[GitHub] [commons-compress] kinow merged pull request #342: Bump actions/cache from 3.0.11 to 3.2.0
kinow merged PR #342: URL: https://github.com/apache/commons-compress/pull/342 -- This is an automated message from the Apache Git Service. To respond to the message, please log on to GitHub and use the URL above to go to the specific comment. To unsubscribe, e-mail: issues-unsubscr...@commons.apache.org For queries about this service, please contact Infrastructure at: us...@infra.apache.org
[GitHub] [commons-cli] codecov-commenter commented on pull request #153: Bump actions/cache from 3.0.11 to 3.2.1
codecov-commenter commented on PR #153: URL: https://github.com/apache/commons-cli/pull/153#issuecomment-1363675771 # [Codecov](https://codecov.io/gh/apache/commons-cli/pull/153?src=pr&el=h1&utm_medium=referral&utm_source=github&utm_content=comment&utm_campaign=pr+comments&utm_term=The+Apache+Software+Foundation) Report > Merging [#153](https://codecov.io/gh/apache/commons-cli/pull/153?src=pr&el=desc&utm_medium=referral&utm_source=github&utm_content=comment&utm_campaign=pr+comments&utm_term=The+Apache+Software+Foundation) (4a5bc9f) into [master](https://codecov.io/gh/apache/commons-cli/commit/c8504a8bfc21852bf11a1c09f129fc20857af6db?el=desc&utm_medium=referral&utm_source=github&utm_content=comment&utm_campaign=pr+comments&utm_term=The+Apache+Software+Foundation) (c8504a8) will **not change** coverage. > The diff coverage is `n/a`. ```diff @@Coverage Diff@@ ## master #153 +/- ## = Coverage 93.19% 93.19% Complexity 567 567 = Files21 21 Lines 1205 1205 Branches214 214 = Hits 1123 1123 Misses 46 46 Partials 36 36 ``` :mega: We’re building smart automated test selection to slash your CI/CD build times. [Learn more](https://about.codecov.io/iterative-testing/?utm_medium=referral&utm_source=github&utm_content=comment&utm_campaign=pr+comments&utm_term=The+Apache+Software+Foundation) -- This is an automated message from the Apache Git Service. To respond to the message, please log on to GitHub and use the URL above to go to the specific comment. To unsubscribe, e-mail: issues-unsubscr...@commons.apache.org For queries about this service, please contact Infrastructure at: us...@infra.apache.org
[GitHub] [commons-cli] codecov-commenter commented on pull request #152: Bump ossf/scorecard-action from 2.1.0 to 2.1.2
codecov-commenter commented on PR #152: URL: https://github.com/apache/commons-cli/pull/152#issuecomment-1363675678 # [Codecov](https://codecov.io/gh/apache/commons-cli/pull/152?src=pr&el=h1&utm_medium=referral&utm_source=github&utm_content=comment&utm_campaign=pr+comments&utm_term=The+Apache+Software+Foundation) Report > Merging [#152](https://codecov.io/gh/apache/commons-cli/pull/152?src=pr&el=desc&utm_medium=referral&utm_source=github&utm_content=comment&utm_campaign=pr+comments&utm_term=The+Apache+Software+Foundation) (17e3dad) into [master](https://codecov.io/gh/apache/commons-cli/commit/c8504a8bfc21852bf11a1c09f129fc20857af6db?el=desc&utm_medium=referral&utm_source=github&utm_content=comment&utm_campaign=pr+comments&utm_term=The+Apache+Software+Foundation) (c8504a8) will **not change** coverage. > The diff coverage is `n/a`. ```diff @@Coverage Diff@@ ## master #152 +/- ## = Coverage 93.19% 93.19% Complexity 567 567 = Files21 21 Lines 1205 1205 Branches214 214 = Hits 1123 1123 Misses 46 46 Partials 36 36 ``` :mega: We’re building smart automated test selection to slash your CI/CD build times. [Learn more](https://about.codecov.io/iterative-testing/?utm_medium=referral&utm_source=github&utm_content=comment&utm_campaign=pr+comments&utm_term=The+Apache+Software+Foundation) -- This is an automated message from the Apache Git Service. To respond to the message, please log on to GitHub and use the URL above to go to the specific comment. To unsubscribe, e-mail: issues-unsubscr...@commons.apache.org For queries about this service, please contact Infrastructure at: us...@infra.apache.org
[GitHub] [commons-jcs] dependabot[bot] opened a new pull request, #127: Bump actions/cache from 3.0.11 to 3.2.1
dependabot[bot] opened a new pull request, #127: URL: https://github.com/apache/commons-jcs/pull/127 Bumps [actions/cache](https://github.com/actions/cache) from 3.0.11 to 3.2.1. Release notes Sourced from https://github.com/actions/cache/releases";>actions/cache's releases. v3.2.1 What's Changed Release compression related changes for windows by https://github.com/Phantsure";>@Phantsure in https://github-redirect.dependabot.com/actions/cache/pull/1039";>actions/cache#1039 Upgrade codeql to v2 by https://github.com/Phantsure";>@Phantsure in https://github-redirect.dependabot.com/actions/cache/pull/1023";>actions/cache#1023 Full Changelog: https://github.com/actions/cache/compare/v3.2.0...v3.2.1";>https://github.com/actions/cache/compare/v3.2.0...v3.2.1 v3.2.0 What's Changed fix wrong timeout env var key in README.md by https://github.com/walterddr";>@walterddr in https://github-redirect.dependabot.com/actions/cache/pull/959";>actions/cache#959 Updated release doc with correct env variable by https://github.com/kotewar";>@kotewar in https://github-redirect.dependabot.com/actions/cache/pull/960";>actions/cache#960 Create pull_request_template.md by https://github.com/pdotl";>@pdotl in https://github-redirect.dependabot.com/actions/cache/pull/963";>actions/cache#963 Update README with clearer info about cache-hit and its value by https://github.com/kotewar";>@kotewar in https://github-redirect.dependabot.com/actions/cache/pull/961";>actions/cache#961 Change datadog/squid to Ubuntu/squid in CI check by https://github.com/bishal-pdMSFT";>@bishal-pdMSFT in https://github-redirect.dependabot.com/actions/cache/pull/976";>actions/cache#976 Add more details to version section in readme by https://github.com/bishal-pdMSFT";>@bishal-pdMSFT in https://github-redirect.dependabot.com/actions/cache/pull/971";>actions/cache#971 Update hashFiles documentation reference by https://github.com/asaf400";>@asaf400 in https://github-redirect.dependabot.com/actions/cache/pull/979";>actions/cache#979 Updated link for cache segment download info by https://github.com/kotewar";>@kotewar in https://github-redirect.dependabot.com/actions/cache/pull/986";>actions/cache#986 Readme update for deleting caches by https://github.com/t-dedah";>@t-dedah in https://github-redirect.dependabot.com/actions/cache/pull/981";>actions/cache#981 Add oncall logic to assign issues and PRs by https://github.com/vsvipul";>@vsvipul in https://github-redirect.dependabot.com/actions/cache/pull/997";>actions/cache#997 Bump minimatch from 3.0.4 to 3.1.2 by https://github.com/dependabot";>@dependabot in https://github-redirect.dependabot.com/actions/cache/pull/998";>actions/cache#998 Revert "Bump minimatch from 3.0.4 to 3.1.2" by https://github.com/vsvipul";>@vsvipul in https://github-redirect.dependabot.com/actions/cache/pull/1005";>actions/cache#1005 Fix npm vulnerability by https://github.com/Phantsure";>@Phantsure in https://github-redirect.dependabot.com/actions/cache/pull/1007";>actions/cache#1007 refactor: Use early return pattern to avoid nested conditions by https://github.com/jongwooo";>@jongwooo in https://github-redirect.dependabot.com/actions/cache/pull/1013";>actions/cache#1013 Use cache in check-dist.yml by https://github.com/jongwooo";>@jongwooo in https://github-redirect.dependabot.com/actions/cache/pull/1004";>actions/cache#1004 chore: Use built-in cache action to cache dependencies by https://github.com/jongwooo";>@jongwooo in https://github-redirect.dependabot.com/actions/cache/pull/1014";>actions/cache#1014 Updated node example by https://github.com/t-dedah";>@t-dedah in https://github-redirect.dependabot.com/actions/cache/pull/1008";>actions/cache#1008 Fix: Node npm doc example by https://github.com/apascualm";>@apascualm in https://github-redirect.dependabot.com/actions/cache/pull/1026";>actions/cache#1026 docs: fix an invalid link in workarounds.md by https://github.com/teatimeguest";>@teatimeguest in https://github-redirect.dependabot.com/actions/cache/pull/929";>actions/cache#929 General Availability release for granular cache by https://github.com/kotewar";>@kotewar in https://github-redirect.dependabot.com/actions/cache/pull/1035";>actions/cache#1035 More details here on https://github.com/actions/cache/discussions/1020";>beta release. New Contributors https://github.com/walterddr";>@walterddr made their first contribution in https://github-redirect.dependabot.com/actions/cache/pull/959";>actions/cache#959 https://github.com/asaf400";>@asaf400 made their first contribution in https://github-redirect.dependabot.com/actions/cache/pull/979";>actions/cache#979 https://github.com/jongwooo";>@jongwooo made their first contribution in https://github-redirect.dependabot.com/actions/cache/pull/1013";>actions/cache#1013 https://github.com/apascualm";>@apascualm made their first
[GitHub] [commons-jcs] dependabot[bot] opened a new pull request, #128: Bump ossf/scorecard-action from 2.1.0 to 2.1.2
dependabot[bot] opened a new pull request, #128: URL: https://github.com/apache/commons-jcs/pull/128 Bumps [ossf/scorecard-action](https://github.com/ossf/scorecard-action) from 2.1.0 to 2.1.2. Release notes Sourced from https://github.com/ossf/scorecard-action/releases";>ossf/scorecard-action's releases. v2.1.2 What's Changed Fixes 🌱 Bump scorecard dependency to v4.10.2 to remove a CODEOWNERS printf statement. by https://github.com/spencerschrock";>@spencerschrock in https://github-redirect.dependabot.com/ossf/scorecard-action/pull/1054";>ossf/scorecard-action#1054 Full Changelog: https://github.com/ossf/scorecard-action/compare/v2.1.1...v2.1.2";>https://github.com/ossf/scorecard-action/compare/v2.1.1...v2.1.2 v2.1.1 Scorecard version This release use https://github.com/ossf/scorecard/releases/tag/v4.10.1";>Scorecard's v4.10.1 Full Changelog: https://github.com/ossf/scorecard-action/compare/v2.1.0...v2.1.1";>https://github.com/ossf/scorecard-action/compare/v2.1.0...v2.1.1 Commits https://github.com/ossf/scorecard-action/commit/e38b1902ae4f44df626f11ba0734b14fb91f8f86";>e38b190 Bump docker tag for release. (https://github-redirect.dependabot.com/ossf/scorecard-action/issues/1055";>#1055) https://github.com/ossf/scorecard-action/commit/7da02bf0d58396bc404a7e5aef3e9b0c24dcb9bc";>7da02bf Bump scorecard to v4.10.2 to remove a CODEOWNERS printf statement. (https://github-redirect.dependabot.com/ossf/scorecard-action/issues/1054";>#1054) https://github.com/ossf/scorecard-action/commit/013c0f8bd2b3c3003f636c6766a361e000c32d25";>013c0f8 :seedling: Bump actions/dependency-review-action from 3.0.1 to 3.0.2 https://github.com/ossf/scorecard-action/commit/f93c094f4acf097f91d5753d637606bc11fdd8f6";>f93c094 :seedling: Bump github/codeql-action from 2.1.36 to 2.1.37 https://github.com/ossf/scorecard-action/commit/ce8978e058ff447b9df113f0f576b977fc627d6d";>ce8978e :seedling: Bump actions/upload-artifact from 3.1.0 to 3.1.1 https://github.com/ossf/scorecard-action/commit/5ce49db1aa7b24de0c4143035a64115e9c674b14";>5ce49db :seedling: Bump actions/setup-go from 3.4.0 to 3.5.0 https://github.com/ossf/scorecard-action/commit/15c10fcf1cf912bd22260bfec67569a359ab87da";>15c10fc Update tag to v2.1.1 (https://github-redirect.dependabot.com/ossf/scorecard-action/issues/1047";>#1047) https://github.com/ossf/scorecard-action/commit/f96da1a128903623ca8553562d0a85aa8b11d5af";>f96da1a :seedling: Update scorecard for the panic (https://github-redirect.dependabot.com/ossf/scorecard-action/issues/1045";>#1045) https://github.com/ossf/scorecard-action/commit/813a8251528830defc8d1d9e3b20ba7640225d7d";>813a825 Complete the list of required actions (https://github-redirect.dependabot.com/ossf/scorecard-action/issues/1044";>#1044) https://github.com/ossf/scorecard-action/commit/be62ea89c1d5c6cb8560cb24a4da589926d74068";>be62ea8 Update RELEASE.md (https://github-redirect.dependabot.com/ossf/scorecard-action/issues/1042";>#1042) Additional commits viewable in https://github.com/ossf/scorecard-action/compare/937ffa90d79c7d720498178154ad4c7ba1e4ad8c...e38b1902ae4f44df626f11ba0734b14fb91f8f86";>compare view [![Dependabot compatibility score](https://dependabot-badges.githubapp.com/badges/compatibility_score?dependency-name=ossf/scorecard-action&package-manager=github_actions&previous-version=2.1.0&new-version=2.1.2)](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores) Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting `@dependabot rebase`. [//]: # (dependabot-automerge-start) [//]: # (dependabot-automerge-end) --- Dependabot commands and options You can trigger Dependabot actions by commenting on this PR: - `@dependabot rebase` will rebase this PR - `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it - `@dependabot merge` will merge this PR after your CI passes on it - `@dependabot squash and merge` will squash and merge this PR after your CI passes on it - `@dependabot cancel merge` will cancel a previously requested merge and block automerging - `@dependabot reopen` will reopen this PR if it is closed - `@dependabot close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually - `@dependabot ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this dependency`
[GitHub] [commons-cli] dependabot[bot] opened a new pull request, #152: Bump ossf/scorecard-action from 2.1.0 to 2.1.2
dependabot[bot] opened a new pull request, #152: URL: https://github.com/apache/commons-cli/pull/152 Bumps [ossf/scorecard-action](https://github.com/ossf/scorecard-action) from 2.1.0 to 2.1.2. Release notes Sourced from https://github.com/ossf/scorecard-action/releases";>ossf/scorecard-action's releases. v2.1.2 What's Changed Fixes 🌱 Bump scorecard dependency to v4.10.2 to remove a CODEOWNERS printf statement. by https://github.com/spencerschrock";>@spencerschrock in https://github-redirect.dependabot.com/ossf/scorecard-action/pull/1054";>ossf/scorecard-action#1054 Full Changelog: https://github.com/ossf/scorecard-action/compare/v2.1.1...v2.1.2";>https://github.com/ossf/scorecard-action/compare/v2.1.1...v2.1.2 v2.1.1 Scorecard version This release use https://github.com/ossf/scorecard/releases/tag/v4.10.1";>Scorecard's v4.10.1 Full Changelog: https://github.com/ossf/scorecard-action/compare/v2.1.0...v2.1.1";>https://github.com/ossf/scorecard-action/compare/v2.1.0...v2.1.1 Commits https://github.com/ossf/scorecard-action/commit/e38b1902ae4f44df626f11ba0734b14fb91f8f86";>e38b190 Bump docker tag for release. (https://github-redirect.dependabot.com/ossf/scorecard-action/issues/1055";>#1055) https://github.com/ossf/scorecard-action/commit/7da02bf0d58396bc404a7e5aef3e9b0c24dcb9bc";>7da02bf Bump scorecard to v4.10.2 to remove a CODEOWNERS printf statement. (https://github-redirect.dependabot.com/ossf/scorecard-action/issues/1054";>#1054) https://github.com/ossf/scorecard-action/commit/013c0f8bd2b3c3003f636c6766a361e000c32d25";>013c0f8 :seedling: Bump actions/dependency-review-action from 3.0.1 to 3.0.2 https://github.com/ossf/scorecard-action/commit/f93c094f4acf097f91d5753d637606bc11fdd8f6";>f93c094 :seedling: Bump github/codeql-action from 2.1.36 to 2.1.37 https://github.com/ossf/scorecard-action/commit/ce8978e058ff447b9df113f0f576b977fc627d6d";>ce8978e :seedling: Bump actions/upload-artifact from 3.1.0 to 3.1.1 https://github.com/ossf/scorecard-action/commit/5ce49db1aa7b24de0c4143035a64115e9c674b14";>5ce49db :seedling: Bump actions/setup-go from 3.4.0 to 3.5.0 https://github.com/ossf/scorecard-action/commit/15c10fcf1cf912bd22260bfec67569a359ab87da";>15c10fc Update tag to v2.1.1 (https://github-redirect.dependabot.com/ossf/scorecard-action/issues/1047";>#1047) https://github.com/ossf/scorecard-action/commit/f96da1a128903623ca8553562d0a85aa8b11d5af";>f96da1a :seedling: Update scorecard for the panic (https://github-redirect.dependabot.com/ossf/scorecard-action/issues/1045";>#1045) https://github.com/ossf/scorecard-action/commit/813a8251528830defc8d1d9e3b20ba7640225d7d";>813a825 Complete the list of required actions (https://github-redirect.dependabot.com/ossf/scorecard-action/issues/1044";>#1044) https://github.com/ossf/scorecard-action/commit/be62ea89c1d5c6cb8560cb24a4da589926d74068";>be62ea8 Update RELEASE.md (https://github-redirect.dependabot.com/ossf/scorecard-action/issues/1042";>#1042) Additional commits viewable in https://github.com/ossf/scorecard-action/compare/937ffa90d79c7d720498178154ad4c7ba1e4ad8c...e38b1902ae4f44df626f11ba0734b14fb91f8f86";>compare view [![Dependabot compatibility score](https://dependabot-badges.githubapp.com/badges/compatibility_score?dependency-name=ossf/scorecard-action&package-manager=github_actions&previous-version=2.1.0&new-version=2.1.2)](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores) Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting `@dependabot rebase`. [//]: # (dependabot-automerge-start) [//]: # (dependabot-automerge-end) --- Dependabot commands and options You can trigger Dependabot actions by commenting on this PR: - `@dependabot rebase` will rebase this PR - `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it - `@dependabot merge` will merge this PR after your CI passes on it - `@dependabot squash and merge` will squash and merge this PR after your CI passes on it - `@dependabot cancel merge` will cancel a previously requested merge and block automerging - `@dependabot reopen` will reopen this PR if it is closed - `@dependabot close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually - `@dependabot ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this dependency`
