[jira] [Updated] (MENFORCER-368) finer JDK detection
[ https://issues.apache.org/jira/browse/MENFORCER-368?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ] Delany updated MENFORCER-368: - Priority: Major (was: Minor) > finer JDK detection > --- > > Key: MENFORCER-368 > URL: https://issues.apache.org/jira/browse/MENFORCER-368 > Project: Maven Enforcer Plugin > Issue Type: Improvement > Components: Standard Rules >Affects Versions: 3.0.0-M3 >Reporter: Delany >Priority: Major > > It seems the *requireJavaVersion* rule checks the version of the *java* > executable. But I can set a java version of 8 and a *javac* version of 15 > using `update-alternatives --config javac` > Suggest allowing a finer evaluation by adding configuration properties java, > javac, and whatever else might be important. Maybe also a *versions* property > for all. -- This message was sent by Atlassian Jira (v8.3.4#803005)
[jira] [Commented] (MENFORCER-368) finer JDK detection
[ https://issues.apache.org/jira/browse/MENFORCER-368?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel=17286297#comment-17286297 ] Delany commented on MENFORCER-368: -- Now that I'm using toolchains, I need a new rule that enforces the JDK used by the toolchain aware plugins. > finer JDK detection > --- > > Key: MENFORCER-368 > URL: https://issues.apache.org/jira/browse/MENFORCER-368 > Project: Maven Enforcer Plugin > Issue Type: Improvement > Components: Standard Rules >Affects Versions: 3.0.0-M3 >Reporter: Delany >Priority: Minor > > It seems the *requireJavaVersion* rule checks the version of the *java* > executable. But I can set a java version of 8 and a *javac* version of 15 > using `update-alternatives --config javac` > Suggest allowing a finer evaluation by adding configuration properties java, > javac, and whatever else might be important. Maybe also a *versions* property > for all. -- This message was sent by Atlassian Jira (v8.3.4#803005)
[jira] [Created] (MSHARED-979) maven-shared-components uses commons-io 2.6 which is vulnerable to sonatype-2018-0705
Scott Marshall created MSHARED-979:
--
Summary: maven-shared-components uses commons-io 2.6 which is
vulnerable to sonatype-2018-0705
Key: MSHARED-979
URL: https://issues.apache.org/jira/browse/MSHARED-979
Project: Maven Shared Components
Issue Type: Bug
Affects Versions: maven-shared-utils-3.3.3
Reporter: Scott Marshall
maven-shared-components uses commons-io 2.6 which is vulnerable to
sonatype-2018-0705
h4. ISSUE
sonatype-2018-0705
h4. SEVERITY
Sonatype CVSS 3:7.8
CVE CVSS 2.0:0.0
h4. EXPLANATION
The {{commons-io}} package is vulnerable to Path Traversal. The
{{getPrefixLength}} method in {{FilenameUtils.class}} improperly verifies the
hostname value received from user input before processing client requests. An
attacker could abuse this behavior by crafting a special payload containing
unexpected characters that could allow the access to unintended resources.
h4. ROOT CAUSE
commons-io-2.6.jarorg/apache/commons/io/FilenameUtils.class[1.1 , 2.7-SNAPSHOT)
org-apache-commons-io-RELEASE113.jarorg/apache/commons/io/FilenameUtils.class[1.1
, 2.7-SNAPSHOT)
h4. ADVISORIES
Project:[https://github.com/apache/commons-io/pull/52]
Project:https://issues.apache.org/jira/browse/IO-556
Project:https://issues.apache.org/jira/browse/IO-559
h4. CVSS DETAILS
Sonatype CVSS 3:7.8
CVSS Vector:CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
--
This message was sent by Atlassian Jira
(v8.3.4#803005)
[jira] [Commented] (MNG-7100) Upgrade maven-shared-utils dependency from 3.2.1 -> 3.3.3 in maven-core
[ https://issues.apache.org/jira/browse/MNG-7100?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel=17286152#comment-17286152 ] Michael Osipov commented on MNG-7100: - The question is whether this is a direct dependency or not... > Upgrade maven-shared-utils dependency from 3.2.1 -> 3.3.3 in maven-core > --- > > Key: MNG-7100 > URL: https://issues.apache.org/jira/browse/MNG-7100 > Project: Maven > Issue Type: Dependency upgrade >Affects Versions: 3.6.3 >Reporter: Tomasz Zasada >Priority: Major > > maven-shared-utils 3.2.1 has known vulnerabilities: > [https://snyk.io/vuln/SNYK-JAVA-ORGAPACHEMAVENSHARED-570592.] > Please upgrade maven-core to use 3.3.3 version of maven-shared-utils -- This message was sent by Atlassian Jira (v8.3.4#803005)
[jira] [Updated] (MNG-7100) Upgrade maven-shared-utils dependency from 3.2.1 -> 3.3.3 in maven-core
