[jira] [Commented] (COMPRESS-638) The GzipCompressorOutputStream#writeHeader method uses the ISO_8859_1 to write the file name. If the file name contains non-ISO_8859_1 characters, some unknown chara
[ https://issues.apache.org/jira/browse/COMPRESS-638?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel=17679354#comment-17679354 ] Michael Osipov commented on COMPRESS-638: - {{%%%.txt}} works like a charm. Here is the proposal: https://stackoverflow.com/questions/5325322/java-servlet-download-filename-special-characters/30446122#30446122 > The GzipCompressorOutputStream#writeHeader method uses the ISO_8859_1 to > write the file name. If the file name contains non-ISO_8859_1 characters, > some unknown characters are displayed after decompression. > -- > > Key: COMPRESS-638 > URL: https://issues.apache.org/jira/browse/COMPRESS-638 > Project: Commons Compress > Issue Type: Bug >Reporter: Radar wen >Priority: Major > Attachments: 0110.png > > > The GzipCompressorOutputStream#writeHeader method uses the ISO_8859_1 to > write the file name. > If the file name contains non-ISO_8859_1 characters, some unknown characters > are displayed after decompression. !0110.png! > Can change the ISO_8859_1 to UTF-8? > if (filename != null) { > out.write(filename.getBytes(ISO_8859_1)); > out.write(0); > } > > -- This message was sent by Atlassian Jira (v8.20.10#820010)
[jira] [Commented] (COMPRESS-638) The GzipCompressorOutputStream#writeHeader method uses the ISO_8859_1 to write the file name. If the file name contains non-ISO_8859_1 characters, some unknown chara
[ https://issues.apache.org/jira/browse/COMPRESS-638?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel=17679352#comment-17679352 ] Gary D. Gregory commented on COMPRESS-638: -- Sure, I'll take a look this weekend but where is your proposal? A file name can't have percent signs in it on Windows IIRC. RE logging, I do not think ower level, components like Commons should log, so I'd rather not add more logging. > The GzipCompressorOutputStream#writeHeader method uses the ISO_8859_1 to > write the file name. If the file name contains non-ISO_8859_1 characters, > some unknown characters are displayed after decompression. > -- > > Key: COMPRESS-638 > URL: https://issues.apache.org/jira/browse/COMPRESS-638 > Project: Commons Compress > Issue Type: Bug >Reporter: Radar wen >Priority: Major > Attachments: 0110.png > > > The GzipCompressorOutputStream#writeHeader method uses the ISO_8859_1 to > write the file name. > If the file name contains non-ISO_8859_1 characters, some unknown characters > are displayed after decompression. !0110.png! > Can change the ISO_8859_1 to UTF-8? > if (filename != null) { > out.write(filename.getBytes(ISO_8859_1)); > out.write(0); > } > > -- This message was sent by Atlassian Jira (v8.20.10#820010)
[GitHub] [commons-testing] dependabot[bot] opened a new pull request, #7: Bump de.flapdoodle.embed.mongo from 2.0.1 to 4.4.0
dependabot[bot] opened a new pull request, #7: URL: https://github.com/apache/commons-testing/pull/7 Bumps [de.flapdoodle.embed.mongo](https://github.com/flapdoodle-oss/de.flapdoodle.embed.mongo) from 2.0.1 to 4.4.0. Changelog Sourced from https://github.com/flapdoodle-oss/de.flapdoodle.embed.mongo/blob/main/Changelog.md;>de.flapdoodle.embed.mongo's changelog. Changelog 4.3.2 dep updates, archive hash cache speedup 4.3.0 dep updates, debian 12 support 4.2.0 little api change 4.1.3 fixed stupid bug 4.1.1 user.home problem in docker like setups fixed 4.1.0 first stable release after refactoring 4.0.9 dep updates mongo driver dependency removed 4.0.7 dep updates 4.0.6 better error handling 4.0.5 dep update 4.0.4 dep update 4.0.3 mongodb 6 support ... (truncated) Commits https://github.com/flapdoodle-oss/de.flapdoodle.embed.mongo/commit/4b7d7548564104f9307cfe2297e5647cdb2aea1b;>4b7d754 [maven-release-plugin] prepare release de.flapdoodle.embed.mongo-4.4.0 https://github.com/flapdoodle-oss/de.flapdoodle.embed.mongo/commit/e967e187cf9a64a71d84164fcbb28f3862a1cf0b;>e967e18 Merge branch 'main' of github.com:flapdoodle-oss/de.flapdoodle.embed.mongo https://github.com/flapdoodle-oss/de.flapdoodle.embed.mongo/commit/cc1dffa5fb4f26e06e2d91a9cbf8702260ffe78d;>cc1dffa dep upgrade https://github.com/flapdoodle-oss/de.flapdoodle.embed.mongo/commit/f491310884549bed5e9e823e4695a546d05da5f8;>f491310 Merge pull request https://github-redirect.dependabot.com/flapdoodle-oss/de.flapdoodle.embed.mongo/issues/445;>#445 from pinguet62/args-single https://github.com/flapdoodle-oss/de.flapdoodle.embed.mongo/commit/aa9aa960f83a20cb6d5f4848f96ee92de2b342b3;>aa9aa96 fix(args): allow argument key without value https://github.com/flapdoodle-oss/de.flapdoodle.embed.mongo/commit/ded88c8000d0afa8d7eb5285d1871a654840b920;>ded88c8 dep upgrade https://github.com/flapdoodle-oss/de.flapdoodle.embed.mongo/commit/99bc0cae8a6d4be2b3e35e758193e8ca23a5e560;>99bc0ca user and roles with mongodb https://github.com/flapdoodle-oss/de.flapdoodle.embed.mongo/commit/379018023a4ce3598e4f542495e58ca3663fa246;>3790180 auth example https://github.com/flapdoodle-oss/de.flapdoodle.embed.mongo/commit/b16c94d5173e1e4ec84d77886612473cd2ae0f26;>b16c94d use last working version for this test https://github.com/flapdoodle-oss/de.flapdoodle.embed.mongo/commit/78a9c7cad89cb8ccca6b6ed890395c85a57f2817;>78a9c7c use builder pattern for all commands Additional commits viewable in https://github.com/flapdoodle-oss/de.flapdoodle.embed.mongo/compare/de.flapdoodle.embed.mongo-2.0.1...de.flapdoodle.embed.mongo-4.4.0;>compare view [![Dependabot compatibility score](https://dependabot-badges.githubapp.com/badges/compatibility_score?dependency-name=de.flapdoodle.embed:de.flapdoodle.embed.mongo=maven=2.0.1=4.4.0)](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores) Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting `@dependabot rebase`. [//]: # (dependabot-automerge-start) [//]: # (dependabot-automerge-end) --- Dependabot commands and options You can trigger Dependabot actions by commenting on this PR: - `@dependabot rebase` will rebase this PR - `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it - `@dependabot merge` will merge this PR after your CI passes on it - `@dependabot squash and merge` will squash and merge this PR after your CI passes on it - `@dependabot cancel merge` will cancel a previously requested merge and block automerging - `@dependabot reopen` will reopen this PR if it is closed - `@dependabot close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually - `@dependabot ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself) -- This is an automated message from the Apache Git Service. To respond to the message, please log on to GitHub and use the URL above to go to the specific comment. To unsubscribe, e-mail: issues-unsubscr...@commons.apache.org For queries about this
[GitHub] [commons-testing] dependabot[bot] opened a new pull request, #6: Bump maven-pmd-plugin from 3.9.0 to 3.20.0
dependabot[bot] opened a new pull request, #6: URL: https://github.com/apache/commons-testing/pull/6 Bumps [maven-pmd-plugin](https://github.com/apache/maven-pmd-plugin) from 3.9.0 to 3.20.0. Release notes Sourced from https://github.com/apache/maven-pmd-plugin/releases;>maven-pmd-plugin's releases. 3.20.0 Bug Fixes https://issues.apache.org/jira/browse/MPMD-335;>MPMD-335 - Aggregate mode doesn't use additional repositories (https://github-redirect.dependabot.com/apache/maven-pmd-plugin/pull/101;>#101) https://github.com/adangel;>@adangel Maintenance https://issues.apache.org/jira/browse/MPMD-361;>MPMD-361 - Explicitly start and end tables with Doxia Sinks in report renderers Dependency updates https://issues.apache.org/jira/browse/MPMD-360;>MPMD-360 - Upgrade to PMD 6.53.0 (https://github-redirect.dependabot.com/apache/maven-pmd-plugin/pull/109;>#109) https://github.com/adangel;>@adangel https://issues.apache.org/jira/browse/MPMD-358;>MPMD-358 - Upgrade to PMD 6.52.0 (https://github-redirect.dependabot.com/apache/maven-pmd-plugin/pull/104;>#104) https://github.com/adangel;>@adangel https://issues.apache.org/jira/browse/MPMD-357;>MPMD-357 - Upgrade to PMD 6.51.0 (https://github-redirect.dependabot.com/apache/maven-pmd-plugin/pull/100;>#100) https://github.com/adangel;>@adangel Bump release-drafter/release-drafter from 5.21.0 to 5.21.1 (https://github-redirect.dependabot.com/apache/maven-pmd-plugin/pull/99;>#99) https://github.com/dependabot;>@dependabot https://issues.apache.org/jira/browse/MPMD-356;>MPMD-356 - Upgrade to PMD 6.50.0 (https://github-redirect.dependabot.com/apache/maven-pmd-plugin/pull/98;>#98) https://github.com/adangel;>@adangel Bump maven-common-artifact-filters from 3.3.1 to 3.3.2 (https://github-redirect.dependabot.com/apache/maven-pmd-plugin/pull/95;>#95) https://github.com/dependabot;>@dependabot Bump release-drafter/release-drafter from 5.20.1 to 5.21.0 (https://github-redirect.dependabot.com/apache/maven-pmd-plugin/pull/93;>#93) https://github.com/dependabot;>@dependabot 3.19.0 Bug Fixes https://issues.apache.org/jira/browse/MPMD-353;>[MPMD-353] - API incompatibility with jansi after upgrading m-shared-… (https://github-redirect.dependabot.com/apache/maven-pmd-plugin/issues/91;>#91) https://github.com/adangel;>@adangel Dependency updates Bump animal-sniffer-maven-plugin from 1.21 to 1.22 (https://github-redirect.dependabot.com/apache/maven-pmd-plugin/issues/88;>#88) https://github.com/dependabot;>@dependabot Bump wiremock from 1.49 to 2.27.2 (https://github-redirect.dependabot.com/apache/maven-pmd-plugin/issues/57;>#57) https://github.com/dependabot;>@dependabot https://issues.apache.org/jira/browse/MPMD-354;>[MPMD-354] - Upgrade to PMD 6.49.0 (https://github-redirect.dependabot.com/apache/maven-pmd-plugin/issues/92;>#92) https://github.com/adangel;>@adangel Bump release-drafter/release-drafter from 5.20.0 to 5.20.1 (https://github-redirect.dependabot.com/apache/maven-pmd-plugin/issues/86;>#86) https://github.com/dependabot;>@dependabot 3.18.0 New features and improvements https://issues.apache.org/jira/browse/MPMD-348;>MPMD-348 - Support Java 19 (https://github-redirect.dependabot.com/apache/maven-pmd-plugin/issues/82;>#82) https://github.com/adangel;>@adangel Bug Fixes [SECURITY] Fix Partial Path Traversal Vulnerability (https://github-redirect.dependabot.com/apache/maven-pmd-plugin/issues/80;>#80) https://github.com/JLLeitschuh;>@JLLeitschuh Dependency updates https://issues.apache.org/jira/browse/MPMD-352;>MPMD-352 - Upgrade Maven Common Artifact Filters to 3.3.1 https://issues.apache.org/jira/browse/MPMD-351;>MPMD-351 - Upgrade Maven Artifact Transfer to 0.13.1 https://issues.apache.org/jira/browse/MPMD-350;>MPMD-350 - Upgrade Maven Shared Utils to 3.3.4 https://issues.apache.org/jira/browse/MPMD-349;>MPMD-349 - Upgrade Maven Reporting API to 3.1.1/Maven Reporting Impl to 3.2.0 (https://github-redirect.dependabot.com/apache/maven-pmd-plugin/issues/84;>#84) https://github.com/michael-o;>@michael-o https://issues.apache.org/jira/browse/MPMD-347;>MPMD-347 - Upgrade to PMD 6.48.0 (https://github-redirect.dependabot.com/apache/maven-pmd-plugin/issues/81;>#81) https://github.com/adangel;>@adangel Bump maven-plugins from 36 to 37 (https://github-redirect.dependabot.com/apache/maven-pmd-plugin/issues/79;>#79) https://github.com/dependabot;>@dependabot https://issues.apache.org/jira/browse/MPMD-345;>MPMD-345 - Upgrade to PMD 6.47.0 (https://github-redirect.dependabot.com/apache/maven-pmd-plugin/issues/73;>#73) https://github.com/adangel;>@adangel Bump commons-lang3 from 3.8.1 to 3.12.0 (https://github-redirect.dependabot.com/apache/maven-pmd-plugin/issues/72;>#72) https://github.com/dependabot;>@dependabot Bump
[GitHub] [commons-testing] dependabot[bot] opened a new pull request, #5: Bump taglist-maven-plugin from 2.4 to 3.0.0