[GitHub] [commons-cli] dependabot[bot] opened a new pull request, #153: Bump actions/cache from 3.0.11 to 3.2.1
dependabot[bot] opened a new pull request, #153: URL: https://github.com/apache/commons-cli/pull/153 Bumps [actions/cache](https://github.com/actions/cache) from 3.0.11 to 3.2.1. Release notes Sourced from https://github.com/actions/cache/releases";>actions/cache's releases. v3.2.1 What's Changed Release compression related changes for windows by https://github.com/Phantsure";>@Phantsure in https://github-redirect.dependabot.com/actions/cache/pull/1039";>actions/cache#1039 Upgrade codeql to v2 by https://github.com/Phantsure";>@Phantsure in https://github-redirect.dependabot.com/actions/cache/pull/1023";>actions/cache#1023 Full Changelog: https://github.com/actions/cache/compare/v3.2.0...v3.2.1";>https://github.com/actions/cache/compare/v3.2.0...v3.2.1 v3.2.0 What's Changed fix wrong timeout env var key in README.md by https://github.com/walterddr";>@walterddr in https://github-redirect.dependabot.com/actions/cache/pull/959";>actions/cache#959 Updated release doc with correct env variable by https://github.com/kotewar";>@kotewar in https://github-redirect.dependabot.com/actions/cache/pull/960";>actions/cache#960 Create pull_request_template.md by https://github.com/pdotl";>@pdotl in https://github-redirect.dependabot.com/actions/cache/pull/963";>actions/cache#963 Update README with clearer info about cache-hit and its value by https://github.com/kotewar";>@kotewar in https://github-redirect.dependabot.com/actions/cache/pull/961";>actions/cache#961 Change datadog/squid to Ubuntu/squid in CI check by https://github.com/bishal-pdMSFT";>@bishal-pdMSFT in https://github-redirect.dependabot.com/actions/cache/pull/976";>actions/cache#976 Add more details to version section in readme by https://github.com/bishal-pdMSFT";>@bishal-pdMSFT in https://github-redirect.dependabot.com/actions/cache/pull/971";>actions/cache#971 Update hashFiles documentation reference by https://github.com/asaf400";>@asaf400 in https://github-redirect.dependabot.com/actions/cache/pull/979";>actions/cache#979 Updated link for cache segment download info by https://github.com/kotewar";>@kotewar in https://github-redirect.dependabot.com/actions/cache/pull/986";>actions/cache#986 Readme update for deleting caches by https://github.com/t-dedah";>@t-dedah in https://github-redirect.dependabot.com/actions/cache/pull/981";>actions/cache#981 Add oncall logic to assign issues and PRs by https://github.com/vsvipul";>@vsvipul in https://github-redirect.dependabot.com/actions/cache/pull/997";>actions/cache#997 Bump minimatch from 3.0.4 to 3.1.2 by https://github.com/dependabot";>@dependabot in https://github-redirect.dependabot.com/actions/cache/pull/998";>actions/cache#998 Revert "Bump minimatch from 3.0.4 to 3.1.2" by https://github.com/vsvipul";>@vsvipul in https://github-redirect.dependabot.com/actions/cache/pull/1005";>actions/cache#1005 Fix npm vulnerability by https://github.com/Phantsure";>@Phantsure in https://github-redirect.dependabot.com/actions/cache/pull/1007";>actions/cache#1007 refactor: Use early return pattern to avoid nested conditions by https://github.com/jongwooo";>@jongwooo in https://github-redirect.dependabot.com/actions/cache/pull/1013";>actions/cache#1013 Use cache in check-dist.yml by https://github.com/jongwooo";>@jongwooo in https://github-redirect.dependabot.com/actions/cache/pull/1004";>actions/cache#1004 chore: Use built-in cache action to cache dependencies by https://github.com/jongwooo";>@jongwooo in https://github-redirect.dependabot.com/actions/cache/pull/1014";>actions/cache#1014 Updated node example by https://github.com/t-dedah";>@t-dedah in https://github-redirect.dependabot.com/actions/cache/pull/1008";>actions/cache#1008 Fix: Node npm doc example by https://github.com/apascualm";>@apascualm in https://github-redirect.dependabot.com/actions/cache/pull/1026";>actions/cache#1026 docs: fix an invalid link in workarounds.md by https://github.com/teatimeguest";>@teatimeguest in https://github-redirect.dependabot.com/actions/cache/pull/929";>actions/cache#929 General Availability release for granular cache by https://github.com/kotewar";>@kotewar in https://github-redirect.dependabot.com/actions/cache/pull/1035";>actions/cache#1035 More details here on https://github.com/actions/cache/discussions/1020";>beta release. New Contributors https://github.com/walterddr";>@walterddr made their first contribution in https://github-redirect.dependabot.com/actions/cache/pull/959";>actions/cache#959 https://github.com/asaf400";>@asaf400 made their first contribution in https://github-redirect.dependabot.com/actions/cache/pull/979";>actions/cache#979 https://github.com/jongwooo";>@jongwooo made their first contribution in https://github-redirect.dependabot.com/actions/cache/pull/1013";>actions/cache#1013 https://github.com/apascualm";>@apascualm made their first
[GitHub] [commons-build-plugin] dependabot[bot] opened a new pull request, #117: Bump actions/cache from 3.0.11 to 3.2.0
dependabot[bot] opened a new pull request, #117: URL: https://github.com/apache/commons-build-plugin/pull/117 Bumps [actions/cache](https://github.com/actions/cache) from 3.0.11 to 3.2.0. Release notes Sourced from https://github.com/actions/cache/releases";>actions/cache's releases. v3.2.0 What's Changed fix wrong timeout env var key in README.md by https://github.com/walterddr";>@walterddr in https://github-redirect.dependabot.com/actions/cache/pull/959";>actions/cache#959 Updated release doc with correct env variable by https://github.com/kotewar";>@kotewar in https://github-redirect.dependabot.com/actions/cache/pull/960";>actions/cache#960 Create pull_request_template.md by https://github.com/pdotl";>@pdotl in https://github-redirect.dependabot.com/actions/cache/pull/963";>actions/cache#963 Update README with clearer info about cache-hit and its value by https://github.com/kotewar";>@kotewar in https://github-redirect.dependabot.com/actions/cache/pull/961";>actions/cache#961 Change datadog/squid to Ubuntu/squid in CI check by https://github.com/bishal-pdMSFT";>@bishal-pdMSFT in https://github-redirect.dependabot.com/actions/cache/pull/976";>actions/cache#976 Add more details to version section in readme by https://github.com/bishal-pdMSFT";>@bishal-pdMSFT in https://github-redirect.dependabot.com/actions/cache/pull/971";>actions/cache#971 Update hashFiles documentation reference by https://github.com/asaf400";>@asaf400 in https://github-redirect.dependabot.com/actions/cache/pull/979";>actions/cache#979 Updated link for cache segment download info by https://github.com/kotewar";>@kotewar in https://github-redirect.dependabot.com/actions/cache/pull/986";>actions/cache#986 Readme update for deleting caches by https://github.com/t-dedah";>@t-dedah in https://github-redirect.dependabot.com/actions/cache/pull/981";>actions/cache#981 Add oncall logic to assign issues and PRs by https://github.com/vsvipul";>@vsvipul in https://github-redirect.dependabot.com/actions/cache/pull/997";>actions/cache#997 Bump minimatch from 3.0.4 to 3.1.2 by https://github.com/dependabot";>@dependabot in https://github-redirect.dependabot.com/actions/cache/pull/998";>actions/cache#998 Revert "Bump minimatch from 3.0.4 to 3.1.2" by https://github.com/vsvipul";>@vsvipul in https://github-redirect.dependabot.com/actions/cache/pull/1005";>actions/cache#1005 Fix npm vulnerability by https://github.com/Phantsure";>@Phantsure in https://github-redirect.dependabot.com/actions/cache/pull/1007";>actions/cache#1007 refactor: Use early return pattern to avoid nested conditions by https://github.com/jongwooo";>@jongwooo in https://github-redirect.dependabot.com/actions/cache/pull/1013";>actions/cache#1013 Use cache in check-dist.yml by https://github.com/jongwooo";>@jongwooo in https://github-redirect.dependabot.com/actions/cache/pull/1004";>actions/cache#1004 chore: Use built-in cache action to cache dependencies by https://github.com/jongwooo";>@jongwooo in https://github-redirect.dependabot.com/actions/cache/pull/1014";>actions/cache#1014 Updated node example by https://github.com/t-dedah";>@t-dedah in https://github-redirect.dependabot.com/actions/cache/pull/1008";>actions/cache#1008 Fix: Node npm doc example by https://github.com/apascualm";>@apascualm in https://github-redirect.dependabot.com/actions/cache/pull/1026";>actions/cache#1026 docs: fix an invalid link in workarounds.md by https://github.com/teatimeguest";>@teatimeguest in https://github-redirect.dependabot.com/actions/cache/pull/929";>actions/cache#929 General Availability release for granular cache by https://github.com/kotewar";>@kotewar in https://github-redirect.dependabot.com/actions/cache/pull/1035";>actions/cache#1035 More details here on https://github.com/actions/cache/discussions/1020";>beta release. New Contributors https://github.com/walterddr";>@walterddr made their first contribution in https://github-redirect.dependabot.com/actions/cache/pull/959";>actions/cache#959 https://github.com/asaf400";>@asaf400 made their first contribution in https://github-redirect.dependabot.com/actions/cache/pull/979";>actions/cache#979 https://github.com/jongwooo";>@jongwooo made their first contribution in https://github-redirect.dependabot.com/actions/cache/pull/1013";>actions/cache#1013 https://github.com/apascualm";>@apascualm made their first contribution in https://github-redirect.dependabot.com/actions/cache/pull/1026";>actions/cache#1026 https://github.com/teatimeguest";>@teatimeguest made their first contribution in https://github-redirect.dependabot.com/actions/cache/pull/929";>actions/cache#929 Full Changelog: https://github.com/actions/cache/compare/v3...v3.2.0";>https://github.com/actions/cache/compare/v3...v3.2.0 v3.2.0-beta.1 What's Changed Actions Cache Granular Control Implementation by https://githu
[GitHub] [commons-build-plugin] dependabot[bot] opened a new pull request, #116: Bump ossf/scorecard-action from 2.1.0 to 2.1.2
dependabot[bot] opened a new pull request, #116: URL: https://github.com/apache/commons-build-plugin/pull/116 Bumps [ossf/scorecard-action](https://github.com/ossf/scorecard-action) from 2.1.0 to 2.1.2. Release notes Sourced from https://github.com/ossf/scorecard-action/releases";>ossf/scorecard-action's releases. v2.1.2 What's Changed Fixes 🌱 Bump scorecard dependency to v4.10.2 to remove a CODEOWNERS printf statement. by https://github.com/spencerschrock";>@spencerschrock in https://github-redirect.dependabot.com/ossf/scorecard-action/pull/1054";>ossf/scorecard-action#1054 Full Changelog: https://github.com/ossf/scorecard-action/compare/v2.1.1...v2.1.2";>https://github.com/ossf/scorecard-action/compare/v2.1.1...v2.1.2 v2.1.1 Scorecard version This release use https://github.com/ossf/scorecard/releases/tag/v4.10.1";>Scorecard's v4.10.1 Full Changelog: https://github.com/ossf/scorecard-action/compare/v2.1.0...v2.1.1";>https://github.com/ossf/scorecard-action/compare/v2.1.0...v2.1.1 Commits https://github.com/ossf/scorecard-action/commit/e38b1902ae4f44df626f11ba0734b14fb91f8f86";>e38b190 Bump docker tag for release. (https://github-redirect.dependabot.com/ossf/scorecard-action/issues/1055";>#1055) https://github.com/ossf/scorecard-action/commit/7da02bf0d58396bc404a7e5aef3e9b0c24dcb9bc";>7da02bf Bump scorecard to v4.10.2 to remove a CODEOWNERS printf statement. (https://github-redirect.dependabot.com/ossf/scorecard-action/issues/1054";>#1054) https://github.com/ossf/scorecard-action/commit/013c0f8bd2b3c3003f636c6766a361e000c32d25";>013c0f8 :seedling: Bump actions/dependency-review-action from 3.0.1 to 3.0.2 https://github.com/ossf/scorecard-action/commit/f93c094f4acf097f91d5753d637606bc11fdd8f6";>f93c094 :seedling: Bump github/codeql-action from 2.1.36 to 2.1.37 https://github.com/ossf/scorecard-action/commit/ce8978e058ff447b9df113f0f576b977fc627d6d";>ce8978e :seedling: Bump actions/upload-artifact from 3.1.0 to 3.1.1 https://github.com/ossf/scorecard-action/commit/5ce49db1aa7b24de0c4143035a64115e9c674b14";>5ce49db :seedling: Bump actions/setup-go from 3.4.0 to 3.5.0 https://github.com/ossf/scorecard-action/commit/15c10fcf1cf912bd22260bfec67569a359ab87da";>15c10fc Update tag to v2.1.1 (https://github-redirect.dependabot.com/ossf/scorecard-action/issues/1047";>#1047) https://github.com/ossf/scorecard-action/commit/f96da1a128903623ca8553562d0a85aa8b11d5af";>f96da1a :seedling: Update scorecard for the panic (https://github-redirect.dependabot.com/ossf/scorecard-action/issues/1045";>#1045) https://github.com/ossf/scorecard-action/commit/813a8251528830defc8d1d9e3b20ba7640225d7d";>813a825 Complete the list of required actions (https://github-redirect.dependabot.com/ossf/scorecard-action/issues/1044";>#1044) https://github.com/ossf/scorecard-action/commit/be62ea89c1d5c6cb8560cb24a4da589926d74068";>be62ea8 Update RELEASE.md (https://github-redirect.dependabot.com/ossf/scorecard-action/issues/1042";>#1042) Additional commits viewable in https://github.com/ossf/scorecard-action/compare/937ffa90d79c7d720498178154ad4c7ba1e4ad8c...e38b1902ae4f44df626f11ba0734b14fb91f8f86";>compare view [![Dependabot compatibility score](https://dependabot-badges.githubapp.com/badges/compatibility_score?dependency-name=ossf/scorecard-action&package-manager=github_actions&previous-version=2.1.0&new-version=2.1.2)](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores) Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting `@dependabot rebase`. [//]: # (dependabot-automerge-start) [//]: # (dependabot-automerge-end) --- Dependabot commands and options You can trigger Dependabot actions by commenting on this PR: - `@dependabot rebase` will rebase this PR - `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it - `@dependabot merge` will merge this PR after your CI passes on it - `@dependabot squash and merge` will squash and merge this PR after your CI passes on it - `@dependabot cancel merge` will cancel a previously requested merge and block automerging - `@dependabot reopen` will reopen this PR if it is closed - `@dependabot close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually - `@dependabot ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this de
