[GitHub] [commons-chain] dependabot[bot] closed pull request #22: Bump actions/cache from 2.1.4 to 2.1.7
dependabot[bot] closed pull request #22: URL: https://github.com/apache/commons-chain/pull/22 -- This is an automated message from the Apache Git Service. To respond to the message, please log on to GitHub and use the URL above to go to the specific comment. To unsubscribe, e-mail: issues-unsubscr...@commons.apache.org For queries about this service, please contact Infrastructure at: us...@infra.apache.org
[GitHub] [commons-chain] dependabot[bot] opened a new pull request #25: Bump actions/cache from 2.1.4 to 3
dependabot[bot] opened a new pull request #25: URL: https://github.com/apache/commons-chain/pull/25 Bumps [actions/cache](https://github.com/actions/cache) from 2.1.4 to 3. Release notes Sourced from https://github.com/actions/cache/releases;>actions/cache's releases. v3.0.0 This change adds a minimum runner version(node12 - node16), which can break users using an out-of-date/fork of the runner. This would be most commonly affecting users on GHES 3.3 or before, as those runners do not support node16 actions and they can use actions from github.com via https://docs.github.com/en/enterprise-server@3.0/admin/github-actions/managing-access-to-actions-from-githubcom/enabling-automatic-access-to-githubcom-actions-using-github-connect;>github connect or manually copying the repo to their GHES instance. Few dependencies and cache action usage examples have also been updated. v2.1.7 Support 10GB cache upload using the latest version 1.0.8 of https://www.npmjs.com/package/@actions/cache;>@actions/cache v2.1.6 Catch unhandled bad file descriptor errors that sometimes occurs when the cache server returns non-successful response (https://github-redirect.dependabot.com/actions/cache/pull/596;>actions/cache#596) v2.1.5 Fix permissions error seen when extracting caches with GNU tar that were previously created using BSD tar (https://github-redirect.dependabot.com/actions/cache/issues/527;>actions/cache#527) Commits https://github.com/actions/cache/commit/4b0cf6cc4619e737324ddfcec08fff2413359514;>4b0cf6c Merge pull request https://github-redirect.dependabot.com/actions/cache/issues/769;>#769 from actions/users/ashwinsangem/bump_major_version https://github.com/actions/cache/commit/60c606a2b4c5358e11c2ca7b4694e59049d008d1;>60c606a Update licensed files https://github.com/actions/cache/commit/b6e9a919a7da3606e9b2db756823ee1c39c7b48d;>b6e9a91 Revert Updated to the latest version. https://github.com/actions/cache/commit/c8425035834f98c304ecf92f5d50f41d433885c1;>c842503 Updated to the latest version. https://github.com/actions/cache/commit/2b7da2a62c3af9fa2692cd8d2d117da76faf31ac;>2b7da2a Bumped up to a major version. https://github.com/actions/cache/commit/deae296ab340574da1ec86242984dfc91f0a7b81;>deae296 Merge pull request https://github-redirect.dependabot.com/actions/cache/issues/651;>#651 from magnetikonline/fix-golang-windows-example https://github.com/actions/cache/commit/c7c46bcb6db3c571021a3a2dc2d2557b512ecace;>c7c46bc Merge pull request https://github-redirect.dependabot.com/actions/cache/issues/707;>#707 from duxtland/main https://github.com/actions/cache/commit/6535c5fb5fe2870754afba7bd4e514867ac9cb98;>6535c5f Regenerated examples.md TOC https://github.com/actions/cache/commit/3fdafa472e0db16435add384585aa138ffdd16d3;>3fdafa4 Update GitHub Actions status badge markdown in README.md https://github.com/actions/cache/commit/341e6d75d9826beb2fa659263d862f6aec63a064;>341e6d7 Merge branch 'actions:main' into fix-golang-windows-example Additional commits viewable in https://github.com/actions/cache/compare/v2.1.4...v3;>compare view [](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores) Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting `@dependabot rebase`. [//]: # (dependabot-automerge-start) [//]: # (dependabot-automerge-end) --- Dependabot commands and options You can trigger Dependabot actions by commenting on this PR: - `@dependabot rebase` will rebase this PR - `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it - `@dependabot merge` will merge this PR after your CI passes on it - `@dependabot squash and merge` will squash and merge this PR after your CI passes on it - `@dependabot cancel merge` will cancel a previously requested merge and block automerging - `@dependabot reopen` will reopen this PR if it is closed - `@dependabot close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually - `@dependabot ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for
[GitHub] [commons-chain] dependabot[bot] commented on pull request #22: Bump actions/cache from 2.1.4 to 2.1.7
dependabot[bot] commented on pull request #22: URL: https://github.com/apache/commons-chain/pull/22#issuecomment-1074732001 Superseded by #25. -- This is an automated message from the Apache Git Service. To respond to the message, please log on to GitHub and use the URL above to go to the specific comment. To unsubscribe, e-mail: issues-unsubscr...@commons.apache.org For queries about this service, please contact Infrastructure at: us...@infra.apache.org
[GitHub] [commons-scxml] dependabot[bot] opened a new pull request #43: Bump actions/cache from 2.1.7 to 3
dependabot[bot] opened a new pull request #43: URL: https://github.com/apache/commons-scxml/pull/43 Bumps [actions/cache](https://github.com/actions/cache) from 2.1.7 to 3. Release notes Sourced from https://github.com/actions/cache/releases;>actions/cache's releases. v3.0.0 This change adds a minimum runner version(node12 - node16), which can break users using an out-of-date/fork of the runner. This would be most commonly affecting users on GHES 3.3 or before, as those runners do not support node16 actions and they can use actions from github.com via https://docs.github.com/en/enterprise-server@3.0/admin/github-actions/managing-access-to-actions-from-githubcom/enabling-automatic-access-to-githubcom-actions-using-github-connect;>github connect or manually copying the repo to their GHES instance. Few dependencies and cache action usage examples have also been updated. Commits https://github.com/actions/cache/commit/4b0cf6cc4619e737324ddfcec08fff2413359514;>4b0cf6c Merge pull request https://github-redirect.dependabot.com/actions/cache/issues/769;>#769 from actions/users/ashwinsangem/bump_major_version https://github.com/actions/cache/commit/60c606a2b4c5358e11c2ca7b4694e59049d008d1;>60c606a Update licensed files https://github.com/actions/cache/commit/b6e9a919a7da3606e9b2db756823ee1c39c7b48d;>b6e9a91 Revert Updated to the latest version. https://github.com/actions/cache/commit/c8425035834f98c304ecf92f5d50f41d433885c1;>c842503 Updated to the latest version. https://github.com/actions/cache/commit/2b7da2a62c3af9fa2692cd8d2d117da76faf31ac;>2b7da2a Bumped up to a major version. https://github.com/actions/cache/commit/deae296ab340574da1ec86242984dfc91f0a7b81;>deae296 Merge pull request https://github-redirect.dependabot.com/actions/cache/issues/651;>#651 from magnetikonline/fix-golang-windows-example https://github.com/actions/cache/commit/c7c46bcb6db3c571021a3a2dc2d2557b512ecace;>c7c46bc Merge pull request https://github-redirect.dependabot.com/actions/cache/issues/707;>#707 from duxtland/main https://github.com/actions/cache/commit/6535c5fb5fe2870754afba7bd4e514867ac9cb98;>6535c5f Regenerated examples.md TOC https://github.com/actions/cache/commit/3fdafa472e0db16435add384585aa138ffdd16d3;>3fdafa4 Update GitHub Actions status badge markdown in README.md https://github.com/actions/cache/commit/341e6d75d9826beb2fa659263d862f6aec63a064;>341e6d7 Merge branch 'actions:main' into fix-golang-windows-example Additional commits viewable in https://github.com/actions/cache/compare/v2.1.7...v3;>compare view [](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores) Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting `@dependabot rebase`. [//]: # (dependabot-automerge-start) [//]: # (dependabot-automerge-end) --- Dependabot commands and options You can trigger Dependabot actions by commenting on this PR: - `@dependabot rebase` will rebase this PR - `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it - `@dependabot merge` will merge this PR after your CI passes on it - `@dependabot squash and merge` will squash and merge this PR after your CI passes on it - `@dependabot cancel merge` will cancel a previously requested merge and block automerging - `@dependabot reopen` will reopen this PR if it is closed - `@dependabot close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually - `@dependabot ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself) -- This is an automated message from the Apache Git Service. To respond to the message, please log on to GitHub and use the URL above to go to the specific comment. To unsubscribe, e-mail: issues-unsubscr...@commons.apache.org For queries about this service, please contact Infrastructure at: us...@infra.apache.org
[jira] [Work logged] (LANG-1662) Create methods on ReflectionToStringBuilder to reflect only select fields
[
https://issues.apache.org/jira/browse/LANG-1662?focusedWorklogId=745445=com.atlassian.jira.plugin.system.issuetabpanels:worklog-tabpanel#worklog-745445
]
ASF GitHub Bot logged work on LANG-1662:
Author: ASF GitHub Bot
Created on: 21/Mar/22 21:31
Start Date: 21/Mar/22 21:31
Worklog Time Spent: 10m
Work Description: GutoVeronezi commented on pull request #849:
URL: https://github.com/apache/commons-lang/pull/849#issuecomment-1074440685
Hi, @garydgregory,
Thanks for the review, I'll address the changes regarding the feature name
(`setSelectedFieldNames` -> `setIncludeFieldNames`) as well the documentation
of its use.
