[jira] [Commented] (MSKINS-161) Upgrade Facebook Like button integration
[ https://issues.apache.org/jira/browse/MSKINS-161?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel=17517837#comment-17517837 ] Swarup Patra commented on MSKINS-161: - There Are Method Of Completecity Are There Behind More Away Took Up Look At an Time Happy Preeding Luck Are Better Then Walked Belong More Propose That Tasks Happy Ness News Are All Member That Was Belong More Crakly Thaen Ehen Happy More Tuning Talked Us Every Time Help Us That Was a More Craply Point I am Here Now Won This Tricks That Try it > Upgrade Facebook Like button integration > > > Key: MSKINS-161 > URL: https://issues.apache.org/jira/browse/MSKINS-161 > Project: Maven Skins > Issue Type: Improvement > Components: Fluido Skin >Affects Versions: fluido-1.8 >Reporter: Slawomir Jaranowski >Assignee: Michael Osipov >Priority: Major > Fix For: fluido-1.9 > > Attachments: Screenshot 2020-03-22 at 10.31.29.png > > Time Spent: 20m > Remaining Estimate: 0h > > Current Facebook integration use iframe and "Like button" is cropped. > Upgrading to newer facebook sdk can help in cropping "like button". > > We also have some configurations for "like button" > - action type like or recommend > - share button visibility > - layout > - button size > - ... > some of those should have possibility to configured by site.xml > [https://developers.facebook.com/docs/plugins/like-button/] > -- This message was sent by Atlassian Jira (v8.20.1#820001)
[jira] [Updated] (MNG-7448) if we delete bin directory in apache-maven/src, we can not find because git has ignore it .
[ https://issues.apache.org/jira/browse/MNG-7448?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ] Daqian Liao updated MNG-7448: - Description: when we download sourcecode, and push code to github, the apache-maven/src/bin directory will not be pushed. If we delete bin directory in apache-maven/src, we can not find because git has ignore it . The reason is that .gitignore file contains bin at line 6。 fix: delete bin/ from .gitignore !bin.png! was: when we download sourcecode, and push code to github, the apache-maven/src/bin directory will not be pushed. If we delete bin directory in apache-maven/src, we can not find because git has ignore it . The reason is that .gitignore file contains bin at line 6。 fix: delete bin/ to .gitignore !bin.png! > if we delete bin directory in apache-maven/src, we can not find because git > has ignore it . > --- > > Key: MNG-7448 > URL: https://issues.apache.org/jira/browse/MNG-7448 > Project: Maven > Issue Type: Improvement > Components: build/consumer >Affects Versions: 3.8.5 >Reporter: Daqian Liao >Priority: Minor > Attachments: bin.png > > Original Estimate: 12h > Remaining Estimate: 12h > > when we download sourcecode, and push code to github, the > apache-maven/src/bin directory will not be pushed. > If we delete bin directory in apache-maven/src, we can not find because git > has ignore it . > The reason is that .gitignore file contains bin at line 6。 > fix: delete bin/ from .gitignore > !bin.png! > -- This message was sent by Atlassian Jira (v8.20.1#820001)
[jira] [Comment Edited] (MSHADE-323) Flatten Maven Plugin conflicts with Maven Shade Plugin
[ https://issues.apache.org/jira/browse/MSHADE-323?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel=17517764#comment-17517764 ] James Z.M. Gao edited comment on MSHADE-323 at 4/6/22 1:05 AM: --- [~ilyak] this [pr|https://github.com/apache/maven-shade-plugin/pull/129] makes it possible to chain the flatten and shade plugins on rewriting the project pom. This pr does not change the `originalModel`. But imo the root cause of the conflicts should be the inconsistent of `project.getOriginalModel()` and `readModel(project.getFile())`. So every plugin rewriting the pom file should also update original model to reflect the new pom file content, whereas the flatten and shade plugins both lack this step after switching the project pom. NB: The work around of invoking flatten in package phase after the shade plugin does not work when setting `` true in the shade plugin, i.e., the pom in the shaded jar is still not processed by the flatten plugin. was (Author: gzm55): [~ilyak] this [pr|https://github.com/apache/maven-shade-plugin/pull/129] makes it possible to chain the flatten and shade plugins on rewriting the project pom. This pr does not change the `originalModel`. But imo the root cause of the conflicts should be the inconsistent of `project.getOriginalModel()` and `readModel(project.getFile())`. So every plugin rewriting the pom file should also update original model to reflect the new pom file content, whereas the flatten and shade plugins both lack this step after switching the project pom. > Flatten Maven Plugin conflicts with Maven Shade Plugin > -- > > Key: MSHADE-323 > URL: https://issues.apache.org/jira/browse/MSHADE-323 > Project: Maven Shade Plugin > Issue Type: Bug >Reporter: lakunma >Priority: Minor > > When using Flatten Maven Plugin in the same project with Maven Shade Plugin > then the dependency reduced POM is _not_ flattened. > What i encountered that having flatten plugin configured according to > [https://maven.apache.org/maven-ci-friendly.html], and having shade plugin > configured with the default settings to produce uber jar the ${revision} > variable remains and gets installed/deployed within the final pom, thus > making the pom in the repository invalid. > It seems that both plugins transform original pom. And then what gets > installed in the last one, which is the 'shades' one. I'm not sure that's a > bug (in a sense that it is shade's fault). > See also [https://github.com/mojohaus/flatten-maven-plugin/issues/100] -- This message was sent by Atlassian Jira (v8.20.1#820001)
[jira] [Commented] (MSHADE-323) Flatten Maven Plugin conflicts with Maven Shade Plugin
[ https://issues.apache.org/jira/browse/MSHADE-323?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel=17517764#comment-17517764 ] James Z.M. Gao commented on MSHADE-323: --- [~ilyak] this [pr|https://github.com/apache/maven-shade-plugin/pull/129] makes it possible to chain the flatten and shade plugins on rewriting the project pom. This pr does not change the `originalModel`. But imo the root cause of the conflicts should be the inconsistent of `project.getOriginalModel()` and `readModel(project.getFile())`. So every plugin rewriting the pom file should also update original model to reflect the new pom file content, whereas the flatten and shade plugins both lack this step after switching the project pom. > Flatten Maven Plugin conflicts with Maven Shade Plugin > -- > > Key: MSHADE-323 > URL: https://issues.apache.org/jira/browse/MSHADE-323 > Project: Maven Shade Plugin > Issue Type: Bug >Reporter: lakunma >Priority: Minor > > When using Flatten Maven Plugin in the same project with Maven Shade Plugin > then the dependency reduced POM is _not_ flattened. > What i encountered that having flatten plugin configured according to > [https://maven.apache.org/maven-ci-friendly.html], and having shade plugin > configured with the default settings to produce uber jar the ${revision} > variable remains and gets installed/deployed within the final pom, thus > making the pom in the repository invalid. > It seems that both plugins transform original pom. And then what gets > installed in the last one, which is the 'shades' one. I'm not sure that's a > bug (in a sense that it is shade's fault). > See also [https://github.com/mojohaus/flatten-maven-plugin/issues/100] -- This message was sent by Atlassian Jira (v8.20.1#820001)
[GitHub] [maven-shade-plugin] gzm55 opened a new pull request, #129: [MSHADE-323] make shade plugin compatible with the flatten plugin
