Re: [VOTE] Release Apache Sling XSS Protection API 2.4.0
+1 On Sun, Nov 12, 2023 at 2:32 PM Eric Norman wrote: > +1 > > LGTM > > On Fri, Nov 10, 2023 at 8:22 AM Robert Munteanu > wrote: > > > Hi, > > > > We solved 8 issues in this release: > > > > > https://issues.apache.org/jira/secure/ReleaseNote.jspa?projectId=12310710=12353773=Text > > > > Staging repository: > > https://repository.apache.org/content/repositories/orgapachesling-2804/ > > > > You can use this UNIX script to download the release and verify the > > signatures: > > > > > https://raw.githubusercontent.com/apache/sling-tooling-release/master/check_staged_release.sh > > > > Usage: > > sh check_staged_release.sh 2804 /tmp/sling-staging > > > > Please vote to approve this release: > > > > [ ] +1 Approve the release > > [ ] 0 Don't care > > [ ] -1 Don't release, because ... > > > > This majority vote is open for at least 72 hours. > > > > Regards, > > Robert Munteanu > > >
Re: [VOTE] Release Apache Sling Content Distribution Journal Messages 0.5.8
+1 On Sun, Nov 12, 2023 at 12:55 PM Jörg Hoh wrote: > +1 > > Am Sa., 11. Nov. 2023 um 22:40 Uhr schrieb Timothee Maret < > tma...@apache.org > >: > > > Hi, > > > > We solved 1 issues in this release: > > https://issues.apache.org/jira/projects/SLING/versions/12353845 > > > > Staging repository: > > https://repository.apache.org/content/repositories/orgapachesling-2805/ > > > > You can use this UNIX script to download the release and verify the > > signatures: > > > > > https://raw.githubusercontent.com/apache/sling-tooling-release/master/check_staged_release.sh > > > > Usage: > > sh check_staged_release.sh 2805 /tmp/sling-staging > > > > Please vote to approve this release: > > > > [ ] +1 Approve the release > > [ ] 0 Don't care > > [ ] -1 Don't release, because ... > > > > This majority vote is open for at least 72 hours. > > > > > -- > Cheers, > Jörg Hoh, > > https://cqdump.joerghoh.de > Twitter: @joerghoh >
Re: [VOTE] Release Apache Sling XSS Protection API 2.4.0
+1 LGTM On Fri, Nov 10, 2023 at 8:22 AM Robert Munteanu wrote: > Hi, > > We solved 8 issues in this release: > > https://issues.apache.org/jira/secure/ReleaseNote.jspa?projectId=12310710=12353773=Text > > Staging repository: > https://repository.apache.org/content/repositories/orgapachesling-2804/ > > You can use this UNIX script to download the release and verify the > signatures: > > https://raw.githubusercontent.com/apache/sling-tooling-release/master/check_staged_release.sh > > Usage: > sh check_staged_release.sh 2804 /tmp/sling-staging > > Please vote to approve this release: > > [ ] +1 Approve the release > [ ] 0 Don't care > [ ] -1 Don't release, because ... > > This majority vote is open for at least 72 hours. > > Regards, > Robert Munteanu >
Re: [VOTE] Release Apache Sling XSS Protection API 2.4.0
+1 Am Fr., 10. Nov. 2023 um 17:22 Uhr schrieb Robert Munteanu < romb...@apache.org>: > Hi, > > We solved 8 issues in this release: > > https://issues.apache.org/jira/secure/ReleaseNote.jspa?projectId=12310710=12353773=Text > > Staging repository: > https://repository.apache.org/content/repositories/orgapachesling-2804/ > > You can use this UNIX script to download the release and verify the > signatures: > > https://raw.githubusercontent.com/apache/sling-tooling-release/master/check_staged_release.sh > > Usage: > sh check_staged_release.sh 2804 /tmp/sling-staging > > Please vote to approve this release: > > [ ] +1 Approve the release > [ ] 0 Don't care > [ ] -1 Don't release, because ... > > This majority vote is open for at least 72 hours. > > Regards, > Robert Munteanu > -- Cheers, Jörg Hoh, https://cqdump.joerghoh.de Twitter: @joerghoh