---
Regarding the intersection between `included` and `excluded`, I see it as a
complement rather than an intersection; The current behavior of this class, as
you said, is to include all fields by default. If we have a class with fields
`a`, `b` and `c` and instantiate and reflect it, both of them will be
reflected. If we set them in the excluded field names, the reflection will
return empty:
```java
import org.apache.commons.lang3.builder.ReflectionToStringBuilder;
import org.apache.commons.lang3.builder.ToStringStyle;
public class Test {
private String a;
private String b;
private String c;
public Test(String a, String b, String c) {
this.a = a;
this.b = b;
this.c = c;
}
public static void main(String[] args) {
Test test = new Test("this is field 'a'", "this is field 'b'", "this
is field 'c'");
ReflectionToStringBuilder reflection = new
ReflectionToStringBuilder(test, ToStringStyle.JSON_STYLE);
System.out.println(String.format("Before excluding: %s",
reflection.build()));
reflection = new ReflectionToStringBuilder(test,
ToStringStyle.JSON_STYLE); // Recreating the object because once builded it
caches the result.
reflection.setExcludeFieldNames("a", "b", "c");
System.out.println(String.format("After excluding: %s",
reflection.build()));
}
```
Result:
```
Before excluding: {"a":"this is field 'a'","b":"this is field 'b'","c":"this
is field 'c'"}
After excluding: {}
```
In this example we're creating a complement of `excluded` (fields `a`, `b`
and `c`) regarding set `included` (the default fields `a`, `b` and `c`), which
will result in an empty set, or, in other words, nothing to reflect. The
behavior per se will be the same, however, with this proposal, we'll be able to
override the `included` set. Therefore, I think instead of throwing an
exception, we should add an explanation in the documentation about it and let
the users decide how to handle it.
If this is proposal is not valid and we proceed with the exception proposal,
which cases should we consider to throw it? `included` and `excluded` are equal
or just by having one field of `included` in `excluded` should throw an
exception?
--
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.
To unsubscribe, e-mail: issues-unsubscr...@commons.apache.org
For queries about this service, please contact Infrastructure at:
us...@infra.apache.org
Issue Time Tracking
---
Worklog Id: (was: 745445)
Remaining Estimate: 4h 20m (was: 4.5h)
Time Spent: 1h 40m (was: 1.5h)
> Create methods on ReflectionToStringBuilder to reflect only select fields
> -
>
> Key: LANG-1662
> URL: https://issues.apache.org/jira/browse/LANG-1662
> Project: Commons Lang
> Issue Type: Improvement
> Components: lang.builder.*
>Reporter: Daniel Augusto Veronezi Salvador
>Priority: Minor
> Original Estimate: 6h
> Time Spent: 1h 40m
> Remaining Estimate: 4h 20m
>
> *ReflectionToStringBuilder* has methods to exclude fields from *toString*; If
> we have an object with several fields and want to reflect only a fews, we
> have to list all the fields that we don't want to reflect and pass to
> *excludeFieldNames*.
> Would be valid implement a way to pass the fields that we want and reflect
> only the selected fields?
>
>
--
This message was sent by Atlassian Jira
(v8.20.1#820001)
[GitHub] [commons-lang] GutoVeronezi commented on pull request #849: [LANG-1662] Create methods on ReflectionToStringBuilder to reflect only select fields
GutoVeronezi commented on pull request #849:
URL: https://github.com/apache/commons-lang/pull/849#issuecomment-1074440685
Hi, @garydgregory,
Thanks for the review, I'll address the changes regarding the feature name
(`setSelectedFieldNames` -> `setIncludeFieldNames`) as well the documentation
of its use.
---
Regarding the intersection between `included` and `excluded`, I see it as a
complement rather than an intersection; The current behavior of this class, as
you said, is to include all fields by default. If we have a class with fields
`a`, `b` and `c` and instantiate and reflect it, both of them will be
reflected. If we set them in the excluded field names, the reflection will
return empty:
```java
import org.apache.commons.lang3.builder.ReflectionToStringBuilder;
import org.apache.commons.lang3.builder.ToStringStyle;
public class Test {
private String a;
private String b;
private String c;
public Test(String a, String b, String c) {
this.a = a;
this.b = b;
this.c = c;
}
public static void main(String[] args) {
Test test = new Test("this is field 'a'", "this is field 'b'", "this
is field 'c'");
ReflectionToStringBuilder reflection = new
ReflectionToStringBuilder(test, ToStringStyle.JSON_STYLE);
System.out.println(String.format("Before excluding: %s",
reflection.build()));
reflection = new ReflectionToStringBuilder(test,
ToStringStyle.JSON_STYLE); // Recreating the object because once builded it
caches the result.
reflection.setExcludeFieldNames("a", "b", "c");
System.out.println(String.format("After excluding: %s",
reflection.build()));
}
```
Result:
```
Before excluding: {"a":"this is field 'a'","b":"this is field 'b'","c":"this
is field 'c'"}
After excluding: {}
```
In this example we're creating a complement of `excluded` (fields `a`, `b`
and `c`) regarding set `included` (the default fields `a`, `b` and `c`), which
will result in an empty set, or, in other words, nothing to reflect. The
behavior per se will be the same, however, with this proposal, we'll be able to
override the `included` set. Therefore, I think instead of throwing an
exception, we should add an explanation in the documentation about it and let
the users decide how to handle it.
If this is proposal is not valid and we proceed with the exception proposal,
which cases should we consider to throw it? `included` and `excluded` are equal
or just by having one field of `included` in `excluded` should throw an
exception?
--
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.
