subject:"state of sling\-org\-apache\-sling\-starter"

Re: state of sling-org-apache-sling-starter

2020-12-04 Thread Robert Munteanu

Hi Ruben,

On Fri, 2020-11-27 at 15:13 -0800, Ruben Reusser wrote:
> thank you - there seems to be quite a list of outdated bundles int
> the 
> starter even outside of sling itself. I am trying to wrap my head
> around 
> how to make bring everything safely up to date.
> 
> it looks like some of the versions in use have known security 
> vulnerabilities.

Not sure what you mean by wrapping your head around bringing everything
up to date, but my usual process for updating the starter is:

1. Update all dependencies in the feature model
2. run `mvn install`
3. Launch it, click around a bit ( composum, slingshot )
4. Run the Sling ITs

Sometimes I skip 3 and 4 for trivial updates :-)

Hope that helps,

Thanks,
Robert

Re: state of sling-org-apache-sling-starter

2020-11-27 Thread Ruben Reusser


Eric,

thank you - there seems to be quite a list of outdated bundles int the 
starter even outside of sling itself. I am trying to wrap my head around 
how to make bring everything safely up to date.


it looks like some of the versions in use have known security 
vulnerabilities.


Ruben

On 11/27/2020 1:28 PM, Eric Norman wrote:

Hi Ruben,

I've just fixed the org.apache.sling.jcr.contentloader item from your
list.  It might be worth opening a new issue in jira for tracking the
others.

FYI: I usually use the following command to produce a report on
dependencies that are not the latest version:

*mvn versions:display-dependency-updates*


Regards,
-Eric

On Tue, Nov 24, 2020 at 9:06 PM Ruben Reusser  wrote:


here's the current list of mismatches:

org.apache.sling.commons.fsclassloader starter: 1.0.14 downloads: 1.0.8
org.apache.sling.commons.scheduler starter: 2.7.6 downloads: 2.7.2
org.apache.sling.models.impl starter: 1.4.12 downloads: 1.4.16
org.apache.sling.serviceusermapper starter: 1.4.4 downloads: 1.4.2
org.apache.sling.servlets.resolver starter: 2.7.10 downloads: 2.7.8
org.apache.sling.commons.johnzon starter: 1.2.4 downloads: 1.2.6
org.apache.sling.commons.osgi starter: 2.4.0 downloads: 2.4.2
org.apache.sling.installer.core starter: 3.11.2 downloads: 3.11.4
org.apache.sling.settings starter: 1.4.0 downloads: 1.4.2
org.apache.sling.discovery.oak starter: 1.2.28 downloads: 1.2.30
org.apache.sling.discovery.support starter: 1.0.4 downloads: 1.0.6
org.apache.sling.jcr.contentloader starter: 2.3.0 downloads: 2.4.0
org.apache.sling.extensions.webconsolesecurityprovider starter: 1.2.4
downloads: 1.2.2


On Tue, Nov 24, 2020 at 5:13 pm, Bertrand Delacretaz
 wrote:

Hi Ruben,

On Tue, Nov 24, 2020 at 4:29 PM Ruben Reusser mailto:r...@headwire.com>> wrote:

  ...is there a process to update the starter and the downloads page
when a
  new version of a bundle is released?...

Updating it is part of our release instructions at
<

https://sling.apache.org/documentation/development/release-management.html#update-the-sling-starter-module-1


But I suspect we miss that sometimes - patches welcome of course!

-Bertrand

Re: state of sling-org-apache-sling-starter

2020-11-27 Thread Eric Norman

Hi Ruben,

I've just fixed the org.apache.sling.jcr.contentloader item from your
list.  It might be worth opening a new issue in jira for tracking the
others.

FYI: I usually use the following command to produce a report on
dependencies that are not the latest version:

*mvn versions:display-dependency-updates*


Regards,
-Eric

On Tue, Nov 24, 2020 at 9:06 PM Ruben Reusser  wrote:

