Re: [PR] SLING-12276 - Update to java-html-sanitizer 20240325.1 [sling-org-apache-sling-xss]

2024-03-26 Thread via GitHub 


sonarcloud[bot] commented on PR #42:
URL: 
https://github.com/apache/sling-org-apache-sling-xss/pull/42#issuecomment-2019856808

   ## [![Quality Gate 
Passed](https://sonarsource.github.io/sonarcloud-github-static-resources/v2/checks/QualityGateBadge/qg-passed-20px.png
 'Quality Gate 
Passed')](https://sonarcloud.io/dashboard?id=apache_sling-org-apache-sling-xss&pullRequest=42)
 **Quality Gate passed**  
   Issues  
   
![](https://sonarsource.github.io/sonarcloud-github-static-resources/v2/common/passed-16px.png
 '') [4 New 
issues](https://sonarcloud.io/project/issues?id=apache_sling-org-apache-sling-xss&pullRequest=42&resolved=false&inNewCodePeriod=true)
  
   
![](https://sonarsource.github.io/sonarcloud-github-static-resources/v2/common/accepted-16px.png
 '') [0 Accepted 
issues](https://sonarcloud.io/component_measures?id=apache_sling-org-apache-sling-xss&pullRequest=42&metric=new_accepted_issues&view=list)
   
   Measures  
   
![](https://sonarsource.github.io/sonarcloud-github-static-resources/v2/common/passed-16px.png
 '') [0 Security 
Hotspots](https://sonarcloud.io/project/security_hotspots?id=apache_sling-org-apache-sling-xss&pullRequest=42&resolved=false&inNewCodePeriod=true)
  
   
![](https://sonarsource.github.io/sonarcloud-github-static-resources/v2/common/passed-16px.png
 '') [84.6% Coverage on New 
Code](https://sonarcloud.io/component_measures?id=apache_sling-org-apache-sling-xss&pullRequest=42&metric=new_coverage&view=list)
  
   
![](https://sonarsource.github.io/sonarcloud-github-static-resources/v2/common/passed-16px.png
 '') [0.0% Duplication on New 
Code](https://sonarcloud.io/component_measures?id=apache_sling-org-apache-sling-xss&pullRequest=42&metric=new_duplicated_lines_density&view=list)
  
 
   [See analysis details on 
SonarCloud](https://sonarcloud.io/dashboard?id=apache_sling-org-apache-sling-xss&pullRequest=42)
   
   


-- 
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.

To unsubscribe, e-mail: dev-unsubscr...@sling.apache.org

For queries about this service, please contact Infrastructure at:
us...@infra.apache.org

Re: [PR] SLING-12276 - Update to java-html-sanitizer 20240325.1 [sling-org-apache-sling-xss]

2024-03-26 Thread via GitHub 


rombert commented on PR #42:
URL: 
https://github.com/apache/sling-org-apache-sling-xss/pull/42#issuecomment-2019875037

   After this PR the bundle will no longer resolve in the current Sling Starter
   
   ```
   [ERROR] [bundle-packages] 
org.apache.sling:org.apache.sling.xss:2.4.1-SNAPSHOT: Bundle is importing 
package org.owasp.shim with start order 20 but no bundle is exporting these for 
that start order.
   ```


-- 
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.

To unsubscribe, e-mail: dev-unsubscr...@sling.apache.org

For queries about this service, please contact Infrastructure at:
us...@infra.apache.org

Re: [PR] SLING-12276 - Update to java-html-sanitizer 20240325.1 [sling-org-apache-sling-xss]

2024-03-26 Thread via GitHub 


rombert commented on PR #42:
URL: 
https://github.com/apache/sling-org-apache-sling-xss/pull/42#issuecomment-2020060352

   > After this PR the bundle will no longer resolve in the current Sling 
Starter
   > 
   > ```
   > [ERROR] [bundle-packages] 
org.apache.sling:org.apache.sling.xss:2.4.1-SNAPSHOT: Bundle is importing 
package org.owasp.shim with start order 20 but no bundle is exporting these for 
that start order.
   > ```
   
   Fixed with 
https://github.com/apache/sling-org-apache-sling-xss/pull/42/commits/a6efb27cdcfe2d9f3fdc85483847c1255de99c8a
   


-- 
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.