To unsubscribe, e-mail: issues-unsubscr...@commons.apache.org
For queries about this service, please contact Infrastructure at:
us...@infra.apache.org
[GitHub] [commons-fileupload] coveralls commented on pull request #140: Bump actions/cache from 2.1.7 to 3
coveralls commented on pull request #140: URL: https://github.com/apache/commons-fileupload/pull/140#issuecomment-1074387070 [](https://coveralls.io/builds/47554773) Coverage remained the same at 77.585% when pulling **b2e0549c1e9e1401ab0ad7b1594f36c78d83fde8 on dependabot/github_actions/actions/cache-3** into **47414723191ddf118118080cc0306778a7778458 on master**. -- This is an automated message from the Apache Git Service. To respond to the message, please log on to GitHub and use the URL above to go to the specific comment. To unsubscribe, e-mail: issues-unsubscr...@commons.apache.org For queries about this service, please contact Infrastructure at: us...@infra.apache.org
[GitHub] [commons-email] dependabot[bot] opened a new pull request #70: Bump actions/cache from 2.1.7 to 3
dependabot[bot] opened a new pull request #70: URL: https://github.com/apache/commons-email/pull/70 Bumps [actions/cache](https://github.com/actions/cache) from 2.1.7 to 3. Release notes Sourced from https://github.com/actions/cache/releases;>actions/cache's releases. v3.0.0 This change adds a minimum runner version(node12 - node16), which can break users using an out-of-date/fork of the runner. This would be most commonly affecting users on GHES 3.3 or before, as those runners do not support node16 actions and they can use actions from github.com via https://docs.github.com/en/enterprise-server@3.0/admin/github-actions/managing-access-to-actions-from-githubcom/enabling-automatic-access-to-githubcom-actions-using-github-connect;>github connect or manually copying the repo to their GHES instance. Few dependencies and cache action usage examples have also been updated. Commits https://github.com/actions/cache/commit/4b0cf6cc4619e737324ddfcec08fff2413359514;>4b0cf6c Merge pull request https://github-redirect.dependabot.com/actions/cache/issues/769;>#769 from actions/users/ashwinsangem/bump_major_version https://github.com/actions/cache/commit/60c606a2b4c5358e11c2ca7b4694e59049d008d1;>60c606a Update licensed files https://github.com/actions/cache/commit/b6e9a919a7da3606e9b2db756823ee1c39c7b48d;>b6e9a91 Revert Updated to the latest version. https://github.com/actions/cache/commit/c8425035834f98c304ecf92f5d50f41d433885c1;>c842503 Updated to the latest version. https://github.com/actions/cache/commit/2b7da2a62c3af9fa2692cd8d2d117da76faf31ac;>2b7da2a Bumped up to a major version. https://github.com/actions/cache/commit/deae296ab340574da1ec86242984dfc91f0a7b81;>deae296 Merge pull request https://github-redirect.dependabot.com/actions/cache/issues/651;>#651 from magnetikonline/fix-golang-windows-example https://github.com/actions/cache/commit/c7c46bcb6db3c571021a3a2dc2d2557b512ecace;>c7c46bc Merge pull request https://github-redirect.dependabot.com/actions/cache/issues/707;>#707 from duxtland/main https://github.com/actions/cache/commit/6535c5fb5fe2870754afba7bd4e514867ac9cb98;>6535c5f Regenerated examples.md TOC https://github.com/actions/cache/commit/3fdafa472e0db16435add384585aa138ffdd16d3;>3fdafa4 Update GitHub Actions status badge markdown in README.md https://github.com/actions/cache/commit/341e6d75d9826beb2fa659263d862f6aec63a064;>341e6d7 Merge branch 'actions:main' into fix-golang-windows-example Additional commits viewable in https://github.com/actions/cache/compare/v2.1.7...v3;>compare view [](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores) Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting `@dependabot rebase`. [//]: # (dependabot-automerge-start) [//]: # (dependabot-automerge-end) --- Dependabot commands and options You can trigger Dependabot actions by commenting on this PR: - `@dependabot rebase` will rebase this PR - `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it - `@dependabot merge` will merge this PR after your CI passes on it - `@dependabot squash and merge` will squash and merge this PR after your CI passes on it - `@dependabot cancel merge` will cancel a previously requested merge and block automerging - `@dependabot reopen` will reopen this PR if it is closed - `@dependabot close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually - `@dependabot ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself) -- This is an automated message from the Apache Git Service. To respond to the message, please log on to GitHub and use the URL above to go to the specific comment. To unsubscribe, e-mail: issues-unsubscr...@commons.apache.org For queries about this service, please contact Infrastructure at: us...@infra.apache.org
[jira] [Updated] (COMPRESS-603) Expander does not support archives with archive entries beginning with ./
[
https://issues.apache.org/jira/browse/COMPRESS-603?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel
]
Matt Sicker updated COMPRESS-603:
-
Assignee: Peter Lee
> Expander does not support archives with archive entries beginning with ./
> -
>
> Key: COMPRESS-603
> URL: https://issues.apache.org/jira/browse/COMPRESS-603
> Project: Commons Compress
> Issue Type: Bug
> Components: Archivers
>Affects Versions: 1.21
>Reporter: Matt Sicker
>Assignee: Peter Lee
>Priority: Major
> Fix For: 1.22
>
> Attachments: test.tar.gz
>
>
> Suppose I create a tar file from a directory like so:
>
> {code:java}
> tar -cf foo.tar ./foo{code}
> When I try to extract the tar entries using the Expander class, that throws a
> java.io.IOException: Expanding ./ would create file outside of ...
> When I create the tar file without the leading ./, then Expander doesn't
> complain.
>
--
This message was sent by Atlassian Jira
(v8.20.1#820001)
[jira] [Resolved] (COMPRESS-603) Expander does not support archives with archive entries beginning with ./
[
https://issues.apache.org/jira/browse/COMPRESS-603?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel
]
Matt Sicker resolved COMPRESS-603.
--
Fix Version/s: 1.22
Resolution: Fixed
> Expander does not support archives with archive entries beginning with ./
> -
>
> Key: COMPRESS-603
> URL: https://issues.apache.org/jira/browse/COMPRESS-603
> Project: Commons Compress
> Issue Type: Bug
> Components: Archivers
>Affects Versions: 1.21
>Reporter: Matt Sicker
>Priority: Major
> Fix For: 1.22
>
> Attachments: test.tar.gz
>
>
> Suppose I create a tar file from a directory like so:
>
> {code:java}
> tar -cf foo.tar ./foo{code}
> When I try to extract the tar entries using the Expander class, that throws a
> java.io.IOException: Expanding ./ would create file outside of ...
> When I create the tar file without the leading ./, then Expander doesn't
> complain.
>
--
This message was sent by Atlassian Jira
(v8.20.1#820001)
[jira] [Commented] (COMPRESS-603) Expander does not support archives with archive entries beginning with ./
[
https://issues.apache.org/jira/browse/COMPRESS-603?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel=17510087#comment-17510087
]
Matt Sicker commented on COMPRESS-603:
--
Alright, I finally had a chance to verify this, and I can confirm that your
commit fixes the issue. I reproduced the problem with a basic unit test which
fails with 1.21 but passes with a snapshot of 1.22. Thanks!
> Expander does not support archives with archive entries beginning with ./
> -
>
> Key: COMPRESS-603
> URL: https://issues.apache.org/jira/browse/COMPRESS-603
> Project: Commons Compress
> Issue Type: Bug
> Components: Archivers
>Affects Versions: 1.21
>Reporter: Matt Sicker
>Priority: Major
> Attachments: test.tar.gz
>
>
> Suppose I create a tar file from a directory like so:
>
> {code:java}
> tar -cf foo.tar ./foo{code}
> When I try to extract the tar entries using the Expander class, that throws a
> java.io.IOException: Expanding ./ would create file outside of ...
> When I create the tar file without the leading ./, then Expander doesn't
> complain.
>
--
This message was sent by Atlassian Jira
(v8.20.1#820001)
[jira] [Work logged] (COMPRESS-614) Use FileTime for time fields in SevenZipArchiveEntry
[
https://issues.apache.org/jira/browse/COMPRESS-614?focusedWorklogId=745335=com.atlassian.jira.plugin.system.issuetabpanels:worklog-tabpanel#worklog-745335
]
ASF GitHub Bot logged work on COMPRESS-614:
---
Author: ASF GitHub Bot
Created on: 21/Mar/22 18:12
Start Date: 21/Mar/22 18:12
Worklog Time Spent: 10m
Work Description: andrebrait commented on a change in pull request #256:
URL: https://github.com/apache/commons-compress/pull/256#discussion_r831407866
##
File path: src/main/java/org/apache/commons/compress/archivers/zip/ZipUtil.java
##
@@ -30,11 +33,32 @@
* @Immutable
*/
public abstract class ZipUtil {
+
+/**
+ * https://msdn.microsoft.com/en-us/library/windows/desktop/ms724290%28v=vs.85%29.aspx;>Windows
File Times
+ *
Review comment:
Fixed and moved this to TimeUtils
--
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.
To unsubscribe, e-mail: issues-unsubscr...@commons.apache.org
For queries about this service, please contact Infrastructure at:
us...@infra.apache.org
Issue Time Tracking
---
Worklog Id: (was: 745335)
Time Spent: 1h (was: 50m)
> Use FileTime for time fields in SevenZipArchiveEntry
>
>
> Key: COMPRESS-614
> URL: https://issues.apache.org/jira/browse/COMPRESS-614
> Project: Commons Compress
> Issue Type: Improvement
> Components: Archivers
>Affects Versions: 1.21
>Reporter: Andre Brait
>Priority: Major
> Labels: 7zip
> Time Spent: 1h
> Remaining Estimate: 0h
>
> Instead of java.util.Date, which caps precision in milliseconds, let's move
> on to using FileTime.
> We can keep backwards compatibility through the getters and setters for
> modification, access and creation dates.
> If you're ok with it, I'll send a PR for this.
--
This message was sent by Atlassian Jira
(v8.20.1#820001)
[GitHub] [commons-compress] andrebrait commented on a change in pull request #256: COMPRESS-614: Use FileTime in SevenZArchiveEntry
andrebrait commented on a change in pull request #256:
URL: https://github.com/apache/commons-compress/pull/256#discussion_r831407866
##
File path: src/main/java/org/apache/commons/compress/archivers/zip/ZipUtil.java
##
@@ -30,11 +33,32 @@
* @Immutable
*/
public abstract class ZipUtil {
+
+/**
+ * https://msdn.microsoft.com/en-us/library/windows/desktop/ms724290%28v=vs.85%29.aspx;>Windows
File Times
+ *
Review comment:
Fixed and moved this to TimeUtils
--
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.