[ https://issues.apache.org/jira/browse/MNG-7100?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ] Tomasz Zasada updated MNG-7100: --- Issue Type: Dependency upgrade (was: Bug) > Upgrade maven-shared-utils dependency from 3.2.1 -> 3.3.3 in maven-core > --- > > Key: MNG-7100 > URL: https://issues.apache.org/jira/browse/MNG-7100 > Project: Maven > Issue Type: Dependency upgrade >Affects Versions: 3.6.3 >Reporter: Tomasz Zasada >Priority: Major > > maven-shared-utils 3.2.1 has known vulnerabilities: > [https://snyk.io/vuln/SNYK-JAVA-ORGAPACHEMAVENSHARED-570592.] > Please upgrade maven-core to use 3.3.3 version of maven-shared-utils -- This message was sent by Atlassian Jira (v8.3.4#803005)
[jira] [Created] (MNG-7100) Upgrade maven-shared-utils dependency from 3.2.1 -> 3.3.3 in maven-core
Tomasz Zasada created MNG-7100: -- Summary: Upgrade maven-shared-utils dependency from 3.2.1 -> 3.3.3 in maven-core Key: MNG-7100 URL: https://issues.apache.org/jira/browse/MNG-7100 Project: Maven Issue Type: Bug Affects Versions: 3.6.3 Reporter: Tomasz Zasada maven-shared-utils 3.2.1 has known vulnerabilities: [https://snyk.io/vuln/SNYK-JAVA-ORGAPACHEMAVENSHARED-570592.] Please upgrade maven-core to use 3.3.3 version of maven-shared-utils -- This message was sent by Atlassian Jira (v8.3.4#803005)
[jira] [Comment Edited] (MNG-7049) Version range resolution downloads all poms, not just the highest version
[ https://issues.apache.org/jira/browse/MNG-7049?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel=17285640#comment-17285640 ] Xiang Li edited comment on MNG-7049 at 2/17/21, 9:09 PM: - After some digging through the code, I found that it process every dependency of a certain version [[range|https://github.com/apache/maven-resolver/blob/master/maven-resolver-impl/src/main/java/org/eclipse/aether/internal/impl/collect/DefaultDependencyCollector.java#L404],],] I wonder if it is intended while it can directly return the highest version. Appreciate any guidance. If not return whole verion set but the highest version [here|https://github.com/apache/maven-resolver/blob/master/maven-resolver-impl/src/main/java/org/eclipse/aether/internal/impl/collect/DefaultDependencyCollector.java#L682], it seems stop those pom downloads. [~michael-o] was (Author: xiangli1996): After some digging through the code, I found that it process every dependency of a certain version [[range|https://github.com/apache/maven-resolver/blob/master/maven-resolver-impl/src/main/java/org/eclipse/aether/internal/impl/collect/DefaultDependencyCollector.java#L404],],] I wonder if it is intended while it can directly return the highest version. Appreciate any guidance. If not return whole verion set [here|https://github.com/apache/maven-resolver/blob/master/maven-resolver-impl/src/main/java/org/eclipse/aether/internal/impl/collect/DefaultDependencyCollector.java#L682], it seems stop those pom downloads. [~michael-o] > Version range resolution downloads all poms, not just the highest version > - > > Key: MNG-7049 > URL: https://issues.apache.org/jira/browse/MNG-7049 > Project: Maven > Issue Type: Improvement > Components: core >Reporter: Moti Nisenson-Ken >Priority: Major > > When specifying a version range for a dependency, maven will download and try > to resolve all poms in that range which satisfy the range. The usage however > is only to use the highestVersion. This causes two issues: > # Performance - it's downloading numerous poms that aren't needed. > # Fragility - if the version range covers any "bad" poms, then the build > will fail. For example, consider that for a specific version, the parent of a > pom is not present in the repository. This is enough to fail any build with a > version range covering that specific version, as the range resolution stage > will not complete. This is particularly harmful when that version would not > be selected as the highest, anyway. > Recommend to have a system property to control the desired behavior - it > should be possible to short-circuit loading all the versions and to just to > load the highest version. > For another user report of this see: > [https://stackoverflow.com/questions/25047859/restrict-maven-to-not-download-all-poms] > -- This message was sent by Atlassian Jira (v8.3.4#803005)
[jira] [Closed] (WAGON-607) Upgrade HttpCore to 4.4.14
[
https://issues.apache.org/jira/browse/WAGON-607?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel
]
Michael Osipov closed WAGON-607.