> here's the current list of mismatches:
>
> org.apache.sling.commons.fsclassloader starter: 1.0.14 downloads: 1.0.8
> org.apache.sling.commons.scheduler starter: 2.7.6 downloads: 2.7.2
> org.apache.sling.models.impl starter: 1.4.12 downloads: 1.4.16
> org.apache.sling.serviceusermapper starter: 1.4.4 downloads: 1.4.2
> org.apache.sling.servlets.resolver starter: 2.7.10 downloads: 2.7.8
> org.apache.sling.commons.johnzon starter: 1.2.4 downloads: 1.2.6
> org.apache.sling.commons.osgi starter: 2.4.0 downloads: 2.4.2
> org.apache.sling.installer.core starter: 3.11.2 downloads: 3.11.4
> org.apache.sling.settings starter: 1.4.0 downloads: 1.4.2
> org.apache.sling.discovery.oak starter: 1.2.28 downloads: 1.2.30
> org.apache.sling.discovery.support starter: 1.0.4 downloads: 1.0.6
> org.apache.sling.jcr.contentloader starter: 2.3.0 downloads: 2.4.0
> org.apache.sling.extensions.webconsolesecurityprovider starter: 1.2.4
> downloads: 1.2.2
>
>
> On Tue, Nov 24, 2020 at 5:13 pm, Bertrand Delacretaz
>  wrote:
> > Hi Ruben,
> >
> > On Tue, Nov 24, 2020 at 4:29 PM Ruben Reusser  > > wrote:
> >>  ...is there a process to update the starter and the downloads page
> >> when a
> >>  new version of a bundle is released?...
> >
> > Updating it is part of our release instructions at
> > <
> https://sling.apache.org/documentation/development/release-management.html#update-the-sling-starter-module-1
> >
> >
> > But I suspect we miss that sometimes - patches welcome of course!
> >
> > -Bertrand
>
>

Re: state of sling-org-apache-sling-starter

2020-11-24 Thread Ruben Reusser


here's the current list of mismatches:

org.apache.sling.commons.fsclassloader starter: 1.0.14 downloads: 1.0.8
org.apache.sling.commons.scheduler starter: 2.7.6 downloads: 2.7.2
org.apache.sling.models.impl starter: 1.4.12 downloads: 1.4.16
org.apache.sling.serviceusermapper starter: 1.4.4 downloads: 1.4.2
org.apache.sling.servlets.resolver starter: 2.7.10 downloads: 2.7.8
org.apache.sling.commons.johnzon starter: 1.2.4 downloads: 1.2.6
org.apache.sling.commons.osgi starter: 2.4.0 downloads: 2.4.2
org.apache.sling.installer.core starter: 3.11.2 downloads: 3.11.4
org.apache.sling.settings starter: 1.4.0 downloads: 1.4.2
org.apache.sling.discovery.oak starter: 1.2.28 downloads: 1.2.30
org.apache.sling.discovery.support starter: 1.0.4 downloads: 1.0.6
org.apache.sling.jcr.contentloader starter: 2.3.0 downloads: 2.4.0
org.apache.sling.extensions.webconsolesecurityprovider starter: 1.2.4 
downloads: 1.2.2



On Tue, Nov 24, 2020 at 5:13 pm, Bertrand Delacretaz 
 wrote:

Hi Ruben,

On Tue, Nov 24, 2020 at 4:29 PM Ruben Reusser > wrote:
 ...is there a process to update the starter and the downloads page 
when a

 new version of a bundle is released?...


Updating it is part of our release instructions at


But I suspect we miss that sometimes - patches welcome of course!

-Bertrand

Re: state of sling-org-apache-sling-starter

2020-11-24 Thread Bertrand Delacretaz

Hi Ruben,

On Tue, Nov 24, 2020 at 4:29 PM Ruben Reusser  wrote:
> ...is there a process to update the starter and the downloads page when a
> new version of a bundle is released?...

Updating it is part of our release instructions at
https://sling.apache.org/documentation/development/release-management.html#update-the-sling-starter-module-1

But I suspect we miss that sometimes - patches welcome of course!

-Bertrand

state of sling-org-apache-sling-starter

2020-11-24 Thread Ruben Reusser


dear sling devs

I was looking at the feature files in sling starter as bit today and 
noticed some discrepancies between the sling starter and the latest 
released modules list on the sling website


just some examples:

org.apache.sling:org.apache.sling.commons.osgi starter: 2.4.0, downloads 
page : 2.4.2
org.apache.sling:org.apache.sling.commons.fsclassloader, starter: 
1.0.14, downloads page: 1.0.8


is there a process to update the starter and the downloads page when a 
new version of a bundle is released?


Ruben

[1] https://github.com/apache/sling-org-apache-sling-starter/
[2] https://sling.apache.org/downloads.cgi

Re: state of sling-org-apache-sling-starter

Re: state of sling-org-apache-sling-starter

Re: state of sling-org-apache-sling-starter

Re: state of sling-org-apache-sling-starter

Re: state of sling-org-apache-sling-starter

state of sling-org-apache-sling-starter

6 matches

Site Navigation

Mail list logo

Footer information