[GitHub] [commons-jxpath] garydgregory merged pull request #64: Bump commons-parent from 56 to 57
garydgregory merged PR #64: URL: https://github.com/apache/commons-jxpath/pull/64 -- This is an automated message from the Apache Git Service. To respond to the message, please log on to GitHub and use the URL above to go to the specific comment. To unsubscribe, e-mail: issues-unsubscr...@commons.apache.org For queries about this service, please contact Infrastructure at: us...@infra.apache.org
[jira] [Created] (TEXT-224) set SecureProcessing feature in XmlStringLookup
PJ Fanning created TEXT-224: --- Summary: set SecureProcessing feature in XmlStringLookup Key: TEXT-224 URL: https://issues.apache.org/jira/browse/TEXT-224 Project: Commons Text Issue Type: Task Affects Versions: 1.10.0 Reporter: PJ Fanning https://github.com/apache/commons-text/blob/master/src/main/java/org/apache/commons/text/lookup/XmlStringLookup.java We could set this: xpf.[setFeature|https://www.tabnine.com/code/java/methods/javax.xml.xpath.XPathFactory/setFeature](XMLConstants.FEATURE_SECURE_PROCESSING, Boolean.TRUE); There is more that could be done but this feature would probably be clean enough to roll out - compared to other options like pre-loading the XML using a DocumentBuilder that might be configured to disable External Entities or DTD loading generally. -- This message was sent by Atlassian Jira (v8.20.10#820010)
[GitHub] [commons-dbcp] garydgregory merged pull request #278: Bump commons-parent from 56 to 57
garydgregory merged PR #278: URL: https://github.com/apache/commons-dbcp/pull/278 -- This is an automated message from the Apache Git Service. To respond to the message, please log on to GitHub and use the URL above to go to the specific comment. To unsubscribe, e-mail: issues-unsubscr...@commons.apache.org For queries about this service, please contact Infrastructure at: us...@infra.apache.org
[GitHub] [commons-fileupload] garydgregory merged pull request #218: Bump moditect-maven-plugin from 1.0.0.RC2 to 1.0.0.Final
garydgregory merged PR #218: URL: https://github.com/apache/commons-fileupload/pull/218 -- This is an automated message from the Apache Git Service. To respond to the message, please log on to GitHub and use the URL above to go to the specific comment. To unsubscribe, e-mail: issues-unsubscr...@commons.apache.org For queries about this service, please contact Infrastructure at: us...@infra.apache.org
[GitHub] [commons-dbcp] garydgregory commented on pull request #278: Bump commons-parent from 56 to 57
garydgregory commented on PR #278: URL: https://github.com/apache/commons-dbcp/pull/278#issuecomment-1536664118 @dependabot rebase -- This is an automated message from the Apache Git Service. To respond to the message, please log on to GitHub and use the URL above to go to the specific comment. To unsubscribe, e-mail: issues-unsubscr...@commons.apache.org For queries about this service, please contact Infrastructure at: us...@infra.apache.org
[GitHub] [commons-imaging] garydgregory merged pull request #293: Bump commons-parent from 56 to 57
garydgregory merged PR #293: URL: https://github.com/apache/commons-imaging/pull/293 -- This is an automated message from the Apache Git Service. To respond to the message, please log on to GitHub and use the URL above to go to the specific comment. To unsubscribe, e-mail: issues-unsubscr...@commons.apache.org For queries about this service, please contact Infrastructure at: us...@infra.apache.org
[GitHub] [commons-release-plugin] garydgregory merged pull request #185: Bump maven.plugin.version from 3.8.1 to 3.8.2
garydgregory merged PR #185: URL: https://github.com/apache/commons-release-plugin/pull/185 -- This is an automated message from the Apache Git Service. To respond to the message, please log on to GitHub and use the URL above to go to the specific comment. To unsubscribe, e-mail: issues-unsubscr...@commons.apache.org For queries about this service, please contact Infrastructure at: us...@infra.apache.org
[GitHub] [commons-bsf] garydgregory merged pull request #93: Bump xalan from 2.7.2 to 2.7.3
garydgregory merged PR #93: URL: https://github.com/apache/commons-bsf/pull/93 -- This is an automated message from the Apache Git Service. To respond to the message, please log on to GitHub and use the URL above to go to the specific comment. To unsubscribe, e-mail: issues-unsubscr...@commons.apache.org For queries about this service, please contact Infrastructure at: us...@infra.apache.org
[GitHub] [commons-parent] garydgregory merged pull request #268: Bump github/codeql-action from 2.3.2 to 2.3.3
garydgregory merged PR #268: URL: https://github.com/apache/commons-parent/pull/268 -- This is an automated message from the Apache Git Service. To respond to the message, please log on to GitHub and use the URL above to go to the specific comment. To unsubscribe, e-mail: issues-unsubscr...@commons.apache.org For queries about this service, please contact Infrastructure at: us...@infra.apache.org
[GitHub] [commons-skin] garydgregory merged pull request #60: Bump github/codeql-action from 2.3.2 to 2.3.3
garydgregory merged PR #60: URL: https://github.com/apache/commons-skin/pull/60 -- This is an automated message from the Apache Git Service. To respond to the message, please log on to GitHub and use the URL above to go to the specific comment. To unsubscribe, e-mail: issues-unsubscr...@commons.apache.org For queries about this service, please contact Infrastructure at: us...@infra.apache.org
[GitHub] [commons-build-plugin] garydgregory merged pull request #156: Bump github/codeql-action from 2.3.2 to 2.3.3
garydgregory merged PR #156: URL: https://github.com/apache/commons-build-plugin/pull/156 -- This is an automated message from the Apache Git Service. To respond to the message, please log on to GitHub and use the URL above to go to the specific comment. To unsubscribe, e-mail: issues-unsubscr...@commons.apache.org For queries about this service, please contact Infrastructure at: us...@infra.apache.org
[jira] [Resolved] (JCS-234) Imported packages for OSGi manifest incorrect
[
https://issues.apache.org/jira/browse/JCS-234?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel
]
Thomas Vandahl resolved JCS-234.