[jira] [Work logged] (LANG-1682) Adding StringUtils.startsWithAnyIgnoreCase method
[ https://issues.apache.org/jira/browse/LANG-1682?focusedWorklogId=835446&page=com.atlassian.jira.plugin.system.issuetabpanels:worklog-tabpanel#worklog-835446 ] ASF GitHub Bot logged work on LANG-1682: Author: ASF GitHub Bot Created on: 23/Dec/22 05:38 Start Date: 23/Dec/22 05:38 Worklog Time Spent: 10m Work Description: Enigo commented on PR #848: URL: https://github.com/apache/commons-lang/pull/848#issuecomment-1363635919 Hey @garydgregory any chance for this PR to be reviewed and merged? thanks! Issue Time Tracking --- Worklog Id: (was: 835446) Time Spent: 0.5h (was: 20m) > Adding StringUtils.startsWithAnyIgnoreCase method > - > > Key: LANG-1682 > URL: https://issues.apache.org/jira/browse/LANG-1682 > Project: Commons Lang > Issue Type: Improvement > Components: lang.* >Reporter: Ruslan Sibgatullin >Priority: Minor > Time Spent: 0.5h > Remaining Estimate: 0h > > Adding `StringUtils.startsWithAnyIgnoreCase` to have more flexibility. > Based on the existing `startsWith` method -- This message was sent by Atlassian Jira (v8.20.10#820010)
[GitHub] [commons-lang] Enigo commented on pull request #848: LANG-1682 Adding StringUtils.startsWithAnyIgnoreCase method
Enigo commented on PR #848: URL: https://github.com/apache/commons-lang/pull/848#issuecomment-1363635919 Hey @garydgregory any chance for this PR to be reviewed and merged? thanks! -- This is an automated message from the Apache Git Service. To respond to the message, please log on to GitHub and use the URL above to go to the specific comment. To unsubscribe, e-mail: issues-unsubscr...@commons.apache.org For queries about this service, please contact Infrastructure at: us...@infra.apache.org
[GitHub] [commons-digester] dependabot[bot] closed pull request #53: Bump ossf/scorecard-action from 1.1.2 to 2.1.0
dependabot[bot] closed pull request #53: Bump ossf/scorecard-action from 1.1.2 to 2.1.0 URL: https://github.com/apache/commons-digester/pull/53 -- This is an automated message from the Apache Git Service. To respond to the message, please log on to GitHub and use the URL above to go to the specific comment. To unsubscribe, e-mail: issues-unsubscr...@commons.apache.org For queries about this service, please contact Infrastructure at: us...@infra.apache.org
[GitHub] [commons-digester] dependabot[bot] commented on pull request #53: Bump ossf/scorecard-action from 1.1.2 to 2.1.0
dependabot[bot] commented on PR #53: URL: https://github.com/apache/commons-digester/pull/53#issuecomment-1363587980 Superseded by #55. -- This is an automated message from the Apache Git Service. To respond to the message, please log on to GitHub and use the URL above to go to the specific comment. To unsubscribe, e-mail: issues-unsubscr...@commons.apache.org For queries about this service, please contact Infrastructure at: us...@infra.apache.org
[GitHub] [commons-digester] dependabot[bot] opened a new pull request, #55: Bump ossf/scorecard-action from 1.1.2 to 2.1.2
dependabot[bot] opened a new pull request, #55: URL: https://github.com/apache/commons-digester/pull/55 Bumps [ossf/scorecard-action](https://github.com/ossf/scorecard-action) from 1.1.2 to 2.1.2. Release notes Sourced from https://github.com/ossf/scorecard-action/releases";>ossf/scorecard-action's releases. v2.1.2 What's Changed Fixes 🌱 Bump scorecard dependency to v4.10.2 to remove a CODEOWNERS printf statement. by https://github.com/spencerschrock";>@spencerschrock in https://github-redirect.dependabot.com/ossf/scorecard-action/pull/1054";>ossf/scorecard-action#1054 Full Changelog: https://github.com/ossf/scorecard-action/compare/v2.1.1...v2.1.2";>https://github.com/ossf/scorecard-action/compare/v2.1.1...v2.1.2 v2.1.1 Scorecard version This release use https://github.com/ossf/scorecard/releases/tag/v4.10.1";>Scorecard's v4.10.1 Full Changelog: https://github.com/ossf/scorecard-action/compare/v2.1.0...v2.1.1";>https://github.com/ossf/scorecard-action/compare/v2.1.0...v2.1.1 v2.1.0 What's Changed Scorecard version This release uses https://github.com/ossf/scorecard/releases/tag/v4.10.0";>scorecard v4.10.0. Improvements Docker build workflow by https://github.com/naveensrinivasan";>@naveensrinivasan in https://github-redirect.dependabot.com/ossf/scorecard-action/pull/981";>ossf/scorecard-action#981 Use root user in distroless to support GitHub Actions by https://github.com/spencerschrock";>@spencerschrock in https://github-redirect.dependabot.com/ossf/scorecard-action/pull/994";>ossf/scorecard-action#994 Disable pull_request_target by https://github.com/laurentsimon";>@laurentsimon in https://github-redirect.dependabot.com/ossf/scorecard-action/pull/1031";>ossf/scorecard-action#1031 Documentation Add PAT section explaining risks by https://github.com/olivekl";>@olivekl in https://github-redirect.dependabot.com/ossf/scorecard-action/pull/1024";>ossf/scorecard-action#1024 Make the badge text easier to copy by https://github.com/rajbos";>@rajbos in https://github-redirect.dependabot.com/ossf/scorecard-action/pull/1026";>ossf/scorecard-action#1026 New Contributors https://github.com/joycebrum";>@joycebrum made their first contribution in https://github-redirect.dependabot.com/ossf/scorecard-action/pull/984";>ossf/scorecard-action#984 https://github.com/rajbos";>@rajbos made their first contribution in https://github-redirect.dependabot.com/ossf/scorecard-action/pull/1026";>ossf/scorecard-action#1026 Full Changelog: https://github.com/ossf/scorecard-action/compare/v2.0.6...v2.1.0";>https://github.com/ossf/scorecard-action/compare/v2.0.6...v2.1.0 v2.0.6 What's Changed Fix - Broken dockerfile by https://github.com/naveensrinivasan";>@naveensrinivasan in https://github-redirect.dependabot.com/ossf/scorecard-action/pull/979";>ossf/scorecard-action#979 Full Changelog: https://github.com/ossf/scorecard-action/compare/v2.0.5...v2.0.6";>https://github.com/ossf/scorecard-action/compare/v2.0.5...v2.0.6 v2.0.5 What's Changed Remove trailing space from example by https://github.com/jamacku";>@jamacku in https://github-redirect.dependabot.com/ossf/scorecard-action/pull/955";>ossf/scorecard-action#955 ... (truncated) Commits https://github.com/ossf/scorecard-action/commit/e38b1902ae4f44df626f11ba0734b14fb91f8f86";>e38b190 Bump docker tag for release. (https://github-redirect.dependabot.com/ossf/scorecard-action/issues/1055";>#1055) https://github.com/ossf/scorecard-action/commit/7da02bf0d58396bc404a7e5aef3e9b0c24dcb9bc";>7da02bf Bump scorecard to v4.10.2 to remove a CODEOWNERS printf statement. (https://github-redirect.dependabot.com/ossf/scorecard-action/issues/1054";>#1054) https://github.com/ossf/scorecard-action/commit/013c0f8bd2b3c3003f636c6766a361e000c32d25";>013c0f8 :seedling: Bump actions/dependency-review-action from 3.0.1 to 3.0.2 https://github.com/ossf/scorecard-action/commit/f93c094f4acf097f91d5753d637606bc11fdd8f6";>f93c094 :seedling: Bump github/codeql-action from 2.1.36 to 2.1.37 https://github.com/ossf/scorecard-action/commit/ce8978e058ff447b9df113f0f576b977fc627d6d";>ce8978e :seedling: Bump actions/upload-artifact from 3.1.0 to 3.1.1 https://github.com/ossf/scorecard-action/commit/5ce49db1aa7b24de0c4143035a64115e9c674b14";>5ce49db :seedling: Bump actions/setup-go from 3.4.0 to 3.5.0 https://github.com/ossf/scorecard-action/commit/15c10fcf1cf912bd22260bfec67569a359ab87da";>15c10fc Update tag to v2.1.1 (https://github-redirect.dependabot.com/ossf/scorecard-action/issues/1047";>#1047) https://github.com/ossf/scorecard-action/commit/f96da1a128903623ca8553562d0a85aa8b11d5af";>f96da1a :seedling: Update scorecard for the panic (https://github-redirect.dependabot.com/ossf/scorecard-action/issues/1045";>#1045) https://github.com/ossf/scorecard-action/commit/813a8251528830defc8d
[GitHub] [commons-digester] dependabot[bot] closed pull request #40: Bump actions/cache from 3.0.8 to 3.0.11
dependabot[bot] closed pull request #40: Bump actions/cache from 3.0.8 to 3.0.11 URL: https://github.com/apache/commons-digester/pull/40 -- This is an automated message from the Apache Git Service. To respond to the message, please log on to GitHub and use the URL above to go to the specific comment. To unsubscribe, e-mail: issues-unsubscr...@commons.apache.org For queries about this service, please contact Infrastructure at: us...@infra.apache.org
[GitHub] [commons-dbcp] dependabot[bot] opened a new pull request, #250: Bump ossf/scorecard-action from 2.1.0 to 2.1.2
dependabot[bot] opened a new pull request, #250: URL: https://github.com/apache/commons-dbcp/pull/250 Bumps [ossf/scorecard-action](https://github.com/ossf/scorecard-action) from 2.1.0 to 2.1.2. Release notes Sourced from https://github.com/ossf/scorecard-action/releases";>ossf/scorecard-action's releases. v2.1.2 What's Changed Fixes 🌱 Bump scorecard dependency to v4.10.2 to remove a CODEOWNERS printf statement. by https://github.com/spencerschrock";>@spencerschrock in https://github-redirect.dependabot.com/ossf/scorecard-action/pull/1054";>ossf/scorecard-action#1054 Full Changelog: https://github.com/ossf/scorecard-action/compare/v2.1.1...v2.1.2";>https://github.com/ossf/scorecard-action/compare/v2.1.1...v2.1.2 v2.1.1 Scorecard version This release use https://github.com/ossf/scorecard/releases/tag/v4.10.1";>Scorecard's v4.10.1 Full Changelog: https://github.com/ossf/scorecard-action/compare/v2.1.0...v2.1.1";>https://github.com/ossf/scorecard-action/compare/v2.1.0...v2.1.1 Commits https://github.com/ossf/scorecard-action/commit/e38b1902ae4f44df626f11ba0734b14fb91f8f86";>e38b190 Bump docker tag for release. (https://github-redirect.dependabot.com/ossf/scorecard-action/issues/1055";>#1055) https://github.com/ossf/scorecard-action/commit/7da02bf0d58396bc404a7e5aef3e9b0c24dcb9bc";>7da02bf Bump scorecard to v4.10.2 to remove a CODEOWNERS printf statement. (https://github-redirect.dependabot.com/ossf/scorecard-action/issues/1054";>#1054) https://github.com/ossf/scorecard-action/commit/013c0f8bd2b3c3003f636c6766a361e000c32d25";>013c0f8 :seedling: Bump actions/dependency-review-action from 3.0.1 to 3.0.2 https://github.com/ossf/scorecard-action/commit/f93c094f4acf097f91d5753d637606bc11fdd8f6";>f93c094 :seedling: Bump github/codeql-action from 2.1.36 to 2.1.37 https://github.com/ossf/scorecard-action/commit/ce8978e058ff447b9df113f0f576b977fc627d6d";>ce8978e :seedling: Bump actions/upload-artifact from 3.1.0 to 3.1.1 https://github.com/ossf/scorecard-action/commit/5ce49db1aa7b24de0c4143035a64115e9c674b14";>5ce49db :seedling: Bump actions/setup-go from 3.4.0 to 3.5.0 https://github.com/ossf/scorecard-action/commit/15c10fcf1cf912bd22260bfec67569a359ab87da";>15c10fc Update tag to v2.1.1 (https://github-redirect.dependabot.com/ossf/scorecard-action/issues/1047";>#1047) https://github.com/ossf/scorecard-action/commit/f96da1a128903623ca8553562d0a85aa8b11d5af";>f96da1a :seedling: Update scorecard for the panic (https://github-redirect.dependabot.com/ossf/scorecard-action/issues/1045";>#1045) https://github.com/ossf/scorecard-action/commit/813a8251528830defc8d1d9e3b20ba7640225d7d";>813a825 Complete the list of required actions (https://github-redirect.dependabot.com/ossf/scorecard-action/issues/1044";>#1044) https://github.com/ossf/scorecard-action/commit/be62ea89c1d5c6cb8560cb24a4da589926d74068";>be62ea8 Update RELEASE.md (https://github-redirect.dependabot.com/ossf/scorecard-action/issues/1042";>#1042) Additional commits viewable in https://github.com/ossf/scorecard-action/compare/937ffa90d79c7d720498178154ad4c7ba1e4ad8c...e38b1902ae4f44df626f11ba0734b14fb91f8f86";>compare view [![Dependabot compatibility score](https://dependabot-badges.githubapp.com/badges/compatibility_score?dependency-name=ossf/scorecard-action&package-manager=github_actions&previous-version=2.1.0&new-version=2.1.2)](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores) Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting `@dependabot rebase`. [//]: # (dependabot-automerge-start) [//]: # (dependabot-automerge-end) --- Dependabot commands and options You can trigger Dependabot actions by commenting on this PR: - `@dependabot rebase` will rebase this PR - `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it - `@dependabot merge` will merge this PR after your CI passes on it - `@dependabot squash and merge` will squash and merge this PR after your CI passes on it - `@dependabot cancel merge` will cancel a previously requested merge and block automerging - `@dependabot reopen` will reopen this PR if it is closed - `@dependabot close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually - `@dependabot ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this dependency
[GitHub] [commons-digester] dependabot[bot] commented on pull request #40: Bump actions/cache from 3.0.8 to 3.0.11
dependabot[bot] commented on PR #40: URL: https://github.com/apache/commons-digester/pull/40#issuecomment-1363587921 Superseded by #54. -- This is an automated message from the Apache Git Service. To respond to the message, please log on to GitHub and use the URL above to go to the specific comment. To unsubscribe, e-mail: issues-unsubscr...@commons.apache.org For queries about this service, please contact Infrastructure at: us...@infra.apache.org
[GitHub] [commons-digester] dependabot[bot] opened a new pull request, #54: Bump actions/cache from 3.0.8 to 3.2.0