gzm55 opened a new pull request, #129: URL: https://github.com/apache/maven-shade-plugin/pull/129 The runtime injected pom will be set via `MavenProject::setFile` or`MavenProject::setPomFile`, including this plugin and the flatten plugin. So to chain these kind of plugins, when generating the d-r-p pom, this pr first tries to parse a model directly from `MavenProject::getFile` and fallback to a clone of `MavenProject::getOriginalModel` if no pom file set. Following this checklist to help us incorporate your contribution quickly and easily: - [ ] Make sure there is a [JIRA issue](https://issues.apache.org/jira/browse/MSHADE) filed for the change (usually before you start working on it). Trivial changes like typos do not require a JIRA issue. Your pull request should address just this issue, without pulling in other changes. - [ ] Each commit in the pull request should have a meaningful subject line and body. - [ ] Format the pull request title like `[MSHADE-XXX] - Fixes bug in ApproximateQuantiles`, where you replace `MSHADE-XXX` with the appropriate JIRA issue. Best practice is to use the JIRA issue title in the pull request title and in the first line of the commit message. - [ ] Write a pull request description that is detailed enough to understand what the pull request does, how, and why. - [ ] Run `mvn clean verify` to make sure basic checks pass. A more thorough check will be performed on your pull request automatically. - [ ] You have run the integration tests successfully (`mvn -Prun-its clean verify`). If your pull request is about ~20 lines of code you don't need to sign an [Individual Contributor License Agreement](https://www.apache.org/licenses/icla.pdf) if you are unsure please ask on the developers list. To make clear that you license your contribution under the [Apache License Version 2.0, January 2004](http://www.apache.org/licenses/LICENSE-2.0) you have to acknowledge this by using the following check-box. - [ ] I hereby declare this contribution to be licenced under the [Apache License Version 2.0, January 2004](http://www.apache.org/licenses/LICENSE-2.0) - [ ] In any other case, please file an [Apache Individual Contributor License Agreement](https://www.apache.org/licenses/icla.pdf). -- This is an automated message from the Apache Git Service. To respond to the message, please log on to GitHub and use the URL above to go to the specific comment. To unsubscribe, e-mail: issues-unsubscr...@maven.apache.org For queries about this service, please contact Infrastructure at: us...@infra.apache.org
[jira] [Created] (MSHARED-1051) Require Java 8
Jorge Solórzano created MSHARED-1051: Summary: Require Java 8 Key: MSHARED-1051 URL: https://issues.apache.org/jira/browse/MSHARED-1051 Project: Maven Shared Components Issue Type: Dependency upgrade Components: maven-archiver Affects Versions: maven-archiver-3.5.2 Reporter: Jorge Solórzano -- This message was sent by Atlassian Jira (v8.20.1#820001)
[GitHub] [maven-surefire] slawekjaranowski commented on pull request #505: [SUREFIRE-2055] Always show random seed
slawekjaranowski commented on PR #505: URL: https://github.com/apache/maven-surefire/pull/505#issuecomment-1089418286 build approval ... we will see the result -- This is an automated message from the Apache Git Service. To respond to the message, please log on to GitHub and use the URL above to go to the specific comment. To unsubscribe, e-mail: issues-unsubscr...@maven.apache.org For queries about this service, please contact Infrastructure at: us...@infra.apache.org
[GitHub] [maven-surefire] slawekjaranowski commented on pull request #505: [SUREFIRE-2055] Always show random seed
slawekjaranowski commented on PR #505: URL: https://github.com/apache/maven-surefire/pull/505#issuecomment-1089407118 you cen edit PR description and copy template from https://github.com/apache/maven-surefire/blob/master/.github/pull_request_template.md -- This is an automated message from the Apache Git Service. To respond to the message, please log on to GitHub and use the URL above to go to the specific comment. To unsubscribe, e-mail: issues-unsubscr...@maven.apache.org For queries about this service, please contact Infrastructure at: us...@infra.apache.org
[GitHub] [maven-surefire] delanym commented on pull request #505: [SUREFIRE-2055] Always show random seed
delanym commented on PR #505: URL: https://github.com/apache/maven-surefire/pull/505#issuecomment-1089388850 @slawekjaranowski how do I get the PR template back? What's wrong with my IT test? -- This is an automated message from the Apache Git Service. To respond to the message, please log on to GitHub and use the URL above to go to the specific comment. To unsubscribe, e-mail: issues-unsubscr...@maven.apache.org For queries about this service, please contact Infrastructure at: us...@infra.apache.org
[jira] [Commented] (MCOMPILER-489) User property for multiReleaseOutput
[ https://issues.apache.org/jira/browse/MCOMPILER-489?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel=17517711#comment-17517711 ] John Patrick commented on MCOMPILER-489: I know what you are saying, and that is what i'm trying to do, but in practice I'm fighting either Java, Maven or the IDE. Are you aware of a working example that handles src/main/java (JDK 1.8) and src/main/java11 (JDK 11) and src/main/java17 (JDK 17). And also loads in the latest version of IntelliJ, with the correct source directories being marked as source directories based upon the value of the "JDK for importer". Recent changes in IntelliJ appear to parse the pom differently and now I've some projects that you can't execute unit tests as it parses the pom and thinks it should be Java 11 but everything is set to Java 1.8. > User property for multiReleaseOutput > > > Key: MCOMPILER-489 > URL: https://issues.apache.org/jira/browse/MCOMPILER-489 > Project: Maven Compiler Plugin > Issue Type: Improvement >Reporter: John Patrick >Priority: Minor > Labels: CompilerOptions > > Add support so multiReleaseOutput can be provided as a user property. -- This message was sent by Atlassian Jira (v8.20.1#820001)
[GitHub] [maven-invoker-plugin] slawekjaranowski opened a new pull request, #110: [MINVOKER-299] fix filtering-extensions test
slawekjaranowski opened a new pull request, #110: URL: https://github.com/apache/maven-invoker-plugin/pull/110 Following this checklist to help us incorporate your contribution quickly and easily: - [x] Make sure there is a [JIRA issue](https://issues.apache.org/jira/browse/MINVOKER) filed for the change (usually before you start working on it). Trivial changes like typos do not require a JIRA issue. Your pull request should address just this issue, without pulling in other changes. - [ ] Each commit in the pull request should have a meaningful subject line and body. - [x] Format the pull request title like `[MINVOKER-XXX] - Fixes bug in ApproximateQuantiles`, where you replace `MINVOKER-XXX` with the appropriate JIRA issue. Best practice is to use the JIRA issue title in the pull request title and in the first line of the commit message. - [ ] Write a pull request description that is detailed enough to understand what the pull request does, how, and why. - [x] Run `mvn clean verify` to make sure basic checks pass. A more thorough check will be performed on your pull request automatically. - [x] You have run the integration tests successfully (`mvn -Prun-its clean verify`). If your pull request is about ~20 lines of code you don't need to sign an [Individual Contributor License Agreement](https://www.apache.org/licenses/icla.pdf) if you are unsure please ask on the developers list. To make clear that you license your contribution under the [Apache License Version 2.0, January 2004](http://www.apache.org/licenses/LICENSE-2.0) you have to acknowledge this by using the following check-box. - [x] I hereby declare this contribution to be licenced under the [Apache License Version 2.0, January 2004](http://www.apache.org/licenses/LICENSE-2.0) - [x] In any other case, please file an [Apache Individual Contributor License Agreement](https://www.apache.org/licenses/icla.pdf). -- This is an automated message from the Apache Git Service. To respond to the message, please log on to GitHub and use the URL above to go to the specific comment. To unsubscribe, e-mail: issues-unsubscr...@maven.apache.org For queries about this service, please contact Infrastructure at: us...@infra.apache.org