To unsubscribe, e-mail: issues-unsubscr...@commons.apache.org
For queries about this service, please contact Infrastructure at:
us...@infra.apache.org
[jira] [Work logged] (COMPRESS-614) Use FileTime for time fields in SevenZipArchiveEntry
[
https://issues.apache.org/jira/browse/COMPRESS-614?focusedWorklogId=745334=com.atlassian.jira.plugin.system.issuetabpanels:worklog-tabpanel#worklog-745334
]
ASF GitHub Bot logged work on COMPRESS-614:
---
Author: ASF GitHub Bot
Created on: 21/Mar/22 18:11
Start Date: 21/Mar/22 18:11
Worklog Time Spent: 10m
Work Description: andrebrait commented on a change in pull request #256:
URL: https://github.com/apache/commons-compress/pull/256#discussion_r831407462
##
File path:
src/main/java/org/apache/commons/compress/archivers/zip/X000A_NTFS.java
##
@@ -244,6 +245,36 @@ public Date getCreateJavaTime() {
return zipToDate(createTime);
}
+/**
+ * Returns the modify time as as a {@link FileTime}
Review comment:
Fixed
##
File path:
src/test/java/org/apache/commons/compress/archivers/sevenz/SevenZFileTest.java
##
@@ -836,4 +857,37 @@ private void checkHelloWorld(final String filename) throws
Exception {
private static boolean isStrongCryptoAvailable() throws
NoSuchAlgorithmException {
return Cipher.getMaxAllowedKeyLength("AES/ECB/PKCS5Padding") >= 256;
}
+
+private void assertDates(SevenZArchiveEntry e, String modified, String
access, String creation) {
+if (modified != null) {
+assertTrue(e.getHasLastModifiedDate());
+FileTime time = FileTime.from(Instant.parse(modified));
Review comment:
Fixed
--
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.
To unsubscribe, e-mail: issues-unsubscr...@commons.apache.org
For queries about this service, please contact Infrastructure at:
us...@infra.apache.org
Issue Time Tracking
---
Worklog Id: (was: 745334)
Time Spent: 50m (was: 40m)
> Use FileTime for time fields in SevenZipArchiveEntry
>
>
> Key: COMPRESS-614
> URL: https://issues.apache.org/jira/browse/COMPRESS-614
> Project: Commons Compress
> Issue Type: Improvement
> Components: Archivers
>Affects Versions: 1.21
>Reporter: Andre Brait
>Priority: Major
> Labels: 7zip
> Time Spent: 50m
> Remaining Estimate: 0h
>
> Instead of java.util.Date, which caps precision in milliseconds, let's move
> on to using FileTime.
> We can keep backwards compatibility through the getters and setters for
> modification, access and creation dates.
> If you're ok with it, I'll send a PR for this.
--
This message was sent by Atlassian Jira
(v8.20.1#820001)
[jira] [Work logged] (COMPRESS-614) Use FileTime for time fields in SevenZipArchiveEntry
[
https://issues.apache.org/jira/browse/COMPRESS-614?focusedWorklogId=745330=com.atlassian.jira.plugin.system.issuetabpanels:worklog-tabpanel#worklog-745330
]
ASF GitHub Bot logged work on COMPRESS-614:
---
Author: ASF GitHub Bot
Created on: 21/Mar/22 18:11
Start Date: 21/Mar/22 18:11
Worklog Time Spent: 10m
Work Description: andrebrait commented on a change in pull request #256:
URL: https://github.com/apache/commons-compress/pull/256#discussion_r831407044
##
File path:
src/main/java/org/apache/commons/compress/archivers/sevenz/SevenZArchiveEntry.java
##
@@ -198,14 +223,27 @@ public void setHasLastModifiedDate(final boolean
hasLastModifiedDate) {
/**
* Gets the last modified date.
- * @throws UnsupportedOperationException if the entry hasn't got a
- * last modified date.
+ * This is equivalent to {@link SevenZArchiveEntry#getLastModifiedTime()},
but precision is truncated to milliseconds.
+ *
+ * @throws UnsupportedOperationException if the entry hasn't got a last
modified date.
* @return the last modified date
+ * @see SevenZArchiveEntry#getLastModifiedTime()
*/
@Override
public Date getLastModifiedDate() {
+return new Date(getLastModifiedTime().toMillis());
Review comment:
I created a TimeUtils utility class that will also be used for another
improvement I have down the line.
##
File path:
src/main/java/org/apache/commons/compress/archivers/sevenz/SevenZArchiveEntry.java
##
@@ -217,17 +255,29 @@ public Date getLastModifiedDate() {
* @param ntfsLastModifiedDate the last modified date
*/
public void setLastModifiedDate(final long ntfsLastModifiedDate) {
-this.lastModifiedDate = ntfsLastModifiedDate;
+this.lastModifiedDate =
ZipUtil.ntfsTimeToFileTime(ntfsLastModifiedDate);
}
/**
- * Sets the last modified date,
- * @param lastModifiedDate the last modified date
+ * Sets the last modified date.
+ *
+ * @param lastModifiedDate the new last modified date
+ * @see SevenZArchiveEntry#setLastModifiedTime(FileTime)
*/
public void setLastModifiedDate(final Date lastModifiedDate) {
-hasLastModifiedDate = lastModifiedDate != null;
+setLastModifiedTime(toFileTime(lastModifiedDate));
+}
+
+/**
+ * Sets the last modified date.
Review comment:
Fixed. Thanks.
##
File path:
src/main/java/org/apache/commons/compress/archivers/sevenz/SevenZArchiveEntry.java
##
@@ -198,14 +223,27 @@ public void setHasLastModifiedDate(final boolean
hasLastModifiedDate) {
/**
* Gets the last modified date.
- * @throws UnsupportedOperationException if the entry hasn't got a
- * last modified date.
+ * This is equivalent to {@link SevenZArchiveEntry#getLastModifiedTime()},
but precision is truncated to milliseconds.
+ *
+ * @throws UnsupportedOperationException if the entry hasn't got a last
modified date.
* @return the last modified date
+ * @see SevenZArchiveEntry#getLastModifiedTime()
*/
@Override
public Date getLastModifiedDate() {
+return new Date(getLastModifiedTime().toMillis());
+}
+
+/**
+ * Gets the last modified date.
Review comment:
Fixed
##
File path:
src/main/java/org/apache/commons/compress/archivers/sevenz/SevenZArchiveEntry.java
##
@@ -249,13 +299,26 @@ public void setHasAccessDate(final boolean hasAcessDate) {
/**
* Gets the access date.
- * @throws UnsupportedOperationException if the entry hasn't got a
- * access date.
+ * This is equivalent to {@link SevenZArchiveEntry#getAccessTime()}, but
precision is truncated to milliseconds.
+ *
+ * @throws UnsupportedOperationException if the entry hasn't got an access
date.
* @return the access date
+ * @see SevenZArchiveEntry#getAccessTime()
*/
public Date getAccessDate() {
+return new Date(getAccessTime().toMillis());
+}
+
+/**
+ * Gets the access date.
Review comment:
Fixed
--
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.
To unsubscribe, e-mail: issues-unsubscr...@commons.apache.org
For queries about this service, please contact Infrastructure at:
us...@infra.apache.org
Issue Time Tracking
---
Worklog Id: (was: 745330)
Time Spent: 40m (was: 0.5h)
> Use FileTime for time fields in SevenZipArchiveEntry
>
>
> Key: COMPRESS-614
> URL: https://issues.apache.org/jira/browse/COMPRESS-614
> Project: Commons Compress
> Issue Type: Improvement
> Components: Archivers
>Affects
[GitHub] [commons-compress] andrebrait commented on a change in pull request #256: COMPRESS-614: Use FileTime in SevenZArchiveEntry
andrebrait commented on a change in pull request #256:
URL: https://github.com/apache/commons-compress/pull/256#discussion_r831407462
##
File path:
src/main/java/org/apache/commons/compress/archivers/zip/X000A_NTFS.java
##
@@ -244,6 +245,36 @@ public Date getCreateJavaTime() {
return zipToDate(createTime);
}
+/**
+ * Returns the modify time as as a {@link FileTime}
Review comment:
Fixed
##
File path:
src/test/java/org/apache/commons/compress/archivers/sevenz/SevenZFileTest.java
##
@@ -836,4 +857,37 @@ private void checkHelloWorld(final String filename) throws
Exception {
private static boolean isStrongCryptoAvailable() throws
NoSuchAlgorithmException {
return Cipher.getMaxAllowedKeyLength("AES/ECB/PKCS5Padding") >= 256;
}
+
+private void assertDates(SevenZArchiveEntry e, String modified, String
access, String creation) {
+if (modified != null) {
+assertTrue(e.getHasLastModifiedDate());
+FileTime time = FileTime.from(Instant.parse(modified));
Review comment:
Fixed
--
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.