dependabot[bot] opened a new pull request, #54: URL: https://github.com/apache/commons-digester/pull/54 Bumps [actions/cache](https://github.com/actions/cache) from 3.0.8 to 3.2.0. Release notes Sourced from https://github.com/actions/cache/releases";>actions/cache's releases. v3.2.0 What's Changed fix wrong timeout env var key in README.md by https://github.com/walterddr";>@walterddr in https://github-redirect.dependabot.com/actions/cache/pull/959";>actions/cache#959 Updated release doc with correct env variable by https://github.com/kotewar";>@kotewar in https://github-redirect.dependabot.com/actions/cache/pull/960";>actions/cache#960 Create pull_request_template.md by https://github.com/pdotl";>@pdotl in https://github-redirect.dependabot.com/actions/cache/pull/963";>actions/cache#963 Update README with clearer info about cache-hit and its value by https://github.com/kotewar";>@kotewar in https://github-redirect.dependabot.com/actions/cache/pull/961";>actions/cache#961 Change datadog/squid to Ubuntu/squid in CI check by https://github.com/bishal-pdMSFT";>@bishal-pdMSFT in https://github-redirect.dependabot.com/actions/cache/pull/976";>actions/cache#976 Add more details to version section in readme by https://github.com/bishal-pdMSFT";>@bishal-pdMSFT in https://github-redirect.dependabot.com/actions/cache/pull/971";>actions/cache#971 Update hashFiles documentation reference by https://github.com/asaf400";>@asaf400 in https://github-redirect.dependabot.com/actions/cache/pull/979";>actions/cache#979 Updated link for cache segment download info by https://github.com/kotewar";>@kotewar in https://github-redirect.dependabot.com/actions/cache/pull/986";>actions/cache#986 Readme update for deleting caches by https://github.com/t-dedah";>@t-dedah in https://github-redirect.dependabot.com/actions/cache/pull/981";>actions/cache#981 Add oncall logic to assign issues and PRs by https://github.com/vsvipul";>@vsvipul in https://github-redirect.dependabot.com/actions/cache/pull/997";>actions/cache#997 Bump minimatch from 3.0.4 to 3.1.2 by https://github.com/dependabot";>@dependabot in https://github-redirect.dependabot.com/actions/cache/pull/998";>actions/cache#998 Revert "Bump minimatch from 3.0.4 to 3.1.2" by https://github.com/vsvipul";>@vsvipul in https://github-redirect.dependabot.com/actions/cache/pull/1005";>actions/cache#1005 Fix npm vulnerability by https://github.com/Phantsure";>@Phantsure in https://github-redirect.dependabot.com/actions/cache/pull/1007";>actions/cache#1007 refactor: Use early return pattern to avoid nested conditions by https://github.com/jongwooo";>@jongwooo in https://github-redirect.dependabot.com/actions/cache/pull/1013";>actions/cache#1013 Use cache in check-dist.yml by https://github.com/jongwooo";>@jongwooo in https://github-redirect.dependabot.com/actions/cache/pull/1004";>actions/cache#1004 chore: Use built-in cache action to cache dependencies by https://github.com/jongwooo";>@jongwooo in https://github-redirect.dependabot.com/actions/cache/pull/1014";>actions/cache#1014 Updated node example by https://github.com/t-dedah";>@t-dedah in https://github-redirect.dependabot.com/actions/cache/pull/1008";>actions/cache#1008 Fix: Node npm doc example by https://github.com/apascualm";>@apascualm in https://github-redirect.dependabot.com/actions/cache/pull/1026";>actions/cache#1026 docs: fix an invalid link in workarounds.md by https://github.com/teatimeguest";>@teatimeguest in https://github-redirect.dependabot.com/actions/cache/pull/929";>actions/cache#929 General Availability release for granular cache by https://github.com/kotewar";>@kotewar in https://github-redirect.dependabot.com/actions/cache/pull/1035";>actions/cache#1035 More details here on https://github.com/actions/cache/discussions/1020";>beta release. New Contributors https://github.com/walterddr";>@walterddr made their first contribution in https://github-redirect.dependabot.com/actions/cache/pull/959";>actions/cache#959 https://github.com/asaf400";>@asaf400 made their first contribution in https://github-redirect.dependabot.com/actions/cache/pull/979";>actions/cache#979 https://github.com/jongwooo";>@jongwooo made their first contribution in https://github-redirect.dependabot.com/actions/cache/pull/1013";>actions/cache#1013 https://github.com/apascualm";>@apascualm made their first contribution in https://github-redirect.dependabot.com/actions/cache/pull/1026";>actions/cache#1026 https://github.com/teatimeguest";>@teatimeguest made their first contribution in https://github-redirect.dependabot.com/actions/cache/pull/929";>actions/cache#929 Full Changelog: https://github.com/actions/cache/compare/v3...v3.2.0";>https://github.com/actions/cache/compare/v3...v3.2.0 v3.2.0-beta.1 What's Changed Actions Cache Granular Control Implementation by https://github.com/k
[GitHub] [commons-compress] dependabot[bot] opened a new pull request, #343: Bump ossf/scorecard-action from 2.1.0 to 2.1.2
dependabot[bot] opened a new pull request, #343: URL: https://github.com/apache/commons-compress/pull/343 Bumps [ossf/scorecard-action](https://github.com/ossf/scorecard-action) from 2.1.0 to 2.1.2. Release notes Sourced from https://github.com/ossf/scorecard-action/releases";>ossf/scorecard-action's releases. v2.1.2 What's Changed Fixes 🌱 Bump scorecard dependency to v4.10.2 to remove a CODEOWNERS printf statement. by https://github.com/spencerschrock";>@spencerschrock in https://github-redirect.dependabot.com/ossf/scorecard-action/pull/1054";>ossf/scorecard-action#1054 Full Changelog: https://github.com/ossf/scorecard-action/compare/v2.1.1...v2.1.2";>https://github.com/ossf/scorecard-action/compare/v2.1.1...v2.1.2 v2.1.1 Scorecard version This release use https://github.com/ossf/scorecard/releases/tag/v4.10.1";>Scorecard's v4.10.1 Full Changelog: https://github.com/ossf/scorecard-action/compare/v2.1.0...v2.1.1";>https://github.com/ossf/scorecard-action/compare/v2.1.0...v2.1.1 Commits https://github.com/ossf/scorecard-action/commit/e38b1902ae4f44df626f11ba0734b14fb91f8f86";>e38b190 Bump docker tag for release. (https://github-redirect.dependabot.com/ossf/scorecard-action/issues/1055";>#1055) https://github.com/ossf/scorecard-action/commit/7da02bf0d58396bc404a7e5aef3e9b0c24dcb9bc";>7da02bf Bump scorecard to v4.10.2 to remove a CODEOWNERS printf statement. (https://github-redirect.dependabot.com/ossf/scorecard-action/issues/1054";>#1054) https://github.com/ossf/scorecard-action/commit/013c0f8bd2b3c3003f636c6766a361e000c32d25";>013c0f8 :seedling: Bump actions/dependency-review-action from 3.0.1 to 3.0.2 https://github.com/ossf/scorecard-action/commit/f93c094f4acf097f91d5753d637606bc11fdd8f6";>f93c094 :seedling: Bump github/codeql-action from 2.1.36 to 2.1.37 https://github.com/ossf/scorecard-action/commit/ce8978e058ff447b9df113f0f576b977fc627d6d";>ce8978e :seedling: Bump actions/upload-artifact from 3.1.0 to 3.1.1 https://github.com/ossf/scorecard-action/commit/5ce49db1aa7b24de0c4143035a64115e9c674b14";>5ce49db :seedling: Bump actions/setup-go from 3.4.0 to 3.5.0 https://github.com/ossf/scorecard-action/commit/15c10fcf1cf912bd22260bfec67569a359ab87da";>15c10fc Update tag to v2.1.1 (https://github-redirect.dependabot.com/ossf/scorecard-action/issues/1047";>#1047) https://github.com/ossf/scorecard-action/commit/f96da1a128903623ca8553562d0a85aa8b11d5af";>f96da1a :seedling: Update scorecard for the panic (https://github-redirect.dependabot.com/ossf/scorecard-action/issues/1045";>#1045) https://github.com/ossf/scorecard-action/commit/813a8251528830defc8d1d9e3b20ba7640225d7d";>813a825 Complete the list of required actions (https://github-redirect.dependabot.com/ossf/scorecard-action/issues/1044";>#1044) https://github.com/ossf/scorecard-action/commit/be62ea89c1d5c6cb8560cb24a4da589926d74068";>be62ea8 Update RELEASE.md (https://github-redirect.dependabot.com/ossf/scorecard-action/issues/1042";>#1042) Additional commits viewable in https://github.com/ossf/scorecard-action/compare/937ffa90d79c7d720498178154ad4c7ba1e4ad8c...e38b1902ae4f44df626f11ba0734b14fb91f8f86";>compare view [![Dependabot compatibility score](https://dependabot-badges.githubapp.com/badges/compatibility_score?dependency-name=ossf/scorecard-action&package-manager=github_actions&previous-version=2.1.0&new-version=2.1.2)](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores) Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting `@dependabot rebase`. [//]: # (dependabot-automerge-start) [//]: # (dependabot-automerge-end) --- Dependabot commands and options You can trigger Dependabot actions by commenting on this PR: - `@dependabot rebase` will rebase this PR - `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it - `@dependabot merge` will merge this PR after your CI passes on it - `@dependabot squash and merge` will squash and merge this PR after your CI passes on it - `@dependabot cancel merge` will cancel a previously requested merge and block automerging - `@dependabot reopen` will reopen this PR if it is closed - `@dependabot close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually - `@dependabot ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this depend
[GitHub] [commons-dbcp] dependabot[bot] opened a new pull request, #249: Bump actions/cache from 3.0.11 to 3.2.0
dependabot[bot] opened a new pull request, #249: URL: https://github.com/apache/commons-dbcp/pull/249 Bumps [actions/cache](https://github.com/actions/cache) from 3.0.11 to 3.2.0. Release notes Sourced from https://github.com/actions/cache/releases";>actions/cache's releases. v3.2.0 What's Changed fix wrong timeout env var key in README.md by https://github.com/walterddr";>@walterddr in https://github-redirect.dependabot.com/actions/cache/pull/959";>actions/cache#959 Updated release doc with correct env variable by https://github.com/kotewar";>@kotewar in https://github-redirect.dependabot.com/actions/cache/pull/960";>actions/cache#960 Create pull_request_template.md by https://github.com/pdotl";>@pdotl in https://github-redirect.dependabot.com/actions/cache/pull/963";>actions/cache#963 Update README with clearer info about cache-hit and its value by https://github.com/kotewar";>@kotewar in https://github-redirect.dependabot.com/actions/cache/pull/961";>actions/cache#961 Change datadog/squid to Ubuntu/squid in CI check by https://github.com/bishal-pdMSFT";>@bishal-pdMSFT in https://github-redirect.dependabot.com/actions/cache/pull/976";>actions/cache#976 Add more details to version section in readme by https://github.com/bishal-pdMSFT";>@bishal-pdMSFT in https://github-redirect.dependabot.com/actions/cache/pull/971";>actions/cache#971 Update hashFiles documentation reference by https://github.com/asaf400";>@asaf400 in https://github-redirect.dependabot.com/actions/cache/pull/979";>actions/cache#979 Updated link for cache segment download info by https://github.com/kotewar";>@kotewar in https://github-redirect.dependabot.com/actions/cache/pull/986";>actions/cache#986 Readme update for deleting caches by https://github.com/t-dedah";>@t-dedah in https://github-redirect.dependabot.com/actions/cache/pull/981";>actions/cache#981 Add oncall logic to assign issues and PRs by https://github.com/vsvipul";>@vsvipul in https://github-redirect.dependabot.com/actions/cache/pull/997";>actions/cache#997 Bump minimatch from 3.0.4 to 3.1.2 by https://github.com/dependabot";>@dependabot in https://github-redirect.dependabot.com/actions/cache/pull/998";>actions/cache#998 Revert "Bump minimatch from 3.0.4 to 3.1.2" by https://github.com/vsvipul";>@vsvipul in https://github-redirect.dependabot.com/actions/cache/pull/1005";>actions/cache#1005 Fix npm vulnerability by https://github.com/Phantsure";>@Phantsure in https://github-redirect.dependabot.com/actions/cache/pull/1007";>actions/cache#1007 refactor: Use early return pattern to avoid nested conditions by https://github.com/jongwooo";>@jongwooo in https://github-redirect.dependabot.com/actions/cache/pull/1013";>actions/cache#1013 Use cache in check-dist.yml by https://github.com/jongwooo";>@jongwooo in https://github-redirect.dependabot.com/actions/cache/pull/1004";>actions/cache#1004 chore: Use built-in cache action to cache dependencies by https://github.com/jongwooo";>@jongwooo in https://github-redirect.dependabot.com/actions/cache/pull/1014";>actions/cache#1014 Updated node example by https://github.com/t-dedah";>@t-dedah in https://github-redirect.dependabot.com/actions/cache/pull/1008";>actions/cache#1008 Fix: Node npm doc example by https://github.com/apascualm";>@apascualm in https://github-redirect.dependabot.com/actions/cache/pull/1026";>actions/cache#1026 docs: fix an invalid link in workarounds.md by https://github.com/teatimeguest";>@teatimeguest in https://github-redirect.dependabot.com/actions/cache/pull/929";>actions/cache#929 General Availability release for granular cache by https://github.com/kotewar";>@kotewar in https://github-redirect.dependabot.com/actions/cache/pull/1035";>actions/cache#1035 More details here on https://github.com/actions/cache/discussions/1020";>beta release. New Contributors https://github.com/walterddr";>@walterddr made their first contribution in https://github-redirect.dependabot.com/actions/cache/pull/959";>actions/cache#959 https://github.com/asaf400";>@asaf400 made their first contribution in https://github-redirect.dependabot.com/actions/cache/pull/979";>actions/cache#979 https://github.com/jongwooo";>@jongwooo made their first contribution in https://github-redirect.dependabot.com/actions/cache/pull/1013";>actions/cache#1013 https://github.com/apascualm";>@apascualm made their first contribution in https://github-redirect.dependabot.com/actions/cache/pull/1026";>actions/cache#1026 https://github.com/teatimeguest";>@teatimeguest made their first contribution in https://github-redirect.dependabot.com/actions/cache/pull/929";>actions/cache#929 Full Changelog: https://github.com/actions/cache/compare/v3...v3.2.0";>https://github.com/actions/cache/compare/v3...v3.2.0 v3.2.0-beta.1 What's Changed Actions Cache Granular Control Implementation by https://github.com/ko
[GitHub] [commons-compress] dependabot[bot] opened a new pull request, #342: Bump actions/cache from 3.0.11 to 3.2.0
dependabot[bot] opened a new pull request, #342: URL: https://github.com/apache/commons-compress/pull/342 Bumps [actions/cache](https://github.com/actions/cache) from 3.0.11 to 3.2.0. Release notes Sourced from https://github.com/actions/cache/releases";>actions/cache's releases. v3.2.0 What's Changed fix wrong timeout env var key in README.md by https://github.com/walterddr";>@walterddr in https://github-redirect.dependabot.com/actions/cache/pull/959";>actions/cache#959 Updated release doc with correct env variable by https://github.com/kotewar";>@kotewar in https://github-redirect.dependabot.com/actions/cache/pull/960";>actions/cache#960 Create pull_request_template.md by https://github.com/pdotl";>@pdotl in https://github-redirect.dependabot.com/actions/cache/pull/963";>actions/cache#963 Update README with clearer info about cache-hit and its value by https://github.com/kotewar";>@kotewar in https://github-redirect.dependabot.com/actions/cache/pull/961";>actions/cache#961 Change datadog/squid to Ubuntu/squid in CI check by https://github.com/bishal-pdMSFT";>@bishal-pdMSFT in https://github-redirect.dependabot.com/actions/cache/pull/976";>actions/cache#976 Add more details to version section in readme by https://github.com/bishal-pdMSFT";>@bishal-pdMSFT in https://github-redirect.dependabot.com/actions/cache/pull/971";>actions/cache#971 Update hashFiles documentation reference by https://github.com/asaf400";>@asaf400 in https://github-redirect.dependabot.com/actions/cache/pull/979";>actions/cache#979 Updated link for cache segment download info by https://github.com/kotewar";>@kotewar in https://github-redirect.dependabot.com/actions/cache/pull/986";>actions/cache#986 Readme update for deleting caches by https://github.com/t-dedah";>@t-dedah in https://github-redirect.dependabot.com/actions/cache/pull/981";>actions/cache#981 Add oncall logic to assign issues and PRs by https://github.com/vsvipul";>@vsvipul in https://github-redirect.dependabot.com/actions/cache/pull/997";>actions/cache#997 Bump minimatch from 3.0.4 to 3.1.2 by https://github.com/dependabot";>@dependabot in https://github-redirect.dependabot.com/actions/cache/pull/998";>actions/cache#998 Revert "Bump minimatch from 3.0.4 to 3.1.2" by https://github.com/vsvipul";>@vsvipul in https://github-redirect.dependabot.com/actions/cache/pull/1005";>actions/cache#1005 Fix npm vulnerability by https://github.com/Phantsure";>@Phantsure in https://github-redirect.dependabot.com/actions/cache/pull/1007";>actions/cache#1007 refactor: Use early return pattern to avoid nested conditions by https://github.com/jongwooo";>@jongwooo in https://github-redirect.dependabot.com/actions/cache/pull/1013";>actions/cache#1013 Use cache in check-dist.yml by https://github.com/jongwooo";>@jongwooo in https://github-redirect.dependabot.com/actions/cache/pull/1004";>actions/cache#1004 chore: Use built-in cache action to cache dependencies by https://github.com/jongwooo";>@jongwooo in https://github-redirect.dependabot.com/actions/cache/pull/1014";>actions/cache#1014 Updated node example by https://github.com/t-dedah";>@t-dedah in https://github-redirect.dependabot.com/actions/cache/pull/1008";>actions/cache#1008 Fix: Node npm doc example by https://github.com/apascualm";>@apascualm in https://github-redirect.dependabot.com/actions/cache/pull/1026";>actions/cache#1026 docs: fix an invalid link in workarounds.md by https://github.com/teatimeguest";>@teatimeguest in https://github-redirect.dependabot.com/actions/cache/pull/929";>actions/cache#929 General Availability release for granular cache by https://github.com/kotewar";>@kotewar in https://github-redirect.dependabot.com/actions/cache/pull/1035";>actions/cache#1035 More details here on https://github.com/actions/cache/discussions/1020";>beta release. New Contributors https://github.com/walterddr";>@walterddr made their first contribution in https://github-redirect.dependabot.com/actions/cache/pull/959";>actions/cache#959 https://github.com/asaf400";>@asaf400 made their first contribution in https://github-redirect.dependabot.com/actions/cache/pull/979";>actions/cache#979 https://github.com/jongwooo";>@jongwooo made their first contribution in https://github-redirect.dependabot.com/actions/cache/pull/1013";>actions/cache#1013 https://github.com/apascualm";>@apascualm made their first contribution in https://github-redirect.dependabot.com/actions/cache/pull/1026";>actions/cache#1026 https://github.com/teatimeguest";>@teatimeguest made their first contribution in https://github-redirect.dependabot.com/actions/cache/pull/929";>actions/cache#929 Full Changelog: https://github.com/actions/cache/compare/v3...v3.2.0";>https://github.com/actions/cache/compare/v3...v3.2.0 v3.2.0-beta.1 What's Changed Actions Cache Granular Control Implementation by https://github.co