Fix Version/s: jcs-3.2
Resolution: Fixed
Thanks for the patch. Fixed in Git.
> Imported packages for OSGi manifest incorrect
> -
>
> Key: JCS-234
> URL: https://issues.apache.org/jira/browse/JCS-234
> Project: Commons JCS
> Issue Type: Bug
>Affects Versions: jcs-3.1
>Reporter: Chris Lake
>Assignee: Thomas Vandahl
>Priority: Major
> Fix For: jcs-3.2
>
> Attachments: image-2023-05-04-11-52-45-029.png,
> image-2023-05-04-11-55-51-212.png
>
>
> The Jira ticket JCS-228 attempted to make the imported packages optional in
> OSGi Manifest.
>
> However, it appears that this was done incorrectly. The change was to add:
> {code:java}
>
> javax.servlet.*;resolution=optional,
> org.apache.commons.dbcp2.*;resolution=optional,
> org.apache.http.*;resolution=optional,
> org.apache.logging.log4j.*;resolution=optional
> {code}
> However, there should be a colon between prior to the equals:
> {code:java}
>
> javax.servlet.*;resolution:=optional,
> org.apache.commons.dbcp2.*;resolution:=optional,
> org.apache.http.*;resolution:=optional,
> org.apache.logging.log4j.*;resolution:=optional
> {code}
> Without it, we can see that the import is not considered optional:
> !image-2023-05-04-11-52-45-029.png!
> But with the colon. it is correct:
> !image-2023-05-04-11-55-51-212.png!
--
This message was sent by Atlassian Jira
(v8.20.10#820010)
[jira] [Updated] (JCS-234) Imported packages for OSGi manifest incorrect
[
https://issues.apache.org/jira/browse/JCS-234?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel
]
Thomas Vandahl updated JCS-234:
---
Assignee: Thomas Vandahl
> Imported packages for OSGi manifest incorrect
> -
>
> Key: JCS-234
> URL: https://issues.apache.org/jira/browse/JCS-234
> Project: Commons JCS
> Issue Type: Bug
>Affects Versions: jcs-3.1
>Reporter: Chris Lake
>Assignee: Thomas Vandahl
>Priority: Major
> Attachments: image-2023-05-04-11-52-45-029.png,
> image-2023-05-04-11-55-51-212.png
>
>
> The Jira ticket JCS-228 attempted to make the imported packages optional in
> OSGi Manifest.
>
> However, it appears that this was done incorrectly. The change was to add:
> {code:java}
>
> javax.servlet.*;resolution=optional,
> org.apache.commons.dbcp2.*;resolution=optional,
> org.apache.http.*;resolution=optional,
> org.apache.logging.log4j.*;resolution=optional
> {code}
> However, there should be a colon between prior to the equals:
> {code:java}
>
> javax.servlet.*;resolution:=optional,
> org.apache.commons.dbcp2.*;resolution:=optional,
> org.apache.http.*;resolution:=optional,
> org.apache.logging.log4j.*;resolution:=optional
> {code}
> Without it, we can see that the import is not considered optional:
> !image-2023-05-04-11-52-45-029.png!
> But with the colon. it is correct:
> !image-2023-05-04-11-55-51-212.png!
--
This message was sent by Atlassian Jira
(v8.20.10#820010)
[GitHub] [commons-daemon] markt-asf merged pull request #75: Fix incorrect definition in riscv64 architecture
markt-asf merged PR #75: URL: https://github.com/apache/commons-daemon/pull/75 -- This is an automated message from the Apache Git Service. To respond to the message, please log on to GitHub and use the URL above to go to the specific comment. To unsubscribe, e-mail: issues-unsubscr...@commons.apache.org For queries about this service, please contact Infrastructure at: us...@infra.apache.org