Resolution: Fixed
Fixed with
[855c5b46db722b99b8bdc54deaa92692c72b60b7|https://gitbox.apache.org/repos/asf?p=maven-wagon.git=commit=855c5b46db722b99b8bdc54deaa92692c72b60b7].
> Upgrade HttpCore to 4.4.14
> --
>
> Key: WAGON-607
> URL: https://issues.apache.org/jira/browse/WAGON-607
> Project: Maven Wagon
> Issue Type: Dependency upgrade
> Components: wagon-http
>Affects Versions: 3.4.2
>Reporter: Lari Hotari
>Assignee: Michael Osipov
>Priority: Major
> Fix For: 3.4.3
>
>
> HttpCore 4.4.14 contains important fix HTTPCORE-634 .
> Fixes issues where maven artifact download fails with error message such as
> {code}
> Could not transfer artifact groupId:artifact:1.2.3 from/to central
> (https://repo1.maven.org/maven2): Entry
> [id:1280][route:{s}->https://repo1.maven.org:443][state:null] has not been
> leased from this pool
> {code}
--
This message was sent by Atlassian Jira
(v8.3.4#803005)
[GitHub] [maven-wagon] asfgit closed pull request #77: [WAGON-607] Upgrade HttpCore to 4.4.14
asfgit closed pull request #77: URL: https://github.com/apache/maven-wagon/pull/77 This is an automated message from the Apache Git Service. To respond to the message, please log on to GitHub and use the URL above to go to the specific comment. For queries about this service, please contact Infrastructure at: us...@infra.apache.org
[jira] [Updated] (WAGON-607) Upgrade HttpCore to 4.4.14
[
https://issues.apache.org/jira/browse/WAGON-607?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel
]
Michael Osipov updated WAGON-607:
-
Fix Version/s: 3.4.3
> Upgrade HttpCore to 4.4.14
> --
>
> Key: WAGON-607
> URL: https://issues.apache.org/jira/browse/WAGON-607
> Project: Maven Wagon
> Issue Type: Dependency upgrade
> Components: wagon-http
>Affects Versions: 3.4.2
>Reporter: Lari Hotari
>Assignee: Michael Osipov
>Priority: Major
> Fix For: 3.4.3
>
>
> HttpCore 4.4.14 contains important fix HTTPCORE-634 .
> Fixes issues where maven artifact download fails with error message such as
> {code}
> Could not transfer artifact groupId:artifact:1.2.3 from/to central
> (https://repo1.maven.org/maven2): Entry
> [id:1280][route:{s}->https://repo1.maven.org:443][state:null] has not been
> leased from this pool
> {code}
--
This message was sent by Atlassian Jira
(v8.3.4#803005)
[jira] [Assigned] (WAGON-607) Upgrade HttpCore to 4.4.14
[
https://issues.apache.org/jira/browse/WAGON-607?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel
]
Michael Osipov reassigned WAGON-607:
Assignee: Michael Osipov
> Upgrade HttpCore to 4.4.14
> --
>
> Key: WAGON-607
> URL: https://issues.apache.org/jira/browse/WAGON-607
> Project: Maven Wagon
> Issue Type: Dependency upgrade
> Components: wagon-http
>Affects Versions: 3.4.2
>Reporter: Lari Hotari
>Assignee: Michael Osipov
>Priority: Major
>
> HttpCore 4.4.14 contains important fix HTTPCORE-634 .
