[GitHub] [commons-cli] codecov-commenter commented on pull request #145: Bump spotbugs-maven-plugin from 4.7.2.1 to 4.7.3.0
codecov-commenter commented on PR #145: URL: https://github.com/apache/commons-cli/pull/145#issuecomment-1311305018 # [Codecov](https://codecov.io/gh/apache/commons-cli/pull/145?src=pr&el=h1&utm_medium=referral&utm_source=github&utm_content=comment&utm_campaign=pr+comments&utm_term=The+Apache+Software+Foundation) Report > Merging [#145](https://codecov.io/gh/apache/commons-cli/pull/145?src=pr&el=desc&utm_medium=referral&utm_source=github&utm_content=comment&utm_campaign=pr+comments&utm_term=The+Apache+Software+Foundation) (531b863) into [master](https://codecov.io/gh/apache/commons-cli/commit/ed0e3dbc0c7213eadb108ddb7668572aec2624d6?el=desc&utm_medium=referral&utm_source=github&utm_content=comment&utm_campaign=pr+comments&utm_term=The+Apache+Software+Foundation) (ed0e3db) will **not change** coverage. > The diff coverage is `n/a`. ```diff @@Coverage Diff@@ ## master #145 +/- ## = Coverage 93.20% 93.20% Complexity 567 567 = Files21 21 Lines 1206 1206 Branches214 214 = Hits 1124 1124 Misses 46 46 Partials 36 36 ``` :mega: We’re building smart automated test selection to slash your CI/CD build times. [Learn more](https://about.codecov.io/iterative-testing/?utm_medium=referral&utm_source=github&utm_content=comment&utm_campaign=pr+comments&utm_term=The+Apache+Software+Foundation) -- This is an automated message from the Apache Git Service. To respond to the message, please log on to GitHub and use the URL above to go to the specific comment. To unsubscribe, e-mail: issues-unsubscr...@commons.apache.org For queries about this service, please contact Infrastructure at: us...@infra.apache.org
[GitHub] [commons-cli] dependabot[bot] opened a new pull request, #145: Bump spotbugs-maven-plugin from 4.7.2.1 to 4.7.3.0
dependabot[bot] opened a new pull request, #145: URL: https://github.com/apache/commons-cli/pull/145 Bumps [spotbugs-maven-plugin](https://github.com/spotbugs/spotbugs-maven-plugin) from 4.7.2.1 to 4.7.3.0. Release notes Sourced from https://github.com/spotbugs/spotbugs-maven-plugin/releases";>spotbugs-maven-plugin's releases. Spotbugs Maven Plugin 4.7.3.0 Supports spotbugs 4.7.3 note: 4.7.2.2 was released and actually included 4.7.3 by default. All items in 4.7.2.2 are in this release with only change being to denote underlying spotbugs. Spotbugs Maven Plugin 4.7.2.2 Groovy bumped to 4.0.6 Make sarifOutputDirectory and sarifOutputFilename configurable per https://github-redirect.dependabot.com/spotbugs/spotbugs-maven-plugin/issues/506";>#506 and https://github-redirect.dependabot.com/spotbugs/spotbugs-maven-plugin/issues/507";>#507 notice: This is actually running spotbugs 4.7.3. A new release will be pushed that directly shows that. Sorry for any confusion. Commits https://github.com/spotbugs/spotbugs-maven-plugin/commit/a084687f6bb4706314cc57c0119a79135ba053f6";>a084687 [maven-release-plugin] prepare release spotbugs-maven-plugin-4.7.3.0 https://github.com/spotbugs/spotbugs-maven-plugin/commit/99061cb2526a26536b767a2305198084942524b7";>99061cb Merge pull request https://github-redirect.dependabot.com/spotbugs/spotbugs-maven-plugin/issues/509";>#509 from hazendaz/spotbugs https://github.com/spotbugs/spotbugs-maven-plugin/commit/371096c3b2dd6f320006b9d9fd95c411e93d48fc";>371096c [pom] Set rest of spotbugs 4.7.3 artifacts https://github.com/spotbugs/spotbugs-maven-plugin/commit/d46ad44ad6c0b1782f2dfce57a59436e27e4ee79";>d46ad44 [maven-release-plugin] prepare for next development iteration https://github.com/spotbugs/spotbugs-maven-plugin/commit/f8450ddacc7328075693c6e56d3cdb2844767d1c";>f8450dd [maven-release-plugin] prepare release spotbugs-maven-plugin-4.7.2.2 https://github.com/spotbugs/spotbugs-maven-plugin/commit/24a8bb294680413a781efdbf73735b763830860c";>24a8bb2 Merge pull request https://github-redirect.dependabot.com/spotbugs/spotbugs-maven-plugin/issues/508";>#508 from jwgmeligmeyling/issues/506-507 https://github.com/spotbugs/spotbugs-maven-plugin/commit/e148e19538bccf78a215e95f520274a7a249839b";>e148e19 Make sarifOutputDirectory and sarifOutputFilename configurable https://github.com/spotbugs/spotbugs-maven-plugin/commit/f01a7f6b99da3d2e6dcdbddd20f0b4e4dfac73fa";>f01a7f6 Merge pull request https://github-redirect.dependabot.com/spotbugs/spotbugs-maven-plugin/issues/504";>#504 from spotbugs/renovate/versionspluginversion https://github.com/spotbugs/spotbugs-maven-plugin/commit/717ab1ec1f3aec7a5131a4c561942756b456c09a";>717ab1e Merge pull request https://github-redirect.dependabot.com/spotbugs/spotbugs-maven-plugin/issues/503";>#503 from spotbugs/renovate/plexusutilsversion https://github.com/spotbugs/spotbugs-maven-plugin/commit/a01ef40e5a6ffd2deff1f125b717396b671f1536";>a01ef40 Update dependency org.codehaus.mojo:versions-maven-plugin to v2.13.0 Additional commits viewable in https://github.com/spotbugs/spotbugs-maven-plugin/compare/spotbugs-maven-plugin-4.7.2.1...spotbugs-maven-plugin-4.7.3.0";>compare view [](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores) Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting `@dependabot rebase`. [//]: # (dependabot-automerge-start) [//]: # (dependabot-automerge-end) --- Dependabot commands and options You can trigger Dependabot actions by commenting on this PR: - `@dependabot rebase` will rebase this PR - `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it - `@dependabot merge` will merge this PR after your CI passes on it - `@dependabot squash and merge` will squash and merge this PR after your CI passes on it - `@dependabot cancel merge` will cancel a previously requested merge and block automerging - `@dependabot reopen` will reopen this PR if it is closed - `@dependabot close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually - `@dependabot ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you
[GitHub] [commons-build-plugin] dependabot[bot] opened a new pull request, #106: Bump spotbugs-maven-plugin from 4.7.2.1 to 4.7.3.0
dependabot[bot] opened a new pull request, #106: URL: https://github.com/apache/commons-build-plugin/pull/106 Bumps [spotbugs-maven-plugin](https://github.com/spotbugs/spotbugs-maven-plugin) from 4.7.2.1 to 4.7.3.0. Release notes Sourced from https://github.com/spotbugs/spotbugs-maven-plugin/releases";>spotbugs-maven-plugin's releases. Spotbugs Maven Plugin 4.7.3.0 Supports spotbugs 4.7.3 note: 4.7.2.2 was released and actually included 4.7.3 by default. All items in 4.7.2.2 are in this release with only change being to denote underlying spotbugs. Spotbugs Maven Plugin 4.7.2.2 Groovy bumped to 4.0.6 Make sarifOutputDirectory and sarifOutputFilename configurable per https://github-redirect.dependabot.com/spotbugs/spotbugs-maven-plugin/issues/506";>#506 and https://github-redirect.dependabot.com/spotbugs/spotbugs-maven-plugin/issues/507";>#507 notice: This is actually running spotbugs 4.7.3. A new release will be pushed that directly shows that. Sorry for any confusion. Commits https://github.com/spotbugs/spotbugs-maven-plugin/commit/a084687f6bb4706314cc57c0119a79135ba053f6";>a084687 [maven-release-plugin] prepare release spotbugs-maven-plugin-4.7.3.0 https://github.com/spotbugs/spotbugs-maven-plugin/commit/99061cb2526a26536b767a2305198084942524b7";>99061cb Merge pull request https://github-redirect.dependabot.com/spotbugs/spotbugs-maven-plugin/issues/509";>#509 from hazendaz/spotbugs https://github.com/spotbugs/spotbugs-maven-plugin/commit/371096c3b2dd6f320006b9d9fd95c411e93d48fc";>371096c [pom] Set rest of spotbugs 4.7.3 artifacts https://github.com/spotbugs/spotbugs-maven-plugin/commit/d46ad44ad6c0b1782f2dfce57a59436e27e4ee79";>d46ad44 [maven-release-plugin] prepare for next development iteration https://github.com/spotbugs/spotbugs-maven-plugin/commit/f8450ddacc7328075693c6e56d3cdb2844767d1c";>f8450dd [maven-release-plugin] prepare release spotbugs-maven-plugin-4.7.2.2 https://github.com/spotbugs/spotbugs-maven-plugin/commit/24a8bb294680413a781efdbf73735b763830860c";>24a8bb2 Merge pull request https://github-redirect.dependabot.com/spotbugs/spotbugs-maven-plugin/issues/508";>#508 from jwgmeligmeyling/issues/506-507 https://github.com/spotbugs/spotbugs-maven-plugin/commit/e148e19538bccf78a215e95f520274a7a249839b";>e148e19 Make sarifOutputDirectory and sarifOutputFilename configurable https://github.com/spotbugs/spotbugs-maven-plugin/commit/f01a7f6b99da3d2e6dcdbddd20f0b4e4dfac73fa";>f01a7f6 Merge pull request https://github-redirect.dependabot.com/spotbugs/spotbugs-maven-plugin/issues/504";>#504 from spotbugs/renovate/versionspluginversion https://github.com/spotbugs/spotbugs-maven-plugin/commit/717ab1ec1f3aec7a5131a4c561942756b456c09a";>717ab1e Merge pull request https://github-redirect.dependabot.com/spotbugs/spotbugs-maven-plugin/issues/503";>#503 from spotbugs/renovate/plexusutilsversion https://github.com/spotbugs/spotbugs-maven-plugin/commit/a01ef40e5a6ffd2deff1f125b717396b671f1536";>a01ef40 Update dependency org.codehaus.mojo:versions-maven-plugin to v2.13.0 Additional commits viewable in https://github.com/spotbugs/spotbugs-maven-plugin/compare/spotbugs-maven-plugin-4.7.2.1...spotbugs-maven-plugin-4.7.3.0";>compare view [](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores) Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting `@dependabot rebase`. [//]: # (dependabot-automerge-start) [//]: # (dependabot-automerge-end) --- Dependabot commands and options You can trigger Dependabot actions by commenting on this PR: - `@dependabot rebase` will rebase this PR - `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it - `@dependabot merge` will merge this PR after your CI passes on it - `@dependabot squash and merge` will squash and merge this PR after your CI passes on it - `@dependabot cancel merge` will cancel a previously requested merge and block automerging - `@dependabot reopen` will reopen this PR if it is closed - `@dependabot close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually - `@dependabot ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (un
[GitHub] [commons-build-plugin] dependabot[bot] opened a new pull request, #105: Bump maven-plugin-tools-ant from 3.6.4 to 3.7.0
dependabot[bot] opened a new pull request, #105: URL: https://github.com/apache/commons-build-plugin/pull/105 Bumps maven-plugin-tools-ant from 3.6.4 to 3.7.0. [](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores) Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting `@dependabot rebase`. [//]: # (dependabot-automerge-start) [//]: # (dependabot-automerge-end) --- Dependabot commands and options You can trigger Dependabot actions by commenting on this PR: - `@dependabot rebase` will rebase this PR - `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it - `@dependabot merge` will merge this PR after your CI passes on it - `@dependabot squash and merge` will squash and merge this PR after your CI passes on it - `@dependabot cancel merge` will cancel a previously requested merge and block automerging - `@dependabot reopen` will reopen this PR if it is closed - `@dependabot close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually - `@dependabot ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself) -- This is an automated message from the Apache Git Service. To respond to the message, please log on to GitHub and use the URL above to go to the specific comment. To unsubscribe, e-mail: issues-unsubscr...@commons.apache.org For queries about this service, please contact Infrastructure at: us...@infra.apache.org
