[GitHub] [tomee] github-actions[bot] closed pull request #996: Regenerated BOMs after dependency upgrades

2023-01-03 Thread GitBox 


github-actions[bot] closed pull request #996: Regenerated BOMs after dependency 
upgrades
URL: https://github.com/apache/tomee/pull/996


-- 
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.

To unsubscribe, e-mail: dev-unsubscr...@tomee.apache.org

For queries about this service, please contact Infrastructure at:
us...@infra.apache.org

Re: [VOTE] Apache TomEE 9.0.0

2023-01-03 Thread Daniel Dias Dos Santos 
+1

On Tue, Jan 3, 2023, 08:10 Mark Struberg  wrote:

> +1
>
> LieGrue,
> strub
>
> > Am 03.01.2023 um 10:53 schrieb Jean-Louis Monteiro <
> jlmonte...@tomitribe.com>:
> >
> > Hi all,
> >
> > I'm very proud to call a vote for Apache TomEE 9.0.0 final. It's been
> > almost a year since we certified the server using a bytecode enhancement
> > approach. Even though it worked, it introduced a lot of restrictions
> > especially with tooling (IDE, Arquillian, Embedded container, etc).
> >
> > We started migrating the entire server to the new jakarta namespace and
> the
> > 9.0.0 final is the result of such work. We fully passed the entire TCK
> for
> > Jakarta EE 9.1 and cherry on the cake, we decided to address a long time
> > request to support a newer version of MicroProfile. So I'm pleased to
> also
> > announce that this version is fully MicroProfile 5.0 compliant.
> >
> > - Sources
> > https://dist.apache.org/repos/dist/dev/tomee/tomee_staging-1210/
> >
> > - Maven staging repository
> > https://repository.apache.org/content/repositories/orgapachetomee-1210
> >
> > - Signing keys
> > https://dist.apache.org/repos/dist/release/tomee/KEYS
> >
> > - Changelog since last milestone
> >
> https://issues.apache.org/jira/secure/ReleaseNote.jspa?projectId=12312320&version=12350136
> > Sub-task
> >
> >   - [TOMEE-3883 ] -
> >   Update example 'mvc-resteasy' to use Server/API Bom - master branch
> >   - [TOMEE-3950 ] -
> >   Support for JWT token cookies
> >   - [TOMEE-3951 ] -
> JWT
> >   token groups claim is now optional
> >   - [TOMEE-3952 ] -
> >   Deprecate RSA keys of 1024 bit length
> >
> > Bug
> >
> >   - [TOMEE-4065 ] -
> >   LoginToContinue interceptor fails on custom auth mechanism
> >   - [TOMEE-4117 ] -
> >   MicroProfile OpenAPI not generating model
> >   - [TOMEE-4119 ] -
> >   TomEEJsonbProvider triggered for */* mime types
> >   - [TOMEE-4135 ] -
> >   Unable to see TomEE version in Tomcat home page with Java 17
> >
> > New Feature
> >
> >   - [TOMEE-3946 ] -
> >   MicroProfile JWT 2.0
> >   - [TOMEE-4050 ] -
> >   Retry and Refresh for MP JWT keys supplied via HTTP
> >   - [TOMEE-4068 ] -
> >   MicroProfile 5.0
> >   - [TOMEE-4069 ] -
> >   MicroProfile Config 3.0
> >   - [TOMEE-4070 ] -
> >   MicroProfile Fault Tolerance 4.0
> >   - [TOMEE-4071 ] -
> >   MicroProfile Health 4.0
> >   - [TOMEE-4072 ] -
> >   MicroProfile Metrics 4.0
> >   - [TOMEE-4073 ] -
> >   MicroProfile Rest Client 3.0
> >   - [TOMEE-4074 ] -
> >   MicroProfile OpenAPI 3.0
> >   - [TOMEE-4075 ] -
> >   MicroProfile OpenTracing 3.0
> >   - [TOMEE-4076 ] -
> >   Public Keys in OpenSSH format
> >   - [TOMEE-4077 ] -
> >   Public Keys in SSH2 format
> >   - [TOMEE-4078 ] -
> RSA
> >   keys PKCS 1 format
> >   - [TOMEE-4079 ] -
> >   Elliptic Curve JWS and JWE
> >   - [TOMEE-4123 ] -
> >   Implement @AroundConstruct from Interceptor 1.2
> >
> > Improvement
> >
> >   - [TOMEE-4080 ] -
> >   Improved Logging for Public and Private Key resolution
> >   - [TOMEE-4124 ] -
> >   Remove timing of timing just for logging
> >
> > Task
> >
> >   - [TOMEE-3915 ] -
> Fix
> >   Post release pom versioning for Master branch
> >
> > Dependency upgrade
> >
> >   - [TOMEE-4081 ] -
> >   Jackson 2.13.4
> >   - [TOMEE-4082 ] -
> >   Woodstox 6.2.6
> >   - [TOMEE-4103 ] -
> >   Update woodstox-core to mitigate CVE-2022-40153
> >   - [TOMEE-4107 ] -
> >   Jackson 2.14.0
> >   - [TOMEE-4109 ] -
> >   Velocity 2.3
> >   - [TOMEE-4110