[GitHub] [commons-net] garydgregory merged pull request #134: Bump actions/cache from 3.0.11 to 3.2.0
garydgregory merged PR #134: URL: https://github.com/apache/commons-net/pull/134 -- This is an automated message from the Apache Git Service. To respond to the message, please log on to GitHub and use the URL above to go to the specific comment. To unsubscribe, e-mail: issues-unsubscr...@commons.apache.org For queries about this service, please contact Infrastructure at: us...@infra.apache.org
[GitHub] [commons-net] garydgregory merged pull request #133: Bump ossf/scorecard-action from 2.1.0 to 2.1.2
garydgregory merged PR #133: URL: https://github.com/apache/commons-net/pull/133 -- This is an automated message from the Apache Git Service. To respond to the message, please log on to GitHub and use the URL above to go to the specific comment. To unsubscribe, e-mail: issues-unsubscr...@commons.apache.org For queries about this service, please contact Infrastructure at: us...@infra.apache.org
[GitHub] [commons-net] dependabot[bot] opened a new pull request, #134: Bump actions/cache from 3.0.11 to 3.2.0
dependabot[bot] opened a new pull request, #134: URL: https://github.com/apache/commons-net/pull/134 Bumps [actions/cache](https://github.com/actions/cache) from 3.0.11 to 3.2.0. Release notes Sourced from https://github.com/actions/cache/releases";>actions/cache's releases. v3.2.0 What's Changed fix wrong timeout env var key in README.md by https://github.com/walterddr";>@walterddr in https://github-redirect.dependabot.com/actions/cache/pull/959";>actions/cache#959 Updated release doc with correct env variable by https://github.com/kotewar";>@kotewar in https://github-redirect.dependabot.com/actions/cache/pull/960";>actions/cache#960 Create pull_request_template.md by https://github.com/pdotl";>@pdotl in https://github-redirect.dependabot.com/actions/cache/pull/963";>actions/cache#963 Update README with clearer info about cache-hit and its value by https://github.com/kotewar";>@kotewar in https://github-redirect.dependabot.com/actions/cache/pull/961";>actions/cache#961 Change datadog/squid to Ubuntu/squid in CI check by https://github.com/bishal-pdMSFT";>@bishal-pdMSFT in https://github-redirect.dependabot.com/actions/cache/pull/976";>actions/cache#976 Add more details to version section in readme by https://github.com/bishal-pdMSFT";>@bishal-pdMSFT in https://github-redirect.dependabot.com/actions/cache/pull/971";>actions/cache#971 Update hashFiles documentation reference by https://github.com/asaf400";>@asaf400 in https://github-redirect.dependabot.com/actions/cache/pull/979";>actions/cache#979 Updated link for cache segment download info by https://github.com/kotewar";>@kotewar in https://github-redirect.dependabot.com/actions/cache/pull/986";>actions/cache#986 Readme update for deleting caches by https://github.com/t-dedah";>@t-dedah in https://github-redirect.dependabot.com/actions/cache/pull/981";>actions/cache#981 Add oncall logic to assign issues and PRs by https://github.com/vsvipul";>@vsvipul in https://github-redirect.dependabot.com/actions/cache/pull/997";>actions/cache#997 Bump minimatch from 3.0.4 to 3.1.2 by https://github.com/dependabot";>@dependabot in https://github-redirect.dependabot.com/actions/cache/pull/998";>actions/cache#998 Revert "Bump minimatch from 3.0.4 to 3.1.2" by https://github.com/vsvipul";>@vsvipul in https://github-redirect.dependabot.com/actions/cache/pull/1005";>actions/cache#1005 Fix npm vulnerability by https://github.com/Phantsure";>@Phantsure in https://github-redirect.dependabot.com/actions/cache/pull/1007";>actions/cache#1007 refactor: Use early return pattern to avoid nested conditions by https://github.com/jongwooo";>@jongwooo in https://github-redirect.dependabot.com/actions/cache/pull/1013";>actions/cache#1013 Use cache in check-dist.yml by https://github.com/jongwooo";>@jongwooo in https://github-redirect.dependabot.com/actions/cache/pull/1004";>actions/cache#1004 chore: Use built-in cache action to cache dependencies by https://github.com/jongwooo";>@jongwooo in https://github-redirect.dependabot.com/actions/cache/pull/1014";>actions/cache#1014 Updated node example by https://github.com/t-dedah";>@t-dedah in https://github-redirect.dependabot.com/actions/cache/pull/1008";>actions/cache#1008 Fix: Node npm doc example by https://github.com/apascualm";>@apascualm in https://github-redirect.dependabot.com/actions/cache/pull/1026";>actions/cache#1026 docs: fix an invalid link in workarounds.md by https://github.com/teatimeguest";>@teatimeguest in https://github-redirect.dependabot.com/actions/cache/pull/929";>actions/cache#929 General Availability release for granular cache by https://github.com/kotewar";>@kotewar in https://github-redirect.dependabot.com/actions/cache/pull/1035";>actions/cache#1035 More details here on https://github.com/actions/cache/discussions/1020";>beta release. New Contributors https://github.com/walterddr";>@walterddr made their first contribution in https://github-redirect.dependabot.com/actions/cache/pull/959";>actions/cache#959 https://github.com/asaf400";>@asaf400 made their first contribution in https://github-redirect.dependabot.com/actions/cache/pull/979";>actions/cache#979 https://github.com/jongwooo";>@jongwooo made their first contribution in https://github-redirect.dependabot.com/actions/cache/pull/1013";>actions/cache#1013 https://github.com/apascualm";>@apascualm made their first contribution in https://github-redirect.dependabot.com/actions/cache/pull/1026";>actions/cache#1026 https://github.com/teatimeguest";>@teatimeguest made their first contribution in https://github-redirect.dependabot.com/actions/cache/pull/929";>actions/cache#929 Full Changelog: https://github.com/actions/cache/compare/v3...v3.2.0";>https://github.com/actions/cache/compare/v3...v3.2.0 v3.2.0-beta.1 What's Changed Actions Cache Granular Control Implementation by https://github.com/kot
[GitHub] [commons-net] dependabot[bot] opened a new pull request, #133: Bump ossf/scorecard-action from 2.1.0 to 2.1.2
dependabot[bot] opened a new pull request, #133: URL: https://github.com/apache/commons-net/pull/133 Bumps [ossf/scorecard-action](https://github.com/ossf/scorecard-action) from 2.1.0 to 2.1.2. Release notes Sourced from https://github.com/ossf/scorecard-action/releases";>ossf/scorecard-action's releases. v2.1.2 What's Changed Fixes 🌱 Bump scorecard dependency to v4.10.2 to remove a CODEOWNERS printf statement. by https://github.com/spencerschrock";>@spencerschrock in https://github-redirect.dependabot.com/ossf/scorecard-action/pull/1054";>ossf/scorecard-action#1054 Full Changelog: https://github.com/ossf/scorecard-action/compare/v2.1.1...v2.1.2";>https://github.com/ossf/scorecard-action/compare/v2.1.1...v2.1.2 v2.1.1 Scorecard version This release use https://github.com/ossf/scorecard/releases/tag/v4.10.1";>Scorecard's v4.10.1 Full Changelog: https://github.com/ossf/scorecard-action/compare/v2.1.0...v2.1.1";>https://github.com/ossf/scorecard-action/compare/v2.1.0...v2.1.1 Commits https://github.com/ossf/scorecard-action/commit/e38b1902ae4f44df626f11ba0734b14fb91f8f86";>e38b190 Bump docker tag for release. (https://github-redirect.dependabot.com/ossf/scorecard-action/issues/1055";>#1055) https://github.com/ossf/scorecard-action/commit/7da02bf0d58396bc404a7e5aef3e9b0c24dcb9bc";>7da02bf Bump scorecard to v4.10.2 to remove a CODEOWNERS printf statement. (https://github-redirect.dependabot.com/ossf/scorecard-action/issues/1054";>#1054) https://github.com/ossf/scorecard-action/commit/013c0f8bd2b3c3003f636c6766a361e000c32d25";>013c0f8 :seedling: Bump actions/dependency-review-action from 3.0.1 to 3.0.2 https://github.com/ossf/scorecard-action/commit/f93c094f4acf097f91d5753d637606bc11fdd8f6";>f93c094 :seedling: Bump github/codeql-action from 2.1.36 to 2.1.37 https://github.com/ossf/scorecard-action/commit/ce8978e058ff447b9df113f0f576b977fc627d6d";>ce8978e :seedling: Bump actions/upload-artifact from 3.1.0 to 3.1.1 https://github.com/ossf/scorecard-action/commit/5ce49db1aa7b24de0c4143035a64115e9c674b14";>5ce49db :seedling: Bump actions/setup-go from 3.4.0 to 3.5.0 https://github.com/ossf/scorecard-action/commit/15c10fcf1cf912bd22260bfec67569a359ab87da";>15c10fc Update tag to v2.1.1 (https://github-redirect.dependabot.com/ossf/scorecard-action/issues/1047";>#1047) https://github.com/ossf/scorecard-action/commit/f96da1a128903623ca8553562d0a85aa8b11d5af";>f96da1a :seedling: Update scorecard for the panic (https://github-redirect.dependabot.com/ossf/scorecard-action/issues/1045";>#1045) https://github.com/ossf/scorecard-action/commit/813a8251528830defc8d1d9e3b20ba7640225d7d";>813a825 Complete the list of required actions (https://github-redirect.dependabot.com/ossf/scorecard-action/issues/1044";>#1044) https://github.com/ossf/scorecard-action/commit/be62ea89c1d5c6cb8560cb24a4da589926d74068";>be62ea8 Update RELEASE.md (https://github-redirect.dependabot.com/ossf/scorecard-action/issues/1042";>#1042) Additional commits viewable in https://github.com/ossf/scorecard-action/compare/937ffa90d79c7d720498178154ad4c7ba1e4ad8c...e38b1902ae4f44df626f11ba0734b14fb91f8f86";>compare view [![Dependabot compatibility score](https://dependabot-badges.githubapp.com/badges/compatibility_score?dependency-name=ossf/scorecard-action&package-manager=github_actions&previous-version=2.1.0&new-version=2.1.2)](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores) Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting `@dependabot rebase`. [//]: # (dependabot-automerge-start) [//]: # (dependabot-automerge-end) --- Dependabot commands and options You can trigger Dependabot actions by commenting on this PR: - `@dependabot rebase` will rebase this PR - `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it - `@dependabot merge` will merge this PR after your CI passes on it - `@dependabot squash and merge` will squash and merge this PR after your CI passes on it - `@dependabot cancel merge` will cancel a previously requested merge and block automerging - `@dependabot reopen` will reopen this PR if it is closed - `@dependabot close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually - `@dependabot ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this dependency`
[GitHub] [commons-io] kinow merged pull request #416: Bump actions/cache from 3.0.11 to 3.2.0
kinow merged PR #416: URL: https://github.com/apache/commons-io/pull/416 -- This is an automated message from the Apache Git Service. To respond to the message, please log on to GitHub and use the URL above to go to the specific comment. To unsubscribe, e-mail: issues-unsubscr...@commons.apache.org For queries about this service, please contact Infrastructure at: us...@infra.apache.org
[GitHub] [commons-io] dependabot[bot] opened a new pull request, #417: Bump ossf/scorecard-action from 2.1.0 to 2.1.2
dependabot[bot] opened a new pull request, #417: URL: https://github.com/apache/commons-io/pull/417 Bumps [ossf/scorecard-action](https://github.com/ossf/scorecard-action) from 2.1.0 to 2.1.2. Release notes Sourced from https://github.com/ossf/scorecard-action/releases";>ossf/scorecard-action's releases. v2.1.2 What's Changed Fixes 🌱 Bump scorecard dependency to v4.10.2 to remove a CODEOWNERS printf statement. by https://github.com/spencerschrock";>@spencerschrock in https://github-redirect.dependabot.com/ossf/scorecard-action/pull/1054";>ossf/scorecard-action#1054 Full Changelog: https://github.com/ossf/scorecard-action/compare/v2.1.1...v2.1.2";>https://github.com/ossf/scorecard-action/compare/v2.1.1...v2.1.2 v2.1.1 Scorecard version This release use https://github.com/ossf/scorecard/releases/tag/v4.10.1";>Scorecard's v4.10.1 Full Changelog: https://github.com/ossf/scorecard-action/compare/v2.1.0...v2.1.1";>https://github.com/ossf/scorecard-action/compare/v2.1.0...v2.1.1 Commits https://github.com/ossf/scorecard-action/commit/e38b1902ae4f44df626f11ba0734b14fb91f8f86";>e38b190 Bump docker tag for release. (https://github-redirect.dependabot.com/ossf/scorecard-action/issues/1055";>#1055) https://github.com/ossf/scorecard-action/commit/7da02bf0d58396bc404a7e5aef3e9b0c24dcb9bc";>7da02bf Bump scorecard to v4.10.2 to remove a CODEOWNERS printf statement. (https://github-redirect.dependabot.com/ossf/scorecard-action/issues/1054";>#1054) https://github.com/ossf/scorecard-action/commit/013c0f8bd2b3c3003f636c6766a361e000c32d25";>013c0f8 :seedling: Bump actions/dependency-review-action from 3.0.1 to 3.0.2 https://github.com/ossf/scorecard-action/commit/f93c094f4acf097f91d5753d637606bc11fdd8f6";>f93c094 :seedling: Bump github/codeql-action from 2.1.36 to 2.1.37 https://github.com/ossf/scorecard-action/commit/ce8978e058ff447b9df113f0f576b977fc627d6d";>ce8978e :seedling: Bump actions/upload-artifact from 3.1.0 to 3.1.1 https://github.com/ossf/scorecard-action/commit/5ce49db1aa7b24de0c4143035a64115e9c674b14";>5ce49db :seedling: Bump actions/setup-go from 3.4.0 to 3.5.0 https://github.com/ossf/scorecard-action/commit/15c10fcf1cf912bd22260bfec67569a359ab87da";>15c10fc Update tag to v2.1.1 (https://github-redirect.dependabot.com/ossf/scorecard-action/issues/1047";>#1047) https://github.com/ossf/scorecard-action/commit/f96da1a128903623ca8553562d0a85aa8b11d5af";>f96da1a :seedling: Update scorecard for the panic (https://github-redirect.dependabot.com/ossf/scorecard-action/issues/1045";>#1045) https://github.com/ossf/scorecard-action/commit/813a8251528830defc8d1d9e3b20ba7640225d7d";>813a825 Complete the list of required actions (https://github-redirect.dependabot.com/ossf/scorecard-action/issues/1044";>#1044) https://github.com/ossf/scorecard-action/commit/be62ea89c1d5c6cb8560cb24a4da589926d74068";>be62ea8 Update RELEASE.md (https://github-redirect.dependabot.com/ossf/scorecard-action/issues/1042";>#1042) Additional commits viewable in https://github.com/ossf/scorecard-action/compare/937ffa90d79c7d720498178154ad4c7ba1e4ad8c...e38b1902ae4f44df626f11ba0734b14fb91f8f86";>compare view [![Dependabot compatibility score](https://dependabot-badges.githubapp.com/badges/compatibility_score?dependency-name=ossf/scorecard-action&package-manager=github_actions&previous-version=2.1.0&new-version=2.1.2)](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores) Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting `@dependabot rebase`. [//]: # (dependabot-automerge-start) [//]: # (dependabot-automerge-end) --- Dependabot commands and options You can trigger Dependabot actions by commenting on this PR: - `@dependabot rebase` will rebase this PR - `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it - `@dependabot merge` will merge this PR after your CI passes on it - `@dependabot squash and merge` will squash and merge this PR after your CI passes on it - `@dependabot cancel merge` will cancel a previously requested merge and block automerging - `@dependabot reopen` will reopen this PR if it is closed - `@dependabot close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually - `@dependabot ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this dependency`