> Fixes issues where maven artifact download fails with error message such as
> {code}
> Could not transfer artifact groupId:artifact:1.2.3 from/to central
> (https://repo1.maven.org/maven2): Entry
> [id:1280][route:{s}->https://repo1.maven.org:443][state:null] has not been
> leased from this pool
> {code}
--
This message was sent by Atlassian Jira
(v8.3.4#803005)
[GitHub] [maven-wagon] asfgit closed pull request #78: [WAGON-608] Upgrade HttpClient to 4.5.13
asfgit closed pull request #78: URL: https://github.com/apache/maven-wagon/pull/78 This is an automated message from the Apache Git Service. To respond to the message, please log on to GitHub and use the URL above to go to the specific comment. For queries about this service, please contact Infrastructure at: us...@infra.apache.org
[jira] [Closed] (WAGON-608) Upgrade HttpClient to 4.5.13
[ https://issues.apache.org/jira/browse/WAGON-608?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ] Michael Osipov closed WAGON-608. Resolution: Fixed Fixed with [e460cd2a7b2221e2dd0914d6c59eb27eeb4ba53c|https://gitbox.apache.org/repos/asf?p=maven-wagon.git=commit=e460cd2a7b2221e2dd0914d6c59eb27eeb4ba53c]. > Upgrade HttpClient to 4.5.13 > > > Key: WAGON-608 > URL: https://issues.apache.org/jira/browse/WAGON-608 > Project: Maven Wagon > Issue Type: Dependency upgrade > Components: wagon-http >Affects Versions: 3.4.2 >Reporter: Lari Hotari >Assignee: Michael Osipov >Priority: Major > Fix For: 3.4.3 > > -- This message was sent by Atlassian Jira (v8.3.4#803005)
[jira] [Updated] (WAGON-608) Upgrade HttpClient to 4.5.13
[ https://issues.apache.org/jira/browse/WAGON-608?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ] Michael Osipov updated WAGON-608: - Fix Version/s: 3.4.3 > Upgrade HttpClient to 4.5.13 > > > Key: WAGON-608 > URL: https://issues.apache.org/jira/browse/WAGON-608 > Project: Maven Wagon > Issue Type: Dependency upgrade > Components: wagon-http >Affects Versions: 3.4.2 >Reporter: Lari Hotari >Assignee: Michael Osipov >Priority: Major > Fix For: 3.4.3 > > -- This message was sent by Atlassian Jira (v8.3.4#803005)
[jira] [Assigned] (WAGON-608) Upgrade HttpClient to 4.5.13
[ https://issues.apache.org/jira/browse/WAGON-608?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ] Michael Osipov reassigned WAGON-608: Assignee: Michael Osipov > Upgrade HttpClient to 4.5.13 > > > Key: WAGON-608 > URL: https://issues.apache.org/jira/browse/WAGON-608 > Project: Maven Wagon > Issue Type: Dependency upgrade > Components: wagon-http >Affects Versions: 3.4.2 >Reporter: Lari Hotari >Assignee: Michael Osipov >Priority: Major > -- This message was sent by Atlassian Jira (v8.3.4#803005)
[jira] [Commented] (WAGON-575) Retry for connection issues
[
https://issues.apache.org/jira/browse/WAGON-575?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel=17286027#comment-17286027
]
Michael Osipov commented on WAGON-575:
--
I wrote Rory O'Donnell from Oracle. Let's what they write.
> Retry for connection issues
> ---
>
> Key: WAGON-575
> URL: https://issues.apache.org/jira/browse/WAGON-575
> Project: Maven Wagon
> Issue Type: New Feature
> Components: wagon-http
>Affects Versions: 3.3.4
> Environment: windows and linux
>Reporter: Michael Medin
>Priority: Minor
>
> There are a RetryHandler and now also a ServiceRetryHandler but both seem to
> focus only the handshake and no the data stream.
> In our case we download large artifacts (1+Gb) over a sometimes shaky
> connection which causes frequent "Connection reset" issues.
> To mitigate this we started to implement retry logic based on this
> [https://maven.apache.org/wagon/wagon-providers/wagon-http/] document. But
> seems our retry handler is never invoked when the connection is reset.
> So after some digging into the source code it seems the retryhandler are only
> used when connecting to the server and once the connection has been
> established and the HTTP headers have been read there is no retry handling
> for the reminder stream copy.
> Looking at the code it seems non trivial to add retry for this at is split up
> so I wanted to know if I am missing something before looking at implementing
> a PR for this.
>
> A simple way to simulate this behavior is to start a maven build with some
> large dependencies and during the download phase just kill the internet
> connection.