Re: [VOTE] Release Apache Sling Content Distribution Journal Messages 0.5.8
+1 Am Sa., 11. Nov. 2023 um 22:40 Uhr schrieb Timothee Maret : > Hi, > > We solved 1 issues in this release: > https://issues.apache.org/jira/projects/SLING/versions/12353845 > > Staging repository: > https://repository.apache.org/content/repositories/orgapachesling-2805/ > > You can use this UNIX script to download the release and verify the > signatures: > > https://raw.githubusercontent.com/apache/sling-tooling-release/master/check_staged_release.sh > > Usage: > sh check_staged_release.sh 2805 /tmp/sling-staging > > Please vote to approve this release: > > [ ] +1 Approve the release > [ ] 0 Don't care > [ ] -1 Don't release, because ... > > This majority vote is open for at least 72 hours. > -- Cheers, Jörg Hoh, https://cqdump.joerghoh.de Twitter: @joerghoh
[jira] [Closed] (SLING-12054) WARN of the non-use of optimizedAliasResolution
[ https://issues.apache.org/jira/browse/SLING-12054?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ] Joerg Hoh closed SLING-12054. - > WARN of the non-use of optimizedAliasResolution > > > Key: SLING-12054 > URL: https://issues.apache.org/jira/browse/SLING-12054 > Project: Sling > Issue Type: Task > Components: ResourceResolver >Affects Versions: Resource Resolver 1.11.0 >Reporter: Joerg Hoh >Assignee: Joerg Hoh >Priority: Major > Fix For: Resource Resolver 1.11.2 > > > As we found in SLING-12025, disabling the optimizedAliasResolution changes > the behavior of the mapping result. This can be clearly considered a bug, but > as it is part of the ResourceResolver for quite some time (although not > default), we cannot fix or remove it that easily. > We should write a WARN message into the log, when the > optimizedAliasResolution is *NOT* used. The wording in the configuration (as > shown in the OSGI Webconsole) should be adjusted too. > The removal of this code path should be considered as next step, taking place > in 12+ months earliest. -- This message was sent by Atlassian Jira (v8.20.10#820010)
[jira] [Closed] (SLING-11715) ResourceResolver.map resolves same resource twice
[
https://issues.apache.org/jira/browse/SLING-11715?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel
]
Joerg Hoh closed SLING-11715.
-
> ResourceResolver.map resolves same resource twice
> -
>
> Key: SLING-11715
> URL: https://issues.apache.org/jira/browse/SLING-11715
> Project: Sling
> Issue Type: Improvement
> Components: ResourceResolver
>Affects Versions: Resource Resolver 1.10.0
>Reporter: Joerg Hoh
>Assignee: Joerg Hoh
>Priority: Major
> Fix For: Resource Resolver 1.11.2
>
>
> While investigation repository access I found that a
> {{ResourceResolver.map()}} call invokes
> {{ResourceResolver.resolveInternal()}} twice for the same resource.
> See these parts of the call stack:
> {noformat}
> at
> org.apache.sling.resourceresolver.impl.ResourceResolverImpl.getAbsoluteResourceInternal(ResourceResolverImpl.java:901)
> [org.apache.sling.resourceresolver:1.10.0]
> at
> org.apache.sling.resourceresolver.impl.ResourceResolverImpl.resolveInternal(ResourceResolverImpl.java:727)
> [org.apache.sling.resourceresolver:1.10.0]
> at
> org.apache.sling.resourceresolver.impl.mapping.ResourceMapperImpl.getAllMappings(ResourceMapperImpl.java:145)