dependabot[bot] opened a new pull request, #5: URL: https://github.com/apache/commons-testing/pull/5 Bumps [taglist-maven-plugin](https://github.com/mojohaus/taglist-maven-plugin) from 2.4 to 3.0.0. Release notes Sourced from https://github.com/mojohaus/taglist-maven-plugin/releases;>taglist-maven-plugin's releases. taglist-maven-plugin--3.0.0 Changes New features and improvements https://github-redirect.dependabot.com/mojohaus/taglist-maven-plugin/issues/12;>#12 includes excludes (https://github-redirect.dependabot.com/mojohaus/taglist-maven-plugin/issues/56;>#56) https://github.com/bmarwell;>@bmarwell site enhancements. (https://github-redirect.dependabot.com/mojohaus/taglist-maven-plugin/issues/40;>#40) https://github.com/bmarwell;>@bmarwell https://github-redirect.dependabot.com/mojohaus/taglist-maven-plugin/issues/26;>#26 convert to Maven3 annotated parameters. (https://github-redirect.dependabot.com/mojohaus/taglist-maven-plugin/issues/33;>#33) https://github.com/bmarwell;>@bmarwell https://github-redirect.dependabot.com/mojohaus/taglist-maven-plugin/issues/23;>#23 Update to Maven 3. (https://github-redirect.dependabot.com/mojohaus/taglist-maven-plugin/issues/24;>#24) https://github.com/bmarwell;>@bmarwell [REPO] add README.adoc. (https://github-redirect.dependabot.com/mojohaus/taglist-maven-plugin/issues/13;>#13) https://github.com/bmarwell;>@bmarwell Dependency updates Bump modello-maven-plugin from 1.10.0 to 1.11 (https://github-redirect.dependabot.com/mojohaus/taglist-maven-plugin/issues/51;>#51) https://github.com/dependabot;>@dependabot Bump commons-lang from 2.4 to 2.6 (https://github-redirect.dependabot.com/mojohaus/taglist-maven-plugin/issues/18;>#18) https://github.com/dependabot;>@dependabot Bump mojo-parent from 62 to 65 (https://github-redirect.dependabot.com/mojohaus/taglist-maven-plugin/issues/22;>#22) https://github.com/dependabot;>@dependabot ⛔ Removed features https://github-redirect.dependabot.com/mojohaus/taglist-maven-plugin/issues/29;>#29 remove deprecated 'tags' parameter (https://github-redirect.dependabot.com/mojohaus/taglist-maven-plugin/issues/39;>#39) https://github.com/bmarwell;>@bmarwell Documentation updates https://github-redirect.dependabot.com/mojohaus/taglist-maven-plugin/issues/48;>#48 fix self report version, https url. (https://github-redirect.dependabot.com/mojohaus/taglist-maven-plugin/issues/49;>#49) https://github.com/bmarwell;>@bmarwell add release-drafter categories (https://github-redirect.dependabot.com/mojohaus/taglist-maven-plugin/issues/47;>#47) https://github.com/bmarwell;>@bmarwell [REPO] add release-drafter (https://github-redirect.dependabot.com/mojohaus/taglist-maven-plugin/issues/46;>#46) https://github.com/bmarwell;>@bmarwell https://github-redirect.dependabot.com/mojohaus/taglist-maven-plugin/issues/41;>#41 fix date format for index. (https://github-redirect.dependabot.com/mojohaus/taglist-maven-plugin/issues/42;>#42) https://github.com/bmarwell;>@bmarwell site enhancements. (https://github-redirect.dependabot.com/mojohaus/taglist-maven-plugin/issues/40;>#40) https://github.com/bmarwell;>@bmarwell https://github-redirect.dependabot.com/mojohaus/taglist-maven-plugin/issues/25;>#25 fix ambiguous links (https://github-redirect.dependabot.com/mojohaus/taglist-maven-plugin/issues/37;>#37) https://github.com/bmarwell;>@bmarwell https://github-redirect.dependabot.com/mojohaus/taglist-maven-plugin/issues/35;>#35 add breadcrumbs to site. (https://github-redirect.dependabot.com/mojohaus/taglist-maven-plugin/issues/36;>#36) https://github.com/bmarwell;>@bmarwell https://github-redirect.dependabot.com/mojohaus/taglist-maven-plugin/issues/30;>#30 add fluido skin (https://github-redirect.dependabot.com/mojohaus/taglist-maven-plugin/issues/34;>#34) https://github.com/bmarwell;>@bmarwell https://github-redirect.dependabot.com/mojohaus/taglist-maven-plugin/issues/15;>#15 fix invalid javadoc tags // add custom tags. (https://github-redirect.dependabot.com/mojohaus/taglist-maven-plugin/issues/16;>#16) https://github.com/bmarwell;>@bmarwell [REPO] add README.adoc. (https://github-redirect.dependabot.com/mojohaus/taglist-maven-plugin/issues/13;>#13) https://github.com/bmarwell;>@bmarwell 藺 Maintenance [REPO] add release-drafter (https://github-redirect.dependabot.com/mojohaus/taglist-maven-plugin/issues/46;>#46) https://github.com/bmarwell;>@bmarwell https://github-redirect.dependabot.com/mojohaus/taglist-maven-plugin/issues/44;>#44 remove changes plugin which breaks builds (https://github-redirect.dependabot.com/mojohaus/taglist-maven-plugin/issues/45;>#45) https://github.com/bmarwell;>@bmarwell https://github-redirect.dependabot.com/mojohaus/taglist-maven-plugin/issues/38;>#38 add mvnw (official maven wrapper)
[GitHub] [commons-testing] dependabot[bot] opened a new pull request, #4: Bump commons-lang3 from 3.7 to 3.12.0
dependabot[bot] opened a new pull request, #4: URL: https://github.com/apache/commons-testing/pull/4 Bumps commons-lang3 from 3.7 to 3.12.0. [![Dependabot compatibility score](https://dependabot-badges.githubapp.com/badges/compatibility_score?dependency-name=org.apache.commons:commons-lang3=maven=3.7=3.12.0)](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores) Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting `@dependabot rebase`. [//]: # (dependabot-automerge-start) [//]: # (dependabot-automerge-end) --- Dependabot commands and options You can trigger Dependabot actions by commenting on this PR: - `@dependabot rebase` will rebase this PR - `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it - `@dependabot merge` will merge this PR after your CI passes on it - `@dependabot squash and merge` will squash and merge this PR after your CI passes on it - `@dependabot cancel merge` will cancel a previously requested merge and block automerging - `@dependabot reopen` will reopen this PR if it is closed - `@dependabot close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually - `@dependabot ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself) -- This is an automated message from the Apache Git Service. To respond to the message, please log on to GitHub and use the URL above to go to the specific comment. To unsubscribe, e-mail: issues-unsubscr...@commons.apache.org For queries about this service, please contact Infrastructure at: us...@infra.apache.org
[GitHub] [commons-testing] dependabot[bot] opened a new pull request, #3: Bump maven-checkstyle-plugin from 3.0.0 to 3.2.1
dependabot[bot] opened a new pull request, #3: URL: https://github.com/apache/commons-testing/pull/3 Bumps [maven-checkstyle-plugin](https://github.com/apache/maven-checkstyle-plugin) from 3.0.0 to 3.2.1. Commits https://github.com/apache/maven-checkstyle-plugin/commit/9f6a75976c0b4b7f5d929de92ba02577f94005cf;>9f6a759 [maven-release-plugin] prepare release maven-checkstyle-plugin-3.2.1 https://github.com/apache/maven-checkstyle-plugin/commit/932c8bcd8953e3634cf8b409e276575c0ad60d3a;>932c8bc [MCHECKSTYLE-423] Explicitly start and end tables with Doxia Sinks in report ... https://github.com/apache/maven-checkstyle-plugin/commit/746a137e5fcf7d68fa7f98c98cfa6f33a7d64e6b;>746a137 update Reproducible Builds badge link https://github.com/apache/maven-checkstyle-plugin/commit/b07adb2e51d6b016dd564893685f46b33fffe5db;>b07adb2 [maven-release-plugin] prepare for next development iteration https://github.com/apache/maven-checkstyle-plugin/commit/1aaf7cb4198f3076c01309065b1d7e92213e6e1b;>1aaf7cb [maven-release-plugin] prepare release maven-checkstyle-plugin-3.2.0 https://github.com/apache/maven-checkstyle-plugin/commit/627fa4f684866a579f2c105fcc1dbf3ed776daa8;>627fa4f [MCHECKSTYLE-417] Upgrade Maven Reporting API to 3.1.1/Maven Reporting Impl t... https://github.com/apache/maven-checkstyle-plugin/commit/cbf3751a152d542715cf2b2219ab1de0850b2730;>cbf3751 [MCHECKSTYLE-418] Deprecate RSS feature and disable by default https://github.com/apache/maven-checkstyle-plugin/commit/549bf3d58a1608dedb0054fd9418efc3fcfffc33;>549bf3d [MCHECKSTYLE-419] Upgrade Parent to 37 and cleanup https://github.com/apache/maven-checkstyle-plugin/commit/171827b256a62e83e662d5e691b5f31e2b41dd00;>171827b Bump animal-sniffer-maven-plugin from 1.21 to 1.22 https://github.com/apache/maven-checkstyle-plugin/commit/a58c6379db1b86af342af5a179403e1bcc333a6b;>a58c637 Bump extra-enforcer-rules from 1.5.1 to 1.6.1 Additional commits viewable in https://github.com/apache/maven-checkstyle-plugin/compare/maven-checkstyle-plugin-3.0.0...maven-checkstyle-plugin-3.2.1;>compare view [![Dependabot compatibility score](https://dependabot-badges.githubapp.com/badges/compatibility_score?dependency-name=org.apache.maven.plugins:maven-checkstyle-plugin=maven=3.0.0=3.2.1)](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores) Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting `@dependabot rebase`. [//]: # (dependabot-automerge-start) [//]: # (dependabot-automerge-end) --- Dependabot commands and options You can trigger Dependabot actions by commenting on this PR: - `@dependabot rebase` will rebase this PR - `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it - `@dependabot merge` will merge this PR after your CI passes on it - `@dependabot squash and merge` will squash and merge this PR after your CI passes on it - `@dependabot cancel merge` will cancel a previously requested merge and block automerging - `@dependabot reopen` will reopen this PR if it is closed - `@dependabot close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually - `@dependabot ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself) -- This is an automated message from the Apache Git Service. To respond to the message, please log on to GitHub and use the URL above to go to the specific comment. To unsubscribe, e-mail: issues-unsubscr...@commons.apache.org For queries about this service, please contact Infrastructure at: us...@infra.apache.org
[jira] [Commented] (COMPRESS-638) The GzipCompressorOutputStream#writeHeader method uses the ISO_8859_1 to write the file name. If the file name contains non-ISO_8859_1 characters, some unknown chara
[ https://issues.apache.org/jira/browse/COMPRESS-638?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel=17679322#comment-17679322 ] Michael Osipov commented on COMPRESS-638: - Gary, why not pick up my proposal? Log a warning and make it percent-encoded? > The GzipCompressorOutputStream#writeHeader method uses the ISO_8859_1 to > write the file name. If the file name contains non-ISO_8859_1 characters, > some unknown characters are displayed after decompression. > -- > > Key: COMPRESS-638 > URL: https://issues.apache.org/jira/browse/COMPRESS-638 > Project: Commons Compress > Issue Type: Bug >Reporter: Radar wen >Priority: Major > Attachments: 0110.png > > > The GzipCompressorOutputStream#writeHeader method uses the ISO_8859_1 to > write the file name. > If the file name contains non-ISO_8859_1 characters, some unknown characters > are displayed after decompression. !0110.png! > Can change the ISO_8859_1 to UTF-8? > if (filename != null) { > out.write(filename.getBytes(ISO_8859_1)); > out.write(0); > } > > -- This message was sent by Atlassian Jira (v8.20.10#820010)
[jira] [Commented] (VFS-830) SFTP - moveto() throws FileSystemException: Could not set the last modified timestamp
[ https://issues.apache.org/jira/browse/VFS-830?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel=17679305#comment-17679305 ] Gary D. Gregory commented on VFS-830: - If you can provide a PR I can review over the weekend, otherwise, it will be on my back-back-burner. > SFTP - moveto() throws FileSystemException: Could not set the last modified > timestamp > - > > Key: VFS-830 > URL: https://issues.apache.org/jira/browse/VFS-830 > Project: Commons VFS > Issue Type: Bug >Affects Versions: 2.9.0 > Environment: RHEL Linux server connecting to AWS Transfer SFTP Server >Reporter: Simon Alexander >Priority: Minor > > I am uploading a file via a temp file, by using the following code: > > {code:java} > FileSystemOptions opts = createDefaultOptions(); > BytesIdentityInfo identityInfo = new BytesIdentityInfo(sshKey.getBytes(), > null); > SftpFileSystemConfigBuilder.getInstance().setIdentityProvider(opts, > identityInfo); > SftpFileSystemConfigBuilder.getInstance().setUserDirIsRoot(opts, false); > SftpFileSystemConfigBuilder.getInstance().setSessionTimeout(opts, > Duration.ofMillis(1)); > SftpFileSystemConfigBuilder.getInstance().setDisableDetectExecChannel(opts, > true); > // Create temp remote file object > String tempFilePath = remoteFolder + FilePathSeparator + tempFileName; > tempFileObject = remoteManager.resolveFile(new > URI("sftp",server.getServerInfo(),server.HostName,server.Port,tempFilePath,null,null).toString(), > opts); > tempFileObject.copyFrom(sourceFileObject, Selectors.SELECT_SELF); > // rename to the correct name > tempFileObject.moveTo(remoteFileObject);} {code} > In this code, `sourceFileObject` is on a remote linux server; and > `tempFileObject` and `remoteFileObject` are on the AWS SFTP Transfer server. > The exec channel is disabled on the server, so I've disabled its use here. > When I run this code, the creation of the temp file runs successfully (using > `copyFrom()`), but then the `moveTo()` call fails with the following > exception: > *java.io.IOException: copyFileBetweenServersUsingTempFile() - Could not set > the last modified timestamp of "testRemoteFileName.txt"* > > I was trying to understand why the moveTo() call would fail in this way, so I > started digging into the Apache code. As far as I can see, the call to > `setLastModifiedTime()` only happens if the code thinks that the source and > target filesystems are different - see [commons-vfs/AbstractFileObject.java > at 83514069293cbf80644f1d47dd3eceaaf4e6954b · apache/commons-vfs · > GitHub|https://github.com/apache/commons-vfs/blob/83514069293cbf80644f1d47dd3eceaaf4e6954b/commons-vfs2/src/main/java/org/apache/commons/vfs2/provider/AbstractFileObject.java#L1726] > {code:java} > if (fileSystem == newfile.getFileSystem()) // canRenameTo() > { > ... > } > else > { > ... > destFile.getContent().setLastModifiedTime(this.getContent().getLastModifiedTime()); > } {code} > The issue, I think, is the `==` in the canRenameTo() method - because I am > actually moving from the temp file to the final file on the same file system, > which means this should be returning true not false, right? presumably we > should be using `.equals()` here, and overriding equals in the appropriate > type of `FileSystem` object? -- This message was sent by Atlassian Jira (v8.20.10#820010)