[GitHub] [commons-build-plugin] dependabot[bot] opened a new pull request, #104: Bump maven-plugin-plugin from 3.6.4 to 3.7.0
dependabot[bot] opened a new pull request, #104: URL: https://github.com/apache/commons-build-plugin/pull/104 Bumps [maven-plugin-plugin](https://github.com/apache/maven-plugin-tools) from 3.6.4 to 3.7.0. Release notes Sourced from https://github.com/apache/maven-plugin-tools/releases";>maven-plugin-plugin's releases. 3.7.0 Bug [https://issues.apache.org/jira/browse/MPLUGIN-298";>MPLUGIN-298] - The plugin descriptor generated by plugin:descriptor does not consider @ see javadoc taglets [https://issues.apache.org/jira/browse/MPLUGIN-394";>MPLUGIN-394] - Report-Mojo doesn't respect input encoding [https://issues.apache.org/jira/browse/MPLUGIN-403";>MPLUGIN-403] - Generating site reports for plugin results in NoSuchMethodError [https://issues.apache.org/jira/browse/MPLUGIN-404";>MPLUGIN-404] - JDK Requirements in plugin-info.html: Consider property "maven.compiler.release" [https://issues.apache.org/jira/browse/MPLUGIN-420";>MPLUGIN-420] - Parameters documentation inheriting @ since from Mojo can be confusing [https://issues.apache.org/jira/browse/MPLUGIN-428";>MPLUGIN-428] - Don't emit warning for missing javadoc URL of primitives [https://issues.apache.org/jira/browse/MPLUGIN-429";>MPLUGIN-429] - Don't emit warning for missing javadoc URI if no javadoc sources are configured [https://issues.apache.org/jira/browse/MPLUGIN-438";>MPLUGIN-438] - Parameter description should be taken from annotated item New Feature [https://issues.apache.org/jira/browse/MPLUGIN-9";>MPLUGIN-9] - Add link to javadoc in configuration description page for user defined types of Mojos. [https://issues.apache.org/jira/browse/MPLUGIN-396";>MPLUGIN-396] - Allow only @ Deprecated annotation without @ deprecated javadoc tag [https://issues.apache.org/jira/browse/MPLUGIN-400";>MPLUGIN-400] - add system requirements history section [https://issues.apache.org/jira/browse/MPLUGIN-402";>MPLUGIN-402] - report: allow to generate usage section in plugin-info.html with true [https://issues.apache.org/jira/browse/MPLUGIN-419";>MPLUGIN-419] - Allow @ Parameter on setters methods [https://issues.apache.org/jira/browse/MPLUGIN-423";>MPLUGIN-423] - Extract plugin report into its own plugin [https://issues.apache.org/jira/browse/MPLUGIN-427";>MPLUGIN-427] - report: Expose generics information of Collection and Map types Improvement [https://issues.apache.org/jira/browse/MPLUGIN-297";>MPLUGIN-297] - plugin-info.html should contain a better Usage section [https://issues.apache.org/jira/browse/MPLUGIN-390";>MPLUGIN-390] - Do not overwrite generate files with no content change [https://issues.apache.org/jira/browse/MPLUGIN-393";>MPLUGIN-393] - Upgrade to JUnit 5 and @ Inject annotations [https://issues.apache.org/jira/browse/MPLUGIN-398";>MPLUGIN-398] - Support for java 20 - ASM 9.4 [https://issues.apache.org/jira/browse/MPLUGIN-405";>MPLUGIN-405] - Don't print empty Memory, Disk Space in System Requirements [https://issues.apache.org/jira/browse/MPLUGIN-408";>MPLUGIN-408] - simplification in helpmojo build [https://issues.apache.org/jira/browse/MPLUGIN-411";>MPLUGIN-411] - Get rid of plexus-compiler-manager from tests [https://issues.apache.org/jira/browse/MPLUGIN-412";>MPLUGIN-412] - Use Maven core artifacts in provided scope [https://issues.apache.org/jira/browse/MPLUGIN-417";>MPLUGIN-417] - report and descriptor goal need to evaluate Javadoc comments differently [https://issues.apache.org/jira/browse/MPLUGIN-433";>MPLUGIN-433] - Allow to reference aggregator javadoc from plugin report Task [https://issues.apache.org/jira/browse/MPLUGIN-378";>MPLUGIN-378] - Detect legacy/javadoc Mojo definitions, warn to use Java 5 annotations [https://issues.apache.org/jira/browse/MPLUGIN-389";>MPLUGIN-389] - Update level to Java 8 [https://issues.apache.org/jira/browse/MPLUGIN-391";>MPLUGIN-391] - Deprecate scripting support for mojos [https://issues.apache.org/jira/browse/MPLUGIN-406";>MPLUGIN-406] - Deprecate requirements parameter in report Mojo [https://issues.apache.org/jira/browse/MPLUGIN-407";>MPLUGIN-407] - Remove duplicate code from PluginReport [https://issues.apache.org/jira/browse/MPLUGIN-409";>MPLUGIN-409] - Prepare for Doxia (Sitetools) 2.0.0 [https://issues.apache.org/jira/browse/MPLUGIN-430";>MPLUGIN-430] - Fix documentation for maven-plugin-report-plugin [https://issues.apache.org/jira/browse/MPLUGIN-431";>MPLUGIN-431] - Remove deprecated items from new maven-plugin-report-plugin ... (truncated) Commits https://github.com/apache/maven-plugin-tools/commit/0f2c0d563f45294e7005acd6f31aebbf9e99d3d5";>0f2c0d5 [maven-release-plugin] prepare release maven-plugin-tools-3.7.0 https://github.com/apache/maven-plugin-tools/commit/76d99af45f275f3adf085d4d6ae4cca37c085782";>76d99af [MPLUGIN-438] Parameter description should be taken
[GitHub] [commons-build-plugin] dependabot[bot] opened a new pull request, #103: Bump github/codeql-action from 2.1.30 to 2.1.31
dependabot[bot] opened a new pull request, #103: URL: https://github.com/apache/commons-build-plugin/pull/103 Bumps [github/codeql-action](https://github.com/github/codeql-action) from 2.1.30 to 2.1.31. Changelog Sourced from https://github.com/github/codeql-action/blob/main/CHANGELOG.md";>github/codeql-action's changelog. CodeQL Action Changelog [UNRELEASED] Update the ML-powered additional query pack for JavaScript to version 0.4.0. 2.1.31 - 04 Nov 2022 The rb/weak-cryptographic-algorithm Ruby query has been updated to no longer report uses of hash functions such as MD5 and SHA1 even if they are known to be weak. These hash algorithms are used very often in non-sensitive contexts, making the query too imprecise in practice. For more information, see the corresponding change in the https://github-redirect.dependabot.com/github/codeql/pull/11129";>github/codeql repository. https://github-redirect.dependabot.com/github/codeql-action/pull/1344";>#1344 2.1.30 - 02 Nov 2022 Improve the error message when using CodeQL bundle version 2.7.2 and earlier in a workflow that runs on a runner image such as ubuntu-22.04 that uses glibc version 2.34 and later. https://github-redirect.dependabot.com/github/codeql-action/pull/1334";>#1334 2.1.29 - 26 Oct 2022 Update default CodeQL bundle version to 2.11.2. https://github-redirect.dependabot.com/github/codeql-action/pull/1320";>#1320 2.1.28 - 18 Oct 2022 Update default CodeQL bundle version to 2.11.1. https://github-redirect.dependabot.com/github/codeql-action/pull/1294";>#1294 Replace uses of GitHub Actions command set-output because it is now deprecated. See more information in the https://github.blog/changelog/2022-10-11-github-actions-deprecating-save-state-and-set-output-commands/";>GitHub Changelog. https://github-redirect.dependabot.com/github/codeql-action/pull/1301";>#1301 2.1.27 - 06 Oct 2022 We are rolling out a feature of the CodeQL Action in October 2022 that changes the way that Go code is analyzed to be more consistent with other compiled languages like C/C++, C#, and Java. You do not need to alter your code scanning workflows. If you encounter any problems, please https://github.com/github/codeql-action/issues";>file an issue or open a private ticket with GitHub Support and request an escalation to engineering. 2.1.26 - 29 Sep 2022 Update default CodeQL bundle version to 2.11.0. https://github-redirect.dependabot.com/github/codeql-action/pull/1267";>#1267 2.1.25 - 21 Sep 2022 We will soon be rolling out a feature of the CodeQL Action that stores some information used to make future runs faster in the GitHub Actions cache. Initially, this will only be enabled on JavaScript repositories, but we plan to add more languages to this soon. The new feature can be disabled by passing the trap-caching: false option to your workflow's init step, for example if you are already using the GitHub Actions cache for a different purpose and are near the storage limit for it. Add support for Python automatic dependency installation with Poetry 1.2 https://github-redirect.dependabot.com/github/codeql-action/pull/1258";>#1258. 2.1.24 - 16 Sep 2022 No user facing changes. 2.1.23 - 14 Sep 2022 Allow CodeQL packs to be downloaded from GitHub Enterprise Server instances, using the new registries input for the init action. https://github-redirect.dependabot.com/github/codeql-action/pull/1221";>#1221 Update default CodeQL bundle version to 2.10.5. https://github-redirect.dependabot.com/github/codeql-action/pull/1240";>#1240 2.1.22 - 01 Sep 2022 Downloading CodeQL packs has been moved to the init step. Previously, CodeQL packs were downloaded during the analyze step. https://github-redirect.dependabot.com/github/codeql-action/pull/1218";>#1218 Update default CodeQL bundle version to 2.10.4. https://github-redirect.dependabot.com/github/codeql-action/pull/1224";>#1224 The newly released https://python-poetry.org/blog/announcing-poetry-1.2.0";>Poetry 1.2 is not yet supported. In the most common case where the CodeQL Action is automatically installing Python dependencies, it will continue to install and use Poetry 1.1 on its own. However, in certain cases such as with self-hosted runners, you may need to ensure Poetry 1.1 is installed yourself. ... (truncated) Commits https://github.com/github/codeql-action/commit/c3b6fce4ee2ca25bc1066aa3bf73962fda0e8898";>c3b6fce Merge pull request https://github-redirect.dependabot.com/github/codeql-action/issues/1345";>#1345 from github/update-v2.1.31-a8cabafa https://github.com/github/codeql-action/commit/8aa42f1f11ad8b239dd7a05e6f6508a9ba42be8c";>8aa42f1 Update CHANGELOG.md https://github.com/github/codeql-action/commit/29a5553722da790f56e30f0d857768d6e7b6475c";>29a5553 Update CHANGELOG.md https
[jira] [Commented] (JXPATH-200) CVE-2022-41852 Use of Externally-Controlled Input to Select Classes or Code ('Unsafe Reflection')
[
https://issues.apache.org/jira/browse/JXPATH-200?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=17632065#comment-17632065
]
JJ Halans commented on JXPATH-200:
--
Now marked ** DISPUTED **
"{_}After review by the JXPath maintainers, the original report was found to be
invalid.{_}"
Any additional information on this?
Cheers
> CVE-2022-41852 Use of Externally-Controlled Input to Select Classes or Code
> ('Unsafe Reflection')
> -
>
> Key: JXPATH-200
> URL: https://issues.apache.org/jira/browse/JXPATH-200
> Project: Commons JXPath
> Issue Type: Bug
>Affects Versions: 1.3
>Reporter: Nicolò Mendola
>Priority: Blocker
> Fix For: 1.4
>
>
> There is a CVE detected in jxpath 1.3. and prior. Could you take a look?