[jira] [Assigned] (MINVOKER-299) IT test filtering-extensions fails on Maven 3.8.5
[ https://issues.apache.org/jira/browse/MINVOKER-299?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ] Slawomir Jaranowski reassigned MINVOKER-299: Assignee: Slawomir Jaranowski > IT test filtering-extensions fails on Maven 3.8.5 > - > > Key: MINVOKER-299 > URL: https://issues.apache.org/jira/browse/MINVOKER-299 > Project: Maven Invoker Plugin > Issue Type: Bug >Reporter: Slawomir Jaranowski >Assignee: Slawomir Jaranowski >Priority: Major > -- This message was sent by Atlassian Jira (v8.20.1#820001)
[jira] [Created] (MINVOKER-299) IT test filtering-extensions fails on Maven 3.8.5
Slawomir Jaranowski created MINVOKER-299: Summary: IT test filtering-extensions fails on Maven 3.8.5 Key: MINVOKER-299 URL: https://issues.apache.org/jira/browse/MINVOKER-299 Project: Maven Invoker Plugin Issue Type: Bug Reporter: Slawomir Jaranowski -- This message was sent by Atlassian Jira (v8.20.1#820001)
[jira] [Commented] (MNG-7238) Dependency deprecation indicators
[ https://issues.apache.org/jira/browse/MNG-7238?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel=17517686#comment-17517686 ] Chris Kilding commented on MNG-7238: In light of the recent Log4Shell and Spring4Shell vulnerabilities, I believe it's worth taking another look at this feature proposal from the security angle, rather than just the maintenance angle which has been considered before. At the moment, the lack of a centralised deprecation mechanism means that artifact consumers need to use 3rd party sources to find out about vulnerabilities. They either do this the automated way (by getting an alert from tools like Snyk or Dependabot, which requires setting up these tools before a vulnerability hits), or the manual way (learning about the vulnerability when they stumble across the CVE headlines in the news). This approach is opt-in by definition. It means that only the vigilant developers who set up scanning tools, or those who read the headlines at the right time, have been notified about Log4Shell/Spring4Shell. It has left a 'long tail' of projects still using vulnerable versions of Log4J/Spring *months* after the vulnerabilities have been made public. Is this really the best we can do? Consider an alternative version of events where there is a dependency deprecation mechanism built in to Maven, and that mechanism supports per-version deprecation indicators... The maintainers of the affected library would mark the vulnerable version as deprecated in Maven Central (or wherever it's hosted). Anyone who runs Maven on a vulnerable downstream project would get a warning about the deprecated dependency version (just as in the NPM, Nuget, Composer, or Cocoapods ecosystems). They would get that warning as soon as their Maven client refreshes its deprecation information (not weeks or months after the vulnerability announcement). There would be no need to opt into 3rd party tools to get these warnings (although such tools could leverage the deprecation indicators to do clever value-adds like automated fixes). Yes, this wouldn't fix everything by itself, because updating the vulnerable projects would still be up to developers. Yes, there would still be some residual of projects that will never be fixed. But I do believe it would be a significant improvement over where we are today. > Dependency deprecation indicators > - > > Key: MNG-7238 > URL: https://issues.apache.org/jira/browse/MNG-7238 > Project: Maven > Issue Type: New Feature >Reporter: Chris Kilding >Priority: Major > > I would like to propose a new Maven feature: dependency deprecation > indicators. > In a nutshell, the idea is to let maintainers set a 'deprecated' metadata > indicator on a Maven artifact in a repository. This will indicate to users > that the artifact should no longer be used. > The Maven CLI tools could then react to deprecation indicators in the > appropriate ways: > * {{mvn}} itself: Print a warning when deprecated dependencies are seen. > * Maven Enforcer Plugin: Add a {{}} rule which > throws an error when deprecated dependencies are seen. (Also have a 'skip' > property which allows the rule to be temporarily bypassed if needed.) > * Maven Dependency Tree: Print a {{[deprecated]}} notice next to any > deprecated dependency in the tree. > We can also envisage automated agents like Dependabot or Snyk using these > indicators to alert developers about deprecated dependencies in their stacks, > and even assisting developers to remove them. > Some of the major build tools outside the JVM already have deprecation > indicators: > * NPM: [https://docs.npmjs.com/cli/v7/commands/npm-deprecate] > * Nuget: > [https://docs.microsoft.com/en-us/nuget/nuget-org/deprecate-packages] > * Composer: > [https://tomasvotruba.com/blog/2017/07/03/how-to-deprecate-php-package-without-leaving-anyone-behind/] > * Cocoapods: [https://guides.cocoapods.org/syntax/podspec.html#deprecated] > So the feature has precedent, and I believe it would be useful to have in > Maven. > This Jira ticket follows up from the conversation "Feature proposal: > Dependency deprecation indicators" on the maven-dev mailing list. -- This message was sent by Atlassian Jira (v8.20.1#820001)
[GitHub] [maven-surefire] dependabot[bot] commented on pull request #509: Bump junit from 4.13 to 4.13.1 in /surefire-its/src/test/resources/junit-4-5
dependabot[bot] commented on PR #509: URL: https://github.com/apache/maven-surefire/pull/509#issuecomment-1089279325 OK, I won't notify you again about this release, but will get in touch when a new version is available. If you'd rather skip all updates until the next major or minor version, let me know by commenting `@dependabot ignore this major version` or `@dependabot ignore this minor version`. You can also ignore all major, minor, or patch releases for a dependency by adding an [`ignore` condition](https://docs.github.com/en/code-security/supply-chain-security/configuration-options-for-dependency-updates#ignore) with the desired `update_types` to your config file. If you change your mind, just re-open this PR and I'll resolve any conflicts on it. -- This is an automated message from the Apache Git Service. To respond to the message, please log on to GitHub and use the URL above to go to the specific comment. To unsubscribe, e-mail: issues-unsubscr...@maven.apache.org For queries about this service, please contact Infrastructure at: us...@infra.apache.org
[GitHub] [maven-surefire] slawekjaranowski closed pull request #509: Bump junit from 4.13 to 4.13.1 in /surefire-its/src/test/resources/junit-4-5
slawekjaranowski closed pull request #509: Bump junit from 4.13 to 4.13.1 in /surefire-its/src/test/resources/junit-4-5 URL: https://github.com/apache/maven-surefire/pull/509 -- This is an automated message from the Apache Git Service. To respond to the message, please log on to GitHub and use the URL above to go to the specific comment. To unsubscribe, e-mail: issues-unsubscr...@maven.apache.org For queries about this service, please contact Infrastructure at: us...@infra.apache.org