> [org.apache.sling.resourceresolver:1.10.0]
> at
> org.apache.sling.resourceresolver.impl.mapping.ResourceMapperImpl.getMapping(ResourceMapperImpl.java:73)
> [org.apache.sling.resourceresolver:1.10.0]
> at
> org.apache.sling.resourceresolver.impl.ResourceResolverImpl.map(ResourceResolverImpl.java:445)
> [org.apache.sling.resourceresolver:1.10.0]
> {noformat}
> {noformat}
> at
> org.apache.sling.resourceresolver.impl.ResourceResolverImpl.resolveInternal(ResourceResolverImpl.java:384)
> [org.apache.sling.resourceresolver:1.10.0]
> at
> org.apache.sling.resourceresolver.impl.ResourceResolverImpl.resolve(ResourceResolverImpl.java:256)
> [org.apache.sling.resourceresolver:1.10.0]
> at
> org.apache.sling.resourceresolver.impl.mapping.ResourceMapperImpl.loadAliasesIfApplicable(ResourceMapperImpl.java:220)
> [org.apache.sling.resourceresolver:1.10.0]
> at
> org.apache.sling.resourceresolver.impl.mapping.ResourceMapperImpl.getAllMappings(ResourceMapperImpl.java:147)
> [org.apache.sling.resourceresolver:1.10.0]
> at
> org.apache.sling.resourceresolver.impl.mapping.ResourceMapperImpl.getMapping(ResourceMapperImpl.java:73)
> [org.apache.sling.resourceresolver:1.10.0]
> at
> org.apache.sling.resourceresolver.impl.ResourceResolverImpl.map(ResourceResolverImpl.java:445)
> [org.apache.sling.resourceresolver:1.10.0]
> {noformat}
> In
> [ResourceResolverMapperImpl.loadAliasesIfApplicable()|https://github.com/apache/sling-org-apache-sling-resourceresolver/blob/ac8b0ad5a75a26a00ef88c7d322b8be2b5495dfb/src/main/java/org/apache/sling/resourceresolver/impl/mapping/ResourceMapperImpl.java#L189]
> a resolved resource is passed, and when no alias is encountered the same
> resource will be resolved again in [line
> 220|https://github.com/apache/sling-org-apache-sling-resourceresolver/blob/ac8b0ad5a75a26a00ef88c7d322b8be2b5495dfb/src/main/java/org/apache/sling/resourceresolver/impl/mapping/ResourceMapperImpl.java#L220].
--
This message was sent by Atlassian Jira
(v8.20.10#820010)
[jira] [Closed] (SLING-12025) ResourceResolver: different mapping when optimizedAliasResolution enabled
[
https://issues.apache.org/jira/browse/SLING-12025?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel
]
Joerg Hoh closed SLING-12025.
-
> ResourceResolver: different mapping when optimizedAliasResolution enabled
> -
>
> Key: SLING-12025
> URL: https://issues.apache.org/jira/browse/SLING-12025
> Project: Sling
> Issue Type: Task
> Components: ResourceResolver
>Affects Versions: Resource Resolver 1.10.0
>Reporter: Joerg Hoh
>Assignee: Joerg Hoh
>Priority: Major
> Fix For: Resource Resolver 1.11.2
>
>
> I found that the there is a different behavior in case the "optimized alias
> resolution is enabled.
> Setup:
> {noformat}
> * /content/jcr:content
> + sling:alias=foobar
> {noformat}
> In my opinion the expected behavior is that the {{content}} resource is
> aliased and can be resolved via both {{/content}} and {{/foobar}}. You cannot
> alias the {{jcr:content}} node. Unfortunately there are no unit tests for
> that, and I just came across that behavior when I tried to write one.
> This works with the "optimized alias resolution" feature turned on, but if
> it's turned off, it does not work anymore, and you can resolve that resource
> only via its name. (In that case I assume that the jcr:content resource is
> aliased.)
> I created
> https://github.com/apache/sling-org-apache-sling-resourceresolver/pull/105 to
> demonstrate this problem.
> Is my assumption about the behavior correct?