> Use of Externally-Controlled Input to Select Classes or Code ('Unsafe
> Reflection')
> [https://avd.aquasec.com/nvd/2022/cve-2022-41852/]
> Best Regards
--
This message was sent by Atlassian Jira
(v8.20.10#820010)
[GitHub] [commons-dbcp] codecov-commenter commented on pull request #234: Bump spotbugs-maven-plugin from 4.7.2.1 to 4.7.3.0
codecov-commenter commented on PR #234: URL: https://github.com/apache/commons-dbcp/pull/234#issuecomment-1311205253 # [Codecov](https://codecov.io/gh/apache/commons-dbcp/pull/234?src=pr&el=h1&utm_medium=referral&utm_source=github&utm_content=comment&utm_campaign=pr+comments&utm_term=The+Apache+Software+Foundation) Report > Merging [#234](https://codecov.io/gh/apache/commons-dbcp/pull/234?src=pr&el=desc&utm_medium=referral&utm_source=github&utm_content=comment&utm_campaign=pr+comments&utm_term=The+Apache+Software+Foundation) (d1be467) into [master](https://codecov.io/gh/apache/commons-dbcp/commit/2fac33199c81202d5ee2ae6db113fd83f67a47b8?el=desc&utm_medium=referral&utm_source=github&utm_content=comment&utm_campaign=pr+comments&utm_term=The+Apache+Software+Foundation) (2fac331) will **decrease** coverage by `0.01%`. > The diff coverage is `n/a`. ```diff @@ Coverage Diff @@ ## master #234 +/- ## - Coverage 59.71% 59.70% -0.02% Complexity 1783 1783 Files57 57 Lines 7415 7415 Branches421 421 - Hits 4428 4427 -1 - Misses 2770 2771 +1 Partials217 217 ``` | [Impacted Files](https://codecov.io/gh/apache/commons-dbcp/pull/234?src=pr&el=tree&utm_medium=referral&utm_source=github&utm_content=comment&utm_campaign=pr+comments&utm_term=The+Apache+Software+Foundation) | Coverage Δ | | |---|---|---| | [...ache/commons/dbcp2/managed/TransactionContext.java](https://codecov.io/gh/apache/commons-dbcp/pull/234/diff?src=pr&el=tree&utm_medium=referral&utm_source=github&utm_content=comment&utm_campaign=pr+comments&utm_term=The+Apache+Software+Foundation#diff-c3JjL21haW4vamF2YS9vcmcvYXBhY2hlL2NvbW1vbnMvZGJjcDIvbWFuYWdlZC9UcmFuc2FjdGlvbkNvbnRleHQuamF2YQ==) | `72.22% <0.00%> (-1.86%)` | :arrow_down: | :mega: We’re building smart automated test selection to slash your CI/CD build times. [Learn more](https://about.codecov.io/iterative-testing/?utm_medium=referral&utm_source=github&utm_content=comment&utm_campaign=pr+comments&utm_term=The+Apache+Software+Foundation) -- This is an automated message from the Apache Git Service. To respond to the message, please log on to GitHub and use the URL above to go to the specific comment. To unsubscribe, e-mail: issues-unsubscr...@commons.apache.org For queries about this service, please contact Infrastructure at: us...@infra.apache.org
[GitHub] [commons-dbcp] dependabot[bot] opened a new pull request, #234: Bump spotbugs-maven-plugin from 4.7.2.1 to 4.7.3.0
dependabot[bot] opened a new pull request, #234: URL: https://github.com/apache/commons-dbcp/pull/234 Bumps [spotbugs-maven-plugin](https://github.com/spotbugs/spotbugs-maven-plugin) from 4.7.2.1 to 4.7.3.0. Release notes Sourced from https://github.com/spotbugs/spotbugs-maven-plugin/releases";>spotbugs-maven-plugin's releases. Spotbugs Maven Plugin 4.7.3.0 Supports spotbugs 4.7.3 note: 4.7.2.2 was released and actually included 4.7.3 by default. All items in 4.7.2.2 are in this release with only change being to denote underlying spotbugs. Spotbugs Maven Plugin 4.7.2.2 Groovy bumped to 4.0.6 Make sarifOutputDirectory and sarifOutputFilename configurable per https://github-redirect.dependabot.com/spotbugs/spotbugs-maven-plugin/issues/506";>#506 and https://github-redirect.dependabot.com/spotbugs/spotbugs-maven-plugin/issues/507";>#507 notice: This is actually running spotbugs 4.7.3. A new release will be pushed that directly shows that. Sorry for any confusion. Commits https://github.com/spotbugs/spotbugs-maven-plugin/commit/a084687f6bb4706314cc57c0119a79135ba053f6";>a084687 [maven-release-plugin] prepare release spotbugs-maven-plugin-4.7.3.0 https://github.com/spotbugs/spotbugs-maven-plugin/commit/99061cb2526a26536b767a2305198084942524b7";>99061cb Merge pull request https://github-redirect.dependabot.com/spotbugs/spotbugs-maven-plugin/issues/509";>#509 from hazendaz/spotbugs https://github.com/spotbugs/spotbugs-maven-plugin/commit/371096c3b2dd6f320006b9d9fd95c411e93d48fc";>371096c [pom] Set rest of spotbugs 4.7.3 artifacts https://github.com/spotbugs/spotbugs-maven-plugin/commit/d46ad44ad6c0b1782f2dfce57a59436e27e4ee79";>d46ad44 [maven-release-plugin] prepare for next development iteration https://github.com/spotbugs/spotbugs-maven-plugin/commit/f8450ddacc7328075693c6e56d3cdb2844767d1c";>f8450dd [maven-release-plugin] prepare release spotbugs-maven-plugin-4.7.2.2 https://github.com/spotbugs/spotbugs-maven-plugin/commit/24a8bb294680413a781efdbf73735b763830860c";>24a8bb2 Merge pull request https://github-redirect.dependabot.com/spotbugs/spotbugs-maven-plugin/issues/508";>#508 from jwgmeligmeyling/issues/506-507 https://github.com/spotbugs/spotbugs-maven-plugin/commit/e148e19538bccf78a215e95f520274a7a249839b";>e148e19 Make sarifOutputDirectory and sarifOutputFilename configurable https://github.com/spotbugs/spotbugs-maven-plugin/commit/f01a7f6b99da3d2e6dcdbddd20f0b4e4dfac73fa";>f01a7f6 Merge pull request https://github-redirect.dependabot.com/spotbugs/spotbugs-maven-plugin/issues/504";>#504 from spotbugs/renovate/versionspluginversion https://github.com/spotbugs/spotbugs-maven-plugin/commit/717ab1ec1f3aec7a5131a4c561942756b456c09a";>717ab1e Merge pull request https://github-redirect.dependabot.com/spotbugs/spotbugs-maven-plugin/issues/503";>#503 from spotbugs/renovate/plexusutilsversion https://github.com/spotbugs/spotbugs-maven-plugin/commit/a01ef40e5a6ffd2deff1f125b717396b671f1536";>a01ef40 Update dependency org.codehaus.mojo:versions-maven-plugin to v2.13.0 Additional commits viewable in https://github.com/spotbugs/spotbugs-maven-plugin/compare/spotbugs-maven-plugin-4.7.2.1...spotbugs-maven-plugin-4.7.3.0";>compare view [](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores) Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting `@dependabot rebase`. [//]: # (dependabot-automerge-start) [//]: # (dependabot-automerge-end) --- Dependabot commands and options You can trigger Dependabot actions by commenting on this PR: - `@dependabot rebase` will rebase this PR - `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it - `@dependabot merge` will merge this PR after your CI passes on it - `@dependabot squash and merge` will squash and merge this PR after your CI passes on it - `@dependabot cancel merge` will cancel a previously requested merge and block automerging - `@dependabot reopen` will reopen this PR if it is closed - `@dependabot close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually - `@dependabot ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you
[jira] [Updated] (CONFIGURATION-826) INIConfiguration collection property support
[ https://issues.apache.org/jira/browse/CONFIGURATION-826?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ] ChenYuwang updated CONFIGURATION-826: - Issue Type: Bug (was: Improvement) > INIConfiguration collection property support > > > Key: CONFIGURATION-826 > URL: https://issues.apache.org/jira/browse/CONFIGURATION-826 > Project: Commons Configuration > Issue Type: Bug > Components: Expression engine >Affects Versions: 2.8.0 >Reporter: ChenYuwang >Priority: Blocker > Fix For: Nightly Builds, 2.9.0 > > Attachments: image-2022-11-11-11-36-20-196.png > > > [https://shiro.apache.org/configuration.html] > !image-2022-11-11-11-36-20-196.png! > The comma-separated string after the = needs to be the whole as the value.For > example "a=b,c,d", the current parsing becomes a=b -- This message was sent by Atlassian Jira (v8.20.10#820010)
[jira] [Created] (CONFIGURATION-826) INIConfiguration collection property support
ChenYuwang created CONFIGURATION-826: Summary: INIConfiguration collection property support Key: CONFIGURATION-826 URL: https://issues.apache.org/jira/browse/CONFIGURATION-826 Project: Commons Configuration Issue Type: Improvement Components: Expression engine Affects Versions: 2.8.0 Reporter: ChenYuwang Fix For: Nightly Builds, 2.9.0 Attachments: image-2022-11-11-11-36-20-196.png [https://shiro.apache.org/configuration.html] !image-2022-11-11-11-36-20-196.png! The comma-separated string after the = needs to be the whole as the value.For example "a=b,c,d", the current parsing becomes a=b -- This message was sent by Atlassian Jira (v8.20.10#820010)
[GitHub] [commons-jxpath] ecki commented on pull request #26: Fix CVE-2022-41852
ecki commented on PR #26: URL: https://github.com/apache/commons-jxpath/pull/26#issuecomment-1311191317 > JEXL is NOT expected to safely handle untrusted input. Be careful, this is about xpath, and also even Jexl should handle data securely, it’s just a question if expressions/programs should be trusted or not. -- This is an automated message from the Apache Git Service. To respond to the message, please log on to GitHub and use the URL above to go to the specific comment. To unsubscribe, e-mail: issues-unsubscr...@commons.apache.org For queries about this service, please contact Infrastructure at: us...@infra.apache.org
[jira] [Commented] (CONFIGURATION-645) INIConfiguration: comment lines are removed after saving changes
[
https://issues.apache.org/jira/browse/CONFIGURATION-645?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=17632032#comment-17632032
]
ChenYuwang commented on CONFIGURATION-645:
--
I have the same problem, hope someone solve it
> INIConfiguration: comment lines are removed after saving changes
>
>
> Key: CONFIGURATION-645
> URL: https://issues.apache.org/jira/browse/CONFIGURATION-645
> Project: Commons Configuration
> Issue Type: Bug
>Affects Versions: 2.1
>Reporter: javix
>Priority: Major
>
> I have a very large ini file with multiple sections. I added some comment
> lines to my sections.
> Before closing my app some values will be changed. But afterwards the changed
> file does not contains my comments.
> Here is a example:
> {noformat}
> [SECTION]
> ;comment for this section
> lastTimeStamp=(here some date)
> {noformat}
> After saving the file contains following content:
> {noformat}
> [SECTION]
> lastTimeStamp=(here some date)
> {noformat}
> I think it is a bug, because the comments are allowed and very useful content
> of a ini file and should not be removed.
> (sorry for my not perfect english)
--
This message was sent by Atlassian Jira
(v8.20.10#820010)
[jira] [Created] (CONFIGURATION-825) INIConfiguration marks exceptions that will not be thrown
ChenYuwang created CONFIGURATION-825: Summary: INIConfiguration marks exceptions that will not be thrown Key: CONFIGURATION-825 URL: https://issues.apache.org/jira/browse/CONFIGURATION-825 Project: Commons Configuration Issue Type: Improvement Components: Expression engine Affects Versions: 2.8.0 Environment: java 8,win ,the file content is "/error/" Reporter: ChenYuwang Fix For: 2.9.0 INIConfiguration.read() & INIConfiguration.write() marks ConfigurationException, but has no chance to throw. I understand that a ConfigurationException should be thrown if INIConfiguration read something that is not ini‘s format, but currently it doesn't. INIConfiguration just ignores everything it doesn't recognize. For example, the file content is "/error/" -- This message was sent by Atlassian Jira (v8.20.10#820010)
[GitHub] [commons-io] codecov-commenter commented on pull request #403: Bump spotbugs-maven-plugin from 4.7.2.1 to 4.7.3.0
codecov-commenter commented on PR #403: URL: https://github.com/apache/commons-io/pull/403#issuecomment-1311064102 # [Codecov](https://codecov.io/gh/apache/commons-io/pull/403?src=pr&el=h1&utm_medium=referral&utm_source=github&utm_content=comment&utm_campaign=pr+comments&utm_term=The+Apache+Software+Foundation) Report > Merging [#403](https://codecov.io/gh/apache/commons-io/pull/403?src=pr&el=desc&utm_medium=referral&utm_source=github&utm_content=comment&utm_campaign=pr+comments&utm_term=The+Apache+Software+Foundation) (5624b06) into [master](https://codecov.io/gh/apache/commons-io/commit/3e491d9035f9f88a7c389b7bc22eb63142a36dfa?el=desc&utm_medium=referral&utm_source=github&utm_content=comment&utm_campaign=pr+comments&utm_term=The+Apache+Software+Foundation) (3e491d9) will **increase** coverage by `0.04%`. > The diff coverage is `n/a`. ```diff @@ Coverage Diff @@ ## master #403 +/- ## + Coverage 86.07% 86.11% +0.04% - Complexity 3211 3212 +1 Files 215 215 Lines 7496 7496 Branches906 906 + Hits 6452 6455 +3 + Misses 796 794 -2 + Partials248 247 -1 ``` | [Impacted Files](https://codecov.io/gh/apache/commons-io/pull/403?src=pr&el=tree&utm_medium=referral&utm_source=github&utm_content=comment&utm_campaign=pr+comments&utm_term=The+Apache+Software+Foundation) | Coverage Δ | | |---|---|---| | [.../main/java/org/apache/commons/io/input/Tailer.java](https://codecov.io/gh/apache/commons-io/pull/403/diff?src=pr&el=tree&utm_medium=referral&utm_source=github&utm_content=comment&utm_campaign=pr+comments&utm_term=The+Apache+Software+Foundation#diff-c3JjL21haW4vamF2YS9vcmcvYXBhY2hlL2NvbW1vbnMvaW8vaW5wdXQvVGFpbGVyLmphdmE=) | `87.06% <0.00%> (+1.49%)` | :arrow_up: | :mega: We’re building smart automated test selection to slash your CI/CD build times. [Learn more](https://about.codecov.io/iterative-testing/?utm_medium=referral&utm_source=github&utm_content=comment&utm_campaign=pr+comments&utm_term=The+Apache+Software+Foundation) -- This is an automated message from the Apache Git Service. To respond to the message, please log on to GitHub and use the URL above to go to the specific comment. To unsubscribe, e-mail: issues-unsubscr...@commons.apache.org For queries about this service, please contact Infrastructure at: us...@infra.apache.org