[GitHub] [maven-surefire] dependabot[bot] commented on pull request #510: Bump junit from 4.8.1 to 4.13.1 in /surefire-its/src/test/resources/surefire-1004-RunTestFromDependencyJarsTypeAndClassifier/s
dependabot[bot] commented on PR #510: URL: https://github.com/apache/maven-surefire/pull/510#issuecomment-1089279059 OK, I won't notify you again about this release, but will get in touch when a new version is available. If you'd rather skip all updates until the next major or minor version, let me know by commenting `@dependabot ignore this major version` or `@dependabot ignore this minor version`. You can also ignore all major, minor, or patch releases for a dependency by adding an [`ignore` condition](https://docs.github.com/en/code-security/supply-chain-security/configuration-options-for-dependency-updates#ignore) with the desired `update_types` to your config file. If you change your mind, just re-open this PR and I'll resolve any conflicts on it. -- This is an automated message from the Apache Git Service. To respond to the message, please log on to GitHub and use the URL above to go to the specific comment. To unsubscribe, e-mail: issues-unsubscr...@maven.apache.org For queries about this service, please contact Infrastructure at: us...@infra.apache.org
[GitHub] [maven-surefire] slawekjaranowski closed pull request #510: Bump junit from 4.8.1 to 4.13.1 in /surefire-its/src/test/resources/surefire-1004-RunTestFromDependencyJarsTypeAndClassifier/surefi
slawekjaranowski closed pull request #510: Bump junit from 4.8.1 to 4.13.1 in /surefire-its/src/test/resources/surefire-1004-RunTestFromDependencyJarsTypeAndClassifier/surefire-1004-testjar URL: https://github.com/apache/maven-surefire/pull/510 -- This is an automated message from the Apache Git Service. To respond to the message, please log on to GitHub and use the URL above to go to the specific comment. To unsubscribe, e-mail: issues-unsubscr...@maven.apache.org For queries about this service, please contact Infrastructure at: us...@infra.apache.org
[GitHub] [maven-surefire] dependabot[bot] commented on pull request #511: Bump junit from 4.13 to 4.13.1 in /surefire-its/src/test/resources/surefire-1733-junit4
dependabot[bot] commented on PR #511: URL: https://github.com/apache/maven-surefire/pull/511#issuecomment-1089278614 OK, I won't notify you again about this release, but will get in touch when a new version is available. If you'd rather skip all updates until the next major or minor version, let me know by commenting `@dependabot ignore this major version` or `@dependabot ignore this minor version`. You can also ignore all major, minor, or patch releases for a dependency by adding an [`ignore` condition](https://docs.github.com/en/code-security/supply-chain-security/configuration-options-for-dependency-updates#ignore) with the desired `update_types` to your config file. If you change your mind, just re-open this PR and I'll resolve any conflicts on it. -- This is an automated message from the Apache Git Service. To respond to the message, please log on to GitHub and use the URL above to go to the specific comment. To unsubscribe, e-mail: issues-unsubscr...@maven.apache.org For queries about this service, please contact Infrastructure at: us...@infra.apache.org
[GitHub] [maven-surefire] slawekjaranowski closed pull request #511: Bump junit from 4.13 to 4.13.1 in /surefire-its/src/test/resources/surefire-1733-junit4
slawekjaranowski closed pull request #511: Bump junit from 4.13 to 4.13.1 in /surefire-its/src/test/resources/surefire-1733-junit4 URL: https://github.com/apache/maven-surefire/pull/511 -- This is an automated message from the Apache Git Service. To respond to the message, please log on to GitHub and use the URL above to go to the specific comment. To unsubscribe, e-mail: issues-unsubscr...@maven.apache.org For queries about this service, please contact Infrastructure at: us...@infra.apache.org
[GitHub] [maven-surefire] slawekjaranowski closed pull request #512: Bump log4j-core from 2.13.1 to 2.17.1 in /surefire-its/src/test/resources/surefire-1659-stream-corruption
slawekjaranowski closed pull request #512: Bump log4j-core from 2.13.1 to 2.17.1 in /surefire-its/src/test/resources/surefire-1659-stream-corruption URL: https://github.com/apache/maven-surefire/pull/512 -- This is an automated message from the Apache Git Service. To respond to the message, please log on to GitHub and use the URL above to go to the specific comment. To unsubscribe, e-mail: issues-unsubscr...@maven.apache.org For queries about this service, please contact Infrastructure at: us...@infra.apache.org
[GitHub] [maven-surefire] dependabot[bot] commented on pull request #513: Bump commons-io from 2.2 to 2.7 in /surefire-its/src/test/resources/surefire-979-smartStackTrace-wrongClassloader/module1
dependabot[bot] commented on PR #513: URL: https://github.com/apache/maven-surefire/pull/513#issuecomment-1089278047 OK, I won't notify you again about this release, but will get in touch when a new version is available. If you'd rather skip all updates until the next major or minor version, let me know by commenting `@dependabot ignore this major version` or `@dependabot ignore this minor version`. You can also ignore all major, minor, or patch releases for a dependency by adding an [`ignore` condition](https://docs.github.com/en/code-security/supply-chain-security/configuration-options-for-dependency-updates#ignore) with the desired `update_types` to your config file. If you change your mind, just re-open this PR and I'll resolve any conflicts on it. -- This is an automated message from the Apache Git Service. To respond to the message, please log on to GitHub and use the URL above to go to the specific comment. To unsubscribe, e-mail: issues-unsubscr...@maven.apache.org For queries about this service, please contact Infrastructure at: us...@infra.apache.org
[GitHub] [maven-surefire] dependabot[bot] commented on pull request #512: Bump log4j-core from 2.13.1 to 2.17.1 in /surefire-its/src/test/resources/surefire-1659-stream-corruption
dependabot[bot] commented on PR #512: URL: https://github.com/apache/maven-surefire/pull/512#issuecomment-1089278282 OK, I won't notify you again about this release, but will get in touch when a new version is available. If you'd rather skip all updates until the next major or minor version, let me know by commenting `@dependabot ignore this major version` or `@dependabot ignore this minor version`. You can also ignore all major, minor, or patch releases for a dependency by adding an [`ignore` condition](https://docs.github.com/en/code-security/supply-chain-security/configuration-options-for-dependency-updates#ignore) with the desired `update_types` to your config file. If you change your mind, just re-open this PR and I'll resolve any conflicts on it. -- This is an automated message from the Apache Git Service. To respond to the message, please log on to GitHub and use the URL above to go to the specific comment. To unsubscribe, e-mail: issues-unsubscr...@maven.apache.org For queries about this service, please contact Infrastructure at: us...@infra.apache.org
[GitHub] [maven-surefire] slawekjaranowski closed pull request #513: Bump commons-io from 2.2 to 2.7 in /surefire-its/src/test/resources/surefire-979-smartStackTrace-wrongClassloader/module1