> If you have a RetryHandler enabled it will never be called instead you will
> get a stack trace along the following:
> {{[ERROR] Failed to execute goal on project test: Could not resolve
> dependencies for project test:test:jar:1.0.0: Could not transfer artifact
> REDACTED from/to REDACTED from REDACTED failed: Connection reset -> [Help 1]}}
> {{org.apache.maven.lifecycle.LifecycleExecutionException: Failed to execute
> goal on project test: Could not resolve dependencies for project
> test:test:jar:1.0.0: Could not transfer artifact REDACTED from/to REDACTED
> (REDACTED): GET request of: REDACTED from REDACTED failed}}
> {{ at
> org.apache.maven.lifecycle.internal.LifecycleDependencyResolver.getDependencies
> (LifecycleDependencyResolver.java:269)}}
> {{ at
> org.apache.maven.lifecycle.internal.LifecycleDependencyResolver.resolveProjectDependencies
> (LifecycleDependencyResolver.java:147)}}
> {{ at
> org.apache.maven.lifecycle.internal.MojoExecutor.ensureDependenciesAreResolved
> (MojoExecutor.java:248)}}
> {{ at org.apache.maven.lifecycle.internal.MojoExecutor.execute
> (MojoExecutor.java:202)}}
> {{ at org.apache.maven.lifecycle.internal.MojoExecutor.execute
> (MojoExecutor.java:156)}}
> {{ at org.apache.maven.lifecycle.internal.MojoExecutor.execute
> (MojoExecutor.java:148)}}
> {{ at org.apache.maven.lifecycle.internal.LifecycleModuleBuilder.buildProject
> (LifecycleModuleBuilder.java:117)}}
> {{ at org.apache.maven.lifecycle.internal.LifecycleModuleBuilder.buildProject
> (LifecycleModuleBuilder.java:81)}}
> {{ at
> org.apache.maven.lifecycle.internal.builder.singlethreaded.SingleThreadedBuilder.build
> (SingleThreadedBuilder.java:56)}}
> {{ at org.apache.maven.lifecycle.internal.LifecycleStarter.execute
> (LifecycleStarter.java:128)}}
> {{ at org.apache.maven.DefaultMaven.doExecute (DefaultMaven.java:305)}}
> {{ at org.apache.maven.DefaultMaven.doExecute (DefaultMaven.java:192)}}
> {{ at org.apache.maven.DefaultMaven.execute (DefaultMaven.java:105)}}
> {{ at org.apache.maven.cli.MavenCli.execute (MavenCli.java:957)}}
> {{ at org.apache.maven.cli.MavenCli.doMain (MavenCli.java:289)}}
> {{ at org.apache.maven.cli.MavenCli.main (MavenCli.java:193)}}
> {{ at jdk.internal.reflect.NativeMethodAccessorImpl.invoke0 (Native Method)}}
> {{ at jdk.internal.reflect.NativeMethodAccessorImpl.invoke
> (NativeMethodAccessorImpl.java:62)}}
> {{ at jdk.internal.reflect.DelegatingMethodAccessorImpl.invoke
> (DelegatingMethodAccessorImpl.java:43)}}
> {{ at java.lang.reflect.Method.invoke (Method.java:566)}}
> {{ at org.codehaus.plexus.classworlds.launcher.Launcher.launchEnhanced
> (Launcher.java:282)}}
> {{ at org.codehaus.plexus.classworlds.launcher.Launcher.launch
> (Launcher.java:225)}}
> {{ at org.codehaus.plexus.classworlds.launcher.Launcher.mainWithExitCode
> (Launcher.java:406)}}
> {{ at org.codehaus.plexus.classworlds.launcher.Launcher.main
> (Launcher.java:347)}}
> {{Caused by: org.apache.maven.project.DependencyResolutionException: Could
> not resolve dependencies for project test:test:jar:1.0.0: Could not transfer
> artifact REDACTED from/to REDACTED (REDACTED): GET request of: REDACTED from
> REDACTED failed}}
[jira] [Commented] (MNG-7063) Infinite loop using Shade plugin and JUnit 5 dependency
[
https://issues.apache.org/jira/browse/MNG-7063?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel=17286024#comment-17286024
]
Thiago Henrique Hupner commented on MNG-7063:
-
I did some test from master using the same pom.xml from the issue and the issue
still happens
> Infinite loop using Shade plugin and JUnit 5 dependency
> ---
>
> Key: MNG-7063
> URL: https://issues.apache.org/jira/browse/MNG-7063
> Project: Maven
> Issue Type: Bug
>Affects Versions: 4.0.0-alpha-1
>Reporter: Thiago Henrique Hupner
>Assignee: Robert Scholte
>Priority: Major
> Fix For: 4.0.0, 4.0.0-alpha-1
>
>
> When trying my project with Maven 4.0.0, it got in an infinite loop.
> I've figured out that adding the JUnit 5 dependency and using the Shade
> plugin transformer causes the problem.
> With Maven 3.6.3 this problem doesn't happen.