[GitHub] [commons-csv] garydgregory commented on pull request #295: Add support for trailing text after the closing quote, and EOF without a final closing quote, for Excel compatibility
garydgregory commented on PR #295: URL: https://github.com/apache/commons-csv/pull/295#issuecomment-1398884753 I will find time to review over the weekend. -- This is an automated message from the Apache Git Service. To respond to the message, please log on to GitHub and use the URL above to go to the specific comment. To unsubscribe, e-mail: issues-unsubscr...@commons.apache.org For queries about this service, please contact Infrastructure at: us...@infra.apache.org
[GitHub] [commons-text] garydgregory merged pull request #410: Bump assertj-core from 3.24.1 to 3.24.2
garydgregory merged PR #410: URL: https://github.com/apache/commons-text/pull/410 -- This is an automated message from the Apache Git Service. To respond to the message, please log on to GitHub and use the URL above to go to the specific comment. To unsubscribe, e-mail: issues-unsubscr...@commons.apache.org For queries about this service, please contact Infrastructure at: us...@infra.apache.org
[GitHub] [commons-text] dependabot[bot] opened a new pull request, #408: Bump graalvm.version from 22.0.0.2 to 22.3.1
dependabot[bot] opened a new pull request, #408: URL: https://github.com/apache/commons-text/pull/408 Bumps `graalvm.version` from 22.0.0.2 to 22.3.1. Updates `js` from 22.0.0.2 to 22.3.1 Release notes Sourced from https://github.com/graalvm/graaljs/releases;>js's releases. GraalJS - GraalVM Community Edition 22.3.0 GraalVM provides an ECMAScript-compliant runtime to execute JavaScript and Node.js applications. It is fully standard compliant, execute applications with high performance, and provide all benefits from the GraalVM stack, including language interoperability and common tooling. More information is available on the GraalVM website: http://www.graalvm.org/reference-manual/js/;>http://www.graalvm.org/reference-manual/js/ GraalJS - GraalVM Community Edition 22.2.0 GraalVM provides an ECMAScript-compliant runtime to execute JavaScript and Node.js applications. It is fully standard compliant, execute applications with high performance, and provide all benefits from the GraalVM stack, including language interoperability and common tooling. More information is available on the GraalVM website: http://www.graalvm.org/reference-manual/js/;>http://www.graalvm.org/reference-manual/js/ GraalJS - GraalVM Community Edition 22.1.0 GraalVM provides an ECMAScript-compliant runtime to execute JavaScript and Node.js applications. It is fully standard compliant, execute applications with high performance, and provide all benefits from the GraalVM stack, including language interoperability and common tooling. More information is available on the GraalVM website: http://www.graalvm.org/reference-manual/js/;>http://www.graalvm.org/reference-manual/js/ Changelog Sourced from https://github.com/oracle/graaljs/blob/vm-22.3.1/CHANGELOG.md;>js's changelog. GraalVM JavaScript (Graal.js) Changelog This changelog summarizes major changes between GraalVM versions of the GraalVM JavaScript (ECMAScript) language runtime. The main focus is on user-observable behavior of the engine. Changelog may include unreleased versions. See https://www.graalvm.org/release-notes/version-roadmap/;>version roadmap for release dates. Version 22.3.1. Updated Node.js to version 16.18.1. Version 22.3.0 Implemented the https://github.com/WebAssembly/multi-value;>WebAssembly multi-value proposal. Added an experimental option --js.unhandled-rejections=handler that allows to use a custom callback to track unhandled promise rejections. Updated Node.js to version 16.17.1. ECMA-402 Internationalization API has been enabled by default. It can be disabled by --js.intl-402=false option. Implemented the https://github.com/tc39/proposal-decorators;>Decorators (stage 3) proposal. Version 22.2.0 GraalVM JavaScript is now an installable component of GraalVM. It can be installed with gu install js. Enabled option js.foreign-object-prototype by default. Polyglot Interop objects now get a fitting JavaScript prototype assigned unless explicitly turned off using this flag. Added intermediate prototype for foreign objects to simplify adapting functionality. Removed deprecated experimental option experimental-foreign-object-prototype. Removed experimental option commonjs-global-properties. The same functionality can be achieved in user code with a direct call to require() after context creation. Added an experimental option --js.zone-rules-based-time-zones that allows to use timezone-related data from ZoneRulesProvider (instead of ICU4J data files). Temporal objects can be converted to compatible Java objects when possible, using the Value API's methods like asDate(). Version 22.1.0 Updated Node.js to version 16.14.2. Graal.js now requires Java 11+ and no longer supports Java 8. Implemented the https://github.com/tc39/proposal-intl-numberformat-v3;>Intl.NumberFormat v3 proposal. Implemented the https://github.com/tc39/proposal-array-grouping;>Array Grouping v3 proposal. It is available in ECMAScript staging mode (--js.ecmascript-version=staging). Implemented the https://github.com/tc39/proposal-temporal;>Temporal proposal. It is available behind the experimental option --js.temporal. Implemented the https://github.com/tc39/proposal-array-find-from-last;>Array Find from Last proposal. It is available in ECMAScript staging mode (--js.ecmascript-version=staging). Optimized closures to only keep references on variables in the lexical environment that are needed by (one or more) closures. This optimization can be disabled with the experimental option --js.scope-optimization=false. Moved the internal string representation to the new TruffleString type. Added option --js.string-lazy-substrings (default: true) to allow toggling the copying behavior of string slices. When enabled, string slices internally create string views instead
[GitHub] [commons-text] dependabot[bot] opened a new pull request, #409: Bump mockito-inline from 4.11.0 to 5.0.0
dependabot[bot] opened a new pull request, #409: URL: https://github.com/apache/commons-text/pull/409 Bumps [mockito-inline](https://github.com/mockito/mockito) from 4.11.0 to 5.0.0. Release notes Sourced from https://github.com/mockito/mockito/releases;>mockito-inline's releases. v5.0.0 Mockito 5: prepare for future JDK versions For a while now, we have seen an increase in problems/incompatibilities with recent versions of the JDK due to our usage of JVM-internal API. Most notably, JDK 17 made some changes which are incompatible with the current subclass mockmaker. Therefore, to prepare for the future of JDK, we are making some core changes to ensure Mockito keeps on working. Switch the default mockmaker to mockito-inline Back in Mockito 2.7.6, we published a new mockmaker based on the inline bytecode principle. This mockmaker creates mocks manipulating bytecode equivalent within the original class such that its method implementations hook into the normal Mockito machinery. As a comparison, the subclass mockmaker generates real subclasses for mocks, to mimic the same behavior. While the approaches are similar, the inline mockmaker avoids certain restrictions that the JDK imposes. For example, it does not violate module boundaries (introduced in JDK 9, but more heavily used in JDK 17) and avoids the leaking of the creation of the subclass. Massive thanks to community member https://github.com/reta;>@reta who implemented this change. Note: this does not affect mockito-android nor testing on Android. When should I still be using the subclass mockmaker? There are legitimate remaining use cases for the subclass mockmaker. For example, on the Graal VM's native image, the inline mockmaker will not work and the subclass mockmaker is the appropriate choice. Additionally, if you would like to avoid mocking final classes, using the subclass mockmaker is a possibibility. Note however that if you solely want to use the subclass mockmaker to avoid mocking final, you will run into the above mentioned issues on JDK 17+. We want to leave this choice up to our users, which is why we will keep on supporting the subclass mockmaker. If you want to use the subclass mockmaker instead, you can use the new mockito-subclass artifact (published https://search.maven.org/artifact/org.mockito/mockito-subclass;>on Maven Central along with all our other artifacts). Update the minimum supported Java version to 11 Mockito 4 supports Java 8 and above. Similar to other open source projects, we are moving away from JDK 8 and to newer versions. The primary reason for moving away from JDK 8 is the increasing maintenance costs with keeping our own infrastructure working. Lately we have been running into more and more JDK 8 breakages. Additionally, while we want to support the newest JDK API's, our current solution to support both JDK 8 and newer versions causes https://github-redirect.dependabot.com/mockito/mockito/issues/2798;>issues with the SecurityManager. Since we want Mockito to work on the newest version and more and more businesses adopting JDK 11, we have decided to make the switch as well. Massive thanks to community member https://github.com/reta;>@reta who implemented this change. What should I do if I still run JDK 8? For JDK 8 and below, you can keep on using Mockito 4. This is similar to if you are using JDK 6, for which you can keep on using Mockito 2. The changes in Mockito 5 (for now) are primarily focused on the latest JDK versions, which means the API differences between Mockito 4 and 5 are minimal. However, over time this will most likely widen, so we do recommend adopting JDK 11 in the future. New type() method on ArgumentMatcher One of our most used public API's for customizing Mockito is the https://javadoc.io/doc/org.mockito/mockito-core/latest/org/mockito/ArgumentMatcher.html;>ArgumentMatcher interface. ... (truncated) Commits https://github.com/mockito/mockito/commit/adf528d173f8b763fcd4fedab245ed485b465211;>adf528d Bump versions.bytebuddy from 1.12.21 to 1.12.22 (https://github-redirect.dependabot.com/mockito/mockito/issues/2864;>#2864) https://github.com/mockito/mockito/commit/2418419a1915bd234332eac2b4d5de85622d4699;>2418419 Bump versions.junitJupiter from 5.9.1 to 5.9.2 (https://github-redirect.dependabot.com/mockito/mockito/issues/2858;>#2858) https://github.com/mockito/mockito/commit/3d40cd51d3982e33f7c2a2670c65d28233ceb66e;>3d40cd5 Bump junit-platform-launcher from 1.9.1 to 1.9.2 (https://github-redirect.dependabot.com/mockito/mockito/issues/2859;>#2859) https://github.com/mockito/mockito/commit/9bec8e3a1a0f57e4baa9b64825d67641e9eb2d5e;>9bec8e3 Bump versions.errorprone from 2.17.0 to 2.18.0 (https://github-redirect.dependabot.com/mockito/mockito/issues/2857;>#2857)
[GitHub] [commons-text] dependabot[bot] closed pull request #379: Bump graalvm.version from 22.0.0.2 to 22.3.0
dependabot[bot] closed pull request #379: Bump graalvm.version from 22.0.0.2 to 22.3.0 URL: https://github.com/apache/commons-text/pull/379 -- This is an automated message from the Apache Git Service. To respond to the message, please log on to GitHub and use the URL above to go to the specific comment. To unsubscribe, e-mail: issues-unsubscr...@commons.apache.org For queries about this service, please contact Infrastructure at: us...@infra.apache.org
[GitHub] [commons-bcel] dependabot[bot] opened a new pull request, #203: Bump jna.version from 5.12.1 to 5.13.0