slawekjaranowski closed pull request #513: Bump commons-io from 2.2 to 2.7 in /surefire-its/src/test/resources/surefire-979-smartStackTrace-wrongClassloader/module1 URL: https://github.com/apache/maven-surefire/pull/513 -- This is an automated message from the Apache Git Service. To respond to the message, please log on to GitHub and use the URL above to go to the specific comment. To unsubscribe, e-mail: issues-unsubscr...@maven.apache.org For queries about this service, please contact Infrastructure at: us...@infra.apache.org
[jira] [Created] (MNG-7452) Remove JDK7 run on Maven 3.9.X Branch
Karl Heinz Marbaise created MNG-7452: Summary: Remove JDK7 run on Maven 3.9.X Branch Key: MNG-7452 URL: https://issues.apache.org/jira/browse/MNG-7452 Project: Maven Issue Type: Task Affects Versions: 3.9.0 Reporter: Karl Heinz Marbaise Assignee: Karl Heinz Marbaise Fix For: 3.9.0 -- This message was sent by Atlassian Jira (v8.20.1#820001)
[jira] [Commented] (MNG-828) log all mojo parameters and their populated values in debug mode
[ https://issues.apache.org/jira/browse/MNG-828?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel=17517678#comment-17517678 ] Hudson commented on MNG-828: Build unstable in Jenkins: Maven » Maven TLP » maven » maven-3.9.x #10 See https://ci-maven.apache.org/job/Maven/job/maven-box/job/maven/job/maven-3.9.x/10/ > log all mojo parameters and their populated values in debug mode > > > Key: MNG-828 > URL: https://issues.apache.org/jira/browse/MNG-828 > Project: Maven > Issue Type: Improvement > Components: Plugins and Lifecycle >Reporter: Brett Porter >Assignee: Brett Porter >Priority: Minor > Fix For: 2.0 (RC) > > > when we have this, we should remove the debugging code from plugins such as > ear that do this manually. -- This message was sent by Atlassian Jira (v8.20.1#820001)
[jira] [Commented] (MNG-7447) Several Improvements by using Stream API
[ https://issues.apache.org/jira/browse/MNG-7447?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel=17517677#comment-17517677 ] Hudson commented on MNG-7447: - Build unstable in Jenkins: Maven » Maven TLP » maven » maven-3.9.x #10 See https://ci-maven.apache.org/job/Maven/job/maven-box/job/maven/job/maven-3.9.x/10/ > Several Improvements by using Stream API > > > Key: MNG-7447 > URL: https://issues.apache.org/jira/browse/MNG-7447 > Project: Maven > Issue Type: Sub-task >Affects Versions: 3.9.0, 4.0.0 >Reporter: Karl Heinz Marbaise >Assignee: Karl Heinz Marbaise >Priority: Major > Fix For: 3.9.0, 4.0.0 > > -- This message was sent by Atlassian Jira (v8.20.1#820001)
[GitHub] [maven-surefire] dependabot[bot] opened a new pull request, #514: Bump junit from 4.8.2 to 4.13.1 in /surefire-providers/surefire-junit47
dependabot[bot] opened a new pull request, #514: URL: https://github.com/apache/maven-surefire/pull/514 Bumps [junit](https://github.com/junit-team/junit4) from 4.8.2 to 4.13.1. Release notes Sourced from https://github.com/junit-team/junit4/releases;>junit's releases. JUnit 4.13.1 Please refer to the https://github.com/junit-team/junit/blob/HEAD/doc/ReleaseNotes4.13.1.md;>release notes for details. JUnit 4.13 Please refer to the https://github.com/junit-team/junit/blob/HEAD/doc/ReleaseNotes4.13.md;>release notes for details. JUnit 4.13 RC 2 Please refer to the https://github.com/junit-team/junit4/wiki/4.13-Release-Notes;>release notes for details. JUnit 4.13 RC 1 Please refer to the https://github.com/junit-team/junit4/wiki/4.13-Release-Notes;>release notes for details. JUnit 4.13 Beta 3 Please refer to the https://github.com/junit-team/junit4/wiki/4.13-Release-Notes;>release notes for details. JUnit 4.13 Beta 2 Please refer to the https://github.com/junit-team/junit4/wiki/4.13-Release-Notes;>release notes for details. JUnit 4.13 Beta 1 Please refer to the https://github.com/junit-team/junit4/wiki/4.13-Release-Notes;>release notes for details. JUnit 4.12 Please refer to the https://github.com/junit-team/junit/blob/HEAD/doc/ReleaseNotes4.12.md;>release notes for details. JUnit 4.12 Beta 3 Please refer to the https://github.com/junit-team/junit/blob/HEAD/doc/ReleaseNotes4.12.md;>release notes for details. JUnit 4.12 Beta 2 No release notes provided. JUnit 4.12 Beta 1 No release notes provided. JUnit 4.11 No release notes provided. Changelog Sourced from https://github.com/junit-team/junit4/blob/main/doc/ReleaseNotes4.13.1.md;>junit's changelog. Summary of changes in version 4.13.1 Rules Security fix: TemporaryFolder now limits access to temporary folders on Java 1.7 or later A local information disclosure vulnerability in TemporaryFolder has been fixed. See the published https://github.com/junit-team/junit4/security/advisories/GHSA-269g-pwp5-87pp;>security advisory for details. Test Runners [Pull request https://github-redirect.dependabot.com/junit-team/junit4/issues/1669;>#1669:](https://github-redirect.dependabot.com/junit-team/junit/pull/1669;>junit-team/junit#1669) Make FrameworkField constructor public Prior to this change, custom runners could make FrameworkMethod instances, but not FrameworkField instances. This small change allows for both now, because FrameworkField's constructor has been promoted from package-private to public. Commits https://github.com/junit-team/junit4/commit/1b683f4ec07bcfa40149f086d32240f805487e66;>1b683f4 [maven-release-plugin] prepare release r4.13.1 https://github.com/junit-team/junit4/commit/ce6ce3aadc070db2902698fe0d3dc6729cd631f2;>ce6ce3a Draft 4.13.1 release notes https://github.com/junit-team/junit4/commit/c29dd8239d6b353e699397eb090a1fd27411fa24;>c29dd82 Change version to 4.13.1-SNAPSHOT https://github.com/junit-team/junit4/commit/1d174861f0b64f97ab0722bb324a760bfb02f567;>1d17486 Add a link to assertThrows in exception testing https://github.com/junit-team/junit4/commit/543905df72ff10364b94dda27552efebf3dd04e9;>543905d Use separate line for annotation in Javadoc https://github.com/junit-team/junit4/commit/510e906b391e7e46a346e1c852416dc7be934944;>510e906 Add sub headlines to class Javadoc https://github.com/junit-team/junit4/commit/610155b8c22138329f0723eec22521627dbc52ae;>610155b Merge pull request from GHSA-269g-pwp5-87pp https://github.com/junit-team/junit4/commit/b6cfd1e3d736cc2106242a8be799615b472c7fec;>b6cfd1e Explicitly wrap float parameter for consistency (https://github-redirect.dependabot.com/junit-team/junit4/issues/1671;>#1671) https://github.com/junit-team/junit4/commit/a5d205c7956dbed302b3bb5ecde5ba4299f0b646;>a5d205c Fix GitHub link in FAQ (https://github-redirect.dependabot.com/junit-team/junit4/issues/1672;>#1672) https://github.com/junit-team/junit4/commit/3a5c6b4d08f408c8ca6a8e0bae71a9bc5a8f97e8;>3a5c6b4 Deprecated since jdk9 replacing constructor instance of Double and Float (https://github-redirect.dependabot.com/junit-team/junit4/issues/1660;>#1660) Additional commits viewable in https://github.com/junit-team/junit4/compare/r4.8.2...r4.13.1;>compare view [![Dependabot compatibility score](https://dependabot-badges.githubapp.com/badges/compatibility_score?dependency-name=junit:junit=maven=4.8.2=4.13.1)](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores) Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting `@dependabot rebase`. [//]: # (dependabot-automerge-start) [//]: # (dependabot-automerge-end) ---
[jira] [Commented] (MNG-828) log all mojo parameters and their populated values in debug mode
[ https://issues.apache.org/jira/browse/MNG-828?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel=17517673#comment-17517673 ] Hudson commented on MNG-828: Build succeeded in Jenkins: Maven » Maven TLP » maven » master #24 See https://ci-maven.apache.org/job/Maven/job/maven-box/job/maven/job/master/24/ > log all mojo parameters and their populated values in debug mode > > > Key: MNG-828 > URL: https://issues.apache.org/jira/browse/MNG-828 > Project: Maven > Issue Type: Improvement > Components: Plugins and Lifecycle >Reporter: Brett Porter >Assignee: Brett Porter >Priority: Minor > Fix For: 2.0 (RC) > > > when we have this, we should remove the debugging code from plugins such as > ear that do this manually. -- This message was sent by Atlassian Jira (v8.20.1#820001)