>
> {code:xml}
>
> http://maven.apache.org/POM/4.0.0;
> xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance;
> xsi:schemaLocation="http://maven.apache.org/POM/4.0.0
> http://maven.apache.org/xsd/maven-4.0.0.xsd;>
> 4.0.0
> org.example
> maven-bug
> 1.0-SNAPSHOT
>
> 8
> 8
>
> jar
>
>
> com.google.guava
> guava
> 29.0-jre
>
>
> org.junit.jupiter
> junit-jupiter-api
> 5.7.0
> test
>
>
>
>
>
> org.apache.maven.plugins
> maven-shade-plugin
> 3.2.4
>
>
> package
>
> shade
>
>
>
>
>
>
>
> {code}
--
This message was sent by Atlassian Jira
(v8.3.4#803005)
[jira] [Comment Edited] (MNG-7063) Infinite loop using Shade plugin and JUnit 5 dependency
[
https://issues.apache.org/jira/browse/MNG-7063?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel=17286024#comment-17286024
]
Thiago Henrique Hupner edited comment on MNG-7063 at 2/17/21, 5:44 PM:
---
I did some tests from master using the same pom.xml from the issue and the
issue still happens
was (Author: thihup):
I did some test from master using the same pom.xml from the issue and the issue
still happens
> Infinite loop using Shade plugin and JUnit 5 dependency
> ---
>
> Key: MNG-7063
> URL: https://issues.apache.org/jira/browse/MNG-7063
> Project: Maven
> Issue Type: Bug
>Affects Versions: 4.0.0-alpha-1
>Reporter: Thiago Henrique Hupner
>Assignee: Robert Scholte
>Priority: Major
> Fix For: 4.0.0, 4.0.0-alpha-1
>
>
> When trying my project with Maven 4.0.0, it got in an infinite loop.
> I've figured out that adding the JUnit 5 dependency and using the Shade
> plugin transformer causes the problem.
> With Maven 3.6.3 this problem doesn't happen.
>
> {code:xml}
>
> http://maven.apache.org/POM/4.0.0;
> xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance;
> xsi:schemaLocation="http://maven.apache.org/POM/4.0.0
> http://maven.apache.org/xsd/maven-4.0.0.xsd;>
> 4.0.0
> org.example
> maven-bug
> 1.0-SNAPSHOT
>
> 8
> 8
>
> jar
>
>
> com.google.guava
> guava
> 29.0-jre
>
>
> org.junit.jupiter
> junit-jupiter-api
> 5.7.0
> test
>
>
>
>
>
> org.apache.maven.plugins
> maven-shade-plugin
> 3.2.4
>
>
> package
>
> shade
>
>
>
>
>
>
>
> {code}
--
This message was sent by Atlassian Jira
(v8.3.4#803005)
[GitHub] [maven-wagon] eolivelli commented on pull request #77: [WAGON-607] Upgrade HttpCore to 4.4.14
eolivelli commented on pull request #77: URL: https://github.com/apache/maven-wagon/pull/77#issuecomment-780613039 The validation should appear here https://ci-builds.apache.org/job/Maven/job/maven-box/job/maven-wagon/ This is an automated message from the Apache Git Service. To respond to the message, please log on to GitHub and use the URL above to go to the specific comment. For queries about this service, please contact Infrastructure at: us...@infra.apache.org
[GitHub] [maven-wagon] eolivelli commented on pull request #77: [WAGON-607] Upgrade HttpCore to 4.4.14
eolivelli commented on pull request #77: URL: https://github.com/apache/maven-wagon/pull/77#issuecomment-780611800 Thank you @lhotari I have pushed you change to a branch on ASF repo, this way our Jenkins will validate it https://github.com/apache/maven-wagon/tree/WAGON-607 it looks tricky, but we are not activating PR validation on Jenkins automatically. This is an automated message from the Apache Git Service. To respond to the message, please log on to GitHub and use the URL above to go to the specific comment. For queries about this service, please contact Infrastructure at: us...@infra.apache.org
[GitHub] [maven-wagon] lhotari commented on pull request #76: Upgrade HttpCore to 4.4.14 and HttpClient to 4.5.13
lhotari commented on pull request #76: URL: https://github.com/apache/maven-wagon/pull/76#issuecomment-780540214 @eolivelli this PR has been replaced with #76 and #77 , those have respective Jira issues https://issues.apache.org/jira/browse/WAGON-607 and https://issues.apache.org/jira/browse/WAGON-608 This is an automated message from the Apache Git Service. To respond to the message, please log on to GitHub and use the URL above to go to the specific comment. For queries about this service, please contact Infrastructure at: us...@infra.apache.org
[GitHub] [maven-wagon] lhotari opened a new pull request #78: [WAGON-608] Upgrade HttpClient to 4.5.13
lhotari opened a new pull request #78: URL: https://github.com/apache/maven-wagon/pull/78 Fixes https://issues.apache.org/jira/browse/WAGON-608 This is an automated message from the Apache Git Service. To respond to the message, please log on to GitHub and use the URL above to go to the specific comment. For queries about this service, please contact Infrastructure at: us...@infra.apache.org
[GitHub] [maven-wagon] lhotari opened a new pull request #77: [WAGON-607] Upgrade HttpCore to 4.4.14
lhotari opened a new pull request #77:
URL: https://github.com/apache/maven-wagon/pull/77
Fixes https://issues.apache.org/jira/browse/WAGON-607
- get fix for https://issues.apache.org/jira/browse/HTTPCORE-634
which is causing artifact download failures with error messages such as
`Could not transfer artifact groupId:artifact:1.2.3 from/to central
(https://repo1.maven.org/maven2): Entry
[id:1280][route:{s}->https://repo1.maven.org:443][state:null] has not been
leased from this pool`
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.