Re: [VOTE] Apache TomEE Patch Plugin 0.10

2023-01-03 Thread Mark Struberg 
+1

LieGrue,
strub

> Am 02.01.2023 um 12:31 schrieb Jean-Louis Monteiro :
> 
> Hi,
> 
> I'd like to vote Apache TomEE Patch Plugin 0.10 up for vote. The changes
> are fairly minimal and consist of patching the source jar so that IDE isn't
> lost. This release is required so we can then quickly push 9.0.0 final.
> 
> Changes:
> 
> - TOMEE-4136 Support sources patching
> 
> Sources:
> 
> https://dist.apache.org/repos/dist/dev/tomee/tomee-patch-plugin_staging-1209/
> 
> Staging Nexus Repository:
> 
> https://repository.apache.org/content/repositories/orgapachetomee-1209
> 
> Tag:
> 
> https://github.com/apache/tomee-patch-plugin/tree/tomee-patch-parent-0.10
> 
> Please vote to approve this release:
> [ ] +1 Approve the release
> [ ] -1 Don't approve the release (please provide specific comments)
> 
> This vote will be open for at least 72 hours.
> 
> Jean-Louis
> --
> Jean-Louis Monteiro
> http://twitter.com/jlouismonteiro
> http://www.tomitribe.com

Re: [VOTE] Apache TomEE 9.0.0

2023-01-03 Thread Mark Struberg 
+1

LieGrue,
strub

> Am 03.01.2023 um 10:53 schrieb Jean-Louis Monteiro :
> 
> Hi all,
> 
> I'm very proud to call a vote for Apache TomEE 9.0.0 final. It's been
> almost a year since we certified the server using a bytecode enhancement
> approach. Even though it worked, it introduced a lot of restrictions
> especially with tooling (IDE, Arquillian, Embedded container, etc).
> 
> We started migrating the entire server to the new jakarta namespace and the
> 9.0.0 final is the result of such work. We fully passed the entire TCK for
> Jakarta EE 9.1 and cherry on the cake, we decided to address a long time
> request to support a newer version of MicroProfile. So I'm pleased to also
> announce that this version is fully MicroProfile 5.0 compliant.
> 
> - Sources
> https://dist.apache.org/repos/dist/dev/tomee/tomee_staging-1210/
> 
> - Maven staging repository
> https://repository.apache.org/content/repositories/orgapachetomee-1210
> 
> - Signing keys
> https://dist.apache.org/repos/dist/release/tomee/KEYS
> 
> - Changelog since last milestone
> https://issues.apache.org/jira/secure/ReleaseNote.jspa?projectId=12312320&version=12350136
> Sub-task
> 
>   - [TOMEE-3883 ] -
>   Update example 'mvc-resteasy' to use Server/API Bom - master branch
>   - [TOMEE-3950 ] -
>   Support for JWT token cookies
>   - [TOMEE-3951 ] - JWT
>   token groups claim is now optional
>   - [TOMEE-3952 ] -
>   Deprecate RSA keys of 1024 bit length
> 
> Bug
> 
>   - [TOMEE-4065 ] -
>   LoginToContinue interceptor fails on custom auth mechanism
>   - [TOMEE-4117 ] -
>   MicroProfile OpenAPI not generating model
>   - [TOMEE-4119 ] -
>   TomEEJsonbProvider triggered for */* mime types
>   - [TOMEE-4135 ] -
>   Unable to see TomEE version in Tomcat home page with Java 17
> 
> New Feature
> 
>   - [TOMEE-3946 ] -
>   MicroProfile JWT 2.0
>   - [TOMEE-4050 ] -
>   Retry and Refresh for MP JWT keys supplied via HTTP
>   - [TOMEE-4068 ] -
>   MicroProfile 5.0
>   - [TOMEE-4069 ] -
>   MicroProfile Config 3.0
>   - [TOMEE-4070 ] -
>   MicroProfile Fault Tolerance 4.0
>   - [TOMEE-4071 ] -
>   MicroProfile Health 4.0
>   - [TOMEE-4072 ] -
>   MicroProfile Metrics 4.0
>   - [TOMEE-4073 ] -
>   MicroProfile Rest Client 3.0
>   - [TOMEE-4074 ] -
>   MicroProfile OpenAPI 3.0
>   - [TOMEE-4075 ] -
>   MicroProfile OpenTracing 3.0
>   - [TOMEE-4076 ] -
>   Public Keys in OpenSSH format
>   - [TOMEE-4077 ] -
>   Public Keys in SSH2 format
>   - [TOMEE-4078 ] - RSA
>   keys PKCS 1 format
>   - [TOMEE-4079 ] -
>   Elliptic Curve JWS and JWE
>   - [TOMEE-4123 ] -
>   Implement @AroundConstruct from Interceptor 1.2
> 
> Improvement
> 
>   - [TOMEE-4080 ] -
>   Improved Logging for Public and Private Key resolution
>   - [TOMEE-4124 ] -
>   Remove timing of timing just for logging
> 
> Task
> 
>   - [TOMEE-3915 ] - Fix
>   Post release pom versioning for Master branch
> 
> Dependency upgrade
> 
>   - [TOMEE-4081 ] -
>   Jackson 2.13.4
>   - [TOMEE-4082 ] -
>   Woodstox 6.2.6
>   - [TOMEE-4103 ] -
>   Update woodstox-core to mitigate CVE-2022-40153
>   - [TOMEE-4107 ] -
>   Jackson 2.14.0
>   - [TOMEE-4109 ] -
>   Velocity 2.3
>   - [TOMEE-4110 ] -
>   Woodstox 6.4.0 (CVE-2022-40152)
>   - [TOMEE-4111 ] -
>   Upgrade bcel component in TomEE
>   - [TOMEE-4125 ] -
>   Update Apache CXF version