[GitHub] [commons-io] dependabot[bot] opened a new pull request, #416: Bump actions/cache from 3.0.11 to 3.2.0
dependabot[bot] opened a new pull request, #416: URL: https://github.com/apache/commons-io/pull/416 Bumps [actions/cache](https://github.com/actions/cache) from 3.0.11 to 3.2.0. Release notes Sourced from https://github.com/actions/cache/releases";>actions/cache's releases. v3.2.0 What's Changed fix wrong timeout env var key in README.md by https://github.com/walterddr";>@walterddr in https://github-redirect.dependabot.com/actions/cache/pull/959";>actions/cache#959 Updated release doc with correct env variable by https://github.com/kotewar";>@kotewar in https://github-redirect.dependabot.com/actions/cache/pull/960";>actions/cache#960 Create pull_request_template.md by https://github.com/pdotl";>@pdotl in https://github-redirect.dependabot.com/actions/cache/pull/963";>actions/cache#963 Update README with clearer info about cache-hit and its value by https://github.com/kotewar";>@kotewar in https://github-redirect.dependabot.com/actions/cache/pull/961";>actions/cache#961 Change datadog/squid to Ubuntu/squid in CI check by https://github.com/bishal-pdMSFT";>@bishal-pdMSFT in https://github-redirect.dependabot.com/actions/cache/pull/976";>actions/cache#976 Add more details to version section in readme by https://github.com/bishal-pdMSFT";>@bishal-pdMSFT in https://github-redirect.dependabot.com/actions/cache/pull/971";>actions/cache#971 Update hashFiles documentation reference by https://github.com/asaf400";>@asaf400 in https://github-redirect.dependabot.com/actions/cache/pull/979";>actions/cache#979 Updated link for cache segment download info by https://github.com/kotewar";>@kotewar in https://github-redirect.dependabot.com/actions/cache/pull/986";>actions/cache#986 Readme update for deleting caches by https://github.com/t-dedah";>@t-dedah in https://github-redirect.dependabot.com/actions/cache/pull/981";>actions/cache#981 Add oncall logic to assign issues and PRs by https://github.com/vsvipul";>@vsvipul in https://github-redirect.dependabot.com/actions/cache/pull/997";>actions/cache#997 Bump minimatch from 3.0.4 to 3.1.2 by https://github.com/dependabot";>@dependabot in https://github-redirect.dependabot.com/actions/cache/pull/998";>actions/cache#998 Revert "Bump minimatch from 3.0.4 to 3.1.2" by https://github.com/vsvipul";>@vsvipul in https://github-redirect.dependabot.com/actions/cache/pull/1005";>actions/cache#1005 Fix npm vulnerability by https://github.com/Phantsure";>@Phantsure in https://github-redirect.dependabot.com/actions/cache/pull/1007";>actions/cache#1007 refactor: Use early return pattern to avoid nested conditions by https://github.com/jongwooo";>@jongwooo in https://github-redirect.dependabot.com/actions/cache/pull/1013";>actions/cache#1013 Use cache in check-dist.yml by https://github.com/jongwooo";>@jongwooo in https://github-redirect.dependabot.com/actions/cache/pull/1004";>actions/cache#1004 chore: Use built-in cache action to cache dependencies by https://github.com/jongwooo";>@jongwooo in https://github-redirect.dependabot.com/actions/cache/pull/1014";>actions/cache#1014 Updated node example by https://github.com/t-dedah";>@t-dedah in https://github-redirect.dependabot.com/actions/cache/pull/1008";>actions/cache#1008 Fix: Node npm doc example by https://github.com/apascualm";>@apascualm in https://github-redirect.dependabot.com/actions/cache/pull/1026";>actions/cache#1026 docs: fix an invalid link in workarounds.md by https://github.com/teatimeguest";>@teatimeguest in https://github-redirect.dependabot.com/actions/cache/pull/929";>actions/cache#929 General Availability release for granular cache by https://github.com/kotewar";>@kotewar in https://github-redirect.dependabot.com/actions/cache/pull/1035";>actions/cache#1035 More details here on https://github.com/actions/cache/discussions/1020";>beta release. New Contributors https://github.com/walterddr";>@walterddr made their first contribution in https://github-redirect.dependabot.com/actions/cache/pull/959";>actions/cache#959 https://github.com/asaf400";>@asaf400 made their first contribution in https://github-redirect.dependabot.com/actions/cache/pull/979";>actions/cache#979 https://github.com/jongwooo";>@jongwooo made their first contribution in https://github-redirect.dependabot.com/actions/cache/pull/1013";>actions/cache#1013 https://github.com/apascualm";>@apascualm made their first contribution in https://github-redirect.dependabot.com/actions/cache/pull/1026";>actions/cache#1026 https://github.com/teatimeguest";>@teatimeguest made their first contribution in https://github-redirect.dependabot.com/actions/cache/pull/929";>actions/cache#929 Full Changelog: https://github.com/actions/cache/compare/v3...v3.2.0";>https://github.com/actions/cache/compare/v3...v3.2.0 v3.2.0-beta.1 What's Changed Actions Cache Granular Control Implementation by https://github.com/kote
[jira] [Work logged] (POOL-393) BaseGenericObjectPool.jmxRegister may cost too much time
[ https://issues.apache.org/jira/browse/POOL-393?focusedWorklogId=835415&page=com.atlassian.jira.plugin.system.issuetabpanels:worklog-tabpanel#worklog-835415 ] ASF GitHub Bot logged work on POOL-393: --- Author: ASF GitHub Bot Created on: 22/Dec/22 23:45 Start Date: 22/Dec/22 23:45 Worklog Time Spent: 10m Work Description: codecov-commenter commented on PR #199: URL: https://github.com/apache/commons-pool/pull/199#issuecomment-1363443034 # [Codecov](https://codecov.io/gh/apache/commons-pool/pull/199?src=pr&el=h1&utm_medium=referral&utm_source=github&utm_content=comment&utm_campaign=pr+comments&utm_term=The+Apache+Software+Foundation) Report > Merging [#199](https://codecov.io/gh/apache/commons-pool/pull/199?src=pr&el=desc&utm_medium=referral&utm_source=github&utm_content=comment&utm_campaign=pr+comments&utm_term=The+Apache+Software+Foundation) (3026c61) into [master](https://codecov.io/gh/apache/commons-pool/commit/eb2cf8eb2b7984e7300cb6875ad3882508ff56f3?el=desc&utm_medium=referral&utm_source=github&utm_content=comment&utm_campaign=pr+comments&utm_term=The+Apache+Software+Foundation) (eb2cf8e) will **increase** coverage by `0.10%`. > The diff coverage is `100.00%`. ```diff @@ Coverage Diff @@ ## master #199 +/- ## + Coverage 81.83% 81.94% +0.10% - Complexity 760 763 +3 Files42 42 Lines 3066 3068 +2 Branches308 309 +1 + Hits 2509 2514 +5 + Misses 450 449 -1 + Partials107 105 -2 ``` | [Impacted Files](https://codecov.io/gh/apache/commons-pool/pull/199?src=pr&el=tree&utm_medium=referral&utm_source=github&utm_content=comment&utm_campaign=pr+comments&utm_term=The+Apache+Software+Foundation) | Coverage Δ | | |---|---|---| | [...ache/commons/pool2/impl/BaseGenericObjectPool.java](https://codecov.io/gh/apache/commons-pool/pull/199/diff?src=pr&el=tree&utm_medium=referral&utm_source=github&utm_content=comment&utm_campaign=pr+comments&utm_term=The+Apache+Software+Foundation#diff-c3JjL21haW4vamF2YS9vcmcvYXBhY2hlL2NvbW1vbnMvcG9vbDIvaW1wbC9CYXNlR2VuZXJpY09iamVjdFBvb2wuamF2YQ==) | `88.36% <100.00%> (-0.43%)` | :arrow_down: | | [...g/apache/commons/pool2/impl/GenericObjectPool.java](https://codecov.io/gh/apache/commons-pool/pull/199/diff?src=pr&el=tree&utm_medium=referral&utm_source=github&utm_content=comment&utm_campaign=pr+comments&utm_term=The+Apache+Software+Foundation#diff-c3JjL21haW4vamF2YS9vcmcvYXBhY2hlL2NvbW1vbnMvcG9vbDIvaW1wbC9HZW5lcmljT2JqZWN0UG9vbC5qYXZh) | `85.41% <0.00%> (+1.30%)` | :arrow_up: | :mega: We’re building smart automated test selection to slash your CI/CD build times. [Learn more](https://about.codecov.io/iterative-testing/?utm_medium=referral&utm_source=github&utm_content=comment&utm_campaign=pr+comments&utm_term=The+Apache+Software+Foundation) Issue Time Tracking --- Worklog Id: (was: 835415) Time Spent: 1h 20m (was: 1h 10m) > BaseGenericObjectPool.jmxRegister may cost too much time > > > Key: POOL-393 > URL: https://issues.apache.org/jira/browse/POOL-393 > Project: Commons Pool > Issue Type: Improvement >Affects Versions: 2.4.2 >Reporter: Shichao Yuan >Priority: Major > Time Spent: 1h 20m > Remaining Estimate: 0h > > > When creating many pools, I find that it tasks too much time to register jmx. > In the code, the ObjectName's postfix always starts with 1, so many > InstanceAlreadyExistsExceptions may be thrown before registered successfully. > Maybe a random number is a better choice, or a atomic long. > {quote}private ObjectName jmxRegister(BaseObjectPoolConfig config, > String jmxNameBase, String jmxNamePrefix) { > ObjectName objectName = null; > MBeanServer mbs = ManagementFactory.getPlatformMBeanServer(); > int i = 1; > boolean registered = false; > String base = config.getJmxNameBase(); > if (base == null) > Unknown macro: \{ base = jmxNameBase; } > while (!registered) { > try { > ObjectName objName; > // Skip the numeric suffix for the first pool in case there is > // only one so the names are cleaner. > if (i == 1) > Unknown macro: \{ objName = new ObjectName(base + jmxNamePrefix); } > else > Unknown macro: \{ objName = new ObjectName(base + jmxNamePrefix + i); } > mbs.registerMBean(this, objName); > objectName = objName; > registered = true; > } catch (MalformedObjectNameException e) { > if (BaseObjectPoolConfig.DEFAU
[GitHub] [commons-pool] codecov-commenter commented on pull request #199: [POOL-393] Improve BaseGenericObjectPool's JMX Register performance
codecov-commenter commented on PR #199: URL: https://github.com/apache/commons-pool/pull/199#issuecomment-1363443034 # [Codecov](https://codecov.io/gh/apache/commons-pool/pull/199?src=pr&el=h1&utm_medium=referral&utm_source=github&utm_content=comment&utm_campaign=pr+comments&utm_term=The+Apache+Software+Foundation) Report > Merging [#199](https://codecov.io/gh/apache/commons-pool/pull/199?src=pr&el=desc&utm_medium=referral&utm_source=github&utm_content=comment&utm_campaign=pr+comments&utm_term=The+Apache+Software+Foundation) (3026c61) into [master](https://codecov.io/gh/apache/commons-pool/commit/eb2cf8eb2b7984e7300cb6875ad3882508ff56f3?el=desc&utm_medium=referral&utm_source=github&utm_content=comment&utm_campaign=pr+comments&utm_term=The+Apache+Software+Foundation) (eb2cf8e) will **increase** coverage by `0.10%`. > The diff coverage is `100.00%`. ```diff @@ Coverage Diff @@ ## master #199 +/- ## + Coverage 81.83% 81.94% +0.10% - Complexity 760 763 +3 Files42 42 Lines 3066 3068 +2 Branches308 309 +1 + Hits 2509 2514 +5 + Misses 450 449 -1 + Partials107 105 -2 ``` | [Impacted Files](https://codecov.io/gh/apache/commons-pool/pull/199?src=pr&el=tree&utm_medium=referral&utm_source=github&utm_content=comment&utm_campaign=pr+comments&utm_term=The+Apache+Software+Foundation) | Coverage Δ | | |---|---|---| | [...ache/commons/pool2/impl/BaseGenericObjectPool.java](https://codecov.io/gh/apache/commons-pool/pull/199/diff?src=pr&el=tree&utm_medium=referral&utm_source=github&utm_content=comment&utm_campaign=pr+comments&utm_term=The+Apache+Software+Foundation#diff-c3JjL21haW4vamF2YS9vcmcvYXBhY2hlL2NvbW1vbnMvcG9vbDIvaW1wbC9CYXNlR2VuZXJpY09iamVjdFBvb2wuamF2YQ==) | `88.36% <100.00%> (-0.43%)` | :arrow_down: | | [...g/apache/commons/pool2/impl/GenericObjectPool.java](https://codecov.io/gh/apache/commons-pool/pull/199/diff?src=pr&el=tree&utm_medium=referral&utm_source=github&utm_content=comment&utm_campaign=pr+comments&utm_term=The+Apache+Software+Foundation#diff-c3JjL21haW4vamF2YS9vcmcvYXBhY2hlL2NvbW1vbnMvcG9vbDIvaW1wbC9HZW5lcmljT2JqZWN0UG9vbC5qYXZh) | `85.41% <0.00%> (+1.30%)` | :arrow_up: | :mega: We’re building smart automated test selection to slash your CI/CD build times. [Learn more](https://about.codecov.io/iterative-testing/?utm_medium=referral&utm_source=github&utm_content=comment&utm_campaign=pr+comments&utm_term=The+Apache+Software+Foundation) -- This is an automated message from the Apache Git Service. To respond to the message, please log on to GitHub and use the URL above to go to the specific comment. To unsubscribe, e-mail: issues-unsubscr...@commons.apache.org For queries about this service, please contact Infrastructure at: us...@infra.apache.org
[jira] [Commented] (POOL-393) BaseGenericObjectPool.jmxRegister may cost too much time
[ https://issues.apache.org/jira/browse/POOL-393?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=17651437#comment-17651437 ] Niall Pemberton commented on POOL-393: -- I created the following PR: * [https://github.com/apache/commons-pool/pull/199] It adds a check to MBeanServer's _*isRegistered(ObjectName)*_ method and from running Phil's test this improves performance 10x even though there are alot of calls to JMX for a large number of pools. > BaseGenericObjectPool.jmxRegister may cost too much time > > > Key: POOL-393 > URL: https://issues.apache.org/jira/browse/POOL-393 > Project: Commons Pool > Issue Type: Improvement >Affects Versions: 2.4.2 >Reporter: Shichao Yuan >Priority: Major > Time Spent: 1h 10m > Remaining Estimate: 0h > > > When creating many pools, I find that it tasks too much time to register jmx. > In the code, the ObjectName's postfix always starts with 1, so many > InstanceAlreadyExistsExceptions may be thrown before registered successfully. > Maybe a random number is a better choice, or a atomic long. > {quote}private ObjectName jmxRegister(BaseObjectPoolConfig config, > String jmxNameBase, String jmxNamePrefix) { > ObjectName objectName = null; > MBeanServer mbs = ManagementFactory.getPlatformMBeanServer(); > int i = 1; > boolean registered = false; > String base = config.getJmxNameBase(); > if (base == null) > Unknown macro: \{ base = jmxNameBase; } > while (!registered) { > try { > ObjectName objName; > // Skip the numeric suffix for the first pool in case there is > // only one so the names are cleaner. > if (i == 1) > Unknown macro: \{ objName = new ObjectName(base + jmxNamePrefix); } > else > Unknown macro: \{ objName = new ObjectName(base + jmxNamePrefix + i); } > mbs.registerMBean(this, objName); > objectName = objName; > registered = true; > } catch (MalformedObjectNameException e) { > if (BaseObjectPoolConfig.DEFAULT_JMX_NAME_PREFIX.equals( > jmxNamePrefix) && jmxNameBase.equals(base)) > Unknown macro: \{ // Shouldn't happen. Skip registration if it does. > registered = true; } > else > Unknown macro: \{ // Must be an invalid name. Use the defaults instead. > jmxNamePrefix = BaseObjectPoolConfig.DEFAULT_JMX_NAME_PREFIX; base = > jmxNameBase; } > } catch (InstanceAlreadyExistsException e) > Unknown macro: \{ // Increment the index and try again i++; } > catch (MBeanRegistrationException e) > Unknown macro: \{ // Shouldn't happen. Skip registration if it does. > registered = true; } > catch (NotCompliantMBeanException e) > } > return objectName; > } > {quote} -- This message was sent by Atlassian Jira (v8.20.10#820010)