dependabot[bot] opened a new pull request, #203: URL: https://github.com/apache/commons-bcel/pull/203 Bumps `jna.version` from 5.12.1 to 5.13.0. Updates `jna` from 5.12.1 to 5.13.0 Changelog Sourced from https://github.com/java-native-access/jna/blob/master/CHANGES.md;>jna's changelog. Release (5.13.0) Features https://github-redirect.dependabot.com/java-native-access/jna/pull/1454;>#1454: Add c.s.j.p.win32.Psapi.QueryWorkingSetEx and associated Types - https://github.com/Crain-32;>@crain-32. https://github-redirect.dependabot.com/java-native-access/jna/pull/1459;>#1459: Add VirtualLock and VirtualUnlock in c.s.j.p.win32.Kernel32 - https://github.com/matthiasblaesing;>@matthiasblaesing. https://github-redirect.dependabot.com/java-native-access/jna/pull/1471;>#1471: Add c.s.j.p.win32.Advapi32Util#isCurrentProcessElevated and associated Types - https://github.com/dbwiddis;>@dbwiddis. https://github-redirect.dependabot.com/java-native-access/jna/pull/1474;>#1474: Add c.s.j.p.win32.WbemCli#IWbemClassObject.IWbemQualifierSet, IWbemServices.GetObject, IWbemContext.SetValue and associated methods - https://github.com/rchateauneu;>@rchateauneu. https://github-redirect.dependabot.com/java-native-access/jna/pull/1482;>#1482: Add multilingual support of Kernel32Util.formatMessage - https://github.com/overpathz;>@overpathz. https://github-redirect.dependabot.com/java-native-access/jna/pull/1490;>#1490: Adds support for a custom SymbolProvider in NativeLibrary Library - https://github.com/soywiz;>@soywiz. https://github-redirect.dependabot.com/java-native-access/jna/pull/1491;>#1491: Update libffi to v3.4.4 - https://github.com/matthiasblaesing;>@matthiasblaesing. https://github-redirect.dependabot.com/java-native-access/jna/issues/1487;>#1487: Add 'uses' information to OSGI metadata in MANIFEST.MF to improve stability of package resolution - https://github.com/sratz;>@sratz. Bug Fixes https://github-redirect.dependabot.com/java-native-access/jna/issues/1452;>#1452: Fix memory allocation/handling for error message generation in native library code (dispatch.c) - https://github.com/matthiasblaesing;>@matthiasblaesing. https://github-redirect.dependabot.com/java-native-access/jna/issues/1460;>#1460: Fix win32 variant date conversion in DST offest window and with millisecond values - https://github.com/eranl;>@eranl. https://github-redirect.dependabot.com/java-native-access/jna/issues/1472;>#1472: Fix incorrect bitmask in c.s.j.Pointer#createConstant(int) - https://github.com/dbwiddis;>@dbwiddis. https://github-redirect.dependabot.com/java-native-access/jna/issues/1481;>#1481: Fix NPE in NativeLibrary when unpacking from classpath is disabled - https://github.com/trespasserw;>@trespasserw. https://github-redirect.dependabot.com/java-native-access/jna/pull/1489;>#1489: Fixes typo in OpenGL32Util#wglGetProcAddress, instead of parameter procName the hardcoded value wglEnumGpusNV was used - https://github.com/soywiz;>@soywiz. Commits https://github.com/java-native-access/jna/commit/4962fd7758493b7395e86578705d8a32f6238872;>4962fd7 Release 5.13.0 https://github.com/java-native-access/jna/commit/a56504611b00cc7d90c165f924c3915cb7a6f759;>a565046 Adjust release directions https://github.com/java-native-access/jna/commit/f7017c4f957d7fc13c7455efcae200e29407a729;>f7017c4 Remove artifacts classified as -jpms, there are the jna-jpms and jna-platfo... https://github.com/java-native-access/jna/commit/a5f47cd359d5fe62a0e5d6c2bd9d649874be955d;>a5f47cd Merge pull request https://github-redirect.dependabot.com/java-native-access/jna/issues/1494;>#1494 from matthiasblaesing/pr-1492 https://github.com/java-native-access/jna/commit/1af6eb14e0059c7acd5d5ee71fd62e519536fac5;>1af6eb1 Improve documentation, ensure osgi.version is defined, wrap create-export-pac... https://github.com/java-native-access/jna/commit/65cf52803ec2249c61573bdc7bd4314b77c019a0;>65cf528 add utility shell script to create 'Export-Package' metadata https://github.com/java-native-access/jna/commit/b3984aaf1bf87c8da2e84797f62180adc405b48a;>b3984aa Add 'uses' information to OSGI metadata in MANIFEST.MF https://github.com/java-native-access/jna/commit/780facdf55b488d504c17183066df6a34531d747;>780facd Add missing change log entry for libffi update https://github.com/java-native-access/jna/commit/5dd4bd707f8f1f49b5d1af158402859a86161367;>5dd4bd7 Merge pull request https://github-redirect.dependabot.com/java-native-access/jna/issues/1491;>#1491 from matthiasblaesing/update_libffi https://github.com/java-native-access/jna/commit/db1b5531b10fed9fb68d6d4d79913660759b22d3;>db1b553 Merge pull request https://github-redirect.dependabot.com/java-native-access/jna/issues/1490;>#1490 from korlibs/feature/direct.mapping.custom.symbol.pr... Additional commits viewable in
[GitHub] [commons-text] dependabot[bot] opened a new pull request, #410: Bump assertj-core from 3.24.1 to 3.24.2
dependabot[bot] opened a new pull request, #410: URL: https://github.com/apache/commons-text/pull/410 Bumps assertj-core from 3.24.1 to 3.24.2. [![Dependabot compatibility score](https://dependabot-badges.githubapp.com/badges/compatibility_score?dependency-name=org.assertj:assertj-core=maven=3.24.1=3.24.2)](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores) Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting `@dependabot rebase`. [//]: # (dependabot-automerge-start) [//]: # (dependabot-automerge-end) --- Dependabot commands and options You can trigger Dependabot actions by commenting on this PR: - `@dependabot rebase` will rebase this PR - `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it - `@dependabot merge` will merge this PR after your CI passes on it - `@dependabot squash and merge` will squash and merge this PR after your CI passes on it - `@dependabot cancel merge` will cancel a previously requested merge and block automerging - `@dependabot reopen` will reopen this PR if it is closed - `@dependabot close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually - `@dependabot ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself) -- This is an automated message from the Apache Git Service. To respond to the message, please log on to GitHub and use the URL above to go to the specific comment. To unsubscribe, e-mail: issues-unsubscr...@commons.apache.org For queries about this service, please contact Infrastructure at: us...@infra.apache.org
[GitHub] [commons-rdf] dependabot[bot] opened a new pull request, #117: Bump doxia-module-markdown from 1.7 to 1.12.0
dependabot[bot] opened a new pull request, #117: URL: https://github.com/apache/commons-rdf/pull/117 Bumps doxia-module-markdown from 1.7 to 1.12.0. [![Dependabot compatibility score](https://dependabot-badges.githubapp.com/badges/compatibility_score?dependency-name=org.apache.maven.doxia:doxia-module-markdown=maven=1.7=1.12.0)](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores) Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting `@dependabot rebase`. [//]: # (dependabot-automerge-start) [//]: # (dependabot-automerge-end) --- Dependabot commands and options You can trigger Dependabot actions by commenting on this PR: - `@dependabot rebase` will rebase this PR - `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it - `@dependabot merge` will merge this PR after your CI passes on it - `@dependabot squash and merge` will squash and merge this PR after your CI passes on it - `@dependabot cancel merge` will cancel a previously requested merge and block automerging - `@dependabot reopen` will reopen this PR if it is closed - `@dependabot close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually - `@dependabot ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself) -- This is an automated message from the Apache Git Service. To respond to the message, please log on to GitHub and use the URL above to go to the specific comment. To unsubscribe, e-mail: issues-unsubscr...@commons.apache.org For queries about this service, please contact Infrastructure at: us...@infra.apache.org
[GitHub] [commons-rdf] dependabot[bot] commented on pull request #83: Bump doxia-module-markdown from 1.7 to 1.11.1
dependabot[bot] commented on PR #83: URL: https://github.com/apache/commons-rdf/pull/83#issuecomment-1398812392 Superseded by #117. -- This is an automated message from the Apache Git Service. To respond to the message, please log on to GitHub and use the URL above to go to the specific comment. To unsubscribe, e-mail: issues-unsubscr...@commons.apache.org For queries about this service, please contact Infrastructure at: us...@infra.apache.org
[GitHub] [commons-rdf] dependabot[bot] closed pull request #83: Bump doxia-module-markdown from 1.7 to 1.11.1
dependabot[bot] closed pull request #83: Bump doxia-module-markdown from 1.7 to 1.11.1 URL: https://github.com/apache/commons-rdf/pull/83 -- This is an automated message from the Apache Git Service. To respond to the message, please log on to GitHub and use the URL above to go to the specific comment. To unsubscribe, e-mail: issues-unsubscr...@commons.apache.org For queries about this service, please contact Infrastructure at: us...@infra.apache.org
[GitHub] [commons-text] codecov-commenter commented on pull request #410: Bump assertj-core from 3.24.1 to 3.24.2
codecov-commenter commented on PR #410: URL: https://github.com/apache/commons-text/pull/410#issuecomment-1398871149 # [Codecov](https://codecov.io/gh/apache/commons-text/pull/410?src=pr=h1_medium=referral_source=github_content=comment_campaign=pr+comments_term=The+Apache+Software+Foundation) Report > Merging [#410](https://codecov.io/gh/apache/commons-text/pull/410?src=pr=desc_medium=referral_source=github_content=comment_campaign=pr+comments_term=The+Apache+Software+Foundation) (d62b8be) into [master](https://codecov.io/gh/apache/commons-text/commit/3711e889b1bdcab7a8001004b6b56676b66c1b6d?el=desc_medium=referral_source=github_content=comment_campaign=pr+comments_term=The+Apache+Software+Foundation) (3711e88) will **not change** coverage. > The diff coverage is `n/a`. ```diff @@Coverage Diff@@ ## master #410 +/- ## = Coverage 97.12% 97.12% Complexity 2329 2329 = Files84 84 Lines 5770 5770 Branches935 935 = Hits 5604 5604 Misses 87 87 Partials 79 79 ``` :mega: We’re building smart automated test selection to slash your CI/CD build times. [Learn more](https://about.codecov.io/iterative-testing/?utm_medium=referral_source=github_content=comment_campaign=pr+comments_term=The+Apache+Software+Foundation) -- This is an automated message from the Apache Git Service. To respond to the message, please log on to GitHub and use the URL above to go to the specific comment. To unsubscribe, e-mail: issues-unsubscr...@commons.apache.org For queries about this service, please contact Infrastructure at: us...@infra.apache.org
[GitHub] [commons-bcel] garydgregory merged pull request #203: Bump jna.version from 5.12.1 to 5.13.0
garydgregory merged PR #203: URL: https://github.com/apache/commons-bcel/pull/203 -- This is an automated message from the Apache Git Service. To respond to the message, please log on to GitHub and use the URL above to go to the specific comment. To unsubscribe, e-mail: issues-unsubscr...@commons.apache.org For queries about this service, please contact Infrastructure at: us...@infra.apache.org
[GitHub] [commons-bcel] codecov-commenter commented on pull request #203: Bump jna.version from 5.12.1 to 5.13.0
codecov-commenter commented on PR #203: URL: https://github.com/apache/commons-bcel/pull/203#issuecomment-1398814549 # [Codecov](https://codecov.io/gh/apache/commons-bcel/pull/203?src=pr=h1_medium=referral_source=github_content=comment_campaign=pr+comments_term=The+Apache+Software+Foundation) Report > Merging [#203](https://codecov.io/gh/apache/commons-bcel/pull/203?src=pr=desc_medium=referral_source=github_content=comment_campaign=pr+comments_term=The+Apache+Software+Foundation) (81d4dc7) into [master](https://codecov.io/gh/apache/commons-bcel/commit/238cc49cf5c95a9a35f69d63113782076b1ce8ae?el=desc_medium=referral_source=github_content=comment_campaign=pr+comments_term=The+Apache+Software+Foundation) (238cc49) will **decrease** coverage by `0.81%`. > The diff coverage is `n/a`. ```diff @@ Coverage Diff @@ ## master #203 +/- ## - Coverage 62.44% 61.63% -0.81% + Complexity 3719 3681 -38 Files 363 363 Lines 1563415631 -3 Branches 1951 1944 -7 - Hits 9762 9634 -128 - Misses 4985 5111 +126 + Partials887 886 -1 ``` | [Impacted Files](https://codecov.io/gh/apache/commons-bcel/pull/203?src=pr=tree_medium=referral_source=github_content=comment_campaign=pr+comments_term=The+Apache+Software+Foundation) | Coverage Δ | | |---|---|---| | [...java/org/apache/bcel/util/ModularRuntimeImage.java](https://codecov.io/gh/apache/commons-bcel/pull/203?src=pr=tree_medium=referral_source=github_content=comment_campaign=pr+comments_term=The+Apache+Software+Foundation#diff-c3JjL21haW4vamF2YS9vcmcvYXBhY2hlL2JjZWwvdXRpbC9Nb2R1bGFyUnVudGltZUltYWdlLmphdmE=) | `7.14% <0.00%> (-78.58%)` | :arrow_down: | | [.../main/java/org/apache/bcel/classfile/NestHost.java](https://codecov.io/gh/apache/commons-bcel/pull/203?src=pr=tree_medium=referral_source=github_content=comment_campaign=pr+comments_term=The+Apache+Software+Foundation#diff-c3JjL21haW4vamF2YS9vcmcvYXBhY2hlL2JjZWwvY2xhc3NmaWxlL05lc3RIb3N0LmphdmE=) | `0.00% <0.00%> (-54.17%)` | :arrow_down: | | [...in/java/org/apache/bcel/classfile/NestMembers.java](https://codecov.io/gh/apache/commons-bcel/pull/203?src=pr=tree_medium=referral_source=github_content=comment_campaign=pr+comments_term=The+Apache+Software+Foundation#diff-c3JjL21haW4vamF2YS9vcmcvYXBhY2hlL2JjZWwvY2xhc3NmaWxlL05lc3RNZW1iZXJzLmphdmE=) | `0.00% <0.00%> (-48.72%)` | :arrow_down: | | [.../bcel/verifier/exc/AssertionViolatedException.java](https://codecov.io/gh/apache/commons-bcel/pull/203?src=pr=tree_medium=referral_source=github_content=comment_campaign=pr+comments_term=The+Apache+Software+Foundation#diff-c3JjL21haW4vamF2YS9vcmcvYXBhY2hlL2JjZWwvdmVyaWZpZXIvZXhjL0Fzc2VydGlvblZpb2xhdGVkRXhjZXB0aW9uLmphdmE=) | `0.00% <0.00%> (-35.00%)` | :arrow_down: | | [src/main/java/org/apache/bcel/util/ClassPath.java](https://codecov.io/gh/apache/commons-bcel/pull/203?src=pr=tree_medium=referral_source=github_content=comment_campaign=pr+comments_term=The+Apache+Software+Foundation#diff-c3JjL21haW4vamF2YS9vcmcvYXBhY2hlL2JjZWwvdXRpbC9DbGFzc1BhdGguamF2YQ==) | `42.40% <0.00%> (-11.79%)` | :arrow_down: | | [...c/main/java/org/apache/bcel/classfile/Unknown.java](https://codecov.io/gh/apache/commons-bcel/pull/203?src=pr=tree_medium=referral_source=github_content=comment_campaign=pr+comments_term=The+Apache+Software+Foundation#diff-c3JjL21haW4vamF2YS9vcmcvYXBhY2hlL2JjZWwvY2xhc3NmaWxlL1Vua25vd24uamF2YQ==) | `42.85% <0.00%> (-5.72%)` | :arrow_down: | | [...he/bcel/verifier/statics/StringRepresentation.java](https://codecov.io/gh/apache/commons-bcel/pull/203?src=pr=tree_medium=referral_source=github_content=comment_campaign=pr+comments_term=The+Apache+Software+Foundation#diff-c3JjL21haW4vamF2YS9vcmcvYXBhY2hlL2JjZWwvdmVyaWZpZXIvc3RhdGljcy9TdHJpbmdSZXByZXNlbnRhdGlvbi5qYXZh) | `34.54% <0.00%> (-5.46%)` | :arrow_down: | | [.../org/apache/bcel/classfile/LocalVariableTable.java](https://codecov.io/gh/apache/commons-bcel/pull/203?src=pr=tree_medium=referral_source=github_content=comment_campaign=pr+comments_term=The+Apache+Software+Foundation#diff-c3JjL21haW4vamF2YS9vcmcvYXBhY2hlL2JjZWwvY2xhc3NmaWxlL0xvY2FsVmFyaWFibGVUYWJsZS5qYXZh) | `63.04% <0.00%> (-4.35%)` | :arrow_down: | | [...ache/bcel/verifier/structurals/Pass3bVerifier.java](https://codecov.io/gh/apache/commons-bcel/pull/203?src=pr=tree_medium=referral_source=github_content=comment_campaign=pr+comments_term=The+Apache+Software+Foundation#diff-c3JjL21haW4vamF2YS9vcmcvYXBhY2hlL2JjZWwvdmVyaWZpZXIvc3RydWN0dXJhbHMvUGFzczNiVmVyaWZpZXIuamF2YQ==) | `64.74% <0.00%> (-3.60%)` | :arrow_down: | |