For queries about this service, please contact Infrastructure at:
us...@infra.apache.org
[jira] [Updated] (WAGON-607) Upgrade HttpCore to 4.4.14
[
https://issues.apache.org/jira/browse/WAGON-607?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel
]
Lari Hotari updated WAGON-607:
--
Affects Version/s: 3.4.2
> Upgrade HttpCore to 4.4.14
> --
>
> Key: WAGON-607
> URL: https://issues.apache.org/jira/browse/WAGON-607
> Project: Maven Wagon
> Issue Type: Dependency upgrade
> Components: wagon-http
>Affects Versions: 3.4.2
>Reporter: Lari Hotari
>Priority: Major
>
> HttpCore 4.4.14 contains important fix HTTPCORE-634 .
> Fixes issues where maven artifact download fails with error message such as
> {code}
> Could not transfer artifact groupId:artifact:1.2.3 from/to central
> (https://repo1.maven.org/maven2): Entry
> [id:1280][route:{s}->https://repo1.maven.org:443][state:null] has not been
> leased from this pool
> {code}
--
This message was sent by Atlassian Jira
(v8.3.4#803005)
[GitHub] [maven-surefire] famod edited a comment on pull request #169: [SUREFIRE-1405] Allows user to extend RunOrder & RunOrderCalculator
famod edited a comment on pull request #169: URL: https://github.com/apache/maven-surefire/pull/169#issuecomment-780537376 @Tibor17 > How can you otherwise order the classes while multiple forks wants to execute the tests? Ok, thanks for confirming that this is still the case for JUnit5. I am well aware of this implication from previous projects using JUnit4 but I wasn't sure the same applies to the way surefire handles JUnit5. This also applies to single-fork mode (the default), right? This is an automated message from the Apache Git Service. To respond to the message, please log on to GitHub and use the URL above to go to the specific comment. For queries about this service, please contact Infrastructure at: us...@infra.apache.org
[GitHub] [maven-surefire] famod commented on pull request #169: [SUREFIRE-1405] Allows user to extend RunOrder & RunOrderCalculator
famod commented on pull request #169: URL: https://github.com/apache/maven-surefire/pull/169#issuecomment-780537376 > How can you otherwise order the classes while multiple forks wants to execute the tests? Ok, thanks for confirming that this is still the case for JUnit5. I am well aware of this implication from previous projects using JUnit4 but I wasn't sure the same applies to the way surefire handles JUnit5. This also applies to single-fork mode (the default), right? This is an automated message from the Apache Git Service. To respond to the message, please log on to GitHub and use the URL above to go to the specific comment. For queries about this service, please contact Infrastructure at: us...@infra.apache.org
[GitHub] [maven-wagon] lhotari commented on pull request #76: Upgrade HttpCore to 4.4.14 and HttpClient to 4.5.13
lhotari commented on pull request #76: URL: https://github.com/apache/maven-wagon/pull/76#issuecomment-780535062 closing since need to open PRs where the branch name follows the naming convention This is an automated message from the Apache Git Service. To respond to the message, please log on to GitHub and use the URL above to go to the specific comment. For queries about this service, please contact Infrastructure at: us...@infra.apache.org
[GitHub] [maven-wagon] lhotari closed pull request #76: Upgrade HttpCore to 4.4.14 and HttpClient to 4.5.13
lhotari closed pull request #76: URL: https://github.com/apache/maven-wagon/pull/76 This is an automated message from the Apache Git Service. To respond to the message, please log on to GitHub and use the URL above to go to the specific comment. For queries about this service, please contact Infrastructure at: us...@infra.apache.org
[jira] [Created] (WAGON-608) Upgrade HttpClient to 4.5.13
Lari Hotari created WAGON-608: - Summary: Upgrade HttpClient to 4.5.13 Key: WAGON-608 URL: https://issues.apache.org/jira/browse/WAGON-608 Project: Maven Wagon Issue Type: Dependency upgrade Components: wagon-http Affects Versions: 3.4.2 Reporter: Lari Hotari -- This message was sent by Atlassian Jira (v8.3.4#803005)
[jira] [Created] (WAGON-607) Upgrade HttpCore to 4.4.14
Lari Hotari created WAGON-607:
-
Summary: Upgrade HttpCore to 4.4.14
Key: WAGON-607
URL: https://issues.apache.org/jira/browse/WAGON-607
Project: Maven Wagon
Issue Type: Dependency upgrade
Components: wagon-http
Reporter: Lari Hotari
HttpCore 4.4.14 contains important fix HTTPCORE-634 .