[GitHub] [commons-io] codecov-commenter commented on pull request #402: Bump junit-pioneer from 1.7.1 to 1.7.2
codecov-commenter commented on PR #402: URL: https://github.com/apache/commons-io/pull/402#issuecomment-1311062849 # [Codecov](https://codecov.io/gh/apache/commons-io/pull/402?src=pr&el=h1&utm_medium=referral&utm_source=github&utm_content=comment&utm_campaign=pr+comments&utm_term=The+Apache+Software+Foundation) Report > Merging [#402](https://codecov.io/gh/apache/commons-io/pull/402?src=pr&el=desc&utm_medium=referral&utm_source=github&utm_content=comment&utm_campaign=pr+comments&utm_term=The+Apache+Software+Foundation) (9b525d5) into [master](https://codecov.io/gh/apache/commons-io/commit/3e491d9035f9f88a7c389b7bc22eb63142a36dfa?el=desc&utm_medium=referral&utm_source=github&utm_content=comment&utm_campaign=pr+comments&utm_term=The+Apache+Software+Foundation) (3e491d9) will **increase** coverage by `0.02%`. > The diff coverage is `n/a`. ```diff @@ Coverage Diff @@ ## master #402 +/- ## + Coverage 86.07% 86.09% +0.02% - Complexity 3211 3213 +2 Files 215 215 Lines 7496 7496 Branches906 906 + Hits 6452 6454 +2 Misses 796 796 + Partials248 246 -2 ``` | [Impacted Files](https://codecov.io/gh/apache/commons-io/pull/402?src=pr&el=tree&utm_medium=referral&utm_source=github&utm_content=comment&utm_campaign=pr+comments&utm_term=The+Apache+Software+Foundation) | Coverage Δ | | |---|---|---| | [.../main/java/org/apache/commons/io/input/Tailer.java](https://codecov.io/gh/apache/commons-io/pull/402/diff?src=pr&el=tree&utm_medium=referral&utm_source=github&utm_content=comment&utm_campaign=pr+comments&utm_term=The+Apache+Software+Foundation#diff-c3JjL21haW4vamF2YS9vcmcvYXBhY2hlL2NvbW1vbnMvaW8vaW5wdXQvVGFpbGVyLmphdmE=) | `86.06% <0.00%> (+0.49%)` | :arrow_up: | | [...main/java/org/apache/commons/io/ThreadMonitor.java](https://codecov.io/gh/apache/commons-io/pull/402/diff?src=pr&el=tree&utm_medium=referral&utm_source=github&utm_content=comment&utm_campaign=pr+comments&utm_term=The+Apache+Software+Foundation#diff-c3JjL21haW4vamF2YS9vcmcvYXBhY2hlL2NvbW1vbnMvaW8vVGhyZWFkTW9uaXRvci5qYXZh) | `100.00% <0.00%> (+3.84%)` | :arrow_up: | :mega: We’re building smart automated test selection to slash your CI/CD build times. [Learn more](https://about.codecov.io/iterative-testing/?utm_medium=referral&utm_source=github&utm_content=comment&utm_campaign=pr+comments&utm_term=The+Apache+Software+Foundation) -- This is an automated message from the Apache Git Service. To respond to the message, please log on to GitHub and use the URL above to go to the specific comment. To unsubscribe, e-mail: issues-unsubscr...@commons.apache.org For queries about this service, please contact Infrastructure at: us...@infra.apache.org
[GitHub] [commons-io] dependabot[bot] opened a new pull request, #403: Bump spotbugs-maven-plugin from 4.7.2.1 to 4.7.3.0
dependabot[bot] opened a new pull request, #403: URL: https://github.com/apache/commons-io/pull/403 Bumps [spotbugs-maven-plugin](https://github.com/spotbugs/spotbugs-maven-plugin) from 4.7.2.1 to 4.7.3.0. Release notes Sourced from https://github.com/spotbugs/spotbugs-maven-plugin/releases";>spotbugs-maven-plugin's releases. Spotbugs Maven Plugin 4.7.3.0 Supports spotbugs 4.7.3 note: 4.7.2.2 was released and actually included 4.7.3 by default. All items in 4.7.2.2 are in this release with only change being to denote underlying spotbugs. Spotbugs Maven Plugin 4.7.2.2 Groovy bumped to 4.0.6 Make sarifOutputDirectory and sarifOutputFilename configurable per https://github-redirect.dependabot.com/spotbugs/spotbugs-maven-plugin/issues/506";>#506 and https://github-redirect.dependabot.com/spotbugs/spotbugs-maven-plugin/issues/507";>#507 notice: This is actually running spotbugs 4.7.3. A new release will be pushed that directly shows that. Sorry for any confusion. Commits https://github.com/spotbugs/spotbugs-maven-plugin/commit/a084687f6bb4706314cc57c0119a79135ba053f6";>a084687 [maven-release-plugin] prepare release spotbugs-maven-plugin-4.7.3.0 https://github.com/spotbugs/spotbugs-maven-plugin/commit/99061cb2526a26536b767a2305198084942524b7";>99061cb Merge pull request https://github-redirect.dependabot.com/spotbugs/spotbugs-maven-plugin/issues/509";>#509 from hazendaz/spotbugs https://github.com/spotbugs/spotbugs-maven-plugin/commit/371096c3b2dd6f320006b9d9fd95c411e93d48fc";>371096c [pom] Set rest of spotbugs 4.7.3 artifacts https://github.com/spotbugs/spotbugs-maven-plugin/commit/d46ad44ad6c0b1782f2dfce57a59436e27e4ee79";>d46ad44 [maven-release-plugin] prepare for next development iteration https://github.com/spotbugs/spotbugs-maven-plugin/commit/f8450ddacc7328075693c6e56d3cdb2844767d1c";>f8450dd [maven-release-plugin] prepare release spotbugs-maven-plugin-4.7.2.2 https://github.com/spotbugs/spotbugs-maven-plugin/commit/24a8bb294680413a781efdbf73735b763830860c";>24a8bb2 Merge pull request https://github-redirect.dependabot.com/spotbugs/spotbugs-maven-plugin/issues/508";>#508 from jwgmeligmeyling/issues/506-507 https://github.com/spotbugs/spotbugs-maven-plugin/commit/e148e19538bccf78a215e95f520274a7a249839b";>e148e19 Make sarifOutputDirectory and sarifOutputFilename configurable https://github.com/spotbugs/spotbugs-maven-plugin/commit/f01a7f6b99da3d2e6dcdbddd20f0b4e4dfac73fa";>f01a7f6 Merge pull request https://github-redirect.dependabot.com/spotbugs/spotbugs-maven-plugin/issues/504";>#504 from spotbugs/renovate/versionspluginversion https://github.com/spotbugs/spotbugs-maven-plugin/commit/717ab1ec1f3aec7a5131a4c561942756b456c09a";>717ab1e Merge pull request https://github-redirect.dependabot.com/spotbugs/spotbugs-maven-plugin/issues/503";>#503 from spotbugs/renovate/plexusutilsversion https://github.com/spotbugs/spotbugs-maven-plugin/commit/a01ef40e5a6ffd2deff1f125b717396b671f1536";>a01ef40 Update dependency org.codehaus.mojo:versions-maven-plugin to v2.13.0 Additional commits viewable in https://github.com/spotbugs/spotbugs-maven-plugin/compare/spotbugs-maven-plugin-4.7.2.1...spotbugs-maven-plugin-4.7.3.0";>compare view [](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores) Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting `@dependabot rebase`. [//]: # (dependabot-automerge-start) [//]: # (dependabot-automerge-end) --- Dependabot commands and options You can trigger Dependabot actions by commenting on this PR: - `@dependabot rebase` will rebase this PR - `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it - `@dependabot merge` will merge this PR after your CI passes on it - `@dependabot squash and merge` will squash and merge this PR after your CI passes on it - `@dependabot cancel merge` will cancel a previously requested merge and block automerging - `@dependabot reopen` will reopen this PR if it is closed - `@dependabot close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually - `@dependabot ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you r
[GitHub] [commons-io] dependabot[bot] opened a new pull request, #402: Bump junit-pioneer from 1.7.1 to 1.7.2
dependabot[bot] opened a new pull request, #402: URL: https://github.com/apache/commons-io/pull/402 Bumps [junit-pioneer](https://github.com/junit-pioneer/junit-pioneer) from 1.7.1 to 1.7.2. Release notes Sourced from https://github.com/junit-pioneer/junit-pioneer/releases";>junit-pioneer's releases. v1.7.2 Changelog generated by https://github.com/shipkit/shipkit-changelog";>Shipkit Changelog Gradle Plugin 1.7.2 Prominent changes: Fix JitPack build [(https://github-redirect.dependabot.com/junit-pioneer/junit-pioneer/issues/678";>#678)](https://github-redirect.dependabot.com/junit-pioneer/junit-pioneer/pull/678";>junit-pioneer/junit-pioneer#678) Fix JSON sources to convert to Lists and other types [(https://github-redirect.dependabot.com/junit-pioneer/junit-pioneer/issues/664";>#664)](https://github-redirect.dependabot.com/junit-pioneer/junit-pioneer/pull/664";>junit-pioneer/junit-pioneer#664) Update to JUnit 5.9 (https://github-redirect.dependabot.com/junit-pioneer/junit-pioneer/issues/652";>#652 / 657) [(https://github-redirect.dependabot.com/junit-pioneer/junit-pioneer/issues/657";>#657)](https://github-redirect.dependabot.com/junit-pioneer/junit-pioneer/pull/657";>junit-pioneer/junit-pioneer#657) Add StdErr to StdIoExtension [(https://github-redirect.dependabot.com/junit-pioneer/junit-pioneer/issues/653";>#653)](https://github-redirect.dependabot.com/junit-pioneer/junit-pioneer/pull/653";>junit-pioneer/junit-pioneer#653) Make entry-based extensions execute around classes [(https://github-redirect.dependabot.com/junit-pioneer/junit-pioneer/issues/641";>#641)](https://github-redirect.dependabot.com/junit-pioneer/junit-pioneer/pull/641";>junit-pioneer/junit-pioneer#641) Allow non-static Cartesian factory methods with PER_CLASS lifecycle [(https://github-redirect.dependabot.com/junit-pioneer/junit-pioneer/issues/628";>#628)](https://github-redirect.dependabot.com/junit-pioneer/junit-pioneer/pull/628";>junit-pioneer/junit-pioneer#628) Added suspendForMs to https://github.com/RetryingTest";>@RetryingTest [(https://github-redirect.dependabot.com/junit-pioneer/junit-pioneer/issues/604";>#604)](https://github-redirect.dependabot.com/junit-pioneer/junit-pioneer/pull/604";>junit-pioneer/junit-pioneer#604) lots of improvements to the documentation Other changes: 2022-11-09 - https://github.com/junit-pioneer/junit-pioneer/compare/v1.7.1...v1.7.2";>15 commit(s) by Daniel Kraus, Mathieu Fortin, Matthias Bünger, Mihály Verhás, Nicolai Parlog, Rob Spoor JitPack fails building Pioneer: "invalid flag: -Xlint:all,-exports" [(https://github-redirect.dependabot.com/junit-pioneer/junit-pioneer/issues/677";>#677)](https://github-redirect.dependabot.com/junit-pioneer/junit-pioneer/issues/677";>junit-pioneer/junit-pioneer#677) Remove branch filtering from build [(https://github-redirect.dependabot.com/junit-pioneer/junit-pioneer/issues/674";>#674)](https://github-redirect.dependabot.com/junit-pioneer/junit-pioneer/pull/674";>junit-pioneer/junit-pioneer#674) Build pipeline workflow does not trigger [(https://github-redirect.dependabot.com/junit-pioneer/junit-pioneer/issues/673";>#673)](https://github-redirect.dependabot.com/junit-pioneer/junit-pioneer/issues/673";>junit-pioneer/junit-pioneer#673) Add issues templates for feature requests and bug reports (https://github-redirect.dependabot.com/junit-pioneer/junit-pioneer/issues/589";>#589 / https://github-redirect.dependabot.com/junit-pioneer/junit-pioneer/issues/667";>#667) [(https://github-redirect.dependabot.com/junit-pioneer/junit-pioneer/issues/667";>#667)](https://github-redirect.dependabot.com/junit-pioneer/junit-pioneer/pull/667";>junit-pioneer/junit-pioneer#667) Improve Cartesian test documentation [(https://github-redirect.dependabot.com/junit-pioneer/junit-pioneer/issues/666";>#666)](https://github-redirect.dependabot.com/junit-pioneer/junit-pioneer/pull/666";>junit-pioneer/junit-pioneer#666) Outdated documentation with @CartesianTest [(https://github-redirect.dependabot.com/junit-pioneer/junit-pioneer/issues/665";>#665)](https://github-redirect.dependabot.com/junit-pioneer/junit-pioneer/issues/665";>junit-pioneer/junit-pioneer#665) Upgrade build to use Java 19 as experimental version [(https://github-redirect.dependabot.com/junit-pioneer/junit-pioneer/issues/659";>#659)](https://github-redirect.dependabot.com/junit-pioneer/junit-pioneer/issues/659";>junit-pioneer/junit-pioneer#659) Convert ArrayNode to List [(https://github-redirect.dependabot.com/junit-pioneer/junit-pioneer/issues/654";>#654)](https://github-redirect.dependabot.com/junit-pioneer/junit-pioneer/issues/654";>junit-pioneer/junit-pioneer#654) Include JUnit 5.9 in build [(https://github-redirect.dependabot.com/junit-pioneer/junit-pioneer/issues/652";>#652)](https://github-redirect.dependabot.com/junit-pioneer/junit-pioneer/issues/652";>junit-pioneer/junit-pioneer#652) Upgrade Gradle Wrapper an