[GitHub] [commons-configuration] dependabot[bot] opened a new pull request, #268: Bump mockito-core from 4.11.0 to 5.0.0
dependabot[bot] opened a new pull request, #268: URL: https://github.com/apache/commons-configuration/pull/268 Bumps [mockito-core](https://github.com/mockito/mockito) from 4.11.0 to 5.0.0. Release notes Sourced from https://github.com/mockito/mockito/releases;>mockito-core's releases. v5.0.0 Mockito 5: prepare for future JDK versions For a while now, we have seen an increase in problems/incompatibilities with recent versions of the JDK due to our usage of JVM-internal API. Most notably, JDK 17 made some changes which are incompatible with the current subclass mockmaker. Therefore, to prepare for the future of JDK, we are making some core changes to ensure Mockito keeps on working. Switch the default mockmaker to mockito-inline Back in Mockito 2.7.6, we published a new mockmaker based on the inline bytecode principle. This mockmaker creates mocks manipulating bytecode equivalent within the original class such that its method implementations hook into the normal Mockito machinery. As a comparison, the subclass mockmaker generates real subclasses for mocks, to mimic the same behavior. While the approaches are similar, the inline mockmaker avoids certain restrictions that the JDK imposes. For example, it does not violate module boundaries (introduced in JDK 9, but more heavily used in JDK 17) and avoids the leaking of the creation of the subclass. Massive thanks to community member https://github.com/reta;>@reta who implemented this change. Note: this does not affect mockito-android nor testing on Android. When should I still be using the subclass mockmaker? There are legitimate remaining use cases for the subclass mockmaker. For example, on the Graal VM's native image, the inline mockmaker will not work and the subclass mockmaker is the appropriate choice. Additionally, if you would like to avoid mocking final classes, using the subclass mockmaker is a possibibility. Note however that if you solely want to use the subclass mockmaker to avoid mocking final, you will run into the above mentioned issues on JDK 17+. We want to leave this choice up to our users, which is why we will keep on supporting the subclass mockmaker. If you want to use the subclass mockmaker instead, you can use the new mockito-subclass artifact (published https://search.maven.org/artifact/org.mockito/mockito-subclass;>on Maven Central along with all our other artifacts). Update the minimum supported Java version to 11 Mockito 4 supports Java 8 and above. Similar to other open source projects, we are moving away from JDK 8 and to newer versions. The primary reason for moving away from JDK 8 is the increasing maintenance costs with keeping our own infrastructure working. Lately we have been running into more and more JDK 8 breakages. Additionally, while we want to support the newest JDK API's, our current solution to support both JDK 8 and newer versions causes https://github-redirect.dependabot.com/mockito/mockito/issues/2798;>issues with the SecurityManager. Since we want Mockito to work on the newest version and more and more businesses adopting JDK 11, we have decided to make the switch as well. Massive thanks to community member https://github.com/reta;>@reta who implemented this change. What should I do if I still run JDK 8? For JDK 8 and below, you can keep on using Mockito 4. This is similar to if you are using JDK 6, for which you can keep on using Mockito 2. The changes in Mockito 5 (for now) are primarily focused on the latest JDK versions, which means the API differences between Mockito 4 and 5 are minimal. However, over time this will most likely widen, so we do recommend adopting JDK 11 in the future. New type() method on ArgumentMatcher One of our most used public API's for customizing Mockito is the https://javadoc.io/doc/org.mockito/mockito-core/latest/org/mockito/ArgumentMatcher.html;>ArgumentMatcher interface. ... (truncated) Commits https://github.com/mockito/mockito/commit/adf528d173f8b763fcd4fedab245ed485b465211;>adf528d Bump versions.bytebuddy from 1.12.21 to 1.12.22 (https://github-redirect.dependabot.com/mockito/mockito/issues/2864;>#2864) https://github.com/mockito/mockito/commit/2418419a1915bd234332eac2b4d5de85622d4699;>2418419 Bump versions.junitJupiter from 5.9.1 to 5.9.2 (https://github-redirect.dependabot.com/mockito/mockito/issues/2858;>#2858) https://github.com/mockito/mockito/commit/3d40cd51d3982e33f7c2a2670c65d28233ceb66e;>3d40cd5 Bump junit-platform-launcher from 1.9.1 to 1.9.2 (https://github-redirect.dependabot.com/mockito/mockito/issues/2859;>#2859) https://github.com/mockito/mockito/commit/9bec8e3a1a0f57e4baa9b64825d67641e9eb2d5e;>9bec8e3 Bump versions.errorprone from 2.17.0 to 2.18.0 (https://github-redirect.dependabot.com/mockito/mockito/issues/2857;>#2857)
[GitHub] [commons-csv] DamjanJovanovic commented on a diff in pull request #295: Add support for trailing text after the closing quote, and EOF without a final closing quote, for Excel compatibility
DamjanJovanovic commented on code in PR #295: URL: https://github.com/apache/commons-csv/pull/295#discussion_r1082679746 ## src/main/java/org/apache/commons/csv/CSVFormat.java: ## @@ -846,6 +881,8 @@ public CSVFormat getFormat() { public static final CSVFormat EXCEL = DEFAULT.builder() Review Comment: Maybe, but all spreadsheets are "lenient". -- This is an automated message from the Apache Git Service. To respond to the message, please log on to GitHub and use the URL above to go to the specific comment. To unsubscribe, e-mail: issues-unsubscr...@commons.apache.org For queries about this service, please contact Infrastructure at: us...@infra.apache.org
[jira] [Closed] (DBCP-570) Oracle transaction issue
[ https://issues.apache.org/jira/browse/DBCP-570?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ] Gary D. Gregory closed DBCP-570. Resolution: Information Provided > Oracle transaction issue > > > Key: DBCP-570 > URL: https://issues.apache.org/jira/browse/DBCP-570 > Project: Commons DBCP > Issue Type: Bug >Affects Versions: 2.8.0 >Reporter: Aaron Ogburn >Priority: Major > Attachments: test.zip > > > A failure can be seen when using two connections from different DBCP pools to > access Oracle in a single transaction. The pools must access the same > database server/SID but the users must be different. In such cases, Oracle > has issues that result in a failure at the point of connection enlistment: > {code:java} > ... WARN [main] sun.reflect.NativeMethodAccessorImpl.invoke0 ARJUNA016089: > TransactionImple.enlistResource - xa_start - caught: XAException.XAER_RMERR > for < formatId=131077, gtrid_length=29, bqual_length=36, > tx_uid=0:0a000264:a0d3:5fdbca1d:a, node_name=1, > branch_uid=0:0a000264:a0d3:5fdbca1d:c, subordinatenodename=null, > eis_name=0 > > oracle.jdbc.xa.OracleXAException: XAErr (-3): A resource manager error has > occured in the transaction branch. ORA-24774 SQLErr (0) > at oracle.jdbc.xa.OracleXAResource.checkError(OracleXAResource.java:1092) > at oracle.jdbc.xa.client.OracleXAResource.start(OracleXAResource.java:272) > at > com.arjuna.ats.internal.jta.transaction.arjunacore.TransactionImple.enlistResource(TransactionImple.java:741) > at > com.arjuna.ats.internal.jta.transaction.arjunacore.TransactionImple.enlistResource(TransactionImple.java:423) > at > org.apache.tomcat.dbcp.dbcp2.managed.TransactionContext.setSharedConnection(TransactionContext.java:109) > at > org.apache.tomcat.dbcp.dbcp2.managed.ManagedConnection.updateTransactionStatus(ManagedConnection.java:157) > at > org.apache.tomcat.dbcp.dbcp2.managed.ManagedConnection.(ManagedConnection.java:75) > at > org.apache.tomcat.dbcp.dbcp2.managed.ManagedDataSource.getConnection(ManagedDataSource.java:80) > at > org.apache.tomcat.dbcp.dbcp2.BasicDataSource.getConnection(BasicDataSource.java:1563) > at > support.jboss.web.TransactionTest.executeSQL(TransactionTest.java:84){code} > We also verified that the explanation/presumed cause is correct by using a > Byteman based workaround (which is probably *too* aggressive for some cases > but does work around the problem scenario) that simulates what is done by > IronJacamar and what is suggested/discussed in [1] - i.e. force the > OracleXAResource "true" return for isSameRM to be "false" (instead) via a > proxy for the OracleXAResource implementation. > {code:java} > RULE oracle.jdbc.xa.OracleXAResource.isSameRM.FALSE > CLASS oracle.jdbc.xa.OracleXAResource > METHOD isSameRM > AT ENTRY > IF true > DO System.err.println("[BMAN] Overriding Oracle isSameRM ..."); > return false; > ENDRULE{code} > Is it possible for DBCP to better handle this Oracle specific scenario? > [1] > [http://www.tomee-openejb.979440.n4.nabble.com/Oracle-XA-with-different-credentials-fails-td4680456.html] > [2] > [https://community.oracle.com/tech/developers/discussion/1058320/ora-24774-why-does-xa-start-fails-for-2-txn-branches-on-same-instance] -- This message was sent by Atlassian Jira (v8.20.10#820010)
[jira] [Comment Edited] (DBCP-590) BasicDataSource#setAbandonedUsageTracking has no effect
[ https://issues.apache.org/jira/browse/DBCP-590?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel=17679153#comment-17679153 ] Gary D. Gregory edited comment on DBCP-590 at 1/20/23 1:55 PM: --- [~psteitz] Would reimplementing the BasicDataSource method as below make sense (all tests pass), or, is there an implementation that would be cleaner that you can think of? {code:java} protected DataSource createDataSourceInstance() throws SQLException { if (!getAbandonedUsageTracking()) { final PoolingDataSource pds = new PoolingDataSource<>(connectionPool); pds.setAccessToUnderlyingConnectionAllowed(isAccessToUnderlyingConnectionAllowed()); return pds; } // Workaround for https://issues.apache.org/jira/browse/DBCP-590 final GenericObjectPool connectionPool = getConnectionPool(); final JdkProxySource jdkProxySource = new JdkProxySource<>(getClass().getClassLoader(), new Class[] { Connection.class }); final ProxiedObjectPool proxiedConnectionPool = new ProxiedObjectPool<>(connectionPool, jdkProxySource); final PoolingDataSource poolingDataSource = new PoolingDataSource<>(proxiedConnectionPool); poolingDataSource.setAccessToUnderlyingConnectionAllowed(isAccessToUnderlyingConnectionAllowed()); return poolingDataSource; } {code} was (Author: garydgregory): [~psteitz] Would reimplementing the method as below make sense (all tests pass), or, is there an implementation that would be cleaner that you can think of? {code:java} protected DataSource createDataSourceInstance() throws SQLException { if (!getAbandonedUsageTracking()) { final PoolingDataSource pds = new PoolingDataSource<>(connectionPool); pds.setAccessToUnderlyingConnectionAllowed(isAccessToUnderlyingConnectionAllowed()); return pds; } // Workaround for https://issues.apache.org/jira/browse/DBCP-590 final GenericObjectPool connectionPool = getConnectionPool(); final JdkProxySource jdkProxySource = new JdkProxySource<>(getClass().getClassLoader(), new Class[] { Connection.class }); final ProxiedObjectPool proxiedConnectionPool = new ProxiedObjectPool<>(connectionPool, jdkProxySource); final PoolingDataSource poolingDataSource = new PoolingDataSource<>(proxiedConnectionPool); poolingDataSource.setAccessToUnderlyingConnectionAllowed(isAccessToUnderlyingConnectionAllowed()); return poolingDataSource; } {code} > BasicDataSource#setAbandonedUsageTracking has no effect > --- > > Key: DBCP-590 > URL: https://issues.apache.org/jira/browse/DBCP-590 > Project: Commons DBCP > Issue Type: Bug >Affects Versions: 2.9.0 >Reporter: Réda Housni Alaoui >Priority: Major > > Passing {{true}} to {{BasicDataSource#setAbandonedUsageTracking(boolean > usageTracking)}} has no effect because {{UsageTracking#use}} is never called. > From what I found, {{usageTracking}} can only work if the object pool is of > type {{ProxiedObjectPool}} . Alas, BasicDataSource enforces > {{GenericObjectPool}} concrete type preventing us from overriding > {{BasicDataSource#createObjectPool}} to return a {{ProxiedObjectPool}} . > Is there something I missed or a workaround? -- This message was sent by Atlassian Jira (v8.20.10#820010)