--
This message was sent by Atlassian Jira
(v8.20.10#820010)
[RESULT] [VOTE] Release Apache Sling ResourceResolver 1.11.2
Hi, The vote has passed with the following result : +1 (binding): Jörg Hoh, Julian Sedding, Carsten Ziegeler, Daniel Klco I will copy this release to the Sling dist directory and promote the artifacts to the central Maven repository. Jörg Am So., 5. Nov. 2023 um 12:21 Uhr schrieb Jörg Hoh : > Hi, > > We solved 4 issues in this > release:https://issues.apache.org/jira/secure/ReleaseNote.jspa?projectId=12310710=12353649=Text > > Staging > repository:https://repository.apache.org/content/repositories/orgapachesling-2802/ > > You can use this UNIX script to download the release and verify the > signatures:https://raw.githubusercontent.com/apache/sling-tooling-release/master/check_staged_release.sh > Usage: > sh check_staged_release.sh 2802 /tmp/sling-staging > > Please vote to approve this release: > > [ ] +1 Approve the release > [ ] 0 Don't care > [ ] -1 Don't release, because ... > > This majority vote is open for at least 72 hours. > > > > -- > Cheers, > Jörg Hoh, > > https://cqdump.joerghoh.de > Twitter: @joerghoh > -- Cheers, Jörg Hoh, https://cqdump.joerghoh.de Twitter: @joerghoh
[jira] [Resolved] (SLING-12145) Include region and deprecation info in exported package report
[ https://issues.apache.org/jira/browse/SLING-12145?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ] Carsten Ziegeler resolved SLING-12145. -- Resolution: Fixed Added fourth column with region name and optional fifth with "deprecated" if the package is deprecated. https://github.com/apache/sling-slingfeature-maven-plugin/commit/944a268072ac6f88dbc9a669549a1b163f13d4bf > Include region and deprecation info in exported package report > -- > > Key: SLING-12145 > URL: https://issues.apache.org/jira/browse/SLING-12145 > Project: Sling > Issue Type: Improvement > Components: Feature Model, Maven Plugins and Archetypes >Reporter: Carsten Ziegeler >Assignee: Carsten Ziegeler >Priority: Major > Fix For: OSGi Feature Maven Plugin 1.8.0 > > -- This message was sent by Atlassian Jira (v8.20.10#820010)
[jira] [Created] (SLING-12145) Include region and deprecation info in exported package report
Carsten Ziegeler created SLING-12145: Summary: Include region and deprecation info in exported package report Key: SLING-12145 URL: https://issues.apache.org/jira/browse/SLING-12145 Project: Sling Issue Type: Improvement Components: Feature Model, Maven Plugins and Archetypes Reporter: Carsten Ziegeler Assignee: Carsten Ziegeler Fix For: OSGi Feature Maven Plugin 1.8.0 -- This message was sent by Atlassian Jira (v8.20.10#820010)
Re: [PR] SLING-12144 - Bump non-sling dependencies to latest in org.apache.sling.testing.sling-mock [sling-org-apache-sling-testing-sling-mock]
sonarcloud[bot] commented on PR #31: URL: https://github.com/apache/sling-org-apache-sling-testing-sling-mock/pull/31#issuecomment-1807153145 Kudos, SonarCloud Quality Gate passed! [](https://sonarcloud.io/dashboard?id=apache_sling-org-apache-sling-testing-sling-mock=31) [](https://sonarcloud.io/project/issues?id=apache_sling-org-apache-sling-testing-sling-mock=31=false=BUG) [](https://sonarcloud.io/project/issues?id=apache_sling-org-apache-sling-testing-sling-mock=31=false=BUG) [0 Bugs](https://sonarcloud.io/project/issues?id=apache_sling-org-apache-sling-testing-sling-mock=31=false=BUG) [](https://sonarcloud.io/project/issues?id=apache_sling-org-apache-sling-testing-sling-mock=31=false=VULNERABILITY) [](https://sonarcloud.io/project/issues?id=apache_sling-org-apache-sling-testing-sling-mock=31=false=VULNERABILITY) [0 Vulnerabilities](https://sonarcloud.io/project/issues?id=apache_sling-org-apache-sling-testing-sling-mock=31=false=VULNERABILITY) [](https://sonarcloud.io/project/security_hotspots?id=apache_sling-org-apache-sling-testing-sling-mock=31=false=SECURITY_HOTSPOT) [](https://sonarcloud.io/project/security_hotspots?id=apache_sling-org-apache-sling-testing-sling-mock=31=false=SECURITY_HOTSPOT) [0 Security