[jira] [Commented] (MNG-7447) Several Improvements by using Stream API
[ https://issues.apache.org/jira/browse/MNG-7447?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel=17517672#comment-17517672 ] Hudson commented on MNG-7447: - Build succeeded in Jenkins: Maven » Maven TLP » maven » master #24 See https://ci-maven.apache.org/job/Maven/job/maven-box/job/maven/job/master/24/ > Several Improvements by using Stream API > > > Key: MNG-7447 > URL: https://issues.apache.org/jira/browse/MNG-7447 > Project: Maven > Issue Type: Sub-task >Affects Versions: 3.9.0, 4.0.0 >Reporter: Karl Heinz Marbaise >Assignee: Karl Heinz Marbaise >Priority: Major > Fix For: 3.9.0, 4.0.0 > > -- This message was sent by Atlassian Jira (v8.20.1#820001)
[jira] [Closed] (SUREFIRE-2044) Upgrade Maven Verifier to 1.8.0
[ https://issues.apache.org/jira/browse/SUREFIRE-2044?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ] Slawomir Jaranowski closed SUREFIRE-2044. - Fix Version/s: 3.0.0-M7 Resolution: Fixed > Upgrade Maven Verifier to 1.8.0 > --- > > Key: SUREFIRE-2044 > URL: https://issues.apache.org/jira/browse/SUREFIRE-2044 > Project: Maven Surefire > Issue Type: Dependency upgrade >Reporter: Slawomir Jaranowski >Assignee: Slawomir Jaranowski >Priority: Major > Fix For: 3.0.0-M7 > > > - check deprecated method in Verifier -- This message was sent by Atlassian Jira (v8.20.1#820001)
[GitHub] [maven-surefire] dependabot[bot] opened a new pull request, #513: Bump commons-io from 2.2 to 2.7 in /surefire-its/src/test/resources/surefire-979-smartStackTrace-wrongClassloader/module1
dependabot[bot] opened a new pull request, #513: URL: https://github.com/apache/maven-surefire/pull/513 Bumps commons-io from 2.2 to 2.7. [![Dependabot compatibility score](https://dependabot-badges.githubapp.com/badges/compatibility_score?dependency-name=commons-io:commons-io=maven=2.2=2.7)](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores) Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting `@dependabot rebase`. [//]: # (dependabot-automerge-start) [//]: # (dependabot-automerge-end) --- Dependabot commands and options You can trigger Dependabot actions by commenting on this PR: - `@dependabot rebase` will rebase this PR - `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it - `@dependabot merge` will merge this PR after your CI passes on it - `@dependabot squash and merge` will squash and merge this PR after your CI passes on it - `@dependabot cancel merge` will cancel a previously requested merge and block automerging - `@dependabot reopen` will reopen this PR if it is closed - `@dependabot close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually - `@dependabot ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself) You can disable automated security fix PRs for this repo from the [Security Alerts page](https://github.com/apache/maven-surefire/network/alerts). -- This is an automated message from the Apache Git Service. To respond to the message, please log on to GitHub and use the URL above to go to the specific comment. To unsubscribe, e-mail: issues-unsubscr...@maven.apache.org For queries about this service, please contact Infrastructure at: us...@infra.apache.org
[GitHub] [maven-surefire] dependabot[bot] opened a new pull request, #512: Bump log4j-core from 2.13.1 to 2.17.1 in /surefire-its/src/test/resources/surefire-1659-stream-corruption
dependabot[bot] opened a new pull request, #512: URL: https://github.com/apache/maven-surefire/pull/512 Bumps log4j-core from 2.13.1 to 2.17.1. [![Dependabot compatibility score](https://dependabot-badges.githubapp.com/badges/compatibility_score?dependency-name=org.apache.logging.log4j:log4j-core=maven=2.13.1=2.17.1)](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores) Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting `@dependabot rebase`. [//]: # (dependabot-automerge-start) [//]: # (dependabot-automerge-end) --- Dependabot commands and options You can trigger Dependabot actions by commenting on this PR: - `@dependabot rebase` will rebase this PR - `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it - `@dependabot merge` will merge this PR after your CI passes on it - `@dependabot squash and merge` will squash and merge this PR after your CI passes on it - `@dependabot cancel merge` will cancel a previously requested merge and block automerging - `@dependabot reopen` will reopen this PR if it is closed - `@dependabot close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually - `@dependabot ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself) You can disable automated security fix PRs for this repo from the [Security Alerts page](https://github.com/apache/maven-surefire/network/alerts). -- This is an automated message from the Apache Git Service. To respond to the message, please log on to GitHub and use the URL above to go to the specific comment. To unsubscribe, e-mail: issues-unsubscr...@maven.apache.org For queries about this service, please contact Infrastructure at: us...@infra.apache.org
[GitHub] [maven-surefire] dependabot[bot] opened a new pull request, #511: Bump junit from 4.13 to 4.13.1 in /surefire-its/src/test/resources/surefire-1733-junit4
dependabot[bot] opened a new pull request, #511: URL: https://github.com/apache/maven-surefire/pull/511 Bumps [junit](https://github.com/junit-team/junit4) from 4.13 to 4.13.1. Release notes Sourced from https://github.com/junit-team/junit4/releases;>junit's releases. JUnit 4.13.1 Please refer to the https://github.com/junit-team/junit/blob/HEAD/doc/ReleaseNotes4.13.1.md;>release notes for details. Changelog Sourced from https://github.com/junit-team/junit4/blob/main/doc/ReleaseNotes4.13.1.md;>junit's changelog. Summary of changes in version 4.13.1 Rules Security fix: TemporaryFolder now limits access to temporary folders on Java 1.7 or later A local information disclosure vulnerability in TemporaryFolder has been fixed. See the published https://github.com/junit-team/junit4/security/advisories/GHSA-269g-pwp5-87pp;>security advisory for details. Test Runners [Pull request https://github-redirect.dependabot.com/junit-team/junit4/issues/1669;>#1669:](https://github-redirect.dependabot.com/junit-team/junit/pull/1669;>junit-team/junit#1669) Make FrameworkField constructor public Prior to this change, custom runners could make FrameworkMethod instances, but not FrameworkField instances. This small change allows for both now, because FrameworkField's constructor has been promoted from package-private to public. Commits https://github.com/junit-team/junit4/commit/1b683f4ec07bcfa40149f086d32240f805487e66;>1b683f4 [maven-release-plugin] prepare release r4.13.1 https://github.com/junit-team/junit4/commit/ce6ce3aadc070db2902698fe0d3dc6729cd631f2;>ce6ce3a Draft 4.13.1 release notes https://github.com/junit-team/junit4/commit/c29dd8239d6b353e699397eb090a1fd27411fa24;>c29dd82 Change version to 4.13.1-SNAPSHOT https://github.com/junit-team/junit4/commit/1d174861f0b64f97ab0722bb324a760bfb02f567;>1d17486 Add a link to assertThrows in exception testing https://github.com/junit-team/junit4/commit/543905df72ff10364b94dda27552efebf3dd04e9;>543905d Use separate line for annotation in Javadoc https://github.com/junit-team/junit4/commit/510e906b391e7e46a346e1c852416dc7be934944;>510e906 Add sub headlines to class Javadoc