[jira] [Comment Edited] (DBCP-590) BasicDataSource#setAbandonedUsageTracking has no effect
[ https://issues.apache.org/jira/browse/DBCP-590?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel=17679153#comment-17679153 ] Gary D. Gregory edited comment on DBCP-590 at 1/20/23 1:54 PM: --- [~psteitz] Would reimplementing the method as below make sense (all tests pass), or, is there an implementation that would be cleaner that you can think of? {code:java} protected DataSource createDataSourceInstance() throws SQLException { if (!getAbandonedUsageTracking()) { final PoolingDataSource pds = new PoolingDataSource<>(connectionPool); pds.setAccessToUnderlyingConnectionAllowed(isAccessToUnderlyingConnectionAllowed()); return pds; } // Workaround for https://issues.apache.org/jira/browse/DBCP-590 final GenericObjectPool connectionPool = getConnectionPool(); final JdkProxySource jdkProxySource = new JdkProxySource<>(getClass().getClassLoader(), new Class[] { Connection.class }); final ProxiedObjectPool proxiedConnectionPool = new ProxiedObjectPool<>(connectionPool, jdkProxySource); final PoolingDataSource poolingDataSource = new PoolingDataSource<>(proxiedConnectionPool); poolingDataSource.setAccessToUnderlyingConnectionAllowed(isAccessToUnderlyingConnectionAllowed()); return poolingDataSource; } {code} was (Author: garydgregory): Would reimplementing the method as below make sense (all tests pass), or, is there an implementation that would be cleaner that you can think of? {code:java} protected DataSource createDataSourceInstance() throws SQLException { if (!getAbandonedUsageTracking()) { final PoolingDataSource pds = new PoolingDataSource<>(connectionPool); pds.setAccessToUnderlyingConnectionAllowed(isAccessToUnderlyingConnectionAllowed()); return pds; } // Workaround for https://issues.apache.org/jira/browse/DBCP-590 final GenericObjectPool connectionPool = getConnectionPool(); final JdkProxySource jdkProxySource = new JdkProxySource<>(getClass().getClassLoader(), new Class[] { Connection.class }); final ProxiedObjectPool proxiedConnectionPool = new ProxiedObjectPool<>(connectionPool, jdkProxySource); final PoolingDataSource poolingDataSource = new PoolingDataSource<>(proxiedConnectionPool); poolingDataSource.setAccessToUnderlyingConnectionAllowed(isAccessToUnderlyingConnectionAllowed()); return poolingDataSource; } {code} > BasicDataSource#setAbandonedUsageTracking has no effect > --- > > Key: DBCP-590 > URL: https://issues.apache.org/jira/browse/DBCP-590 > Project: Commons DBCP > Issue Type: Bug >Affects Versions: 2.9.0 >Reporter: Réda Housni Alaoui >Priority: Major > > Passing {{true}} to {{BasicDataSource#setAbandonedUsageTracking(boolean > usageTracking)}} has no effect because {{UsageTracking#use}} is never called. > From what I found, {{usageTracking}} can only work if the object pool is of > type {{ProxiedObjectPool}} . Alas, BasicDataSource enforces > {{GenericObjectPool}} concrete type preventing us from overriding > {{BasicDataSource#createObjectPool}} to return a {{ProxiedObjectPool}} . > Is there something I missed or a workaround? -- This message was sent by Atlassian Jira (v8.20.10#820010)
[jira] [Commented] (DBCP-590) BasicDataSource#setAbandonedUsageTracking has no effect
[ https://issues.apache.org/jira/browse/DBCP-590?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel=17679153#comment-17679153 ] Gary D. Gregory commented on DBCP-590: -- Would reimplementing the method as below make sense (all tests pass), or, is there an implementation that would be cleaner that you can think of? {code:java} protected DataSource createDataSourceInstance() throws SQLException { if (!getAbandonedUsageTracking()) { final PoolingDataSource pds = new PoolingDataSource<>(connectionPool); pds.setAccessToUnderlyingConnectionAllowed(isAccessToUnderlyingConnectionAllowed()); return pds; } // Workaround for https://issues.apache.org/jira/browse/DBCP-590 final GenericObjectPool connectionPool = getConnectionPool(); final JdkProxySource jdkProxySource = new JdkProxySource<>(getClass().getClassLoader(), new Class[] { Connection.class }); final ProxiedObjectPool proxiedConnectionPool = new ProxiedObjectPool<>(connectionPool, jdkProxySource); final PoolingDataSource poolingDataSource = new PoolingDataSource<>(proxiedConnectionPool); poolingDataSource.setAccessToUnderlyingConnectionAllowed(isAccessToUnderlyingConnectionAllowed()); return poolingDataSource; } {code} > BasicDataSource#setAbandonedUsageTracking has no effect > --- > > Key: DBCP-590 > URL: https://issues.apache.org/jira/browse/DBCP-590 > Project: Commons DBCP > Issue Type: Bug >Affects Versions: 2.9.0 >Reporter: Réda Housni Alaoui >Priority: Major > > Passing {{true}} to {{BasicDataSource#setAbandonedUsageTracking(boolean > usageTracking)}} has no effect because {{UsageTracking#use}} is never called. > From what I found, {{usageTracking}} can only work if the object pool is of > type {{ProxiedObjectPool}} . Alas, BasicDataSource enforces > {{GenericObjectPool}} concrete type preventing us from overriding > {{BasicDataSource#createObjectPool}} to return a {{ProxiedObjectPool}} . > Is there something I missed or a workaround? -- This message was sent by Atlassian Jira (v8.20.10#820010)
[jira] [Resolved] (DBCP-572) timed out connections remain active in the pool
[ https://issues.apache.org/jira/browse/DBCP-572?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ] Gary D. Gregory resolved DBCP-572. -- Resolution: Information Provided > timed out connections remain active in the pool > --- > > Key: DBCP-572 > URL: https://issues.apache.org/jira/browse/DBCP-572 > Project: Commons DBCP > Issue Type: Bug >Affects Versions: 2.8.0 >Reporter: Erol Guven >Priority: Major > > when the database does not respond within a time-out period, the connection > pool seems to still keep the connection in its pool and consider it active. > These active connections are never closed and seems to be kept in the pool > forever. > To reproduce: > * create a BasicDataSource > * suspend the database process using {{kill -STOP}} signal > * get a connection from multiple threads simultaneously which will timeout > * inspect org.apache.commons.pool2.impl.GenericObjectPool.getNumActive() > The active count is equivalent to the number of timed out connections. > The active count never goes down. -- This message was sent by Atlassian Jira (v8.20.10#820010)
[GitHub] [commons-csv] garydgregory commented on a diff in pull request #295: Add support for trailing text after the closing quote, and EOF without a final closing quote, for Excel compatibility
garydgregory commented on code in PR #295: URL: https://github.com/apache/commons-csv/pull/295#discussion_r1082447049 ## src/main/java/org/apache/commons/csv/CSVFormat.java: ## @@ -846,6 +881,8 @@ public CSVFormat getFormat() { public static final CSVFormat EXCEL = DEFAULT.builder() Review Comment: Hello? Anyone? -- This is an automated message from the Apache Git Service. To respond to the message, please log on to GitHub and use the URL above to go to the specific comment. To unsubscribe, e-mail: issues-unsubscr...@commons.apache.org For queries about this service, please contact Infrastructure at: us...@infra.apache.org
[jira] [Commented] (COMPRESS-638) The GzipCompressorOutputStream#writeHeader method uses the ISO_8859_1 to write the file name. If the file name contains non-ISO_8859_1 characters, some unknown chara
[ https://issues.apache.org/jira/browse/COMPRESS-638?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel=17679127#comment-17679127 ] Gary D. Gregory commented on COMPRESS-638: -- No further comments? I might implement _something_ , or not, unless someone pipes up, such that at least we get legal characters instead of junk. > The GzipCompressorOutputStream#writeHeader method uses the ISO_8859_1 to > write the file name. If the file name contains non-ISO_8859_1 characters, > some unknown characters are displayed after decompression. > -- > > Key: COMPRESS-638 > URL: https://issues.apache.org/jira/browse/COMPRESS-638 > Project: Commons Compress > Issue Type: Bug >Reporter: Radar wen >Priority: Major > Attachments: 0110.png > > > The GzipCompressorOutputStream#writeHeader method uses the ISO_8859_1 to > write the file name. > If the file name contains non-ISO_8859_1 characters, some unknown characters > are displayed after decompression. !0110.png! > Can change the ISO_8859_1 to UTF-8? > if (filename != null) { > out.write(filename.getBytes(ISO_8859_1)); > out.write(0); > } > > -- This message was sent by Atlassian Jira (v8.20.10#820010)
[GitHub] [commons-csv] dependabot[bot] opened a new pull request, #302: Bump mockito-core from 4.11.0 to 5.0.0
dependabot[bot] opened a new pull request, #302: URL: https://github.com/apache/commons-csv/pull/302 Bumps [mockito-core](https://github.com/mockito/mockito) from 4.11.0 to 5.0.0. Release notes Sourced from https://github.com/mockito/mockito/releases;>mockito-core's releases. v5.0.0 Mockito 5: prepare for future JDK versions For a while now, we have seen an increase in problems/incompatibilities with recent versions of the JDK due to our usage of JVM-internal API. Most notably, JDK 17 made some changes which are incompatible with the current subclass mockmaker. Therefore, to prepare for the future of JDK, we are making some core changes to ensure Mockito keeps on working. Switch the default mockmaker to mockito-inline Back in Mockito 2.7.6, we published a new mockmaker based on the inline bytecode principle. This mockmaker creates mocks manipulating bytecode equivalent within the original class such that its method implementations hook into the normal Mockito machinery. As a comparison, the subclass mockmaker generates real subclasses for mocks, to mimic the same behavior. While the approaches are similar, the inline mockmaker avoids certain restrictions that the JDK imposes. For example, it does not violate module boundaries (introduced in JDK 9, but more heavily used in JDK 17) and avoids the leaking of the creation of the subclass. Massive thanks to community member https://github.com/reta;>@reta who implemented this change. Note: this does not affect mockito-android nor testing on Android. When should I still be using the subclass mockmaker? There are legitimate remaining use cases for the subclass mockmaker. For example, on the Graal VM's native image, the inline mockmaker will not work and the subclass mockmaker is the appropriate choice. Additionally, if you would like to avoid mocking final classes, using the subclass mockmaker is a possibibility. Note however that if you solely want to use the subclass mockmaker to avoid mocking final, you will run into the above mentioned issues on JDK 17+. We want to leave this choice up to our users, which is why we will keep on supporting the subclass mockmaker. If you want to use the subclass mockmaker instead, you can use the new mockito-subclass artifact (published https://search.maven.org/artifact/org.mockito/mockito-subclass;>on Maven Central along with all our other artifacts). Update the minimum supported Java version to 11 Mockito 4 supports Java 8 and above. Similar to other open source projects, we are moving away from JDK 8 and to newer versions. The primary reason for moving away from JDK 8 is the increasing maintenance costs with keeping our own infrastructure working. Lately we have been running into more and more JDK 8 breakages. Additionally, while we want to support the newest JDK API's, our current solution to support both JDK 8 and newer versions causes https://github-redirect.dependabot.com/mockito/mockito/issues/2798;>issues with the SecurityManager. Since we want Mockito to work on the newest version and more and more businesses adopting JDK 11, we have decided to make the switch as well. Massive thanks to community member https://github.com/reta;>@reta who implemented this change. What should I do if I still run JDK 8? For JDK 8 and below, you can keep on using Mockito 4. This is similar to if you are using JDK 6, for which you can keep on using Mockito 2. The changes in Mockito 5 (for now) are primarily focused on the latest JDK versions, which means the API differences between Mockito 4 and 5 are minimal. However, over time this will most likely widen, so we do recommend adopting JDK 11 in the future. New type() method on ArgumentMatcher One of our most used public API's for customizing Mockito is the https://javadoc.io/doc/org.mockito/mockito-core/latest/org/mockito/ArgumentMatcher.html;>ArgumentMatcher interface. ... (truncated) Commits https://github.com/mockito/mockito/commit/adf528d173f8b763fcd4fedab245ed485b465211;>adf528d Bump versions.bytebuddy from 1.12.21 to 1.12.22 (https://github-redirect.dependabot.com/mockito/mockito/issues/2864;>#2864) https://github.com/mockito/mockito/commit/2418419a1915bd234332eac2b4d5de85622d4699;>2418419 Bump versions.junitJupiter from 5.9.1 to 5.9.2 (https://github-redirect.dependabot.com/mockito/mockito/issues/2858;>#2858) https://github.com/mockito/mockito/commit/3d40cd51d3982e33f7c2a2670c65d28233ceb66e;>3d40cd5 Bump junit-platform-launcher from 1.9.1 to 1.9.2 (https://github-redirect.dependabot.com/mockito/mockito/issues/2859;>#2859) https://github.com/mockito/mockito/commit/9bec8e3a1a0f57e4baa9b64825d67641e9eb2d5e;>9bec8e3 Bump versions.errorprone from 2.17.0 to 2.18.0 (https://github-redirect.dependabot.com/mockito/mockito/issues/2857;>#2857)