Fixes issues where maven artifact download fails with error message such as
{code}
Could not transfer artifact groupId:artifact:1.2.3 from/to central
(https://repo1.maven.org/maven2): Entry
[id:1280][route:{s}->https://repo1.maven.org:443][state:null] has not been
leased from this pool
{code}
--
This message was sent by Atlassian Jira
(v8.3.4#803005)
[GitHub] [maven-surefire] Tibor17 commented on pull request #169: [SUREFIRE-1405] Allows user to extend RunOrder & RunOrderCalculator
Tibor17 commented on pull request #169: URL: https://github.com/apache/maven-surefire/pull/169#issuecomment-780521834 > > > @Tibor17 I noticed that JUnit 5 will have some kind test class ordering in 5.8.0: [junit-team/junit5#2488](https://github.com/junit-team/junit5/pull/2488) > > I'm wondering whether this is going to just work with surefire? > Do we still need something like this PR here for ordering on the surefire side? @famod This is very good patch from @dipak-pawar and I will try to rebase it on the latest source code in master. But this has nothing to do with the JUnit5. They do their job and we do ours. We must have the ability to order the classes. How can you otherwise order the classes while multiple forks wants to execute the tests? You cannot do it in JUnit5. You have to do it before the fork starter. So this was wrong question. You must see the pipeline in order to understand what config parameter and how to use. This is an automated message from the Apache Git Service. To respond to the message, please log on to GitHub and use the URL above to go to the specific comment. For queries about this service, please contact Infrastructure at: us...@infra.apache.org
[GitHub] [maven-surefire] famod commented on pull request #169: [SUREFIRE-1405] Allows user to extend RunOrder & RunOrderCalculator
famod commented on pull request #169: URL: https://github.com/apache/maven-surefire/pull/169#issuecomment-780483269 @Tibor17 I noticed that JUnit 5 will have some kind test class ordering in 5.8.0: https://github.com/junit-team/junit5/pull/2488 I'm wondering whether this is going to just work with surefire? Do we still need something like this PR here for ordering on the surefire side? This is an automated message from the Apache Git Service. To respond to the message, please log on to GitHub and use the URL above to go to the specific comment. For queries about this service, please contact Infrastructure at: us...@infra.apache.org
[GitHub] [maven-wagon] eolivelli commented on pull request #76: Upgrade HttpCore to 4.4.14 and HttpClient to 4.5.13
eolivelli commented on pull request #76: URL: https://github.com/apache/maven-wagon/pull/76#issuecomment-780461587 @lhotari can you please create an issue at https://issues.apache.org ? and change the commit message and the title of this PR https://maven.apache.org/guides/development/guide-maven-development.html#Creating_and_submitting_a_patch This is an automated message from the Apache Git Service. To respond to the message, please log on to GitHub and use the URL above to go to the specific comment. For queries about this service, please contact Infrastructure at: us...@infra.apache.org
[GitHub] [maven-wagon] lhotari commented on pull request #76: Upgrade HttpCore to 4.4.14 and HttpClient to 4.5.13
lhotari commented on pull request #76: URL: https://github.com/apache/maven-wagon/pull/76#issuecomment-780461408 Thanks for the review @eolivelli . This is an automated message from the Apache Git Service. To respond to the message, please log on to GitHub and use the URL above to go to the specific comment. For queries about this service, please contact Infrastructure at: us...@infra.apache.org
[GitHub] [maven-wagon] eolivelli commented on pull request #76: Upgrade HttpCore to 4.4.14 and HttpClient to 4.5.13
eolivelli commented on pull request #76: URL: https://github.com/apache/maven-wagon/pull/76#issuecomment-780461048 @michael-o can you please take a look ? This is an automated message from the Apache Git Service. To respond to the message, please log on to GitHub and use the URL above to go to the specific comment. For queries about this service, please contact Infrastructure at: us...@infra.apache.org
[GitHub] [maven-indexer] slachiewicz merged pull request #91: Bump version.spring from 5.3.2 to 5.3.4
slachiewicz merged pull request #91: URL: https://github.com/apache/maven-indexer/pull/91 This is an automated message from the Apache Git Service. To respond to the message, please log on to GitHub and use the URL above to go to the specific comment. For queries about this service, please contact Infrastructure at: us...@infra.apache.org