[jira] [Resolved] (MATH-1652) comments about the formula of binomialCoefficient wrong
[ https://issues.apache.org/jira/browse/MATH-1652?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ] Gilles Sadowski resolved MATH-1652. --- Resolution: Invalid No feedback: Closing. > comments about the formula of binomialCoefficient wrong > --- > > Key: MATH-1652 > URL: https://issues.apache.org/jira/browse/MATH-1652 > Project: Commons Math > Issue Type: Improvement >Reporter: nimo mayr >Priority: Minor > > The class > {code:java} > org.apache.commons.math3.util.CombinatoricsUtils{code} > within the method > {code:java} > public static long binomialCoefficient(final int n, final int k){code} > contains the following comments: > {code:java} > // We use the formula > // (n choose k) = n! / (n-k)! / k! > // (n choose k) == ((n-k+1)...*n) / (1...*k) > // which could be written > // (n choose k) == (n-1 choose k-1) * n / k > {code} > I think, the second line > {code:java} > (n choose k) = n! / (n-k)! / k!{code} > must be written to > {code:java} > (n choose k) = n! / (n-k)! * k!{code} -- This message was sent by Atlassian Jira (v8.20.10#820010)
[jira] [Work logged] (POOL-393) BaseGenericObjectPool.jmxRegister may cost too much time
[ https://issues.apache.org/jira/browse/POOL-393?focusedWorklogId=835413&page=com.atlassian.jira.plugin.system.issuetabpanels:worklog-tabpanel#worklog-835413 ] ASF GitHub Bot logged work on POOL-393: --- Author: ASF GitHub Bot Created on: 22/Dec/22 23:16 Start Date: 22/Dec/22 23:16 Worklog Time Spent: 10m Work Description: niallkp opened a new pull request, #199: URL: https://github.com/apache/commons-pool/pull/199 The algorithm for generating the JMX name for newly created pools can be very slow if the number of pools is large. This PR makes a 10x improvement without changing the naming sequence. I tried a couple of approaches - first retrieving all the registered pool names using the MBeanServer's **_queryNames(ObjectName, QueryExp)_** method and and then using MBeanServer's **_isRegistered(ObjectName)_** method. The later involved many more JMX calls but was slightly faster and simpler code - so this PR uses that approach. This PR seems to provide the performance improvement without changing behavior - which Phil didn't like in https://github.com/apache/commons-pool/pull/115 Issue Time Tracking --- Worklog Id: (was: 835413) Time Spent: 1h 10m (was: 1h) > BaseGenericObjectPool.jmxRegister may cost too much time > > > Key: POOL-393 > URL: https://issues.apache.org/jira/browse/POOL-393 > Project: Commons Pool > Issue Type: Improvement >Affects Versions: 2.4.2 >Reporter: Shichao Yuan >Priority: Major > Time Spent: 1h 10m > Remaining Estimate: 0h > > > When creating many pools, I find that it tasks too much time to register jmx. > In the code, the ObjectName's postfix always starts with 1, so many > InstanceAlreadyExistsExceptions may be thrown before registered successfully. > Maybe a random number is a better choice, or a atomic long. > {quote}private ObjectName jmxRegister(BaseObjectPoolConfig config, > String jmxNameBase, String jmxNamePrefix) { > ObjectName objectName = null; > MBeanServer mbs = ManagementFactory.getPlatformMBeanServer(); > int i = 1; > boolean registered = false; > String base = config.getJmxNameBase(); > if (base == null) > Unknown macro: \{ base = jmxNameBase; } > while (!registered) { > try { > ObjectName objName; > // Skip the numeric suffix for the first pool in case there is > // only one so the names are cleaner. > if (i == 1) > Unknown macro: \{ objName = new ObjectName(base + jmxNamePrefix); } > else > Unknown macro: \{ objName = new ObjectName(base + jmxNamePrefix + i); } > mbs.registerMBean(this, objName); > objectName = objName; > registered = true; > } catch (MalformedObjectNameException e) { > if (BaseObjectPoolConfig.DEFAULT_JMX_NAME_PREFIX.equals( > jmxNamePrefix) && jmxNameBase.equals(base)) > Unknown macro: \{ // Shouldn't happen. Skip registration if it does. > registered = true; } > else > Unknown macro: \{ // Must be an invalid name. Use the defaults instead. > jmxNamePrefix = BaseObjectPoolConfig.DEFAULT_JMX_NAME_PREFIX; base = > jmxNameBase; } > } catch (InstanceAlreadyExistsException e) > Unknown macro: \{ // Increment the index and try again i++; } > catch (MBeanRegistrationException e) > Unknown macro: \{ // Shouldn't happen. Skip registration if it does. > registered = true; } > catch (NotCompliantMBeanException e) > } > return objectName; > } > {quote} -- This message was sent by Atlassian Jira (v8.20.10#820010)
[GitHub] [commons-pool] niallkp opened a new pull request, #199: [POOL-393] Improve BaseGenericObjectPool's JMX Register performance
niallkp opened a new pull request, #199: URL: https://github.com/apache/commons-pool/pull/199 The algorithm for generating the JMX name for newly created pools can be very slow if the number of pools is large. This PR makes a 10x improvement without changing the naming sequence. I tried a couple of approaches - first retrieving all the registered pool names using the MBeanServer's **_queryNames(ObjectName, QueryExp)_** method and and then using MBeanServer's **_isRegistered(ObjectName)_** method. The later involved many more JMX calls but was slightly faster and simpler code - so this PR uses that approach. This PR seems to provide the performance improvement without changing behavior - which Phil didn't like in https://github.com/apache/commons-pool/pull/115 -- This is an automated message from the Apache Git Service. To respond to the message, please log on to GitHub and use the URL above to go to the specific comment. To unsubscribe, e-mail: issues-unsubscr...@commons.apache.org For queries about this service, please contact Infrastructure at: us...@infra.apache.org
[GitHub] [commons-email] garydgregory merged pull request #124: Bump ossf/scorecard-action from 2.1.1 to 2.1.2
garydgregory merged PR #124: URL: https://github.com/apache/commons-email/pull/124 -- This is an automated message from the Apache Git Service. To respond to the message, please log on to GitHub and use the URL above to go to the specific comment. To unsubscribe, e-mail: issues-unsubscr...@commons.apache.org For queries about this service, please contact Infrastructure at: us...@infra.apache.org
[GitHub] [commons-ognl] garydgregory merged pull request #100: Bump ossf/scorecard-action from 2.1.1 to 2.1.2
garydgregory merged PR #100: URL: https://github.com/apache/commons-ognl/pull/100 -- This is an automated message from the Apache Git Service. To respond to the message, please log on to GitHub and use the URL above to go to the specific comment. To unsubscribe, e-mail: issues-unsubscr...@commons.apache.org For queries about this service, please contact Infrastructure at: us...@infra.apache.org
[GitHub] [commons-fileupload] garydgregory merged pull request #191: Bump ossf/scorecard-action from 2.1.1 to 2.1.2
garydgregory merged PR #191: URL: https://github.com/apache/commons-fileupload/pull/191 -- This is an automated message from the Apache Git Service. To respond to the message, please log on to GitHub and use the URL above to go to the specific comment. To unsubscribe, e-mail: issues-unsubscr...@commons.apache.org For queries about this service, please contact Infrastructure at: us...@infra.apache.org
[GitHub] [commons-imaging] garydgregory merged pull request #259: Bump ossf/scorecard-action from 2.1.1 to 2.1.2
garydgregory merged PR #259: URL: https://github.com/apache/commons-imaging/pull/259 -- This is an automated message from the Apache Git Service. To respond to the message, please log on to GitHub and use the URL above to go to the specific comment. To unsubscribe, e-mail: issues-unsubscr...@commons.apache.org For queries about this service, please contact Infrastructure at: us...@infra.apache.org
[GitHub] [commons-exec] garydgregory merged pull request #85: Bump ossf/scorecard-action from 2.1.1 to 2.1.2
garydgregory merged PR #85: URL: https://github.com/apache/commons-exec/pull/85 -- This is an automated message from the Apache Git Service. To respond to the message, please log on to GitHub and use the URL above to go to the specific comment. To unsubscribe, e-mail: issues-unsubscr...@commons.apache.org For queries about this service, please contact Infrastructure at: us...@infra.apache.org
[GitHub] [commons-email] dependabot[bot] opened a new pull request, #124: Bump ossf/scorecard-action from 2.1.1 to 2.1.2
dependabot[bot] opened a new pull request, #124: URL: https://github.com/apache/commons-email/pull/124 Bumps [ossf/scorecard-action](https://github.com/ossf/scorecard-action) from 2.1.1 to 2.1.2. Release notes Sourced from https://github.com/ossf/scorecard-action/releases";>ossf/scorecard-action's releases. v2.1.2 What's Changed Fixes 🌱 Bump scorecard dependency to v4.10.2 to remove a CODEOWNERS printf statement. by https://github.com/spencerschrock";>@spencerschrock in https://github-redirect.dependabot.com/ossf/scorecard-action/pull/1054";>ossf/scorecard-action#1054 Full Changelog: https://github.com/ossf/scorecard-action/compare/v2.1.1...v2.1.2";>https://github.com/ossf/scorecard-action/compare/v2.1.1...v2.1.2 Commits https://github.com/ossf/scorecard-action/commit/e38b1902ae4f44df626f11ba0734b14fb91f8f86";>e38b190 Bump docker tag for release. (https://github-redirect.dependabot.com/ossf/scorecard-action/issues/1055";>#1055) https://github.com/ossf/scorecard-action/commit/7da02bf0d58396bc404a7e5aef3e9b0c24dcb9bc";>7da02bf Bump scorecard to v4.10.2 to remove a CODEOWNERS printf statement. (https://github-redirect.dependabot.com/ossf/scorecard-action/issues/1054";>#1054) https://github.com/ossf/scorecard-action/commit/013c0f8bd2b3c3003f636c6766a361e000c32d25";>013c0f8 :seedling: Bump actions/dependency-review-action from 3.0.1 to 3.0.2 https://github.com/ossf/scorecard-action/commit/f93c094f4acf097f91d5753d637606bc11fdd8f6";>f93c094 :seedling: Bump github/codeql-action from 2.1.36 to 2.1.37 https://github.com/ossf/scorecard-action/commit/ce8978e058ff447b9df113f0f576b977fc627d6d";>ce8978e :seedling: Bump actions/upload-artifact from 3.1.0 to 3.1.1 https://github.com/ossf/scorecard-action/commit/5ce49db1aa7b24de0c4143035a64115e9c674b14";>5ce49db :seedling: Bump actions/setup-go from 3.4.0 to 3.5.0 See full diff in https://github.com/ossf/scorecard-action/compare/15c10fcf1cf912bd22260bfec67569a359ab87da...e38b1902ae4f44df626f11ba0734b14fb91f8f86";>compare view [![Dependabot compatibility score](https://dependabot-badges.githubapp.com/badges/compatibility_score?dependency-name=ossf/scorecard-action&package-manager=github_actions&previous-version=2.1.1&new-version=2.1.2)](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores) Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting `@dependabot rebase`. [//]: # (dependabot-automerge-start) [//]: # (dependabot-automerge-end) --- Dependabot commands and options You can trigger Dependabot actions by commenting on this PR: - `@dependabot rebase` will rebase this PR - `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it - `@dependabot merge` will merge this PR after your CI passes on it - `@dependabot squash and merge` will squash and merge this PR after your CI passes on it - `@dependabot cancel merge` will cancel a previously requested merge and block automerging - `@dependabot reopen` will reopen this PR if it is closed - `@dependabot close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually - `@dependabot ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself) -- This is an automated message from the Apache Git Service. To respond to the message, please log on to GitHub and use the URL above to go to the specific comment. To unsubscribe, e-mail: issues-unsubscr...@commons.apache.org For queries about this service, please contact Infrastructure at: us...@infra.apache.org
[GitHub] [commons-ognl] dependabot[bot] opened a new pull request, #100: Bump ossf/scorecard-action from 2.1.1 to 2.1.2
dependabot[bot] opened a new pull request, #100: URL: https://github.com/apache/commons-ognl/pull/100 Bumps [ossf/scorecard-action](https://github.com/ossf/scorecard-action) from 2.1.1 to 2.1.2. Release notes Sourced from https://github.com/ossf/scorecard-action/releases";>ossf/scorecard-action's releases. v2.1.2 What's Changed Fixes 🌱 Bump scorecard dependency to v4.10.2 to remove a CODEOWNERS printf statement. by https://github.com/spencerschrock";>@spencerschrock in https://github-redirect.dependabot.com/ossf/scorecard-action/pull/1054";>ossf/scorecard-action#1054 Full Changelog: https://github.com/ossf/scorecard-action/compare/v2.1.1...v2.1.2";>https://github.com/ossf/scorecard-action/compare/v2.1.1...v2.1.2 Commits https://github.com/ossf/scorecard-action/commit/e38b1902ae4f44df626f11ba0734b14fb91f8f86";>e38b190 Bump docker tag for release. (https://github-redirect.dependabot.com/ossf/scorecard-action/issues/1055";>#1055) https://github.com/ossf/scorecard-action/commit/7da02bf0d58396bc404a7e5aef3e9b0c24dcb9bc";>7da02bf Bump scorecard to v4.10.2 to remove a CODEOWNERS printf statement. (https://github-redirect.dependabot.com/ossf/scorecard-action/issues/1054";>#1054) https://github.com/ossf/scorecard-action/commit/013c0f8bd2b3c3003f636c6766a361e000c32d25";>013c0f8 :seedling: Bump actions/dependency-review-action from 3.0.1 to 3.0.2 https://github.com/ossf/scorecard-action/commit/f93c094f4acf097f91d5753d637606bc11fdd8f6";>f93c094 :seedling: Bump github/codeql-action from 2.1.36 to 2.1.37 https://github.com/ossf/scorecard-action/commit/ce8978e058ff447b9df113f0f576b977fc627d6d";>ce8978e :seedling: Bump actions/upload-artifact from 3.1.0 to 3.1.1 https://github.com/ossf/scorecard-action/commit/5ce49db1aa7b24de0c4143035a64115e9c674b14";>5ce49db :seedling: Bump actions/setup-go from 3.4.0 to 3.5.0 See full diff in https://github.com/ossf/scorecard-action/compare/15c10fcf1cf912bd22260bfec67569a359ab87da...e38b1902ae4f44df626f11ba0734b14fb91f8f86";>compare view [![Dependabot compatibility score](https://dependabot-badges.githubapp.com/badges/compatibility_score?dependency-name=ossf/scorecard-action&package-manager=github_actions&previous-version=2.1.1&new-version=2.1.2)](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores) Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting `@dependabot rebase`. [//]: # (dependabot-automerge-start) [//]: # (dependabot-automerge-end) --- Dependabot commands and options You can trigger Dependabot actions by commenting on this PR: - `@dependabot rebase` will rebase this PR - `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it - `@dependabot merge` will merge this PR after your CI passes on it - `@dependabot squash and merge` will squash and merge this PR after your CI passes on it - `@dependabot cancel merge` will cancel a previously requested merge and block automerging - `@dependabot reopen` will reopen this PR if it is closed - `@dependabot close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually - `@dependabot ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself) -- This is an automated message from the Apache Git Service. To respond to the message, please log on to GitHub and use the URL above to go to the specific comment. To unsubscribe, e-mail: issues-unsubscr...@commons.apache.org For queries about this service, please contact Infrastructure at: us...@infra.apache.org