[jira] [Closed] (CONFIGURATION-824) Unable to locate Spring NamespaceHandler for XML schema namespace [http://cxf.apache.org/jaxrs] after updating CXF to 3.5.3
[ https://issues.apache.org/jira/browse/CONFIGURATION-824?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ] Bhavik closed CONFIGURATION-824. Resolution: Invalid > Unable to locate Spring NamespaceHandler for XML schema namespace > [http://cxf.apache.org/jaxrs] after updating CXF to 3.5.3 > --- > > Key: CONFIGURATION-824 > URL: https://issues.apache.org/jira/browse/CONFIGURATION-824 > Project: Commons Configuration > Issue Type: Bug >Reporter: Bhavik >Priority: Major > Attachments: serviceContext.xml > > > After updating Spring to 5.3.20 and CXF to 3.5.3 tomcat is crashing with > following error. > > Caused by: > org.springframework.beans.factory.parsing.BeanDefinitionParsingException: > Configuration problem: Unable to locate Spring NamespaceHandler for XML > schema namespace [http://cxf.apache.org/jaxrs] > Offending resource: URL > [jar:file:/Users/vn54oiv/Documents/apache-tomcat-9.0.68/webapps/partner_data_status_app_war/WEB-INF/lib/partner-data-status-service-1.0.69.PROD.HF.1.0-SNAPSHOT.jar!/META-INF/serviceContext.xml] > > PFA serviceContext.xml -- This message was sent by Atlassian Jira (v8.20.10#820010)
[jira] [Commented] (CONFIGURATION-824) Unable to locate Spring NamespaceHandler for XML schema namespace [http://cxf.apache.org/jaxrs] after updating CXF to 3.5.3
[ https://issues.apache.org/jira/browse/CONFIGURATION-824?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=17631955#comment-17631955 ] Bhavik commented on CONFIGURATION-824: -- [~ggregory] Sorry, I was trying to create a ticket for CXF. Not sure what happened. Closing this out. > Unable to locate Spring NamespaceHandler for XML schema namespace > [http://cxf.apache.org/jaxrs] after updating CXF to 3.5.3 > --- > > Key: CONFIGURATION-824 > URL: https://issues.apache.org/jira/browse/CONFIGURATION-824 > Project: Commons Configuration > Issue Type: Bug >Reporter: Bhavik >Priority: Major > Attachments: serviceContext.xml > > > After updating Spring to 5.3.20 and CXF to 3.5.3 tomcat is crashing with > following error. > > Caused by: > org.springframework.beans.factory.parsing.BeanDefinitionParsingException: > Configuration problem: Unable to locate Spring NamespaceHandler for XML > schema namespace [http://cxf.apache.org/jaxrs] > Offending resource: URL > [jar:file:/Users/vn54oiv/Documents/apache-tomcat-9.0.68/webapps/partner_data_status_app_war/WEB-INF/lib/partner-data-status-service-1.0.69.PROD.HF.1.0-SNAPSHOT.jar!/META-INF/serviceContext.xml] > > PFA serviceContext.xml -- This message was sent by Atlassian Jira (v8.20.10#820010)
[jira] [Commented] (CONFIGURATION-824) Unable to locate Spring NamespaceHandler for XML schema namespace [http://cxf.apache.org/jaxrs] after updating CXF to 3.5.3
[ https://issues.apache.org/jira/browse/CONFIGURATION-824?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=17631936#comment-17631936 ] Gary D. Gregory commented on CONFIGURATION-824: --- Wrong project I assume. > Unable to locate Spring NamespaceHandler for XML schema namespace > [http://cxf.apache.org/jaxrs] after updating CXF to 3.5.3 > --- > > Key: CONFIGURATION-824 > URL: https://issues.apache.org/jira/browse/CONFIGURATION-824 > Project: Commons Configuration > Issue Type: Bug >Reporter: Bhavik >Priority: Major > Attachments: serviceContext.xml > > > After updating Spring to 5.3.20 and CXF to 3.5.3 tomcat is crashing with > following error. > > Caused by: > org.springframework.beans.factory.parsing.BeanDefinitionParsingException: > Configuration problem: Unable to locate Spring NamespaceHandler for XML > schema namespace [http://cxf.apache.org/jaxrs] > Offending resource: URL > [jar:file:/Users/vn54oiv/Documents/apache-tomcat-9.0.68/webapps/partner_data_status_app_war/WEB-INF/lib/partner-data-status-service-1.0.69.PROD.HF.1.0-SNAPSHOT.jar!/META-INF/serviceContext.xml] > > PFA serviceContext.xml -- This message was sent by Atlassian Jira (v8.20.10#820010)
[GitHub] [commons-bcel] garydgregory merged pull request #166: Code coverage and unit tests on the verifier
garydgregory merged PR #166: URL: https://github.com/apache/commons-bcel/pull/166 -- This is an automated message from the Apache Git Service. To respond to the message, please log on to GitHub and use the URL above to go to the specific comment. To unsubscribe, e-mail: issues-unsubscr...@commons.apache.org For queries about this service, please contact Infrastructure at: us...@infra.apache.org
[jira] [Commented] (NET-699) FTPClient storeFile() method return false because cannot open socket
[
https://issues.apache.org/jira/browse/NET-699?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=17631929#comment-17631929
]
Gary D. Gregory commented on NET-699:
-
Hello [~loveping0215]
Feel free to provide a PR on GitHub with a unit test.
> FTPClient storeFile() method return false because cannot open socket
>
>
> Key: NET-699
> URL: https://issues.apache.org/jira/browse/NET-699
> Project: Commons Net
> Issue Type: Bug
> Components: FTP
>Affects Versions: 3.6
>Reporter: Gary Chen
>Priority: Major
> Fix For: 3.6
>
> Attachments: image-2021-04-16-14-44-26-858.png
>
>
> Currently we're using common-pool to store those ftpClient, and sometimes the
> storeFile() method return false with reply "200 send noop successfully".
>
> {code:java}
> primary:
> host: nycsdevfeed.rrdev.dev.reuters.com
> port: 21
> userName: anonymous
> password: anonymous
> role: 0
> baseDir: /
> tempFolder: temp/
> controlEncoding: UTF-8
> useEPSVWithIPv4: false
> passiveMode: true
> dataTimeout: 2 #ms, transfer command timeout in passive mode
> connectTimeout: 1 #ms, socket connection timeout
> fileType: 2
> bufferSize: 524288 #512 * 1024
> controlKeepAliveTimeout: 110 #seconds, keep control command alive, send a
> NOOP approximately every 5 mins
> controlKeepAliveReplyTimeout: 45000
> maxTotal: 5 #max total object in pool, default 8
> maxIdle: 5 #max idle object in pool, default 8
> minIdle: 2 #min idle object in pool, default 0
> testOnCreate: true #verify the validateObject when create object to pool
> testOnReturn: true #verify the validateObject when return object to pool
> testOnBorrow: true #verify the validateObject when borrow object to pool
> testWhileIdle: true #verify the validateObject when evict thread return
> false(no need to remove idle object)
> timeBetweenEvictionRunsMillis: 6 #check the idle object every 60 seconds
> softMinEvictableIdleTimeMillis: 12 #keep the minIdle count idle object,
> remove the redundant idle object
> numTestsPerEvictionRun: 5 #evict thread will pick up 10 object to verify
> blockWhenExhausted: true #if there is no more idle object, block the thread
> until maxWaitMillis
> maxWaitMillis: -1 #if there is no more idle object, it will throw
> NoSuchElementException; -1 means always wait
> {code}
> This is the connection poo setting for FtpClient.
>
> and we found that code in FTPClient._openDataConnection_()
> even the pasv() method return 227, but here still return null, then
> storeFile() return false with 200 noop reply.
> !image-2021-04-16-14-44-26-858.png!
--
This message was sent by Atlassian Jira
(v8.20.10#820010)
[jira] [Updated] (CONFIGURATION-824) Unable to locate Spring NamespaceHandler for XML schema namespace [http://cxf.apache.org/jaxrs] after updating CXF to 3.5.3
[ https://issues.apache.org/jira/browse/CONFIGURATION-824?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ] Bhavik updated CONFIGURATION-824: - Description: After updating Spring to 5.3.20 and CXF to 3.5.3 tomcat is crashing with following error. Caused by: org.springframework.beans.factory.parsing.BeanDefinitionParsingException: Configuration problem: Unable to locate Spring NamespaceHandler for XML schema namespace [http://cxf.apache.org/jaxrs] Offending resource: URL [jar:file:/Users/vn54oiv/Documents/apache-tomcat-9.0.68/webapps/partner_data_status_app_war/WEB-INF/lib/partner-data-status-service-1.0.69.PROD.HF.1.0-SNAPSHOT.jar!/META-INF/serviceContext.xml] PFA serviceContext.xml was: After updating Spring to 5.3.20 and CXF to 3.5.3 tomcat is crashing with following error. Caused by: org.springframework.beans.factory.parsing.BeanDefinitionParsingException: Configuration problem: Unable to locate Spring NamespaceHandler for XML schema namespace [http://cxf.apache.org/jaxrs] Offending resource: URL [jar:file:/Users/vn54oiv/Documents/apache-tomcat-9.0.68/webapps/partner_data_status_app_war/WEB-INF/lib/partner-data-status-service-1.0.69.PROD.HF.1.0-SNAPSHOT.jar!/META-INF/serviceContext.xml] > Unable to locate Spring NamespaceHandler for XML schema namespace > [http://cxf.apache.org/jaxrs] after updating CXF to 3.5.3 > --- > > Key: CONFIGURATION-824 > URL: https://issues.apache.org/jira/browse/CONFIGURATION-824 > Project: Commons Configuration > Issue Type: Bug >Reporter: Bhavik >Priority: Major > Attachments: serviceContext.xml > > > After updating Spring to 5.3.20 and CXF to 3.5.3 tomcat is crashing with > following error. > > Caused by: > org.springframework.beans.factory.parsing.BeanDefinitionParsingException: > Configuration problem: Unable to locate Spring NamespaceHandler for XML > schema namespace [http://cxf.apache.org/jaxrs] > Offending resource: URL > [jar:file:/Users/vn54oiv/Documents/apache-tomcat-9.0.68/webapps/partner_data_status_app_war/WEB-INF/lib/partner-data-status-service-1.0.69.PROD.HF.1.0-SNAPSHOT.jar!/META-INF/serviceContext.xml] > > PFA serviceContext.xml -- This message was sent by Atlassian Jira (v8.20.10#820010)
[jira] [Updated] (CONFIGURATION-824) Unable to locate Spring NamespaceHandler for XML schema namespace [http://cxf.apache.org/jaxrs] after updating CXF to 3.5.3
[ https://issues.apache.org/jira/browse/CONFIGURATION-824?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ] Bhavik updated CONFIGURATION-824: - Attachment: serviceContext.xml > Unable to locate Spring NamespaceHandler for XML schema namespace > [http://cxf.apache.org/jaxrs] after updating CXF to 3.5.3 > --- > > Key: CONFIGURATION-824 > URL: https://issues.apache.org/jira/browse/CONFIGURATION-824 > Project: Commons Configuration > Issue Type: Bug >Reporter: Bhavik >Priority: Major > Attachments: serviceContext.xml > > > After updating Spring to 5.3.20 and CXF to 3.5.3 tomcat is crashing with > following error. > > Caused by: > org.springframework.beans.factory.parsing.BeanDefinitionParsingException: > Configuration problem: Unable to locate Spring NamespaceHandler for XML > schema namespace [http://cxf.apache.org/jaxrs] > Offending resource: URL > [jar:file:/Users/vn54oiv/Documents/apache-tomcat-9.0.68/webapps/partner_data_status_app_war/WEB-INF/lib/partner-data-status-service-1.0.69.PROD.HF.1.0-SNAPSHOT.jar!/META-INF/serviceContext.xml] > -- This message was sent by Atlassian Jira (v8.20.10#820010)
[jira] [Created] (CONFIGURATION-824) Unable to locate Spring NamespaceHandler for XML schema namespace [http://cxf.apache.org/jaxrs] after updating CXF to 3.5.3
Bhavik created CONFIGURATION-824: Summary: Unable to locate Spring NamespaceHandler for XML schema namespace [http://cxf.apache.org/jaxrs] after updating CXF to 3.5.3 Key: CONFIGURATION-824 URL: https://issues.apache.org/jira/browse/CONFIGURATION-824 Project: Commons Configuration Issue Type: Bug Reporter: Bhavik After updating Spring to 5.3.20 and CXF to 3.5.3 tomcat is crashing with following error. Caused by: org.springframework.beans.factory.parsing.BeanDefinitionParsingException: Configuration problem: Unable to locate Spring NamespaceHandler for XML schema namespace [http://cxf.apache.org/jaxrs] Offending resource: URL [jar:file:/Users/vn54oiv/Documents/apache-tomcat-9.0.68/webapps/partner_data_status_app_war/WEB-INF/lib/partner-data-status-service-1.0.69.PROD.HF.1.0-SNAPSHOT.jar!/META-INF/serviceContext.xml] -- This message was sent by Atlassian Jira (v8.20.10#820010)
[GitHub] [commons-bcel] garydgregory commented on a diff in pull request #166: code coverage and unit tests on the verifier
garydgregory commented on code in PR #166:
URL: https://github.com/apache/commons-bcel/pull/166#discussion_r1019618603
##
src/test/java/org/apache/bcel/classfile/JDKClassDumpTestCase.java:
##
@@ -37,7 +41,7 @@
*/
public class JDKClassDumpTestCase {
-private void compare(final JavaClass jc, final InputStream inputStream,
final String name) throws Exception {
+private static void compare(final JavaClass jc, final InputStream
inputStream, final String name) throws Exception {
Review Comment:
This change seems superfluous, minimizing PR changes speeds up reviews ;-)
##
src/test/java/org/apache/bcel/generic/LargeJump.java:
##
@@ -0,0 +1,33 @@
+/*
+ * Licensed to the Apache Software Foundation (ASF) under one or more
+ * contributor license agreements. See the NOTICE file distributed with
+ * this work for additional information regarding copyright ownership.