Hotspots](https://sonarcloud.io/project/security_hotspots?id=apache_sling-org-apache-sling-testing-sling-mock=31=false=SECURITY_HOTSPOT) [](https://sonarcloud.io/project/issues?id=apache_sling-org-apache-sling-testing-sling-mock=31=false=CODE_SMELL) [](https://sonarcloud.io/project/issues?id=apache_sling-org-apache-sling-testing-sling-mock=31=false=CODE_SMELL) [0 Code Smells](https://sonarcloud.io/project/issues?id=apache_sling-org-apache-sling-testing-sling-mock=31=false=CODE_SMELL) [](https://sonarcloud.io/component_measures?id=apache_sling-org-apache-sling-testing-sling-mock=31=coverage=list) No Coverage information [](https://sonarcloud.io/component_measures?id=apache_sling-org-apache-sling-testing-sling-mock=31=new_duplicated_lines_density=list) [0.0% Duplication](https://sonarcloud.io/component_measures?id=apache_sling-org-apache-sling-testing-sling-mock=31=new_duplicated_lines_density=list) -- This is an automated message from the Apache Git Service. To respond to the message, please log on to GitHub and use the URL above to go to the specific comment. To unsubscribe, e-mail: dev-unsubscr...@sling.apache.org For queries about this service, please contact Infrastructure at: us...@infra.apache.org
[PR] SLING-12144 - Bump non-sling dependencies to latest in org.apache.sling.testing.sling-mock [sling-org-apache-sling-testing-sling-mock]
rmcdouga opened a new pull request, #31: URL: https://github.com/apache/sling-org-apache-sling-testing-sling-mock/pull/31 Bump dependencies: Mockito: 4.7.0 -> 5.7.0 commons-lang 2.6 -> commons-lang3 3.13.0 commons-io 2.11.0 -> 2.13.0 commons-collectios4 4.2 -> 4.4 JUnit5 5.2.0 -> 5.10.1 -- This is an automated message from the Apache Git Service. To respond to the message, please log on to GitHub and use the URL above to go to the specific comment. To unsubscribe, e-mail: dev-unsubscr...@sling.apache.org For queries about this service, please contact Infrastructure at: us...@infra.apache.org
[jira] [Created] (SLING-12144) Bump non-sling dependencies to latest in org.apache.sling.testing.sling-mock
Rob McDougall created SLING-12144: - Summary: Bump non-sling dependencies to latest in org.apache.sling.testing.sling-mock Key: SLING-12144 URL: https://issues.apache.org/jira/browse/SLING-12144 Project: Sling Issue Type: Task Reporter: Rob McDougall Bump dependencies: Mockito: 4.7.0 -> 5.7.0 commons-lang 2.6 -> commons-lang3 3.13.0 commons-io 2.11.0 -> 2.13.0 commons-collectios4 4.2 -> 4.4 JUnit5 5.2.0 -> 5.10.1 -- This message was sent by Atlassian Jira (v8.20.10#820010)
[jira] [Updated] (SLING-12139) Bump versions of dependencies in sling-org-apache-sling-testing-hamcrest to latest
[ https://issues.apache.org/jira/browse/SLING-12139?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ] Rob McDougall updated SLING-12139: -- Description: There are a couple of older versions being referenced in the pom. Specifially: org.apache.sling.testing.sling-mock 1.8.0->3.4.14 org.apache.sling:sling 47->52 org.apache.sling.api 2.4.0->2,22.0 My plan is to do both under this issue and in one PR but with separate commits. If you'd prefer separate issues or PRs, just let me know. was: There are a couple of older versions being referenced in the pom. Specifially: org.apache.sling.testing.sling-mock 1.8.0->3.4.14 org.apache.sling:sling 47->52 My plan is to do both under this issue and in one PR but with separate commits. If you'd prefer separate issues or PRs, just let me know. > Bump versions of dependencies in sling-org-apache-sling-testing-hamcrest to > latest > -- > > Key: SLING-12139 > URL: https://issues.apache.org/jira/browse/SLING-12139 > Project: Sling > Issue Type: Task > Components: Testing >Reporter: Rob McDougall >Priority: Minor > > There are a couple of older versions being referenced in the pom. > Specifially: > org.apache.sling.testing.sling-mock 1.8.0->3.4.14 > org.apache.sling:sling 47->52 > org.apache.sling.api 2.4.0->2,22.0 > > My plan is to do both under this issue and in one PR but with separate > commits. If you'd prefer separate issues or PRs, just let me know. -- This message was sent by Atlassian Jira (v8.20.10#820010)