To unsubscribe, e-mail: issues-unsubscr...@commons.apache.org
For queries about this service, please contact Infrastructure at:
us...@infra.apache.org
[GitHub] [commons-compress] andrebrait commented on a change in pull request #256: COMPRESS-614: Use FileTime in SevenZArchiveEntry
andrebrait commented on a change in pull request #256:
URL: https://github.com/apache/commons-compress/pull/256#discussion_r831407044
##
File path:
src/main/java/org/apache/commons/compress/archivers/sevenz/SevenZArchiveEntry.java
##
@@ -198,14 +223,27 @@ public void setHasLastModifiedDate(final boolean
hasLastModifiedDate) {
/**
* Gets the last modified date.
- * @throws UnsupportedOperationException if the entry hasn't got a
- * last modified date.
+ * This is equivalent to {@link SevenZArchiveEntry#getLastModifiedTime()},
but precision is truncated to milliseconds.
+ *
+ * @throws UnsupportedOperationException if the entry hasn't got a last
modified date.
* @return the last modified date
+ * @see SevenZArchiveEntry#getLastModifiedTime()
*/
@Override
public Date getLastModifiedDate() {
+return new Date(getLastModifiedTime().toMillis());
Review comment:
I created a TimeUtils utility class that will also be used for another
improvement I have down the line.
##
File path:
src/main/java/org/apache/commons/compress/archivers/sevenz/SevenZArchiveEntry.java
##
@@ -217,17 +255,29 @@ public Date getLastModifiedDate() {
* @param ntfsLastModifiedDate the last modified date
*/
public void setLastModifiedDate(final long ntfsLastModifiedDate) {
-this.lastModifiedDate = ntfsLastModifiedDate;
+this.lastModifiedDate =
ZipUtil.ntfsTimeToFileTime(ntfsLastModifiedDate);
}
/**
- * Sets the last modified date,
- * @param lastModifiedDate the last modified date
+ * Sets the last modified date.
+ *
+ * @param lastModifiedDate the new last modified date
+ * @see SevenZArchiveEntry#setLastModifiedTime(FileTime)
*/
public void setLastModifiedDate(final Date lastModifiedDate) {
-hasLastModifiedDate = lastModifiedDate != null;
+setLastModifiedTime(toFileTime(lastModifiedDate));
+}
+
+/**
+ * Sets the last modified date.
Review comment:
Fixed. Thanks.
##
File path:
src/main/java/org/apache/commons/compress/archivers/sevenz/SevenZArchiveEntry.java
##
@@ -198,14 +223,27 @@ public void setHasLastModifiedDate(final boolean
hasLastModifiedDate) {
/**
* Gets the last modified date.
- * @throws UnsupportedOperationException if the entry hasn't got a
- * last modified date.
+ * This is equivalent to {@link SevenZArchiveEntry#getLastModifiedTime()},
but precision is truncated to milliseconds.
+ *
+ * @throws UnsupportedOperationException if the entry hasn't got a last
modified date.
* @return the last modified date
+ * @see SevenZArchiveEntry#getLastModifiedTime()
*/
@Override
public Date getLastModifiedDate() {
+return new Date(getLastModifiedTime().toMillis());
+}
+
+/**
+ * Gets the last modified date.
Review comment:
Fixed
##
File path:
src/main/java/org/apache/commons/compress/archivers/sevenz/SevenZArchiveEntry.java
##
@@ -249,13 +299,26 @@ public void setHasAccessDate(final boolean hasAcessDate) {
/**
* Gets the access date.
- * @throws UnsupportedOperationException if the entry hasn't got a
- * access date.
+ * This is equivalent to {@link SevenZArchiveEntry#getAccessTime()}, but
precision is truncated to milliseconds.
+ *
+ * @throws UnsupportedOperationException if the entry hasn't got an access
date.
* @return the access date
+ * @see SevenZArchiveEntry#getAccessTime()
*/
public Date getAccessDate() {
+return new Date(getAccessTime().toMillis());
+}
+
+/**
+ * Gets the access date.
Review comment:
Fixed
--
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.
To unsubscribe, e-mail: issues-unsubscr...@commons.apache.org
For queries about this service, please contact Infrastructure at:
us...@infra.apache.org
[GitHub] [commons-fileupload] dependabot[bot] opened a new pull request #140: Bump actions/cache from 2.1.7 to 3
dependabot[bot] opened a new pull request #140: URL: https://github.com/apache/commons-fileupload/pull/140 Bumps [actions/cache](https://github.com/actions/cache) from 2.1.7 to 3. Release notes Sourced from https://github.com/actions/cache/releases;>actions/cache's releases. v3.0.0 This change adds a minimum runner version(node12 - node16), which can break users using an out-of-date/fork of the runner. This would be most commonly affecting users on GHES 3.3 or before, as those runners do not support node16 actions and they can use actions from github.com via https://docs.github.com/en/enterprise-server@3.0/admin/github-actions/managing-access-to-actions-from-githubcom/enabling-automatic-access-to-githubcom-actions-using-github-connect;>github connect or manually copying the repo to their GHES instance. Few dependencies and cache action usage examples have also been updated. Commits https://github.com/actions/cache/commit/4b0cf6cc4619e737324ddfcec08fff2413359514;>4b0cf6c Merge pull request https://github-redirect.dependabot.com/actions/cache/issues/769;>#769 from actions/users/ashwinsangem/bump_major_version https://github.com/actions/cache/commit/60c606a2b4c5358e11c2ca7b4694e59049d008d1;>60c606a Update licensed files https://github.com/actions/cache/commit/b6e9a919a7da3606e9b2db756823ee1c39c7b48d;>b6e9a91 Revert Updated to the latest version. https://github.com/actions/cache/commit/c8425035834f98c304ecf92f5d50f41d433885c1;>c842503 Updated to the latest version. https://github.com/actions/cache/commit/2b7da2a62c3af9fa2692cd8d2d117da76faf31ac;>2b7da2a Bumped up to a major version. https://github.com/actions/cache/commit/deae296ab340574da1ec86242984dfc91f0a7b81;>deae296 Merge pull request https://github-redirect.dependabot.com/actions/cache/issues/651;>#651 from magnetikonline/fix-golang-windows-example https://github.com/actions/cache/commit/c7c46bcb6db3c571021a3a2dc2d2557b512ecace;>c7c46bc Merge pull request https://github-redirect.dependabot.com/actions/cache/issues/707;>#707 from duxtland/main https://github.com/actions/cache/commit/6535c5fb5fe2870754afba7bd4e514867ac9cb98;>6535c5f Regenerated examples.md TOC https://github.com/actions/cache/commit/3fdafa472e0db16435add384585aa138ffdd16d3;>3fdafa4 Update GitHub Actions status badge markdown in README.md https://github.com/actions/cache/commit/341e6d75d9826beb2fa659263d862f6aec63a064;>341e6d7 Merge branch 'actions:main' into fix-golang-windows-example Additional commits viewable in https://github.com/actions/cache/compare/v2.1.7...v3;>compare view [](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores) Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting `@dependabot rebase`. [//]: # (dependabot-automerge-start) [//]: # (dependabot-automerge-end) --- Dependabot commands and options You can trigger Dependabot actions by commenting on this PR: - `@dependabot rebase` will rebase this PR - `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it - `@dependabot merge` will merge this PR after your CI passes on it - `@dependabot squash and merge` will squash and merge this PR after your CI passes on it - `@dependabot cancel merge` will cancel a previously requested merge and block automerging - `@dependabot reopen` will reopen this PR if it is closed - `@dependabot close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually - `@dependabot ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself) -- This is an automated message from the Apache Git Service. To respond to the message, please log on to GitHub and use the URL above to go to the specific comment. To unsubscribe, e-mail: issues-unsubscr...@commons.apache.org For queries about this service, please contact Infrastructure at: us...@infra.apache.org
[GitHub] [commons-exec] dependabot[bot] opened a new pull request #47: Bump actions/cache from 2 to 3