To unsubscribe, e-mail: dev-unsubscr...@sling.apache.org

For queries about this service, please contact Infrastructure at:
us...@infra.apache.org

Re: [PR] SLING-12276 - Update to java-html-sanitizer 20240325.1 [sling-org-apache-sling-xss]

2024-03-26 Thread via GitHub 


kwin commented on PR #42:
URL: 
https://github.com/apache/sling-org-apache-sling-xss/pull/42#issuecomment-2020141938

   java-html-sanitizer 20240325.1 contains Java 10 bytecode 
(https://github.com/OWASP/java-html-sanitizer/blob/43089899bae8fae0cb0016c5700beace7ddd26f0/owasp-java-html-sanitizer/pom.xml#L90),
 so we should target Java10+ as well with our wrapper bundle.


-- 
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.

To unsubscribe, e-mail: dev-unsubscr...@sling.apache.org

For queries about this service, please contact Infrastructure at:
us...@infra.apache.org

Re: [PR] SLING-12276 - Update to java-html-sanitizer 20240325.1 [sling-org-apache-sling-xss]

2024-03-26 Thread via GitHub 


rombert commented on PR #42:
URL: 
https://github.com/apache/sling-org-apache-sling-xss/pull/42#issuecomment-2020330295

   @kwin - my reading of the release notes is that this release still supports 
Java 8. The Jenkins build with Java 8 also passes - 
https://ci-builds.apache.org/blue/organizations/jenkins/Sling%2Fmodules%2Fsling-org-apache-sling-xss/detail/PR-42/1/pipeline/122
 .


-- 
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.

To unsubscribe, e-mail: dev-unsubscr...@sling.apache.org

For queries about this service, please contact Infrastructure at:
us...@infra.apache.org

Re: [PR] SLING-12276 - Update to java-html-sanitizer 20240325.1 [sling-org-apache-sling-xss]

2024-03-26 Thread via GitHub 


sonarcloud[bot] commented on PR #42:
URL: 
https://github.com/apache/sling-org-apache-sling-xss/pull/42#issuecomment-2020438489

   ## [![Quality Gate 
Passed](https://sonarsource.github.io/sonarcloud-github-static-resources/v2/checks/QualityGateBadge/qg-passed-20px.png
 'Quality Gate 
Passed')](https://sonarcloud.io/dashboard?id=apache_sling-org-apache-sling-xss&pullRequest=42)
 **Quality Gate passed**  
   Issues  
   
![](https://sonarsource.github.io/sonarcloud-github-static-resources/v2/common/passed-16px.png
 '') [4 New 
issues](https://sonarcloud.io/project/issues?id=apache_sling-org-apache-sling-xss&pullRequest=42&resolved=false&inNewCodePeriod=true)
  
   
![](https://sonarsource.github.io/sonarcloud-github-static-resources/v2/common/accepted-16px.png
 '') [0 Accepted 
issues](https://sonarcloud.io/component_measures?id=apache_sling-org-apache-sling-xss&pullRequest=42&metric=new_accepted_issues&view=list)
   
   Measures  
   
![](https://sonarsource.github.io/sonarcloud-github-static-resources/v2/common/passed-16px.png
 '') [0 Security 
Hotspots](https://sonarcloud.io/project/security_hotspots?id=apache_sling-org-apache-sling-xss&pullRequest=42&resolved=false&inNewCodePeriod=true)
  
   
![](https://sonarsource.github.io/sonarcloud-github-static-resources/v2/common/passed-16px.png
 '') [84.6% Coverage on New 
Code](https://sonarcloud.io/component_measures?id=apache_sling-org-apache-sling-xss&pullRequest=42&metric=new_coverage&view=list)
  
   
![](https://sonarsource.github.io/sonarcloud-github-static-resources/v2/common/passed-16px.png
 '') [0.0% Duplication on New 
Code](https://sonarcloud.io/component_measures?id=apache_sling-org-apache-sling-xss&pullRequest=42&metric=new_duplicated_lines_density&view=list)
  
 
   [See analysis details on 
SonarCloud](https://sonarcloud.io/dashboard?id=apache_sling-org-apache-sling-xss&pullRequest=42)
   
   


-- 
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.

To unsubscribe, e-mail: dev-unsubscr...@sling.apache.org

For queries about this service, please contact Infrastructure at:
us...@infra.apache.org

Re: [PR] SLING-12276 - Update to java-html-sanitizer 20240325.1 [sling-org-apache-sling-xss]

2024-03-26 Thread via GitHub 


kwin commented on PR #42:
URL: 
https://github.com/apache/sling-org-apache-sling-xss/pull/42#issuecomment-2020681234

   https://github.com/OWASP/java-html-sanitizer/pull/328#issuecomment-2020675724


-- 
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.