[GitHub] [tomee] github-actions[bot] opened a new pull request, #996: Regenerated BOMs after dependency upgrades

2023-01-03 Thread GitBox 


github-actions[bot] opened a new pull request, #996:
URL: https://github.com/apache/tomee/pull/996

   Found some uncommited changes (from BOM regeneration) after running build on 
TomEE main


-- 
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.

To unsubscribe, e-mail: dev-unsubscr...@tomee.apache.org

For queries about this service, please contact Infrastructure at:
us...@infra.apache.org

[GitHub] [tomee] jeanouii closed pull request #995: Regenerated BOMs after dependency upgrades

2023-01-03 Thread GitBox 


jeanouii closed pull request #995: Regenerated BOMs after dependency upgrades
URL: https://github.com/apache/tomee/pull/995


-- 
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.

To unsubscribe, e-mail: dev-unsubscr...@tomee.apache.org

For queries about this service, please contact Infrastructure at:
us...@infra.apache.org

[GitHub] [tomee] jeanouii commented on pull request #995: Regenerated BOMs after dependency upgrades

2023-01-03 Thread GitBox 


jeanouii commented on PR #995:
URL: https://github.com/apache/tomee/pull/995#issuecomment-1369623608

   Closing this one so I can fix the GenerateBom and we'll get a new PR coming 
in
   


-- 
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.

To unsubscribe, e-mail: dev-unsubscr...@tomee.apache.org

For queries about this service, please contact Infrastructure at:
us...@infra.apache.org

[GitHub] [tomee] rzo1 commented on pull request #995: Regenerated BOMs after dependency upgrades

2023-01-03 Thread GitBox 


rzo1 commented on PR #995:
URL: https://github.com/apache/tomee/pull/995#issuecomment-1369593968

   We need to adjust GenerateBoms to deal with 10.x now. So that change isnt 
valid.


-- 
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.

To unsubscribe, e-mail: dev-unsubscr...@tomee.apache.org

For queries about this service, please contact Infrastructure at:
us...@infra.apache.org

[GitHub] [tomee] github-actions[bot] opened a new pull request, #995: Regenerated BOMs after dependency upgrades

2023-01-03 Thread GitBox 


github-actions[bot] opened a new pull request, #995:
URL: https://github.com/apache/tomee/pull/995

   Found some uncommited changes (from BOM regeneration) after running build on 
TomEE main


-- 
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.