dependabot[bot] opened a new pull request #47: URL: https://github.com/apache/commons-exec/pull/47 Bumps [actions/cache](https://github.com/actions/cache) from 2 to 3. Release notes Sourced from https://github.com/actions/cache/releases;>actions/cache's releases. v3.0.0 This change adds a minimum runner version(node12 - node16), which can break users using an out-of-date/fork of the runner. This would be most commonly affecting users on GHES 3.3 or before, as those runners do not support node16 actions and they can use actions from github.com via https://docs.github.com/en/enterprise-server@3.0/admin/github-actions/managing-access-to-actions-from-githubcom/enabling-automatic-access-to-githubcom-actions-using-github-connect;>github connect or manually copying the repo to their GHES instance. Few dependencies and cache action usage examples have also been updated. v2.1.7 Support 10GB cache upload using the latest version 1.0.8 of https://www.npmjs.com/package/@actions/cache;>@actions/cache v2.1.6 Catch unhandled bad file descriptor errors that sometimes occurs when the cache server returns non-successful response (https://github-redirect.dependabot.com/actions/cache/pull/596;>actions/cache#596) v2.1.5 Fix permissions error seen when extracting caches with GNU tar that were previously created using BSD tar (https://github-redirect.dependabot.com/actions/cache/issues/527;>actions/cache#527) v2.1.4 Make caching more verbose https://github-redirect.dependabot.com/actions/toolkit/pull/650;>#650 Use GNU tar on macOS if available https://github-redirect.dependabot.com/actions/toolkit/pull/701;>#701 v2.1.3 Upgrades @actions/core to v1.2.6 for https://github.com/advisories/GHSA-mfwh-5m23-j46w;>CVE-2020-15228. This action was not using the affected methods. Fix error handling in uploadChunk where 400-level errors were not being detected and handled correctly v2.1.2 Adds input to limit the chunk upload size, useful for self-hosted runners with slower upload speeds No-op when executing on GHES v2.1.1 Update @actions/cache package to v1.0.2 which allows cache action to use posix format when taring files. v2.1.0 Replaces the http-client with the Azure Storage SDK for NodeJS when downloading cache content from Azure. This should help improve download performance and reliability as the SDK downloads files in 4 MB chunks, which can be parallelized and retried independently Display download progress and speed Commits https://github.com/actions/cache/commit/4b0cf6cc4619e737324ddfcec08fff2413359514;>4b0cf6c Merge pull request https://github-redirect.dependabot.com/actions/cache/issues/769;>#769 from actions/users/ashwinsangem/bump_major_version https://github.com/actions/cache/commit/60c606a2b4c5358e11c2ca7b4694e59049d008d1;>60c606a Update licensed files https://github.com/actions/cache/commit/b6e9a919a7da3606e9b2db756823ee1c39c7b48d;>b6e9a91 Revert Updated to the latest version. https://github.com/actions/cache/commit/c8425035834f98c304ecf92f5d50f41d433885c1;>c842503 Updated to the latest version. https://github.com/actions/cache/commit/2b7da2a62c3af9fa2692cd8d2d117da76faf31ac;>2b7da2a Bumped up to a major version. https://github.com/actions/cache/commit/deae296ab340574da1ec86242984dfc91f0a7b81;>deae296 Merge pull request https://github-redirect.dependabot.com/actions/cache/issues/651;>#651 from magnetikonline/fix-golang-windows-example https://github.com/actions/cache/commit/c7c46bcb6db3c571021a3a2dc2d2557b512ecace;>c7c46bc Merge pull request https://github-redirect.dependabot.com/actions/cache/issues/707;>#707 from duxtland/main https://github.com/actions/cache/commit/6535c5fb5fe2870754afba7bd4e514867ac9cb98;>6535c5f Regenerated examples.md TOC https://github.com/actions/cache/commit/3fdafa472e0db16435add384585aa138ffdd16d3;>3fdafa4 Update GitHub Actions status badge markdown in README.md https://github.com/actions/cache/commit/341e6d75d9826beb2fa659263d862f6aec63a064;>341e6d7 Merge branch 'actions:main' into fix-golang-windows-example Additional commits viewable in https://github.com/actions/cache/compare/v2...v3;>compare view [](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores) Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting `@dependabot rebase`. [//]: # (dependabot-automerge-start) [//]: # (dependabot-automerge-end) --- Dependabot commands and options You can trigger Dependabot
[jira] [Commented] (BCEL-361) LineNumber.toString() treats code offset as signed
[ https://issues.apache.org/jira/browse/BCEL-361?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel=17509991#comment-17509991 ] Mark Roberts commented on BCEL-361: --- Fix is [https://github.com/apache/commons-bcel/pull/118.] > LineNumber.toString() treats code offset as signed > -- > > Key: BCEL-361 > URL: https://issues.apache.org/jira/browse/BCEL-361 > Project: Commons BCEL > Issue Type: Bug >Reporter: Mark Roberts >Priority: Minor > > Method code offsets run form 0 to max of 65535, but LineNumber.toString() > treats as signed and gets offsets >32767 wrong. -- This message was sent by Atlassian Jira (v8.20.1#820001)
[GitHub] [commons-bcel] markro49 opened a new pull request #118: force unsigned short for LineNumber.toString()
markro49 opened a new pull request #118: URL: https://github.com/apache/commons-bcel/pull/118 Ensure startPc and lineNumber are treated as unsigned short in LineNumber.toString() -- This is an automated message from the Apache Git Service. To respond to the message, please log on to GitHub and use the URL above to go to the specific comment. To unsubscribe, e-mail: issues-unsubscr...@commons.apache.org For queries about this service, please contact Infrastructure at: us...@infra.apache.org
[jira] [Work logged] (COMPRESS-614) Use FileTime for time fields in SevenZipArchiveEntry
[
https://issues.apache.org/jira/browse/COMPRESS-614?focusedWorklogId=745204=com.atlassian.jira.plugin.system.issuetabpanels:worklog-tabpanel#worklog-745204
]
ASF GitHub Bot logged work on COMPRESS-614:
---
Author: ASF GitHub Bot
Created on: 21/Mar/22 16:03
Start Date: 21/Mar/22 16:03
Worklog Time Spent: 10m
Work Description: garydgregory commented on a change in pull request #256:
URL: https://github.com/apache/commons-compress/pull/256#discussion_r831268843
##
File path:
src/main/java/org/apache/commons/compress/archivers/sevenz/SevenZArchiveEntry.java
##
@@ -198,14 +223,27 @@ public void setHasLastModifiedDate(final boolean
hasLastModifiedDate) {
/**
* Gets the last modified date.
- * @throws UnsupportedOperationException if the entry hasn't got a
- * last modified date.
+ * This is equivalent to {@link SevenZArchiveEntry#getLastModifiedTime()},
but precision is truncated to milliseconds.
+ *
+ * @throws UnsupportedOperationException if the entry hasn't got a last
modified date.
* @return the last modified date
+ * @see SevenZArchiveEntry#getLastModifiedTime()
*/
@Override
public Date getLastModifiedDate() {
+return new Date(getLastModifiedTime().toMillis());
+}
+
+/**
+ * Gets the last modified date.
Review comment:
"date" -> "time"
##
File path:
src/main/java/org/apache/commons/compress/archivers/sevenz/SevenZArchiveEntry.java
##
@@ -198,14 +223,27 @@ public void setHasLastModifiedDate(final boolean
hasLastModifiedDate) {
/**
* Gets the last modified date.
- * @throws UnsupportedOperationException if the entry hasn't got a
- * last modified date.
+ * This is equivalent to {@link SevenZArchiveEntry#getLastModifiedTime()},
but precision is truncated to milliseconds.
+ *
+ * @throws UnsupportedOperationException if the entry hasn't got a last
modified date.
* @return the last modified date
+ * @see SevenZArchiveEntry#getLastModifiedTime()
*/
@Override
public Date getLastModifiedDate() {
+return new Date(getLastModifiedTime().toMillis());
Review comment:
This convertion patter happens more than once, let's refactoring it into
a utility method somewhere.
##
File path:
src/main/java/org/apache/commons/compress/archivers/zip/X000A_NTFS.java
##
@@ -244,6 +245,36 @@ public Date getCreateJavaTime() {
return zipToDate(createTime);
}
+/**
+ * Returns the modify time as as a {@link FileTime}
Review comment:
"Returns" -> "Gets"
##
File path:
src/test/java/org/apache/commons/compress/archivers/sevenz/SevenZFileTest.java
##
@@ -836,4 +857,37 @@ private void checkHelloWorld(final String filename) throws
Exception {
private static boolean isStrongCryptoAvailable() throws
NoSuchAlgorithmException {
return Cipher.getMaxAllowedKeyLength("AES/ECB/PKCS5Padding") >= 256;
}
+
+private void assertDates(SevenZArchiveEntry e, String modified, String
access, String creation) {
+if (modified != null) {
+assertTrue(e.getHasLastModifiedDate());
+FileTime time = FileTime.from(Instant.parse(modified));
Review comment:
Use final where possible.