https://github.com/junit-team/junit4/commit/610155b8c22138329f0723eec22521627dbc52ae;>610155b Merge pull request from GHSA-269g-pwp5-87pp https://github.com/junit-team/junit4/commit/b6cfd1e3d736cc2106242a8be799615b472c7fec;>b6cfd1e Explicitly wrap float parameter for consistency (https://github-redirect.dependabot.com/junit-team/junit4/issues/1671;>#1671) https://github.com/junit-team/junit4/commit/a5d205c7956dbed302b3bb5ecde5ba4299f0b646;>a5d205c Fix GitHub link in FAQ (https://github-redirect.dependabot.com/junit-team/junit4/issues/1672;>#1672) https://github.com/junit-team/junit4/commit/3a5c6b4d08f408c8ca6a8e0bae71a9bc5a8f97e8;>3a5c6b4 Deprecated since jdk9 replacing constructor instance of Double and Float (https://github-redirect.dependabot.com/junit-team/junit4/issues/1660;>#1660) Additional commits viewable in https://github.com/junit-team/junit4/compare/r4.13...r4.13.1;>compare view [![Dependabot compatibility score](https://dependabot-badges.githubapp.com/badges/compatibility_score?dependency-name=junit:junit=maven=4.13=4.13.1)](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores) Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting `@dependabot rebase`. [//]: # (dependabot-automerge-start) [//]: # (dependabot-automerge-end) --- Dependabot commands and options You can trigger Dependabot actions by commenting on this PR: - `@dependabot rebase` will rebase this PR - `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it - `@dependabot merge` will merge this PR after your CI passes on it - `@dependabot squash and merge` will squash and merge this PR after your CI passes on it - `@dependabot cancel merge` will cancel a previously requested merge and block automerging - `@dependabot reopen` will reopen this PR if it is closed - `@dependabot close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually - `@dependabot ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it
[GitHub] [maven-surefire] dependabot[bot] opened a new pull request, #509: Bump junit from 4.13 to 4.13.1 in /surefire-its/src/test/resources/junit-4-5
dependabot[bot] opened a new pull request, #509: URL: https://github.com/apache/maven-surefire/pull/509 Bumps [junit](https://github.com/junit-team/junit4) from 4.13 to 4.13.1. Release notes Sourced from https://github.com/junit-team/junit4/releases;>junit's releases. JUnit 4.13.1 Please refer to the https://github.com/junit-team/junit/blob/HEAD/doc/ReleaseNotes4.13.1.md;>release notes for details. Changelog Sourced from https://github.com/junit-team/junit4/blob/main/doc/ReleaseNotes4.13.1.md;>junit's changelog. Summary of changes in version 4.13.1 Rules Security fix: TemporaryFolder now limits access to temporary folders on Java 1.7 or later A local information disclosure vulnerability in TemporaryFolder has been fixed. See the published https://github.com/junit-team/junit4/security/advisories/GHSA-269g-pwp5-87pp;>security advisory for details. Test Runners [Pull request https://github-redirect.dependabot.com/junit-team/junit4/issues/1669;>#1669:](https://github-redirect.dependabot.com/junit-team/junit/pull/1669;>junit-team/junit#1669) Make FrameworkField constructor public Prior to this change, custom runners could make FrameworkMethod instances, but not FrameworkField instances. This small change allows for both now, because FrameworkField's constructor has been promoted from package-private to public. Commits https://github.com/junit-team/junit4/commit/1b683f4ec07bcfa40149f086d32240f805487e66;>1b683f4 [maven-release-plugin] prepare release r4.13.1 https://github.com/junit-team/junit4/commit/ce6ce3aadc070db2902698fe0d3dc6729cd631f2;>ce6ce3a Draft 4.13.1 release notes https://github.com/junit-team/junit4/commit/c29dd8239d6b353e699397eb090a1fd27411fa24;>c29dd82 Change version to 4.13.1-SNAPSHOT https://github.com/junit-team/junit4/commit/1d174861f0b64f97ab0722bb324a760bfb02f567;>1d17486 Add a link to assertThrows in exception testing https://github.com/junit-team/junit4/commit/543905df72ff10364b94dda27552efebf3dd04e9;>543905d Use separate line for annotation in Javadoc https://github.com/junit-team/junit4/commit/510e906b391e7e46a346e1c852416dc7be934944;>510e906 Add sub headlines to class Javadoc https://github.com/junit-team/junit4/commit/610155b8c22138329f0723eec22521627dbc52ae;>610155b Merge pull request from GHSA-269g-pwp5-87pp https://github.com/junit-team/junit4/commit/b6cfd1e3d736cc2106242a8be799615b472c7fec;>b6cfd1e Explicitly wrap float parameter for consistency (https://github-redirect.dependabot.com/junit-team/junit4/issues/1671;>#1671) https://github.com/junit-team/junit4/commit/a5d205c7956dbed302b3bb5ecde5ba4299f0b646;>a5d205c Fix GitHub link in FAQ (https://github-redirect.dependabot.com/junit-team/junit4/issues/1672;>#1672) https://github.com/junit-team/junit4/commit/3a5c6b4d08f408c8ca6a8e0bae71a9bc5a8f97e8;>3a5c6b4 Deprecated since jdk9 replacing constructor instance of Double and Float (https://github-redirect.dependabot.com/junit-team/junit4/issues/1660;>#1660) Additional commits viewable in https://github.com/junit-team/junit4/compare/r4.13...r4.13.1;>compare view [![Dependabot compatibility score](https://dependabot-badges.githubapp.com/badges/compatibility_score?dependency-name=junit:junit=maven=4.13=4.13.1)](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores) Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting `@dependabot rebase`. [//]: # (dependabot-automerge-start) [//]: # (dependabot-automerge-end) --- Dependabot commands and options You can trigger Dependabot actions by commenting on this PR: - `@dependabot rebase` will rebase this PR - `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it - `@dependabot merge` will merge this PR after your CI passes on it - `@dependabot squash and merge` will squash and merge this PR after your CI passes on it - `@dependabot cancel merge` will cancel a previously requested merge and block automerging - `@dependabot reopen` will reopen this PR if it is closed - `@dependabot close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually - `@dependabot ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it
[GitHub] [maven-surefire] dependabot[bot] opened a new pull request, #510: Bump junit from 4.8.1 to 4.13.1 in /surefire-its/src/test/resources/surefire-1004-RunTestFromDependencyJarsTypeAndClassifier/
dependabot[bot] opened a new pull request, #510: URL: https://github.com/apache/maven-surefire/pull/510 Bumps [junit](https://github.com/junit-team/junit4) from 4.8.1 to 4.13.1. Release notes Sourced from https://github.com/junit-team/junit4/releases;>junit's releases. JUnit 4.13.1 Please refer to the https://github.com/junit-team/junit/blob/HEAD/doc/ReleaseNotes4.13.1.md;>release notes for details. JUnit 4.13 Please refer to the https://github.com/junit-team/junit/blob/HEAD/doc/ReleaseNotes4.13.md;>release notes for details. JUnit 4.13 RC 2 Please refer to the https://github.com/junit-team/junit4/wiki/4.13-Release-Notes;>release notes for details. JUnit 4.13 RC 1 Please refer to the https://github.com/junit-team/junit4/wiki/4.13-Release-Notes;>release notes for details. JUnit 4.13 Beta 3 Please refer to the https://github.com/junit-team/junit4/wiki/4.13-Release-Notes;>release notes for details. JUnit 4.13 Beta 2 Please refer to the https://github.com/junit-team/junit4/wiki/4.13-Release-Notes;>release notes for details. JUnit 4.13 Beta 1 Please refer to the https://github.com/junit-team/junit4/wiki/4.13-Release-Notes;>release notes for details. JUnit 4.12 Please refer to the https://github.com/junit-team/junit/blob/HEAD/doc/ReleaseNotes4.12.md;>release notes for details. JUnit 4.12 Beta 3 Please refer to the https://github.com/junit-team/junit/blob/HEAD/doc/ReleaseNotes4.12.md;>release