To unsubscribe, e-mail: dev-unsubscr...@sling.apache.org

For queries about this service, please contact Infrastructure at:
us...@infra.apache.org

Re: [PR] SLING-12276 - Update to java-html-sanitizer 20240325.1 [sling-org-apache-sling-xss]

2024-03-27 Thread via GitHub 


sonarcloud[bot] commented on PR #42:
URL: 
https://github.com/apache/sling-org-apache-sling-xss/pull/42#issuecomment-2022791382

   ## [![Quality Gate 
Passed](https://sonarsource.github.io/sonarcloud-github-static-resources/v2/checks/QualityGateBadge/qg-passed-20px.png
 'Quality Gate 
Passed')](https://sonarcloud.io/dashboard?id=apache_sling-org-apache-sling-xss&pullRequest=42)
 **Quality Gate passed**  
   Issues  
   
![](https://sonarsource.github.io/sonarcloud-github-static-resources/v2/common/passed-16px.png
 '') [4 New 
issues](https://sonarcloud.io/project/issues?id=apache_sling-org-apache-sling-xss&pullRequest=42&resolved=false&inNewCodePeriod=true)
  
   
![](https://sonarsource.github.io/sonarcloud-github-static-resources/v2/common/accepted-16px.png
 '') [0 Accepted 
issues](https://sonarcloud.io/component_measures?id=apache_sling-org-apache-sling-xss&pullRequest=42&metric=new_accepted_issues&view=list)
   
   Measures  
   
![](https://sonarsource.github.io/sonarcloud-github-static-resources/v2/common/passed-16px.png
 '') [0 Security 
Hotspots](https://sonarcloud.io/project/security_hotspots?id=apache_sling-org-apache-sling-xss&pullRequest=42&resolved=false&inNewCodePeriod=true)
  
   
![](https://sonarsource.github.io/sonarcloud-github-static-resources/v2/common/passed-16px.png
 '') [84.6% Coverage on New 
Code](https://sonarcloud.io/component_measures?id=apache_sling-org-apache-sling-xss&pullRequest=42&metric=new_coverage&view=list)
  
   
![](https://sonarsource.github.io/sonarcloud-github-static-resources/v2/common/passed-16px.png
 '') [0.0% Duplication on New 
Code](https://sonarcloud.io/component_measures?id=apache_sling-org-apache-sling-xss&pullRequest=42&metric=new_duplicated_lines_density&view=list)
  
 
   [See analysis details on 
SonarCloud](https://sonarcloud.io/dashboard?id=apache_sling-org-apache-sling-xss&pullRequest=42)
   
   


-- 
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.

To unsubscribe, e-mail: dev-unsubscr...@sling.apache.org

For queries about this service, please contact Infrastructure at:
us...@infra.apache.org

Re: [PR] SLING-12276 - Update to java-html-sanitizer 20240325.1 [sling-org-apache-sling-xss]

2024-04-10 Thread via GitHub 


stefanseifert commented on PR #42:
URL: 
https://github.com/apache/sling-org-apache-sling-xss/pull/42#issuecomment-2047647027

   lgtm from sling-mock perspective


-- 
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.

To unsubscribe, e-mail: dev-unsubscr...@sling.apache.org

For queries about this service, please contact Infrastructure at:
us...@infra.apache.org

Re: [PR] SLING-12276 - Update to java-html-sanitizer 20240325.1 [sling-org-apache-sling-xss]

2024-04-11 Thread via GitHub 


rombert commented on PR #42:
URL: 
https://github.com/apache/sling-org-apache-sling-xss/pull/42#issuecomment-2049992800

   @raducotescu  - any comments? I plan to merge tomorrow.


-- 
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.

To unsubscribe, e-mail: dev-unsubscr...@sling.apache.org

For queries about this service, please contact Infrastructure at:
us...@infra.apache.org

Re: [PR] SLING-12276 - Update to java-html-sanitizer 20240325.1 [sling-org-apache-sling-xss]

2024-04-12 Thread via GitHub 


rombert merged PR #42:
URL: https://github.com/apache/sling-org-apache-sling-xss/pull/42


-- 
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.

To unsubscribe, e-mail: dev-unsubscr...@sling.apache.org

For queries about this service, please contact Infrastructure at:
us...@infra.apache.org