10237 and CVE-2020-8908
> 
>
> Key: SLING-11124
> URL: https://issues.apache.org/jira/browse/SLING-11124
> Project: Sling
>  Issue Type: Task
>  Components: Apache Sling Testing Clients
>Affects Versions: Apache Sling Testing Clients 3.0.8
>Reporter: Andrei Tuicu
>Assignee: Andrei Dulvac
>Priority: Major
> Fix For: Apache Sling Testing Clients 3.0.8
>
>  Time Spent: 40m
>  Remaining Estimate: 0h
>
> Sling testing clients are using com.google.guava guava 14.0.1 which is 
> vulnerable to CVE-2018-10237(MEDIUM) [1] and CVE-2020-8908(LOW) [2].
> Mitigation: update to latest guava 31.0.1-android
> [1] https://www.cvedetails.com/cve/CVE-2018-10237/
> [2] https://www.cvedetails.com/cve/CVE-2020-8908/



--
This message was sent by Atlassian Jira
(v8.20.1#820001)