[GitHub] [commons-build-plugin] garydgregory merged pull request #126: Bump maven-plugin-tools-ant from 3.7.0 to 3.7.1
garydgregory merged PR #126: URL: https://github.com/apache/commons-build-plugin/pull/126 -- This is an automated message from the Apache Git Service. To respond to the message, please log on to GitHub and use the URL above to go to the specific comment. To unsubscribe, e-mail: issues-unsubscr...@commons.apache.org For queries about this service, please contact Infrastructure at: us...@infra.apache.org
[GitHub] [commons-build-plugin] garydgregory merged pull request #127: Bump maven-plugin-plugin from 3.7.0 to 3.7.1
garydgregory merged PR #127: URL: https://github.com/apache/commons-build-plugin/pull/127 -- This is an automated message from the Apache Git Service. To respond to the message, please log on to GitHub and use the URL above to go to the specific comment. To unsubscribe, e-mail: issues-unsubscr...@commons.apache.org For queries about this service, please contact Infrastructure at: us...@infra.apache.org
[GitHub] [commons-build-plugin] garydgregory merged pull request #125: Bump github/codeql-action from 2.1.38 to 2.1.39
garydgregory merged PR #125: URL: https://github.com/apache/commons-build-plugin/pull/125 -- This is an automated message from the Apache Git Service. To respond to the message, please log on to GitHub and use the URL above to go to the specific comment. To unsubscribe, e-mail: issues-unsubscr...@commons.apache.org For queries about this service, please contact Infrastructure at: us...@infra.apache.org
[GitHub] [commons-skin] garydgregory merged pull request #37: Bump github/codeql-action from 2.1.38 to 2.1.39
garydgregory merged PR #37: URL: https://github.com/apache/commons-skin/pull/37 -- This is an automated message from the Apache Git Service. To respond to the message, please log on to GitHub and use the URL above to go to the specific comment. To unsubscribe, e-mail: issues-unsubscr...@commons.apache.org For queries about this service, please contact Infrastructure at: us...@infra.apache.org
[GitHub] [commons-parent] garydgregory merged pull request #208: Bump github/codeql-action from 2.1.38 to 2.1.39
garydgregory merged PR #208: URL: https://github.com/apache/commons-parent/pull/208 -- This is an automated message from the Apache Git Service. To respond to the message, please log on to GitHub and use the URL above to go to the specific comment. To unsubscribe, e-mail: issues-unsubscr...@commons.apache.org For queries about this service, please contact Infrastructure at: us...@infra.apache.org
[GitHub] [commons-parent] dependabot[bot] opened a new pull request, #208: Bump github/codeql-action from 2.1.38 to 2.1.39
dependabot[bot] opened a new pull request, #208: URL: https://github.com/apache/commons-parent/pull/208 Bumps [github/codeql-action](https://github.com/github/codeql-action) from 2.1.38 to 2.1.39. Changelog Sourced from https://github.com/github/codeql-action/blob/main/CHANGELOG.md;>github/codeql-action's changelog. CodeQL Action Changelog [UNRELEASED] Improve stability when choosing the default version of CodeQL to use in code scanning workflow runs on Actions on GitHub.com https://github-redirect.dependabot.com/github/codeql-action/pull/1475;>#1475. This change addresses customer reports of code scanning alerts on GitHub.com being closed and reopened during the rollout of new versions of CodeQL in the GitHub Actions https://github.com/actions/runner-images;>runner images. No change is required for the majority of workflows, including: Workflows on GitHub.com hosted runners using the latest version (v2) of the CodeQL Action. Workflows on GitHub.com hosted runners that are pinned to specific versions of the CodeQL Action from v2.2.0 onwards. Workflows on GitHub Enterprise Server. A change may be required for workflows on GitHub.com hosted runners that are pinned to specific versions of the CodeQL Action before v2.2.0 (e.g. v2.1.32): Previously, these workflows would obtain the latest version of CodeQL from the Actions runner image. Now, these workflows will download an older, compatible version of CodeQL from GitHub Releases. To use this older version, no change is required. To use the newest version of CodeQL, please update your workflows to reference the latest version of the CodeQL Action (v2). Internal changes These changes will not affect the majority of code scanning workflows. Continue reading only if your workflow uses https://github.com/actions/toolkit/tree/main/packages/tool-cache;>@actions/tool-cache or relies on the precise location of CodeQL within the Actions tool cache. The tool cache now contains two recent CodeQL versions (previously one). Each CodeQL version is located under a directory named after the release date and version number, e.g. CodeQL 2.11.6 is now located under CodeQL/2.11.6-20221211/x64/codeql (previously CodeQL/0.0.0-20221211/x64/codeql). 2.1.39 - 18 Jan 2023 CodeQL Action v1 is now deprecated, and is no longer updated or supported. For better performance, improved security, and new features, upgrade to v2. For more information, see https://github.blog/changelog/2023-01-18-code-scanning-codeql-action-v1-is-now-deprecated/;>this changelog post. https://github-redirect.dependabot.com/github/codeql-action/pull/1466;>#1467 Python automatic dependency installation will no longer fail for projects using Poetry that specify virtualenvs.options.no-pip = true in their poetry.toml. https://github-redirect.dependabot.com/github/codeql-action/pull/1431;>#1431 Avoid printing a stack trace and error message when the action fails to find the SHA at the current directory. This will happen in several non-error states and so we now avoid cluttering the log with this message. https://github-redirect.dependabot.com/github/codeql-action/pull/1485;>#1485 2.1.38 - 12 Jan 2023 Update default CodeQL bundle version to 2.12.0. https://github-redirect.dependabot.com/github/codeql-action/pull/1466;>#1466 2.1.37 - 14 Dec 2022 Update default CodeQL bundle version to 2.11.6. https://github-redirect.dependabot.com/github/codeql-action/pull/1433;>#1433 2.1.36 - 08 Dec 2022 Update default CodeQL bundle version to 2.11.5. https://github-redirect.dependabot.com/github/codeql-action/pull/1412;>#1412 Add a step that tries to upload a SARIF file for the workflow run when that workflow run fails. This will help better surface failed code scanning workflow runs. https://github-redirect.dependabot.com/github/codeql-action/pull/1393;>#1393 Python automatic dependency installation will no longer consider dependency code installed in venv as user-written, for projects using Poetry that specify virtualenvs.in-project = true in their poetry.toml. https://github-redirect.dependabot.com/github/codeql-action/pull/1419;>#1419 2.1.35 - 01 Dec 2022 No user facing changes. 2.1.34 - 25 Nov 2022 Update default CodeQL bundle version to 2.11.4. https://github-redirect.dependabot.com/github/codeql-action/pull/1391;>#1391 Fixed a bug where some the init action and the analyze action would have different sets of experimental feature flags enabled. https://github-redirect.dependabot.com/github/codeql-action/pull/1384;>#1384 2.1.33 - 16 Nov 2022 ... (truncated) Commits https://github.com/github/codeql-action/commit/a34ca99b4610d924e04c68db79e503e1f79f9f02;>a34ca99 Merge pull request
[GitHub] [commons-skin] dependabot[bot] opened a new pull request, #37: Bump github/codeql-action from 2.1.38 to 2.1.39
dependabot[bot] opened a new pull request, #37: URL: https://github.com/apache/commons-skin/pull/37 Bumps [github/codeql-action](https://github.com/github/codeql-action) from 2.1.38 to 2.1.39. Changelog Sourced from https://github.com/github/codeql-action/blob/main/CHANGELOG.md;>github/codeql-action's changelog. CodeQL Action Changelog [UNRELEASED] Improve stability when choosing the default version of CodeQL to use in code scanning workflow runs on Actions on GitHub.com https://github-redirect.dependabot.com/github/codeql-action/pull/1475;>#1475. This change addresses customer reports of code scanning alerts on GitHub.com being closed and reopened during the rollout of new versions of CodeQL in the GitHub Actions https://github.com/actions/runner-images;>runner images. No change is required for the majority of workflows, including: Workflows on GitHub.com hosted runners using the latest version (v2) of the CodeQL Action. Workflows on GitHub.com hosted runners that are pinned to specific versions of the CodeQL Action from v2.2.0 onwards. Workflows on GitHub Enterprise Server. A change may be required for workflows on GitHub.com hosted runners that are pinned to specific versions of the CodeQL Action before v2.2.0 (e.g. v2.1.32): Previously, these workflows would obtain the latest version of CodeQL from the Actions runner image. Now, these workflows will download an older, compatible version of CodeQL from GitHub Releases. To use this older version, no change is required. To use the newest version of CodeQL, please update your workflows to reference the latest version of the CodeQL Action (v2). Internal changes These changes will not affect the majority of code scanning workflows. Continue reading only if your workflow uses https://github.com/actions/toolkit/tree/main/packages/tool-cache;>@actions/tool-cache or relies on the precise location of CodeQL within the Actions tool cache. The tool cache now contains two recent CodeQL versions (previously one). Each CodeQL version is located under a directory named after the release date and version number, e.g. CodeQL 2.11.6 is now located under CodeQL/2.11.6-20221211/x64/codeql (previously CodeQL/0.0.0-20221211/x64/codeql). 2.1.39 - 18 Jan 2023 CodeQL Action v1 is now deprecated, and is no longer updated or supported. For better performance, improved security, and new features, upgrade to v2. For more information, see https://github.blog/changelog/2023-01-18-code-scanning-codeql-action-v1-is-now-deprecated/;>this changelog post. https://github-redirect.dependabot.com/github/codeql-action/pull/1466;>#1467 Python automatic dependency installation will no longer fail for projects using Poetry that specify virtualenvs.options.no-pip = true in their poetry.toml. https://github-redirect.dependabot.com/github/codeql-action/pull/1431;>#1431 Avoid printing a stack trace and error message when the action fails to find the SHA at the current directory. This will happen in several non-error states and so we now avoid cluttering the log with this message. https://github-redirect.dependabot.com/github/codeql-action/pull/1485;>#1485 2.1.38 - 12 Jan 2023 Update default CodeQL bundle version to 2.12.0. https://github-redirect.dependabot.com/github/codeql-action/pull/1466;>#1466 2.1.37 - 14 Dec 2022 Update default CodeQL bundle version to 2.11.6. https://github-redirect.dependabot.com/github/codeql-action/pull/1433;>#1433 2.1.36 - 08 Dec 2022 Update default CodeQL bundle version to 2.11.5. https://github-redirect.dependabot.com/github/codeql-action/pull/1412;>#1412 Add a step that tries to upload a SARIF file for the workflow run when that workflow run fails. This will help better surface failed code scanning workflow runs. https://github-redirect.dependabot.com/github/codeql-action/pull/1393;>#1393 Python automatic dependency installation will no longer consider dependency code installed in venv as user-written, for projects using Poetry that specify virtualenvs.in-project = true in their poetry.toml. https://github-redirect.dependabot.com/github/codeql-action/pull/1419;>#1419 2.1.35 - 01 Dec 2022 No user facing changes. 2.1.34 - 25 Nov 2022 Update default CodeQL bundle version to 2.11.4. https://github-redirect.dependabot.com/github/codeql-action/pull/1391;>#1391 Fixed a bug where some the init action and the analyze action would have different sets of experimental feature flags enabled. https://github-redirect.dependabot.com/github/codeql-action/pull/1384;>#1384 2.1.33 - 16 Nov 2022 ... (truncated) Commits https://github.com/github/codeql-action/commit/a34ca99b4610d924e04c68db79e503e1f79f9f02;>a34ca99 Merge pull request
[jira] [Comment Edited] (FILEUPLOAD-309) Release version 2.0.0