[GitHub] [commons-fileupload] dependabot[bot] opened a new pull request, #191: Bump ossf/scorecard-action from 2.1.1 to 2.1.2
dependabot[bot] opened a new pull request, #191: URL: https://github.com/apache/commons-fileupload/pull/191 Bumps [ossf/scorecard-action](https://github.com/ossf/scorecard-action) from 2.1.1 to 2.1.2. Release notes Sourced from https://github.com/ossf/scorecard-action/releases";>ossf/scorecard-action's releases. v2.1.2 What's Changed Fixes 🌱 Bump scorecard dependency to v4.10.2 to remove a CODEOWNERS printf statement. by https://github.com/spencerschrock";>@spencerschrock in https://github-redirect.dependabot.com/ossf/scorecard-action/pull/1054";>ossf/scorecard-action#1054 Full Changelog: https://github.com/ossf/scorecard-action/compare/v2.1.1...v2.1.2";>https://github.com/ossf/scorecard-action/compare/v2.1.1...v2.1.2 Commits https://github.com/ossf/scorecard-action/commit/e38b1902ae4f44df626f11ba0734b14fb91f8f86";>e38b190 Bump docker tag for release. (https://github-redirect.dependabot.com/ossf/scorecard-action/issues/1055";>#1055) https://github.com/ossf/scorecard-action/commit/7da02bf0d58396bc404a7e5aef3e9b0c24dcb9bc";>7da02bf Bump scorecard to v4.10.2 to remove a CODEOWNERS printf statement. (https://github-redirect.dependabot.com/ossf/scorecard-action/issues/1054";>#1054) https://github.com/ossf/scorecard-action/commit/013c0f8bd2b3c3003f636c6766a361e000c32d25";>013c0f8 :seedling: Bump actions/dependency-review-action from 3.0.1 to 3.0.2 https://github.com/ossf/scorecard-action/commit/f93c094f4acf097f91d5753d637606bc11fdd8f6";>f93c094 :seedling: Bump github/codeql-action from 2.1.36 to 2.1.37 https://github.com/ossf/scorecard-action/commit/ce8978e058ff447b9df113f0f576b977fc627d6d";>ce8978e :seedling: Bump actions/upload-artifact from 3.1.0 to 3.1.1 https://github.com/ossf/scorecard-action/commit/5ce49db1aa7b24de0c4143035a64115e9c674b14";>5ce49db :seedling: Bump actions/setup-go from 3.4.0 to 3.5.0 See full diff in https://github.com/ossf/scorecard-action/compare/15c10fcf1cf912bd22260bfec67569a359ab87da...e38b1902ae4f44df626f11ba0734b14fb91f8f86";>compare view [![Dependabot compatibility score](https://dependabot-badges.githubapp.com/badges/compatibility_score?dependency-name=ossf/scorecard-action&package-manager=github_actions&previous-version=2.1.1&new-version=2.1.2)](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores) Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting `@dependabot rebase`. [//]: # (dependabot-automerge-start) [//]: # (dependabot-automerge-end) --- Dependabot commands and options You can trigger Dependabot actions by commenting on this PR: - `@dependabot rebase` will rebase this PR - `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it - `@dependabot merge` will merge this PR after your CI passes on it - `@dependabot squash and merge` will squash and merge this PR after your CI passes on it - `@dependabot cancel merge` will cancel a previously requested merge and block automerging - `@dependabot reopen` will reopen this PR if it is closed - `@dependabot close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually - `@dependabot ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself) -- This is an automated message from the Apache Git Service. To respond to the message, please log on to GitHub and use the URL above to go to the specific comment. To unsubscribe, e-mail: issues-unsubscr...@commons.apache.org For queries about this service, please contact Infrastructure at: us...@infra.apache.org
[GitHub] [commons-imaging] dependabot[bot] opened a new pull request, #259: Bump ossf/scorecard-action from 2.1.1 to 2.1.2
dependabot[bot] opened a new pull request, #259: URL: https://github.com/apache/commons-imaging/pull/259 Bumps [ossf/scorecard-action](https://github.com/ossf/scorecard-action) from 2.1.1 to 2.1.2. Release notes Sourced from https://github.com/ossf/scorecard-action/releases";>ossf/scorecard-action's releases. v2.1.2 What's Changed Fixes 🌱 Bump scorecard dependency to v4.10.2 to remove a CODEOWNERS printf statement. by https://github.com/spencerschrock";>@spencerschrock in https://github-redirect.dependabot.com/ossf/scorecard-action/pull/1054";>ossf/scorecard-action#1054 Full Changelog: https://github.com/ossf/scorecard-action/compare/v2.1.1...v2.1.2";>https://github.com/ossf/scorecard-action/compare/v2.1.1...v2.1.2 Commits https://github.com/ossf/scorecard-action/commit/e38b1902ae4f44df626f11ba0734b14fb91f8f86";>e38b190 Bump docker tag for release. (https://github-redirect.dependabot.com/ossf/scorecard-action/issues/1055";>#1055) https://github.com/ossf/scorecard-action/commit/7da02bf0d58396bc404a7e5aef3e9b0c24dcb9bc";>7da02bf Bump scorecard to v4.10.2 to remove a CODEOWNERS printf statement. (https://github-redirect.dependabot.com/ossf/scorecard-action/issues/1054";>#1054) https://github.com/ossf/scorecard-action/commit/013c0f8bd2b3c3003f636c6766a361e000c32d25";>013c0f8 :seedling: Bump actions/dependency-review-action from 3.0.1 to 3.0.2 https://github.com/ossf/scorecard-action/commit/f93c094f4acf097f91d5753d637606bc11fdd8f6";>f93c094 :seedling: Bump github/codeql-action from 2.1.36 to 2.1.37 https://github.com/ossf/scorecard-action/commit/ce8978e058ff447b9df113f0f576b977fc627d6d";>ce8978e :seedling: Bump actions/upload-artifact from 3.1.0 to 3.1.1 https://github.com/ossf/scorecard-action/commit/5ce49db1aa7b24de0c4143035a64115e9c674b14";>5ce49db :seedling: Bump actions/setup-go from 3.4.0 to 3.5.0 See full diff in https://github.com/ossf/scorecard-action/compare/15c10fcf1cf912bd22260bfec67569a359ab87da...e38b1902ae4f44df626f11ba0734b14fb91f8f86";>compare view [![Dependabot compatibility score](https://dependabot-badges.githubapp.com/badges/compatibility_score?dependency-name=ossf/scorecard-action&package-manager=github_actions&previous-version=2.1.1&new-version=2.1.2)](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores) Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting `@dependabot rebase`. [//]: # (dependabot-automerge-start) [//]: # (dependabot-automerge-end) --- Dependabot commands and options You can trigger Dependabot actions by commenting on this PR: - `@dependabot rebase` will rebase this PR - `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it - `@dependabot merge` will merge this PR after your CI passes on it - `@dependabot squash and merge` will squash and merge this PR after your CI passes on it - `@dependabot cancel merge` will cancel a previously requested merge and block automerging - `@dependabot reopen` will reopen this PR if it is closed - `@dependabot close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually - `@dependabot ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself) -- This is an automated message from the Apache Git Service. To respond to the message, please log on to GitHub and use the URL above to go to the specific comment. To unsubscribe, e-mail: issues-unsubscr...@commons.apache.org For queries about this service, please contact Infrastructure at: us...@infra.apache.org
[GitHub] [commons-exec] dependabot[bot] opened a new pull request, #85: Bump ossf/scorecard-action from 2.1.1 to 2.1.2
dependabot[bot] opened a new pull request, #85: URL: https://github.com/apache/commons-exec/pull/85 Bumps [ossf/scorecard-action](https://github.com/ossf/scorecard-action) from 2.1.1 to 2.1.2. Release notes Sourced from https://github.com/ossf/scorecard-action/releases";>ossf/scorecard-action's releases. v2.1.2 What's Changed Fixes 🌱 Bump scorecard dependency to v4.10.2 to remove a CODEOWNERS printf statement. by https://github.com/spencerschrock";>@spencerschrock in https://github-redirect.dependabot.com/ossf/scorecard-action/pull/1054";>ossf/scorecard-action#1054 Full Changelog: https://github.com/ossf/scorecard-action/compare/v2.1.1...v2.1.2";>https://github.com/ossf/scorecard-action/compare/v2.1.1...v2.1.2 Commits https://github.com/ossf/scorecard-action/commit/e38b1902ae4f44df626f11ba0734b14fb91f8f86";>e38b190 Bump docker tag for release. (https://github-redirect.dependabot.com/ossf/scorecard-action/issues/1055";>#1055) https://github.com/ossf/scorecard-action/commit/7da02bf0d58396bc404a7e5aef3e9b0c24dcb9bc";>7da02bf Bump scorecard to v4.10.2 to remove a CODEOWNERS printf statement. (https://github-redirect.dependabot.com/ossf/scorecard-action/issues/1054";>#1054) https://github.com/ossf/scorecard-action/commit/013c0f8bd2b3c3003f636c6766a361e000c32d25";>013c0f8 :seedling: Bump actions/dependency-review-action from 3.0.1 to 3.0.2 https://github.com/ossf/scorecard-action/commit/f93c094f4acf097f91d5753d637606bc11fdd8f6";>f93c094 :seedling: Bump github/codeql-action from 2.1.36 to 2.1.37 https://github.com/ossf/scorecard-action/commit/ce8978e058ff447b9df113f0f576b977fc627d6d";>ce8978e :seedling: Bump actions/upload-artifact from 3.1.0 to 3.1.1 https://github.com/ossf/scorecard-action/commit/5ce49db1aa7b24de0c4143035a64115e9c674b14";>5ce49db :seedling: Bump actions/setup-go from 3.4.0 to 3.5.0 See full diff in https://github.com/ossf/scorecard-action/compare/15c10fcf1cf912bd22260bfec67569a359ab87da...e38b1902ae4f44df626f11ba0734b14fb91f8f86";>compare view [![Dependabot compatibility score](https://dependabot-badges.githubapp.com/badges/compatibility_score?dependency-name=ossf/scorecard-action&package-manager=github_actions&previous-version=2.1.1&new-version=2.1.2)](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores) Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting `@dependabot rebase`. [//]: # (dependabot-automerge-start) [//]: # (dependabot-automerge-end) --- Dependabot commands and options You can trigger Dependabot actions by commenting on this PR: - `@dependabot rebase` will rebase this PR - `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it - `@dependabot merge` will merge this PR after your CI passes on it - `@dependabot squash and merge` will squash and merge this PR after your CI passes on it - `@dependabot cancel merge` will cancel a previously requested merge and block automerging - `@dependabot reopen` will reopen this PR if it is closed - `@dependabot close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually - `@dependabot ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself) -- This is an automated message from the Apache Git Service. To respond to the message, please log on to GitHub and use the URL above to go to the specific comment. To unsubscribe, e-mail: issues-unsubscr...@commons.apache.org For queries about this service, please contact Infrastructure at: us...@infra.apache.org
[jira] [Commented] (JEXL-390) Pragmas should not be statements
[ https://issues.apache.org/jira/browse/JEXL-390?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=17651338#comment-17651338 ] Henri Biestro commented on JEXL-390: You are absolutely correct. One way to fool-proof it ( pragmas must occur before any statement) and maintain compatibility (and choice) would be to introduce a feature flag (much like operator names). > Pragmas should not be statements > > > Key: JEXL-390 > URL: https://issues.apache.org/jira/browse/JEXL-390 > Project: Commons JEXL > Issue Type: Improvement >Affects Versions: 3.2.1 >Reporter: Dmitri Blinov >Assignee: Henri Biestro >Priority: Minor > Fix For: 3.3 > > > In Jexl pragmas are treated as statements syntactically, but do not find > their way to AST tree and this leads to strange bugs like in the following > example > {code} > @Test > public void testBadPragmas() throws Exception { > final JexlEngine jexl = new > JexlBuilder().cache(1024).debug(true).create(); > final JexlScript script = jexl.createScript("if (true) #pragma one > 42"); > JexlContext jc = new MapContext(); > final Object result = script.execute(jc); > debuggerCheck(jexl); > } > {code} > While this partucular bug can be trivially fixed, in fact the whole idea to > allow putting pragmas for example inside a loop or inside if-branch is a > strange language design (I'm not aware of examples in other languages) as it > gives false idea of the pragma being controlled by script execution logic. > If there's no reason or use case to keep this design as is, my proposal is to > make a grammar change and allow pragmas to be declared only at the top of the > script. Another point to change current pragma implementation is that pragmas > can not be used with expressions, e.g. no way to specify standard options / > imports. -- This message was sent by Atlassian Jira (v8.20.10#820010)
[jira] [Commented] (JEXL-390) Pragmas should not be statements
[ https://issues.apache.org/jira/browse/JEXL-390?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=17651323#comment-17651323 ] Dmitri Blinov commented on JEXL-390: I understand your point to keep the things as much backward compatible as possible but if pragmas are allowed to be placed closer to the the point where they are used, they stiil can unintentionally influence the interpretation of the code before them, because they are still pragmas and not lexical preprocessor directives, like in CPP. Here is artificial example. {code} @Test public void testPragmaOptions1() { final String str = "i; #pragma jexl.options '-strict'\n"; final JexlEngine jexl = new JexlBuilder().strict(true).create(); final JexlScript e = jexl.createScript(str); final JexlContext ctxt = new MapContext(); try { final Object o = e.execute(ctxt); Assert.fail("i should not be resolved"); } catch (final JexlException xany) { Assert.assertNotNull(xany); } } {code} > Pragmas should not be statements > > > Key: JEXL-390 > URL: https://issues.apache.org/jira/browse/JEXL-390 > Project: Commons JEXL > Issue Type: Improvement >Affects Versions: 3.2.1 >Reporter: Dmitri Blinov >Assignee: Henri Biestro >Priority: Minor > Fix For: 3.3 > > > In Jexl pragmas are treated as statements syntactically, but do not find > their way to AST tree and this leads to strange bugs like in the following > example > {code} > @Test > public void testBadPragmas() throws Exception { > final JexlEngine jexl = new > JexlBuilder().cache(1024).debug(true).create(); > final JexlScript script = jexl.createScript("if (true) #pragma one > 42"); > JexlContext jc = new MapContext(); > final Object result = script.execute(jc); > debuggerCheck(jexl); > } > {code} > While this partucular bug can be trivially fixed, in fact the whole idea to > allow putting pragmas for example inside a loop or inside if-branch is a > strange language design (I'm not aware of examples in other languages) as it > gives false idea of the pragma being controlled by script execution logic. > If there's no reason or use case to keep this design as is, my proposal is to > make a grammar change and allow pragmas to be declared only at the top of the > script. Another point to change current pragma implementation is that pragmas > can not be used with expressions, e.g. no way to specify standard options / > imports. -- This message was sent by Atlassian Jira (v8.20.10#820010)