##
File path:
src/main/java/org/apache/commons/compress/archivers/sevenz/SevenZArchiveEntry.java
##
@@ -217,17 +255,29 @@ public Date getLastModifiedDate() {
* @param ntfsLastModifiedDate the last modified date
*/
public void setLastModifiedDate(final long ntfsLastModifiedDate) {
-this.lastModifiedDate = ntfsLastModifiedDate;
+this.lastModifiedDate =
ZipUtil.ntfsTimeToFileTime(ntfsLastModifiedDate);
}
/**
- * Sets the last modified date,
- * @param lastModifiedDate the last modified date
+ * Sets the last modified date.
+ *
+ * @param lastModifiedDate the new last modified date
+ * @see SevenZArchiveEntry#setLastModifiedTime(FileTime)
*/
public void setLastModifiedDate(final Date lastModifiedDate) {
-hasLastModifiedDate = lastModifiedDate != null;
+setLastModifiedTime(toFileTime(lastModifiedDate));
+}
+
+/**
+ * Sets the last modified date.
Review comment:
date -> time
##
File path:
src/main/java/org/apache/commons/compress/archivers/sevenz/SevenZArchiveEntry.java
##
@@ -249,13 +299,26 @@ public void setHasAccessDate(final boolean hasAcessDate) {
/**
* Gets the access date.
- * @throws UnsupportedOperationException if the entry hasn't got a
- * access date.
+ * This is equivalent to {@link SevenZArchiveEntry#getAccessTime()}, but
precision is truncated to milliseconds.
+ *
+ * @throws UnsupportedOperationException if the entry hasn't got an access
date.
* @return the
[GitHub] [commons-compress] garydgregory commented on a change in pull request #256: COMPRESS-614: Use FileTime in SevenZArchiveEntry
garydgregory commented on a change in pull request #256:
URL: https://github.com/apache/commons-compress/pull/256#discussion_r831268843
##
File path:
src/main/java/org/apache/commons/compress/archivers/sevenz/SevenZArchiveEntry.java
##
@@ -198,14 +223,27 @@ public void setHasLastModifiedDate(final boolean
hasLastModifiedDate) {
/**
* Gets the last modified date.
- * @throws UnsupportedOperationException if the entry hasn't got a
- * last modified date.
+ * This is equivalent to {@link SevenZArchiveEntry#getLastModifiedTime()},
but precision is truncated to milliseconds.
+ *
+ * @throws UnsupportedOperationException if the entry hasn't got a last
modified date.
* @return the last modified date
+ * @see SevenZArchiveEntry#getLastModifiedTime()
*/
@Override
public Date getLastModifiedDate() {
+return new Date(getLastModifiedTime().toMillis());
+}
+
+/**
+ * Gets the last modified date.
Review comment:
"date" -> "time"
##
File path:
src/main/java/org/apache/commons/compress/archivers/sevenz/SevenZArchiveEntry.java
##
@@ -198,14 +223,27 @@ public void setHasLastModifiedDate(final boolean
hasLastModifiedDate) {
/**
* Gets the last modified date.
- * @throws UnsupportedOperationException if the entry hasn't got a
- * last modified date.
+ * This is equivalent to {@link SevenZArchiveEntry#getLastModifiedTime()},
but precision is truncated to milliseconds.
+ *
+ * @throws UnsupportedOperationException if the entry hasn't got a last
modified date.
* @return the last modified date
+ * @see SevenZArchiveEntry#getLastModifiedTime()
*/
@Override
public Date getLastModifiedDate() {
+return new Date(getLastModifiedTime().toMillis());
Review comment:
This convertion patter happens more than once, let's refactoring it into
a utility method somewhere.
##
File path:
src/main/java/org/apache/commons/compress/archivers/zip/X000A_NTFS.java
##
@@ -244,6 +245,36 @@ public Date getCreateJavaTime() {
return zipToDate(createTime);
}
+/**
+ * Returns the modify time as as a {@link FileTime}
Review comment:
"Returns" -> "Gets"
##
File path:
src/test/java/org/apache/commons/compress/archivers/sevenz/SevenZFileTest.java
##
@@ -836,4 +857,37 @@ private void checkHelloWorld(final String filename) throws
Exception {
private static boolean isStrongCryptoAvailable() throws
NoSuchAlgorithmException {
return Cipher.getMaxAllowedKeyLength("AES/ECB/PKCS5Padding") >= 256;
}
+
+private void assertDates(SevenZArchiveEntry e, String modified, String
access, String creation) {
+if (modified != null) {
+assertTrue(e.getHasLastModifiedDate());
+FileTime time = FileTime.from(Instant.parse(modified));
Review comment:
Use final where possible.
##
File path:
src/main/java/org/apache/commons/compress/archivers/sevenz/SevenZArchiveEntry.java
##
@@ -217,17 +255,29 @@ public Date getLastModifiedDate() {
* @param ntfsLastModifiedDate the last modified date
*/
public void setLastModifiedDate(final long ntfsLastModifiedDate) {
-this.lastModifiedDate = ntfsLastModifiedDate;
+this.lastModifiedDate =
ZipUtil.ntfsTimeToFileTime(ntfsLastModifiedDate);
}
/**
- * Sets the last modified date,
- * @param lastModifiedDate the last modified date
+ * Sets the last modified date.
+ *
+ * @param lastModifiedDate the new last modified date
+ * @see SevenZArchiveEntry#setLastModifiedTime(FileTime)
*/
public void setLastModifiedDate(final Date lastModifiedDate) {
-hasLastModifiedDate = lastModifiedDate != null;
+setLastModifiedTime(toFileTime(lastModifiedDate));
+}
+
+/**
+ * Sets the last modified date.
Review comment:
date -> time
##
File path:
src/main/java/org/apache/commons/compress/archivers/sevenz/SevenZArchiveEntry.java
##
@@ -249,13 +299,26 @@ public void setHasAccessDate(final boolean hasAcessDate) {
/**
* Gets the access date.
- * @throws UnsupportedOperationException if the entry hasn't got a
- * access date.
+ * This is equivalent to {@link SevenZArchiveEntry#getAccessTime()}, but
precision is truncated to milliseconds.
+ *
+ * @throws UnsupportedOperationException if the entry hasn't got an access
date.
* @return the access date
+ * @see SevenZArchiveEntry#getAccessTime()
*/
public Date getAccessDate() {
+return new Date(getAccessTime().toMillis());
+}
+
+/**
+ * Gets the access date.
Review comment:
As above, let's be consistent in the new docs throughout
##
File path: src/main/java/org/apache/commons/compress/archivers/zip/ZipUtil.java
##
@@ -30,11 +33,32 @@
* @Immutable
*/
[jira] [Work logged] (COMPRESS-614) Use FileTime for time fields in SevenZipArchiveEntry
[
https://issues.apache.org/jira/browse/COMPRESS-614?focusedWorklogId=745165=com.atlassian.jira.plugin.system.issuetabpanels:worklog-tabpanel#worklog-745165
]
ASF GitHub Bot logged work on COMPRESS-614:
---
Author: ASF GitHub Bot
Created on: 21/Mar/22 15:14
Start Date: 21/Mar/22 15:14
Worklog Time Spent: 10m
Work Description: andrebrait commented on a change in pull request #256:
URL: https://github.com/apache/commons-compress/pull/256#discussion_r831222311
##
File path:
src/main/java/org/apache/commons/compress/archivers/sevenz/SevenZOutputFile.java
##
@@ -178,10 +184,18 @@ public SevenZArchiveEntry createArchiveEntry(final Path
inputPath,
final SevenZArchiveEntry entry = new SevenZArchiveEntry();
entry.setDirectory(Files.isDirectory(inputPath, options));
entry.setName(entryName);
-entry.setLastModifiedDate(new
Date(Files.getLastModifiedTime(inputPath, options).toMillis()));
+fillDates(inputPath, entry, options);
return entry;
}
+private void fillDates(final Path inputPath, final SevenZArchiveEntry
entry,
+final LinkOption... options) throws IOException {
+BasicFileAttributes attributes = Files.readAttributes(inputPath,
BasicFileAttributes.class, options);
+entry.setLastModifiedTime(attributes.lastModifiedTime());
Review comment:
This is what TAR does now. 7-Zip only adds those dates if you pass an
argument to it. Let me know what you think is best to do.
--
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.
To unsubscribe, e-mail: issues-unsubscr...@commons.apache.org
For queries about this service, please contact Infrastructure at:
us...@infra.apache.org
Issue Time Tracking
---
Worklog Id: (was: 745165)
Time Spent: 20m (was: 10m)
> Use FileTime for time fields in SevenZipArchiveEntry
>
>
> Key: COMPRESS-614
> URL: https://issues.apache.org/jira/browse/COMPRESS-614
> Project: Commons Compress
> Issue Type: Improvement
> Components: Archivers
>Affects Versions: 1.21
>Reporter: Andre Brait
>Priority: Major
> Labels: 7zip
> Time Spent: 20m
> Remaining Estimate: 0h
>
> Instead of java.util.Date, which caps precision in milliseconds, let's move
> on to using FileTime.