[ https://issues.apache.org/jira/browse/FILEUPLOAD-309?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel=17652022#comment-17652022 ] Andy Seaborne edited comment on FILEUPLOAD-309 at 1/20/23 9:52 AM: --- I tried the servlet 3.1 multipart support. (PS it's now in the Jena codebase.) Our (Jena) usage is * a servlet filter * deployed in any servlet container - normally bundled with Jetty; some users deploy a WAR file version in Tomcat et al. * `multipart/form-data` is just one possible content-type at the URL endpoint. * streaming (errors are handled by being inside a database transaction) Each servlet container needs custom configuration. {{@MultipartConfig}} only applies to servlets, not servlet filters. [https://github.com/jakartaee/servlet/issues/87] Jetty: the code can set request attribute {{__MULTIPART_CONFIG_ELEMENT}} during request processing. Tomcat needs a setting of a context XML attribute {{allowCasualMultipartParsing}}. e.g. set it in {{META-INF/context.xml}}. That does at least avoid users needing to specially change the configuration of their server. was (Author: andy.seaborne): I tried the servlet 3.1 multipart support. (PS it's now in Jena codebase) Our (Jena) usage is * a servlet filter * deployed in any servlet container - normally bundled with Jetty; some users deploy a WAR file version in Tomcat et al. * `multipart/form-data` is just one possible content-type at the URL endpoint. * streaming (errors are handled by being inside a database transaction) Each servlet container needs custom configuration. {{@MultipartConfig}} only applies to servlets, not servlet filters. [https://github.com/jakartaee/servlet/issues/87] Jetty: the code can set request attribute {{__MULTIPART_CONFIG_ELEMENT}} during request processing. Tomcat needs a setting of a context XML attribute {{allowCasualMultipartParsing}}. e.g. set it in {{META-INF/context.xml}}. That does at least avoid users needing to specially change the configuration of their server. > Release version 2.0.0 > - > > Key: FILEUPLOAD-309 > URL: https://issues.apache.org/jira/browse/FILEUPLOAD-309 > Project: Commons FileUpload > Issue Type: Wish >Reporter: Thiago Henrique Hupner >Priority: Major > > At Piranha, we've migrated to use the new Jakarta namespace. > One of our dependencies is the Commons File Upload, but the latest version > available is 1.4. > Looking around at the source code, I've found that the code is already > prepared for the new Jakarta namespace. > So, I want to know if there's a plan to release a new version soon. Or at > least a 2.0.0 milestone. -- This message was sent by Atlassian Jira (v8.20.10#820010)
[jira] [Comment Edited] (FILEUPLOAD-309) Release version 2.0.0
[ https://issues.apache.org/jira/browse/FILEUPLOAD-309?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel=17652022#comment-17652022 ] Andy Seaborne edited comment on FILEUPLOAD-309 at 1/20/23 9:52 AM: --- I tried the servlet 3.1 multipart support. (PS it's now in Jena codebase) Our (Jena) usage is * a servlet filter * deployed in any servlet container - normally bundled with Jetty; some users deploy a WAR file version in Tomcat et al. * `multipart/form-data` is just one possible content-type at the URL endpoint. * streaming (errors are handled by being inside a database transaction) Each servlet container needs custom configuration. {{@MultipartConfig}} only applies to servlets, not servlet filters. [https://github.com/jakartaee/servlet/issues/87] Jetty: the code can set request attribute {{__MULTIPART_CONFIG_ELEMENT}} during request processing. Tomcat needs a setting of a context XML attribute {{allowCasualMultipartParsing}}. e.g. set it in {{META-INF/context.xml}}. That does at least avoid users needing to specially change the configuration of their server. was (Author: andy.seaborne): I tried the servlet 3.1 multipart support. Our (Jena) usage is * a servlet filter * deployed in any servlet container - normally bundled with Jetty; some users deploy a WAR file version in Tomcat et al. * `multipart/form-data` is just one possible content-type at the URL endpoint. * streaming (errors are handled by being inside a database transaction) Each servlet container needs custom configuration. ` {{@MultipartConfig}} only applies to servlets, not servlet filters. [https://github.com/jakartaee/servlet/issues/87] Jetty: the code can set request attribute {{__MULTIPART_CONFIG_ELEMENT}} during request processing. Tomcat needs a setting of a context XML attribute {{allowCasualMultipartParsing}}. e.g. set it in {{META-INF/context.xml}}. That does at least avoid users needing to specially change the configuration of their server. > Release version 2.0.0 > - > > Key: FILEUPLOAD-309 > URL: https://issues.apache.org/jira/browse/FILEUPLOAD-309 > Project: Commons FileUpload > Issue Type: Wish >Reporter: Thiago Henrique Hupner >Priority: Major > > At Piranha, we've migrated to use the new Jakarta namespace. > One of our dependencies is the Commons File Upload, but the latest version > available is 1.4. > Looking around at the source code, I've found that the code is already > prepared for the new Jakarta namespace. > So, I want to know if there's a plan to release a new version soon. Or at > least a 2.0.0 milestone. -- This message was sent by Atlassian Jira (v8.20.10#820010)
[jira] [Created] (STATISTICS-64) Add Fisher's exact test
Alex Herbert created STATISTICS-64: -- Summary: Add Fisher's exact test Key: STATISTICS-64 URL: https://issues.apache.org/jira/browse/STATISTICS-64 Project: Commons Statistics Issue Type: New Feature Components: inference Reporter: Alex Herbert Add an implementation of [Fisher's exact test|https://en.wikipedia.org/wiki/Fisher%27s_exact_test] for 2x2 contingency tables. This test is similar to the BinomialTest which computes the probability for the observed sample and then a p-value based on the sum of probabilities of all possible results with probabilities greater than, or less than, the observed sample. -- This message was sent by Atlassian Jira (v8.20.10#820010)
[jira] [Commented] (FILEUPLOAD-309) Release version 2.0.0
[ https://issues.apache.org/jira/browse/FILEUPLOAD-309?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel=17679081#comment-17679081 ] Flying Wolf commented on FILEUPLOAD-309: [~joc...@apache.org] So the problem with FileUpload is that the Jakarta update of FileUpload is only available in a snapshot, but not in a stable release. Large and stable projects, such as Wicket and Vaadin, don't want to rely on snapshot dependencies as snapshot dependencies should only exist during development and could be changed at any time, which can cause projects that depend on it, not to be stable. A released version (a non-snapshot version) should not rely on any snapshot version, so these projects cannot use the Jakarta update of FileUpload until it is published in a stable release. Because stable releases of FileUpload are still enforcing the older non-Jakarta Servlet namespace, this causes a cascade of transient dependency problems down the road. For example, Wicket and Vaadin are often used with Spring Framework. Spring version 6 moved to the new Jakarta namespace, but because FileUpload is also a dependency, projects that want to move to Spring 6 cannot continue because FileUpload is still using the non-Jakarta Servlet namespace. Spring 5 will be end-of-life in 2024, which may even cause security problems for projects if FileUpload doesn't update a stable release to the Jakarta namespace. So these project (such as Apache Wicket, Vaadin, Piranha, Apache Causeway) are hoping for a non-snapshot release. > Release version 2.0.0 > - > > Key: FILEUPLOAD-309 > URL: https://issues.apache.org/jira/browse/FILEUPLOAD-309 > Project: Commons FileUpload > Issue Type: Wish >Reporter: Thiago Henrique Hupner >Priority: Major > > At Piranha, we've migrated to use the new Jakarta namespace. > One of our dependencies is the Commons File Upload, but the latest version > available is 1.4. > Looking around at the source code, I've found that the code is already > prepared for the new Jakarta namespace. > So, I want to know if there's a plan to release a new version soon. Or at > least a 2.0.0 milestone. -- This message was sent by Atlassian Jira (v8.20.10#820010)
[GitHub] [commons-dbutils] dependabot[bot] opened a new pull request, #176: Bump mockito-core from 4.11.0 to 5.0.0
dependabot[bot] opened a new pull request, #176: URL: https://github.com/apache/commons-dbutils/pull/176 Bumps [mockito-core](https://github.com/mockito/mockito) from 4.11.0 to 5.0.0. Release notes Sourced from https://github.com/mockito/mockito/releases;>mockito-core's releases. v5.0.0 Mockito 5: prepare for future JDK versions For a while now, we have seen an increase in problems/incompatibilities with recent versions of the JDK due to our usage of JVM-internal API. Most notably, JDK 17 made some changes which are incompatible with the current subclass mockmaker. Therefore, to prepare for the future of JDK, we are making some core changes to ensure Mockito keeps on working. Switch the default mockmaker to mockito-inline Back in Mockito 2.7.6, we published a new mockmaker based on the inline bytecode principle. This mockmaker creates mocks manipulating bytecode equivalent within the original class such that its method implementations hook into the normal Mockito machinery. As a comparison, the subclass mockmaker generates real subclasses for mocks, to mimic the same behavior. While the approaches are similar, the inline mockmaker avoids certain restrictions that the JDK imposes. For example, it does not violate module boundaries (introduced in JDK 9, but more heavily used in JDK 17) and avoids the leaking of the creation of the subclass. Massive thanks to community member https://github.com/reta;>@reta who implemented this change. Note: this does not affect mockito-android nor testing on Android. When should I still be using the subclass mockmaker? There are legitimate remaining use cases for the subclass mockmaker. For example, on the Graal VM's native image, the inline mockmaker will not work and the subclass mockmaker is the appropriate choice. Additionally, if you would like to avoid mocking final classes, using the subclass mockmaker is a possibibility. Note however that if you solely want to use the subclass mockmaker to avoid mocking final, you will run into the above mentioned issues on JDK 17+. We want to leave this choice up to our users, which is why we will keep on supporting the subclass mockmaker. If you want to use the subclass mockmaker instead, you can use the new mockito-subclass artifact (published https://search.maven.org/artifact/org.mockito/mockito-subclass;>on Maven Central along with all our other artifacts). Update the minimum supported Java version to 11 Mockito 4 supports Java 8 and above. Similar to other open source projects, we are moving away from JDK 8 and to newer versions. The primary reason for moving away from JDK 8 is the increasing maintenance costs with keeping our own infrastructure working. Lately we have been running into more and more JDK 8 breakages. Additionally, while we want to support the newest JDK API's, our current solution to support both JDK 8 and newer versions causes https://github-redirect.dependabot.com/mockito/mockito/issues/2798;>issues with the SecurityManager. Since we want Mockito to work on the newest version and more and more businesses adopting JDK 11, we have decided to make the switch as well. Massive thanks to community member https://github.com/reta;>@reta who implemented this change. What should I do if I still run JDK 8? For JDK 8 and below, you can keep on using Mockito 4. This is similar to if you are using JDK 6, for which you can keep on using Mockito 2. The changes in Mockito 5 (for now) are primarily focused on the latest JDK versions, which means the API differences between Mockito 4 and 5 are minimal. However, over time this will most likely widen, so we do recommend adopting JDK 11 in the future. New type() method on ArgumentMatcher One of our most used public API's for customizing Mockito is the https://javadoc.io/doc/org.mockito/mockito-core/latest/org/mockito/ArgumentMatcher.html;>ArgumentMatcher interface. ... (truncated) Commits https://github.com/mockito/mockito/commit/adf528d173f8b763fcd4fedab245ed485b465211;>adf528d Bump versions.bytebuddy from 1.12.21 to 1.12.22 (https://github-redirect.dependabot.com/mockito/mockito/issues/2864;>#2864) https://github.com/mockito/mockito/commit/2418419a1915bd234332eac2b4d5de85622d4699;>2418419 Bump versions.junitJupiter from 5.9.1 to 5.9.2 (https://github-redirect.dependabot.com/mockito/mockito/issues/2858;>#2858) https://github.com/mockito/mockito/commit/3d40cd51d3982e33f7c2a2670c65d28233ceb66e;>3d40cd5 Bump junit-platform-launcher from 1.9.1 to 1.9.2 (https://github-redirect.dependabot.com/mockito/mockito/issues/2859;>#2859) https://github.com/mockito/mockito/commit/9bec8e3a1a0f57e4baa9b64825d67641e9eb2d5e;>9bec8e3 Bump versions.errorprone from 2.17.0 to 2.18.0 (https://github-redirect.dependabot.com/mockito/mockito/issues/2857;>#2857)