+ * The ASF licenses this file to You under the Apache License, Version 2.0
+ * (the "License"); you may not use this file except in compliance with
+ * the License. You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+package org.apache.bcel.generic;
+
+class LargeJump
+{
Review Comment:
`{` is on the wrong line.
##
src/test/java/org/apache/bcel/generic/LargeJump.java:
##
@@ -0,0 +1,33 @@
+/*
+ * Licensed to the Apache Software Foundation (ASF) under one or more
+ * contributor license agreements. See the NOTICE file distributed with
+ * this work for additional information regarding copyright ownership.
+ * The ASF licenses this file to You under the Apache License, Version 2.0
+ * (the "License"); you may not use this file except in compliance with
+ * the License. You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+package org.apache.bcel.generic;
+
+class LargeJump
+{
+public static void methodWithLargeJump(final int i) {
Review Comment:
Use your IDE's code formatter here.
--
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.
To unsubscribe, e-mail: issues-unsubscr...@commons.apache.org
For queries about this service, please contact Infrastructure at:
us...@infra.apache.org
[GitHub] [commons-bcel] nbauma109 closed pull request #166: code coverage and unit tests on the verifier
nbauma109 closed pull request #166: code coverage and unit tests on the verifier URL: https://github.com/apache/commons-bcel/pull/166 -- This is an automated message from the Apache Git Service. To respond to the message, please log on to GitHub and use the URL above to go to the specific comment. To unsubscribe, e-mail: issues-unsubscr...@commons.apache.org For queries about this service, please contact Infrastructure at: us...@infra.apache.org
[GitHub] [commons-bcel] garydgregory commented on a diff in pull request #166: code coverage and unit tests on the verifier
garydgregory commented on code in PR #166:
URL: https://github.com/apache/commons-bcel/pull/166#discussion_r1019582652
##
src/test/java/org/apache/bcel/classfile/JDKClassDumpTestCase.java:
##
@@ -71,17 +78,19 @@ private void testJar(final File file) throws Exception {
@Test
public void testPerformance() throws Exception {
-final File javaLib = new File(System.getProperty("java.home") +
"/lib");
-javaLib.listFiles(file -> {
-if (file.getName().endsWith(".jar")) {
-try {
-testJar(file);
-} catch (final Exception e) {
-fail(e.getMessage());
+final File javaHome = new File(System.getProperty("java.home"));
+Files.walkFileTree(javaHome.toPath(), new SimpleFileVisitor() {
Review Comment:
NM, just rebase on master, please. It's already done.
--
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.
To unsubscribe, e-mail: issues-unsubscr...@commons.apache.org
For queries about this service, please contact Infrastructure at:
us...@infra.apache.org
[GitHub] [commons-bcel] garydgregory commented on a diff in pull request #166: code coverage and unit tests on the verifier
garydgregory commented on code in PR #166:
URL: https://github.com/apache/commons-bcel/pull/166#discussion_r1019562351
##
src/test/java/org/apache/bcel/classfile/JDKClassDumpTestCase.java:
##
@@ -71,17 +78,19 @@ private void testJar(final File file) throws Exception {
@Test
public void testPerformance() throws Exception {
-final File javaLib = new File(System.getProperty("java.home") +
"/lib");
-javaLib.listFiles(file -> {
-if (file.getName().endsWith(".jar")) {
-try {
-testJar(file);
-} catch (final Exception e) {
-fail(e.getMessage());
+final File javaHome = new File(System.getProperty("java.home"));
+Files.walkFileTree(javaHome.toPath(), new SimpleFileVisitor() {
Review Comment:
This duplicates existing test code, please refactor to use
`org.apache.bcel.generic.JavaHome`.
--
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.
To unsubscribe, e-mail: issues-unsubscr...@commons.apache.org
For queries about this service, please contact Infrastructure at:
us...@infra.apache.org
[jira] [Commented] (NET-712) Image are not uploaded correctly
[ https://issues.apache.org/jira/browse/NET-712?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=17631696#comment-17631696 ] Gary D. Gregory commented on NET-712: - If you want anyone to look at this here, I think you'll need to provide a failing test, preferably as PR on GitHub. > Image are not uploaded correctly > > > Key: NET-712 > URL: https://issues.apache.org/jira/browse/NET-712 > Project: Commons Net > Issue Type: Bug > Components: FTP >Affects Versions: 3.8.0 > Environment: Android and Manjaro, running in IntelliJ with Gradle and > OpenJDK 17 >Reporter: qwerty287 >Priority: Major > Attachments: FTPImageExample.kt > > > If I try to upload images (tested with PNG and JPEG), the images are not > correctly stored on the server. Instead, they are missing one byte. Two > examples: > # The original file had a size of 35518 bytes, once I transferred it using > FTPClient it were 35517 bytes. > # The original file had a size of 45010 bytes, once I transferred it using > FTPClient it were 45009 bytes. > Using a PNG breaks the image completely (viewers can't view it), using a JPEG > makes the photo still viewable, but the files are different (in size/MD5 > fingerprint). > This affects all PNG and JPEG files, but any other file works. They have the > same size and MD5 fingerprint. > Maybe related to https://issues.apache.org/jira/browse/NET-409 which was > fixed in 3.0.1, but this occurs on 3.8.0. > > This can be reproduced on Android using FTPClient in an app and on "regular" > JVM (for me OpenJDK 17). The Kotlin file I attached provides a simple > example, but it doesn't contain something special. I executed it using Gradle > (to add NET as dependency) and using IntelliJ's build and run system. -- This message was sent by Atlassian Jira (v8.20.10#820010)
[jira] [Resolved] (NET-713) Apache Commons Net is vulnerable to Information Disclosure - SRCCLR-SID-3636
[ https://issues.apache.org/jira/browse/NET-713?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ] Gary D. Gregory resolved NET-713. - Resolution: Information Provided > Apache Commons Net is vulnerable to Information Disclosure - SRCCLR-SID-3636 > > > Key: NET-713 > URL: https://issues.apache.org/jira/browse/NET-713 > Project: Commons Net > Issue Type: Improvement >Reporter: phoebe chen >Priority: Major > > Based on > [SRCCLR-SID-3636|https://sca.analysiscenter.veracode.com/vulnerability-database/security/sca/vulnerability/sid-3636/summary], > > commons-net is vulnerable to information disclosure. The vulnerability is > possible because `newStringUtf8()` in Base64.java does not prevent the > storage of sensitive data in a String object which would not be deleted until > the JVM performs garbage collection. There is a chance for an attacker to > collect sensitive information by dumping the memory when the application has > crashed . > This is a security issue from Veracode. -- This message was sent by Atlassian Jira (v8.20.10#820010)
[jira] [Commented] (NUMBERS-29) Move combinatorics utilities from "Commons Math"
[
https://issues.apache.org/jira/browse/NUMBERS-29?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=17631671#comment-17631671
]
Alex Herbert commented on NUMBERS-29:
-
It was noted that computation of s2(n, n-2) can be performed by a sum of
binomial coefficients:
{noformat}
s2 = 0
for i in [1, k]:
s2 += i * binom(i+1, 2){noformat}
Computation of Stirling numbers of the first kind was added in NUMBERS-191. The
computation of s1(n, n-2) can also be performed by a similar sum of binomial
coefficients.
{noformat}
s1 = 0
for i in [1, k]:
s1 += (i+1) * binom(i+1, 2)
{noformat}
However the Wikipedia article provides the [simple s1
identity|https://en.wikipedia.org/wiki/Stirling_numbers_of_the_first_kind#Simple_identities]:
{noformat}
s1(n, n-2) = (3n-1) * binom(n, 3) / 4
{noformat}
The sum of binomials for s1 and s2 is very similar. This results in the
identity:
{noformat}
s2(n, n-2) = (3n-5) * binom(n, 3) / 4
{noformat}
Similarly the s1 identity for s(n, n-3) has an equivalent for S(n, n-3):
{noformat}
s(n, n-3) = -binom(n, 2) * binom(n, 4)
S(n, n-3) = binom(n-2, 2) * binom(n, 4){noformat}
Code updated in commit:
50bf79b20e84fb5946ad66ec0255266448d4b235
> Move combinatorics utilities from "Commons Math"
>
>
> Key: NUMBERS-29
> URL: https://issues.apache.org/jira/browse/NUMBERS-29
> Project: Commons Numbers
> Issue Type: Task
> Components: combinatorics
>Reporter: Gilles Sadowski
>Priority: Minor
> Labels: module, move
> Fix For: 1.2
>
> Time Spent: 20m
> Remaining Estimate: 0h
>
> Create a new {{commons-numbers-combinatorics}} module to contain the code in
> classes {{CombinatoricsUtils}} and {{Combinations}} (located in package
> {{o.a.c.math4.util}}).
--
This message was sent by Atlassian Jira
(v8.20.10#820010)
[jira] [Commented] (NET-716) sendCommand("LIST") ends up with "425 Can't open data connection."
[
https://issues.apache.org/jira/browse/NET-716?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=17631670#comment-17631670
]
Andreas Wagner commented on NET-716:
The problem is not when calling method "listFiles()". This method call works as
expected (server response in this case is "250 List completed successfully.").
The problem occurs when calling method "sendCommand" with parameter "LIST".
When using "sendCommand" the relevant data connection (internal, not my code)
could not be established (server response in this case is "425 Can't open data
connection.").
Again, the problem here is that the neccessary data connection could not opened
succesfull when method "sendCommand" is called.
By the way: I only used "listFiles()" in my code to show/ensure that ftp
connection from my program to the ftp server is correct.
> sendCommand("LIST") ends up with "425 Can't open data connection."
> --
>
> Key: NET-716
> URL: https://issues.apache.org/jira/browse/NET-716
> Project: Commons Net
> Issue Type: Bug
> Components: FTP
>Affects Versions: 3.8.0
>Reporter: Andreas Wagner
>Priority: Major
>
> Hello!
> I'm using org.apache.commons.net.ftp.FTPSClient to connect to FTP server
> running on a mainframe. Method "listFiles" works correct and the actual list
> of my datasets is returned to my java client program. But when using method
> call 'sendCommand("LIST")' error "425 Can't open data connection." is
> returned.
> With kind regards,
> Andreas Wagner
--
This message was sent by Atlassian Jira
(v8.20.10#820010)
[jira] [Commented] (NET-716) sendCommand("LIST") ends up with "425 Can't open data connection."
[
https://issues.apache.org/jira/browse/NET-716?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=17631668#comment-17631668
]
Gary D. Gregory commented on NET-716:
-
Uh? The listFiles() method works, but your custom code does not, "Therefore the
problem could not be found in my client code." makes no sense. The problem can
only be the custom code, you are calling a low-level method with incorrect
expectations to match the listFiles() method. I'll repeat: It sounds like your
code does something different or is missing steps from the listFiles() method.
I suggest you step through your debugger to understand the difference.
> sendCommand("LIST") ends up with "425 Can't open data connection."
> --
>
> Key: NET-716
> URL: https://issues.apache.org/jira/browse/NET-716
> Project: Commons Net
> Issue Type: Bug
> Components: FTP
>Affects Versions: 3.8.0
>Reporter: Andreas Wagner
>Priority: Major
>
> Hello!
> I'm using org.apache.commons.net.ftp.FTPSClient to connect to FTP server
> running on a mainframe. Method "listFiles" works correct and the actual list
> of my datasets is returned to my java client program. But when using method
> call 'sendCommand("LIST")' error "425 Can't open data connection." is
> returned.
> With kind regards,
> Andreas Wagner
--
This message was sent by Atlassian Jira
(v8.20.10#820010)
[jira] [Comment Edited] (NET-716) sendCommand("LIST") ends up with "425 Can't open data connection."
[
https://issues.apache.org/jira/browse/NET-716?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=17631622#comment-17631622
]
Gary D. Gregory edited comment on NET-716 at 11/10/22 1:46 PM:
---
It sounds like your code does something different or is missing steps from the
listFiles method. I suggest you step through your debugger to understand the
difference.
was (Author: garydgregory):
It sounds like your code does something different or is missing steps from the
listFiles method. I suggest you step through your debugger to understand the
difference.
Gary
> sendCommand("LIST") ends up with "425 Can't open data connection."
> --
>
> Key: NET-716
> URL: https://issues.apache.org/jira/browse/NET-716
> Project: Commons Net
> Issue Type: Bug
> Components: FTP
>Affects Versions: 3.8.0
>Reporter: Andreas Wagner
>Priority: Major
>
> Hello!
> I'm using org.apache.commons.net.ftp.FTPSClient to connect to FTP server
> running on a mainframe. Method "listFiles" works correct and the actual list
> of my datasets is returned to my java client program. But when using method
> call 'sendCommand("LIST")' error "425 Can't open data connection." is
> returned.
> With kind regards,
> Andreas Wagner
--
This message was sent by Atlassian Jira
(v8.20.10#820010)
[jira] [Comment Edited] (NET-716) sendCommand("LIST") ends up with "425 Can't open data connection."