> We can keep backwards compatibility through the getters and setters for
> modification, access and creation dates.
> If you're ok with it, I'll send a PR for this.
--
This message was sent by Atlassian Jira
(v8.20.1#820001)
[GitHub] [commons-compress] andrebrait commented on a change in pull request #256: COMPRESS-614: Use FileTime in SevenZArchiveEntry
andrebrait commented on a change in pull request #256:
URL: https://github.com/apache/commons-compress/pull/256#discussion_r831222311
##
File path:
src/main/java/org/apache/commons/compress/archivers/sevenz/SevenZOutputFile.java
##
@@ -178,10 +184,18 @@ public SevenZArchiveEntry createArchiveEntry(final Path
inputPath,
final SevenZArchiveEntry entry = new SevenZArchiveEntry();
entry.setDirectory(Files.isDirectory(inputPath, options));
entry.setName(entryName);
-entry.setLastModifiedDate(new
Date(Files.getLastModifiedTime(inputPath, options).toMillis()));
+fillDates(inputPath, entry, options);
return entry;
}
+private void fillDates(final Path inputPath, final SevenZArchiveEntry
entry,
+final LinkOption... options) throws IOException {
+BasicFileAttributes attributes = Files.readAttributes(inputPath,
BasicFileAttributes.class, options);
+entry.setLastModifiedTime(attributes.lastModifiedTime());
Review comment:
This is what TAR does now. 7-Zip only adds those dates if you pass an
argument to it. Let me know what you think is best to do.
--
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.
To unsubscribe, e-mail: issues-unsubscr...@commons.apache.org
For queries about this service, please contact Infrastructure at:
us...@infra.apache.org
[jira] [Work logged] (COMPRESS-614) Use FileTime for time fields in SevenZipArchiveEntry
[ https://issues.apache.org/jira/browse/COMPRESS-614?focusedWorklogId=745161=com.atlassian.jira.plugin.system.issuetabpanels:worklog-tabpanel#worklog-745161 ] ASF GitHub Bot logged work on COMPRESS-614: --- Author: ASF GitHub Bot Created on: 21/Mar/22 15:06 Start Date: 21/Mar/22 15:06 Worklog Time Spent: 10m Work Description: andrebrait opened a new pull request #256: URL: https://github.com/apache/commons-compress/pull/256 I also included a deprecation notice I missed from COMPRESS-612 and I moved some common paths between Zip and SevenZip to ZipUtil (and those will also be used for COMPRESS-613). -- This is an automated message from the Apache Git Service. To respond to the message, please log on to GitHub and use the URL above to go to the specific comment. To unsubscribe, e-mail: issues-unsubscr...@commons.apache.org For queries about this service, please contact Infrastructure at: us...@infra.apache.org Issue Time Tracking --- Worklog Id: (was: 745161) Remaining Estimate: 0h Time Spent: 10m > Use FileTime for time fields in SevenZipArchiveEntry > > > Key: COMPRESS-614 > URL: https://issues.apache.org/jira/browse/COMPRESS-614 > Project: Commons Compress > Issue Type: Improvement > Components: Archivers >Affects Versions: 1.21 >Reporter: Andre Brait >Priority: Major > Labels: 7zip > Time Spent: 10m > Remaining Estimate: 0h > > Instead of java.util.Date, which caps precision in milliseconds, let's move > on to using FileTime. > We can keep backwards compatibility through the getters and setters for > modification, access and creation dates. > If you're ok with it, I'll send a PR for this. -- This message was sent by Atlassian Jira (v8.20.1#820001)
[GitHub] [commons-compress] andrebrait opened a new pull request #256: COMPRESS-614: Use FileTime in SevenZArchiveEntry
andrebrait opened a new pull request #256: URL: https://github.com/apache/commons-compress/pull/256 I also included a deprecation notice I missed from COMPRESS-612 and I moved some common paths between Zip and SevenZip to ZipUtil (and those will also be used for COMPRESS-613). -- This is an automated message from the Apache Git Service. To respond to the message, please log on to GitHub and use the URL above to go to the specific comment. To unsubscribe, e-mail: issues-unsubscr...@commons.apache.org For queries about this service, please contact Infrastructure at: us...@infra.apache.org
[GitHub] [commons-lang] dependabot[bot] closed pull request #864: Bump spotbugs from 4.2.3 to 4.6.0
dependabot[bot] closed pull request #864: URL: https://github.com/apache/commons-lang/pull/864 -- This is an automated message from the Apache Git Service. To respond to the message, please log on to GitHub and use the URL above to go to the specific comment. To unsubscribe, e-mail: issues-unsubscr...@commons.apache.org For queries about this service, please contact Infrastructure at: us...@infra.apache.org
[GitHub] [commons-lang] dependabot[bot] commented on pull request #846: Bump spotbugs-maven-plugin from 4.5.0.0 to 4.5.3.0
dependabot[bot] commented on pull request #846: URL: https://github.com/apache/commons-lang/pull/846#issuecomment-1073985436 Looks like com.github.spotbugs:spotbugs-maven-plugin is up-to-date now, so this is no longer needed. -- This is an automated message from the Apache Git Service. To respond to the message, please log on to GitHub and use the URL above to go to the specific comment. To unsubscribe, e-mail: issues-unsubscr...@commons.apache.org For queries about this service, please contact Infrastructure at: us...@infra.apache.org
[GitHub] [commons-lang] dependabot[bot] commented on pull request #864: Bump spotbugs from 4.2.3 to 4.6.0
dependabot[bot] commented on pull request #864: URL: https://github.com/apache/commons-lang/pull/864#issuecomment-1073985475 Looks like com.github.spotbugs:spotbugs is up-to-date now, so this is no longer needed. -- This is an automated message from the Apache Git Service. To respond to the message, please log on to GitHub and use the URL above to go to the specific comment. To unsubscribe, e-mail: issues-unsubscr...@commons.apache.org For queries about this service, please contact Infrastructure at: us...@infra.apache.org
[GitHub] [commons-lang] dependabot[bot] closed pull request #846: Bump spotbugs-maven-plugin from 4.5.0.0 to 4.5.3.0
dependabot[bot] closed pull request #846: URL: https://github.com/apache/commons-lang/pull/846 -- This is an automated message from the Apache Git Service. To respond to the message, please log on to GitHub and use the URL above to go to the specific comment. To unsubscribe, e-mail: issues-unsubscr...@commons.apache.org For queries about this service, please contact Infrastructure at: us...@infra.apache.org
[jira] [Commented] (COMPRESS-605) Failed to parse Non-zip64 signed apk with data descriptor
[ https://issues.apache.org/jira/browse/COMPRESS-605?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel=17509644#comment-17509644 ] nick allen commented on COMPRESS-605: - [~ggregory] I tried to fix it, but it turns out to be extremely hard because apk signing block has a variable size and it only have a signautre at the end. So if I want to fix this issue perfectly I need to buffer the whole apk signing block section and call isApkSigningBlock each time we call readDataDescriptor and push back if following is not apk signing block. The root cause of this issue is while readDataDescriptor, we saw whether 8~16 bytes is some kind of signature to decide whether data descriptor's length is eight bytes (see the comment of ZipArchiveInputStream#readDataDescriptor for more details), unfortunately apk signing block doesn't have any signature in the begining. So the last entry of apk will always assumed to have a data descriptor that having 8 byte length. My client promise me that with 8-byte-length data descriptor there will al;ways a zip64 header, so I just change `potentialSig.equals(ZipLong.CFH_SIG) || potentialSig.equals(ZipLong.LFH_SIG)` to `!current.usesZip64` to get around of this issue. > Failed to parse Non-zip64 signed apk with data descriptor > - > > Key: COMPRESS-605 > URL: https://issues.apache.org/jira/browse/COMPRESS-605 > Project: Commons Compress > Issue Type: Bug > Components: Archivers >Affects Versions: 1.21 >Reporter: nick allen >Priority: Major > > I can't upload my apk due to security policy of my company, but I do find > where the problem lies. > In > org.apache.commons.compress.archivers.zip.ZipArchiveInputStream#readDataDescriptor > we check whether following bytes are signaures to determine whethere size is > 8 bytes or 4 bytes. Because what following is apk signing block so it will > always thought "size" takes 8 bytes. > So (4 + 4 = 8) extra bytes were read. Which leading to > org.apache.commons.compress.archivers.zip.ZipArchiveInputStream#isApkSigningBlock > also return false. -- This message was sent by Atlassian Jira (v8.20.1#820001)