To unsubscribe, e-mail: dev-unsubscr...@tomee.apache.org

For queries about this service, please contact Infrastructure at:
us...@infra.apache.org

[VOTE] Apache TomEE 9.0.0

2023-01-03 Thread Jean-Louis Monteiro 
Hi all,

I'm very proud to call a vote for Apache TomEE 9.0.0 final. It's been
almost a year since we certified the server using a bytecode enhancement
approach. Even though it worked, it introduced a lot of restrictions
especially with tooling (IDE, Arquillian, Embedded container, etc).

We started migrating the entire server to the new jakarta namespace and the
9.0.0 final is the result of such work. We fully passed the entire TCK for
Jakarta EE 9.1 and cherry on the cake, we decided to address a long time
request to support a newer version of MicroProfile. So I'm pleased to also
announce that this version is fully MicroProfile 5.0 compliant.

- Sources
https://dist.apache.org/repos/dist/dev/tomee/tomee_staging-1210/

- Maven staging repository
https://repository.apache.org/content/repositories/orgapachetomee-1210

- Signing keys
https://dist.apache.org/repos/dist/release/tomee/KEYS

- Changelog since last milestone
https://issues.apache.org/jira/secure/ReleaseNote.jspa?projectId=12312320&version=12350136
Sub-task

   - [TOMEE-3883 ] -
   Update example 'mvc-resteasy' to use Server/API Bom - master branch
   - [TOMEE-3950 ] -
   Support for JWT token cookies
   - [TOMEE-3951 ] - JWT
   token groups claim is now optional
   - [TOMEE-3952 ] -
   Deprecate RSA keys of 1024 bit length

Bug

   - [TOMEE-4065 ] -
   LoginToContinue interceptor fails on custom auth mechanism
   - [TOMEE-4117 ] -
   MicroProfile OpenAPI not generating model
   - [TOMEE-4119 ] -
   TomEEJsonbProvider triggered for */* mime types
   - [TOMEE-4135 ] -
   Unable to see TomEE version in Tomcat home page with Java 17

New Feature

   - [TOMEE-3946 ] -
   MicroProfile JWT 2.0
   - [TOMEE-4050 ] -
   Retry and Refresh for MP JWT keys supplied via HTTP
   - [TOMEE-4068 ] -
   MicroProfile 5.0
   - [TOMEE-4069 ] -
   MicroProfile Config 3.0
   - [TOMEE-4070 ] -
   MicroProfile Fault Tolerance 4.0
   - [TOMEE-4071 ] -
   MicroProfile Health 4.0
   - [TOMEE-4072 ] -
   MicroProfile Metrics 4.0
   - [TOMEE-4073 ] -
   MicroProfile Rest Client 3.0
   - [TOMEE-4074 ] -
   MicroProfile OpenAPI 3.0
   - [TOMEE-4075 ] -
   MicroProfile OpenTracing 3.0
   - [TOMEE-4076 ] -
   Public Keys in OpenSSH format
   - [TOMEE-4077 ] -
   Public Keys in SSH2 format
   - [TOMEE-4078 ] - RSA
   keys PKCS 1 format
   - [TOMEE-4079 ] -
   Elliptic Curve JWS and JWE
   - [TOMEE-4123 ] -
   Implement @AroundConstruct from Interceptor 1.2

Improvement

   - [TOMEE-4080 ] -
   Improved Logging for Public and Private Key resolution
   - [TOMEE-4124 ] -
   Remove timing of timing just for logging

Task

   - [TOMEE-3915 ] - Fix
   Post release pom versioning for Master branch

Dependency upgrade

   - [TOMEE-4081 ] -
   Jackson 2.13.4
   - [TOMEE-4082 ] -
   Woodstox 6.2.6
   - [TOMEE-4103 ] -
   Update woodstox-core to mitigate CVE-2022-40153
   - [TOMEE-4107 ] -
   Jackson 2.14.0
   - [TOMEE-4109 ] -
   Velocity 2.3
   - [TOMEE-4110 ] -
   Woodstox 6.4.0 (CVE-2022-40152)
   - [TOMEE-4111 ] -
   Upgrade bcel component in TomEE
   - [TOMEE-4125 ] -
   Update Apache CXF versions to mitigate CVE-2022-46364 and CVE-2022-46363
   - [TOMEE-4127 ] - CXF
   3.5.5
   - [TOMEE-4132 ] -
   commons-compress 1.22