[
https://issues.apache.org/jira/browse/NET-716?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=17631639#comment-17631639
]
Andreas Wagner edited comment on NET-716 at 11/10/22 1:17 PM:
--
{code:java}
// Here is my java client code
FTPFile[] currentFiles = ftps.listFiles();
String[] replies = ftps.getReplyStrings();
if (replies != null && replies.length > 0) {
for (String aReply : replies) {
System.out.println("SERVER-Reply-Msg: " + aReply);
}
}
System.out.println("Before method 'sendCommand'");
ftps.sendCommand("LIST");
String[] replies = ftps.getReplyStrings();
if (replies != null && replies.length > 0) {
for (String aReply : replies) {
System.out.println("SERVER-Reply-Msg: " + aReply);
}
}
System.out.println("After method 'sendCommand'");{code}
{noformat}
Output:
SERVER-Reply-Msg: 250 List completed successfully.
Before method 'sendCommand'
SERVER-Reply-Msg: 425 Can't open data connection.
After method 'sendCommand'{noformat}
As you can see, both methods are called directly (except for server responses)
one after the other. Therefore the problem could not be found in my client code.
was (Author: JIRAUSER298313):
{code:java}
// Here is my java client code
FTPFile[] aktSdsfJobArray = ftps.listFiles();
String[] replies = ftps.getReplyStrings();
if (replies != null && replies.length > 0) {
for (String aReply : replies) {
System.out.println("SERVER-Reply-Msg: " + aReply);
}
}
System.out.println("Before method 'sendCommand'");
ftps.sendCommand("LIST");
String[] replies = ftps.getReplyStrings();
if (replies != null && replies.length > 0) {
for (String aReply : replies) {
System.out.println("SERVER-Reply-Msg: " + aReply);
}
}
System.out.println("After method 'sendCommand'");{code}
{noformat}
Output:
SERVER-Reply-Msg: 250 List completed successfully.
Before method 'sendCommand'
SERVER-Reply-Msg: 425 Can't open data connection.
After method 'sendCommand'{noformat}
As you can see, both methods are called directly (except for server responses)
one after the other. Therefore the problem could not be found in my client code.
> sendCommand("LIST") ends up with "425 Can't open data connection."
> --
>
> Key: NET-716
> URL: https://issues.apache.org/jira/browse/NET-716
> Project: Commons Net
> Issue Type: Bug
> Components: FTP
>Affects Versions: 3.8.0
>Reporter: Andreas Wagner
>Priority: Major
>
> Hello!
> I'm using org.apache.commons.net.ftp.FTPSClient to connect to FTP server
> running on a mainframe. Method "listFiles" works correct and the actual list
> of my datasets is returned to my java client program. But when using method
> call 'sendCommand("LIST")' error "425 Can't open data connection." is
> returned.
> With kind regards,
> Andreas Wagner
--
This message was sent by Atlassian Jira
(v8.20.10#820010)
[GitHub] [commons-net] garydgregory commented on pull request #118: NET-642 Fix review requested changes
garydgregory commented on PR #118: URL: https://github.com/apache/commons-net/pull/118#issuecomment-1310267849 @gremi64 ping? -- This is an automated message from the Apache Git Service. To respond to the message, please log on to GitHub and use the URL above to go to the specific comment. To unsubscribe, e-mail: issues-unsubscr...@commons.apache.org For queries about this service, please contact Infrastructure at: us...@infra.apache.org
[jira] [Commented] (NET-716) sendCommand("LIST") ends up with "425 Can't open data connection."
[
https://issues.apache.org/jira/browse/NET-716?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=17631639#comment-17631639
]
Andreas Wagner commented on NET-716:
{code:java}
// Here is my java client code
FTPFile[] aktSdsfJobArray = ftps.listFiles();
String[] replies = ftps.getReplyStrings();
if (replies != null && replies.length > 0) {
for (String aReply : replies) {
System.out.println("SERVER-Reply-Msg: " + aReply);
}
}
System.out.println("Before method 'sendCommand'");
ftps.sendCommand("LIST");
String[] replies = ftps.getReplyStrings();
if (replies != null && replies.length > 0) {
for (String aReply : replies) {
System.out.println("SERVER-Reply-Msg: " + aReply);
}
}
System.out.println("After method 'sendCommand'");{code}
{noformat}
Output:
SERVER-Reply-Msg: 250 List completed successfully.
Before method 'sendCommand'
SERVER-Reply-Msg: 425 Can't open data connection.
After method 'sendCommand'{noformat}
As you can see, both methods are called directly (except for server responses)
one after the other. Therefore the problem could not be found in my client code.
> sendCommand("LIST") ends up with "425 Can't open data connection."
> --
>
> Key: NET-716
> URL: https://issues.apache.org/jira/browse/NET-716
> Project: Commons Net
> Issue Type: Bug
> Components: FTP
>Affects Versions: 3.8.0
>Reporter: Andreas Wagner
>Priority: Major
>
> Hello!
> I'm using org.apache.commons.net.ftp.FTPSClient to connect to FTP server
> running on a mainframe. Method "listFiles" works correct and the actual list
> of my datasets is returned to my java client program. But when using method
> call 'sendCommand("LIST")' error "425 Can't open data connection." is
> returned.
> With kind regards,
> Andreas Wagner
--
This message was sent by Atlassian Jira
(v8.20.10#820010)
[jira] [Comment Edited] (NET-716) sendCommand("LIST") ends up with "425 Can't open data connection."
[
https://issues.apache.org/jira/browse/NET-716?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=17631622#comment-17631622
]
Gary D. Gregory edited comment on NET-716 at 11/10/22 12:28 PM:
It sounds like your code does something different or is missing steps from the
listFiles method. I suggest you step through your debugger to understand the
difference.
Gary
was (Author: garydgregory):
It sounds like your code does something different or is missing steps from the
listFiles method. I suggest you step through your debugger to understand the
difference.
Gary
> sendCommand("LIST") ends up with "425 Can't open data connection."
> --
>
> Key: NET-716
> URL: https://issues.apache.org/jira/browse/NET-716
> Project: Commons Net
> Issue Type: Bug
> Components: FTP
>Affects Versions: 3.8.0
>Reporter: Andreas Wagner
>Priority: Major
>
> Hello!
> I'm using org.apache.commons.net.ftp.FTPSClient to connect to FTP server
> running on a mainframe. Method "listFiles" works correct and the actual list
> of my datasets is returned to my java client program. But when using method
> call 'sendCommand("LIST")' error "425 Can't open data connection." is
> returned.
> With kind regards,
> Andreas Wagner
--
This message was sent by Atlassian Jira
(v8.20.10#820010)
[jira] [Commented] (NET-716) sendCommand("LIST") ends up with "425 Can't open data connection."
[
https://issues.apache.org/jira/browse/NET-716?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=17631622#comment-17631622
]
Gary D. Gregory commented on NET-716:
-
It sounds like your code does something different or is missing steps from the
listFiles method. I suggest you step through your debugger to understand the
difference.
Gary
> sendCommand("LIST") ends up with "425 Can't open data connection."
> --
>
> Key: NET-716
> URL: https://issues.apache.org/jira/browse/NET-716
> Project: Commons Net
> Issue Type: Bug
> Components: FTP
>Affects Versions: 3.8.0
>Reporter: Andreas Wagner
>Priority: Major
>
> Hello!
> I'm using org.apache.commons.net.ftp.FTPSClient to connect to FTP server
> running on a mainframe. Method "listFiles" works correct and the actual list
> of my datasets is returned to my java client program. But when using method
> call 'sendCommand("LIST")' error "425 Can't open data connection." is
> returned.
> With kind regards,
> Andreas Wagner
--
This message was sent by Atlassian Jira
(v8.20.10#820010)
[jira] [Commented] (NET-716) sendCommand("LIST") ends up with "425 Can't open data connection."
[
https://issues.apache.org/jira/browse/NET-716?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=17631620#comment-17631620
]
Andreas Wagner commented on NET-716:
No. Because "listFiles" works correct, this couldn't be an access rights issue.
> sendCommand("LIST") ends up with "425 Can't open data connection."
> --
>
> Key: NET-716
> URL: https://issues.apache.org/jira/browse/NET-716
> Project: Commons Net
> Issue Type: Bug
> Components: FTP
>Affects Versions: 3.8.0
>Reporter: Andreas Wagner
>Priority: Major
>
> Hello!
> I'm using org.apache.commons.net.ftp.FTPSClient to connect to FTP server
> running on a mainframe. Method "listFiles" works correct and the actual list
> of my datasets is returned to my java client program. But when using method
> call 'sendCommand("LIST")' error "425 Can't open data connection." is
> returned.
> With kind regards,
> Andreas Wagner
--
This message was sent by Atlassian Jira
(v8.20.10#820010)
[jira] [Commented] (NET-716) sendCommand("LIST") ends up with "425 Can't open data connection."
[
https://issues.apache.org/jira/browse/NET-716?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=17631617#comment-17631617
]
Gary D. Gregory commented on NET-716:
-
Could this be an access rights issue?
> sendCommand("LIST") ends up with "425 Can't open data connection."
> --
>
> Key: NET-716
> URL: https://issues.apache.org/jira/browse/NET-716
> Project: Commons Net
> Issue Type: Bug
> Components: FTP
>Affects Versions: 3.8.0
>Reporter: Andreas Wagner
>Priority: Major
>
> Hello!
> I'm using org.apache.commons.net.ftp.FTPSClient to connect to FTP server
> running on a mainframe. Method "listFiles" works correct and the actual list
> of my datasets is returned to my java client program. But when using method
> call 'sendCommand("LIST")' error "425 Can't open data connection." is
> returned.
> With kind regards,
> Andreas Wagner
--
This message was sent by Atlassian Jira
(v8.20.10#820010)
[jira] [Commented] (NET-716) sendCommand("LIST") ends up with "425 Can't open data connection."
[
https://issues.apache.org/jira/browse/NET-716?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=17631614#comment-17631614
]
Andreas Wagner commented on NET-716:
Method "listFiles" opens the necessary data connection correctly. But method
"sendCommand" not (see error message "425 Can't open data connection."). Both
methods should open the neccessary data connection (mandatory for FTP command
LIST) without error.
> sendCommand("LIST") ends up with "425 Can't open data connection."
> --
>
> Key: NET-716
> URL: https://issues.apache.org/jira/browse/NET-716
> Project: Commons Net
> Issue Type: Bug
> Components: FTP
>Affects Versions: 3.8.0
>Reporter: Andreas Wagner
>Priority: Major
>
> Hello!
> I'm using org.apache.commons.net.ftp.FTPSClient to connect to FTP server
> running on a mainframe. Method "listFiles" works correct and the actual list
> of my datasets is returned to my java client program. But when using method
> call 'sendCommand("LIST")' error "425 Can't open data connection." is
> returned.
> With kind regards,
> Andreas Wagner
--
This message was sent by Atlassian Jira
(v8.20.10#820010)
[jira] [Commented] (IMAGING-338) Sanselan returns an empty set when retrieving the image metadata
[
https://issues.apache.org/jira/browse/IMAGING-338?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=17631606#comment-17631606
]
Gary D. Gregory commented on IMAGING-338:
-
Do you have code for a failing test case?
> Sanselan returns an empty set when retrieving the image metadata
>
>
> Key: IMAGING-338
> URL: https://issues.apache.org/jira/browse/IMAGING-338
> Project: Commons Imaging
> Issue Type: Bug
>Affects Versions: 0.97
>Reporter: Nikhil
>Priority: Major
> Attachments: TestImage.jpg
>
>
> We were using Sanselan to extract IPTC metadata. Recently there were images
> thats causing Sanselan to return an empty set when retrieving the metadata,
> despite the fact that there is clearly iptc metadata in the image.
>
> The problem is seen in the following codebase
> IPTCParser.parseIPTCBlock(...), and is the second 'if' statement within the
> while loop. In particular, instead of the following:
> if (tagMarker != IPTC_RECORD_TAG_MARKER) {
> if (verbose) {
> System.out.println("Unexpected record tag marker in IPTC data.");
> }
> {*}return elements{*};
> }
>
> You should do the following to fix the issue:
>
> if (tagMarker != IPTC_RECORD_TAG_MARKER) {
> if (verbose) {
> System.out.println("Unexpected record tag marker in IPTC data.");
> }
> *continue;*
> }
>
> Credit @
> [https://www.mail-archive.com/sanselan-dev@incubator.apache.org/msg00430.html]
> for the detailed notes
--
This message was sent by Atlassian Jira
(v8.20.10#820010)
[jira] [Commented] (IMAGING-338) Sanselan returns an empty set when retrieving the image metadata
[
https://issues.apache.org/jira/browse/IMAGING-338?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=17631603#comment-17631603
]
Nikhil commented on IMAGING-338:
This code is same in the latest library as well and please find the image where
we are able to replicate the issue ({*}TestImage.jpg{*})
> Sanselan returns an empty set when retrieving the image metadata
>
>
> Key: IMAGING-338
> URL: https://issues.apache.org/jira/browse/IMAGING-338
> Project: Commons Imaging
> Issue Type: Bug
>Affects Versions: 0.97
>Reporter: Nikhil
>Priority: Major
> Attachments: TestImage.jpg
>
>
> We were using Sanselan to extract IPTC metadata. Recently there were images
> thats causing Sanselan to return an empty set when retrieving the metadata,
> despite the fact that there is clearly iptc metadata in the image.
>
> The problem is seen in the following codebase
> IPTCParser.parseIPTCBlock(...), and is the second 'if' statement within the
> while loop. In particular, instead of the following:
> if (tagMarker != IPTC_RECORD_TAG_MARKER) {
> if (verbose) {
> System.out.println("Unexpected record tag marker in IPTC data.");
> }
> {*}return elements{*};
> }
>
> You should do the following to fix the issue:
>
> if (tagMarker != IPTC_RECORD_TAG_MARKER) {
> if (verbose) {
> System.out.println("Unexpected record tag marker in IPTC data.");
> }
> *continue;*
> }
>
> Credit @
> [https://www.mail-archive.com/sanselan-dev@incubator.apache.org/msg00430.html]
> for the detailed notes
--
This message was sent by Atlassian Jira
(v8.20.10#820010)
[jira] [Updated] (IMAGING-338) Sanselan returns an empty set when retrieving the image metadata
[
https://issues.apache.org/jira/browse/IMAGING-338?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel
]
Nikhil updated IMAGING-338:
---
Attachment: TestImage.jpg
> Sanselan returns an empty set when retrieving the image metadata
>
>
> Key: IMAGING-338
> URL: https://issues.apache.org/jira/browse/IMAGING-338
> Project: Commons Imaging
> Issue Type: Bug
>Affects Versions: 0.97
>Reporter: Nikhil
>Priority: Major
> Attachments: TestImage.jpg
>
>
> We were using Sanselan to extract IPTC metadata. Recently there were images
> thats causing Sanselan to return an empty set when retrieving the metadata,
> despite the fact that there is clearly iptc metadata in the image.
>
> The problem is seen in the following codebase
> IPTCParser.parseIPTCBlock(...), and is the second 'if' statement within the
> while loop. In particular, instead of the following:
> if (tagMarker != IPTC_RECORD_TAG_MARKER) {
> if (verbose) {
> System.out.println("Unexpected record tag marker in IPTC data.");
> }
> {*}return elements{*};
> }
>
> You should do the following to fix the issue:
>
> if (tagMarker != IPTC_RECORD_TAG_MARKER) {
> if (verbose) {
> System.out.println("Unexpected record tag marker in IPTC data.");
> }
> *continue;*
> }
>
> Credit @
> [https://www.mail-archive.com/sanselan-dev@incubator.apache.org/msg00430.html]
> for the detailed notes
--
This message was sent by Atlassian Jira
(v8.20.10#820010)
[jira] [Commented] (NET-716) sendCommand("LIST") ends up with "425 Can't open data connection."
[
https://issues.apache.org/jira/browse/NET-716?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=17631599#comment-17631599
]
Michael Osipov commented on NET-716:
What do you expect us now do to?
> sendCommand("LIST") ends up with "425 Can't open data connection."
> --
>
> Key: NET-716
> URL: https://issues.apache.org/jira/browse/NET-716
> Project: Commons Net
> Issue Type: Bug
> Components: FTP
>Affects Versions: 3.8.0
>Reporter: Andreas Wagner
>Priority: Major
>
> Hello!
> I'm using org.apache.commons.net.ftp.FTPSClient to connect to FTP server
> running on a mainframe. Method "listFiles" works correct and the actual list
> of my datasets is returned to my java client program. But when using method
> call 'sendCommand("LIST")' error "425 Can't open data connection." is
> returned.
> With kind regards,
> Andreas Wagner
--
This message was sent by Atlassian Jira
(v8.20.10#820010)
[jira] [Commented] (TEXT-222) StringEscapeUtils.escapeJava() cannot restore string processed by unescapeJava()
[
https://issues.apache.org/jira/browse/TEXT-222?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=17631597#comment-17631597
]
Alex Herbert commented on TEXT-222:
---
Note that the unescape is converting an escaped sequence into the original
characters. So the string you pass to unescape should be a valid *escaped*
string. In this case the input string is not a valid escaped string, it is a
valid *unescaped* string. The escaped version would be
{{{}"u202e"{}}}.
{code:java}
@ParameterizedTest
@CsvSource({
"\\u202e",
"u202e",
})
public void testText222(String escaped) {
String unescaped = StringEscapeUtils.unescapeJava(escaped);
System.out.printf("%s -> %s -> %s%n", escaped, unescaped,
StringEscapeUtils.escapeJava(unescaped));
}
{code}
Prints:
{noformat}
\u202e -> ? -> \u202E
\\u202e -> \u202e -> \\u202e
{noformat}
By asking the StringEscapeUtils to unescape the already unescaped string, you
have triggered it to believe that the \\u is the start of a unicode character.
I do not think this is what your original string is intended to represent.
For example if you try to unescape this "\\u2" you will receive an exception:
{noformat}
java.lang.IllegalArgumentException: Less than 4 hex digits in unicode value:
'\u2' due to end of CharSequence{noformat}
Note also that when using System.out.println(String) to view a string then the
output will not be the same as the Java string. This is because the print will
convert the [java escaped
characters|https://docs.oracle.com/javase/tutorial/java/data/characters.html]
to their actual characters:
{code:java}
Stream.of("\\", "", "\t", "\n")
.map(s -> "+++" + s + "---")
.forEach(System.out::println);{code}
Prints:
{noformat}
+++\---
+++\\---
+++ ---
+++
---
{noformat}
So be aware that your double backslash in code will print as a single backslash.
> StringEscapeUtils.escapeJava() cannot restore string processed by
> unescapeJava()
>
>
> Key: TEXT-222
> URL: https://issues.apache.org/jira/browse/TEXT-222
> Project: Commons Text
> Issue Type: Bug
>Affects Versions: 1.6
>Reporter: clover
>Priority: Minor
> Attachments: code-1.PNG, code.PNG
>
>
> When we called StringEscapeUtils.unescapeJava(orignal) and then called
> StringEscapeUtils.escapeJava(unescaped), sometimes the orginal string cannot
> be rest as expected.
> For example:
> // Commons Text 1.6
> String unescapeJava = StringEscapeUtils.unescapeJava("u202
> {color:#ff}e{color}");
> System.out.println("unescapeJava=" + unescapeJava); // print
> unescapeJava=
> System.out.println("escapeJava=" +
> StringEscapeUtils.escapeJava(unescapeJava)); // print
> escapeJava=\u202{color:#ff}E{color}
> The lowercase 'e' in "
> u202e" is converted to uppercase 'E'.
>
> !code.PNG!
--
This message was sent by Atlassian Jira
(v8.20.10#820010)
[jira] [Created] (NET-716) sendCommand("LIST") ends up with "425 Can't open data connection."
Andreas Wagner created NET-716:
--
Summary: sendCommand("LIST") ends up with "425 Can't open data
connection."
Key: NET-716
URL: https://issues.apache.org/jira/browse/NET-716
Project: Commons Net
Issue Type: Bug
Components: FTP
Affects Versions: 3.8.0
Reporter: Andreas Wagner
Hello!
I'm using org.apache.commons.net.ftp.FTPSClient to connect to FTP server
running on a mainframe. Method "listFiles" works correct and the actual list of
my datasets is returned to my java client program. But when using method call
'sendCommand("LIST")' error "425 Can't open data connection." is returned.
With kind regards,
Andreas Wagner
--
This message was sent by Atlassian Jira
(v8.20.10#820010)
[jira] [Work logged] (COLLECTIONS-830) Add isEmpty() method to Hasher
[
https://issues.apache.org/jira/browse/COLLECTIONS-830?focusedWorklogId=824859&page=com.atlassian.jira.plugin.system.issuetabpanels:worklog-tabpanel#worklog-824859
]
ASF GitHub Bot logged work on COLLECTIONS-830:
--
Author: ASF GitHub Bot
Created on: 10/Nov/22 09:20
Start Date: 10/Nov/22 09:20
Worklog Time Spent: 10m
Work Description: aherbert commented on PR #357:
URL:
https://github.com/apache/commons-collections/pull/357#issuecomment-1309993863
Removal of HasherCollection would eliminate all the possible confusion
around its use given that it has behaviour that can be, at least in part,
either: no items; a single item (Hasher); collection of items (List);
or a bitwise combination of items (BloomFilter).
I suggest the functionality can be matured outside of the core functionality
in Collections and then integrated with all the appropriate code for the use
case(s).
Issue Time Tracking
---
Worklog Id: (was: 824859)
Time Spent: 20m (was: 10m)
> Add isEmpty() method to Hasher
> --
>
> Key: COLLECTIONS-830
> URL: https://issues.apache.org/jira/browse/COLLECTIONS-830
> Project: Commons Collections
> Issue Type: Improvement
> Components: Collection
>Affects Versions: 4.5
>Reporter: Claude Warren
>Assignee: Claude Warren
>Priority: Minor
> Labels: bloom-filter
> Time Spent: 20m
> Remaining Estimate: 0h
>
> The Hasher interface in the {{bloomfilter}} package does not have a way to
> determine if the hasher is empty. For the {{SimpleHasher}} implementation
> that is not an issue, however, the {{HasherCollection}} can be empty, and
> there is no guarantee that any other implementation of Hasher may have an
> empty state.
> I have a use case where a {{Hasher}} is passed to a search method in a
> multidimensional Bloom filter. If the hasher is empty then we are doing the
> equivalent of a table scan in a database.
> It is possible to determine if the hasher is not empty by something like
> {quote}{{boolean[] notEmpty = boolean[1];}}
> hasher.indices( shape ).forEachIndex( i ->\{notEmpty[0]=true;return false;});
> {quote}
> And then checking notEmpty[0].
--
This message was sent by Atlassian Jira
(v8.20.10#820010)
[GitHub] [commons-collections] aherbert commented on pull request #357: COLLECTIONS-830: Added Hasher.isEmpty() and appropriate tests
aherbert commented on PR #357: URL: https://github.com/apache/commons-collections/pull/357#issuecomment-1309993863 Removal of HasherCollection would eliminate all the possible confusion around its use given that it has behaviour that can be, at least in part, either: no items; a single item (Hasher); collection of items (List); or a bitwise combination of items (BloomFilter). I suggest the functionality can be matured outside of the core functionality in Collections and then integrated with all the appropriate code for the use case(s). -- This is an automated message from the Apache Git Service. To respond to the message, please log on to GitHub and use the URL above to go to the specific comment. To unsubscribe, e-mail: issues-unsubscr...@commons.apache.org For queries about this service, please contact Infrastructure at: us...@infra.apache.org
[jira] [Work logged] (COLLECTIONS-830) Add isEmpty() method to Hasher
[
https://issues.apache.org/jira/browse/COLLECTIONS-830?focusedWorklogId=824851&page=com.atlassian.jira.plugin.system.issuetabpanels:worklog-tabpanel#worklog-824851
]
ASF GitHub Bot logged work on COLLECTIONS-830:
--
Author: ASF GitHub Bot
Created on: 10/Nov/22 08:49
Start Date: 10/Nov/22 08:49
Worklog Time Spent: 10m
Work Description: Claudenw commented on PR #357:
URL:
https://github.com/apache/commons-collections/pull/357#issuecomment-1309958426
Perhaps the HasherCollection does not belong in the library. It may make
more sense to withdraw this pull request, close the COLLECTIONS-830 as won't
fix and create another pull request to remove the HasherCollection. I know
there were other issues that @aherbert had with that implementation anyway.
Issue Time Tracking
---
Worklog Id: (was: 824851)
Remaining Estimate: 0h
Time Spent: 10m
> Add isEmpty() method to Hasher
> --
>
> Key: COLLECTIONS-830
> URL: https://issues.apache.org/jira/browse/COLLECTIONS-830
> Project: Commons Collections
> Issue Type: Improvement
> Components: Collection
>Affects Versions: 4.5
>Reporter: Claude Warren
>Assignee: Claude Warren
>Priority: Minor
> Labels: bloom-filter
> Time Spent: 10m
> Remaining Estimate: 0h
>
> The Hasher interface in the {{bloomfilter}} package does not have a way to
> determine if the hasher is empty. For the {{SimpleHasher}} implementation
> that is not an issue, however, the {{HasherCollection}} can be empty, and
> there is no guarantee that any other implementation of Hasher may have an
> empty state.
> I have a use case where a {{Hasher}} is passed to a search method in a
> multidimensional Bloom filter. If the hasher is empty then we are doing the
> equivalent of a table scan in a database.
> It is possible to determine if the hasher is not empty by something like
> {quote}{{boolean[] notEmpty = boolean[1];}}
> hasher.indices( shape ).forEachIndex( i ->\{notEmpty[0]=true;return false;});
> {quote}
> And then checking notEmpty[0].
--
This message was sent by Atlassian Jira
(v8.20.10#820010)
[GitHub] [commons-collections] Claudenw commented on pull request #357: COLLECTIONS-830: Added Hasher.isEmpty() and appropriate tests
Claudenw commented on PR #357: URL: https://github.com/apache/commons-collections/pull/357#issuecomment-1309958426 Perhaps the HasherCollection does not belong in the library. It may make more sense to withdraw this pull request, close the COLLECTIONS-830 as won't fix and create another pull request to remove the HasherCollection. I know there were other issues that @aherbert had with that implementation anyway. -- This is an automated message from the Apache Git Service. To respond to the message, please log on to GitHub and use the URL above to go to the specific comment. To unsubscribe, e-mail: issues-unsubscr...@commons.apache.org For queries about this service, please contact Infrastructure at: us...@infra.apache.org