notes for details. JUnit 4.12 Beta 2 No release notes provided. JUnit 4.12 Beta 1 No release notes provided. JUnit 4.11 No release notes provided. Changelog Sourced from https://github.com/junit-team/junit4/blob/main/doc/ReleaseNotes4.13.1.md;>junit's changelog. Summary of changes in version 4.13.1 Rules Security fix: TemporaryFolder now limits access to temporary folders on Java 1.7 or later A local information disclosure vulnerability in TemporaryFolder has been fixed. See the published https://github.com/junit-team/junit4/security/advisories/GHSA-269g-pwp5-87pp;>security advisory for details. Test Runners [Pull request https://github-redirect.dependabot.com/junit-team/junit4/issues/1669;>#1669:](https://github-redirect.dependabot.com/junit-team/junit/pull/1669;>junit-team/junit#1669) Make FrameworkField constructor public Prior to this change, custom runners could make FrameworkMethod instances, but not FrameworkField instances. This small change allows for both now, because FrameworkField's constructor has been promoted from package-private to public. Commits https://github.com/junit-team/junit4/commit/1b683f4ec07bcfa40149f086d32240f805487e66;>1b683f4 [maven-release-plugin] prepare release r4.13.1 https://github.com/junit-team/junit4/commit/ce6ce3aadc070db2902698fe0d3dc6729cd631f2;>ce6ce3a Draft 4.13.1 release notes https://github.com/junit-team/junit4/commit/c29dd8239d6b353e699397eb090a1fd27411fa24;>c29dd82 Change version to 4.13.1-SNAPSHOT https://github.com/junit-team/junit4/commit/1d174861f0b64f97ab0722bb324a760bfb02f567;>1d17486 Add a link to assertThrows in exception testing https://github.com/junit-team/junit4/commit/543905df72ff10364b94dda27552efebf3dd04e9;>543905d Use separate line for annotation in Javadoc https://github.com/junit-team/junit4/commit/510e906b391e7e46a346e1c852416dc7be934944;>510e906 Add sub headlines to class Javadoc https://github.com/junit-team/junit4/commit/610155b8c22138329f0723eec22521627dbc52ae;>610155b Merge pull request from GHSA-269g-pwp5-87pp https://github.com/junit-team/junit4/commit/b6cfd1e3d736cc2106242a8be799615b472c7fec;>b6cfd1e Explicitly wrap float parameter for consistency (https://github-redirect.dependabot.com/junit-team/junit4/issues/1671;>#1671) https://github.com/junit-team/junit4/commit/a5d205c7956dbed302b3bb5ecde5ba4299f0b646;>a5d205c Fix GitHub link in FAQ (https://github-redirect.dependabot.com/junit-team/junit4/issues/1672;>#1672) https://github.com/junit-team/junit4/commit/3a5c6b4d08f408c8ca6a8e0bae71a9bc5a8f97e8;>3a5c6b4 Deprecated since jdk9 replacing constructor instance of Double and Float (https://github-redirect.dependabot.com/junit-team/junit4/issues/1660;>#1660) Additional commits viewable in https://github.com/junit-team/junit4/compare/r4.8.1...r4.13.1;>compare view [![Dependabot compatibility score](https://dependabot-badges.githubapp.com/badges/compatibility_score?dependency-name=junit:junit=maven=4.8.1=4.13.1)](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores) Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting `@dependabot rebase`. [//]: # (dependabot-automerge-start) [//]: # (dependabot-automerge-end) ---
[GitHub] [maven-surefire] slawekjaranowski merged pull request #507: [SUREFIRE-2044] Upgrade Maven Verifier to 1.8.0
slawekjaranowski merged PR #507: URL: https://github.com/apache/maven-surefire/pull/507 -- This is an automated message from the Apache Git Service. To respond to the message, please log on to GitHub and use the URL above to go to the specific comment. To unsubscribe, e-mail: issues-unsubscr...@maven.apache.org For queries about this service, please contact Infrastructure at: us...@infra.apache.org
[GitHub] [maven-surefire] slawekjaranowski commented on pull request #505: [SUREFIRE-2055] Always show random seed
slawekjaranowski commented on PR #505: URL: https://github.com/apache/maven-surefire/pull/505#issuecomment-1089241967 @delanym - please check build result - PR template contains important things - should be preserved -- This is an automated message from the Apache Git Service. To respond to the message, please log on to GitHub and use the URL above to go to the specific comment. To unsubscribe, e-mail: issues-unsubscr...@maven.apache.org For queries about this service, please contact Infrastructure at: us...@infra.apache.org
[GitHub] [maven-deploy-plugin] slawekjaranowski commented on a diff in pull request #21: [doc] improve site documentation deploy-ssh-external example
slawekjaranowski commented on code in PR #21: URL: https://github.com/apache/maven-deploy-plugin/pull/21#discussion_r843179383 ## src/site/apt/examples/deploy-ssh-external.apt: ## @@ -58,9 +58,26 @@ Deployment of artifacts in an external SSH command ++ - If you are deploying from Unix or have Cygwin installed you won't need to any additional configuration in your <<>> - file as everything will be taken from the environment. But if you are on Windows and are using something like <<>> then - you will need something like the following: + If you are deploying from Linux/Unix or have Cygwin installed you only need to add the location of your PEM based private key in your <<>> + +++ + + + ... + + + production-server Review Comment: `id` should be the same as in `distributionManagement` -- This is an automated message from the Apache Git Service. To respond to the message, please log on to GitHub and use the URL above to go to the specific comment. To unsubscribe, e-mail: issues-unsubscr...@maven.apache.org For queries about this service, please contact Infrastructure at: us...@infra.apache.org
[jira] [Commented] (MNG-7447) Several Improvements by using Stream API
[ https://issues.apache.org/jira/browse/MNG-7447?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel=17517658#comment-17517658 ] Karl Heinz Marbaise commented on MNG-7447: -- Done in [896c707d324330d7d4ad92674187923945efcda9|https://gitbox.apache.org/repos/asf?p=maven.git;a=commitdiff;h=896c707d324330d7d4ad92674187923945efcda9] > Several Improvements by using Stream API > > > Key: MNG-7447 > URL: https://issues.apache.org/jira/browse/MNG-7447 > Project: Maven > Issue Type: Sub-task >Affects Versions: 3.9.0, 4.0.0 >Reporter: Karl Heinz Marbaise >Assignee: Karl Heinz Marbaise >Priority: Major > Fix For: 3.9.0, 4.0.0 > > -- This message was sent by Atlassian Jira (v8.20.1#820001)
[jira] [Closed] (MNG-7447) Several Improvements by using Stream API
[ https://issues.apache.org/jira/browse/MNG-7447?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ] Karl Heinz Marbaise closed MNG-7447. Resolution: Done > Several Improvements by using Stream API > > > Key: MNG-7447 > URL: https://issues.apache.org/jira/browse/MNG-7447 > Project: Maven > Issue Type: Sub-task >Affects Versions: 3.9.0, 4.0.0 >Reporter: Karl Heinz Marbaise >Assignee: Karl Heinz Marbaise >Priority: Major > Fix For: 3.9.0, 4.0.0 > > -- This message was sent by Atlassian Jira (v8.20.1#820001)
[GitHub] [maven] asfgit merged pull request #702: [MNG-7447] - Several Improvements by using Stream API
asfgit merged PR #702: URL: https://github.com/apache/maven/pull/702 -- This is an automated message from the Apache Git Service. To respond to the message, please log on to GitHub and use the URL above to go to the specific comment. To unsubscribe, e-mail: issues-unsubscr...@maven.apache.org For queries about this service, please contact Infrastructure at: us...@infra.apache.org
[jira] [Commented] (SUREFIRE-1651) JUnit5 Vintage + Maven-Failsafe + Category = ???
[ https://issues.apache.org/jira/browse/SUREFIRE-1651?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel=17517650#comment-17517650 ] Reuben Sivan commented on SUREFIRE-1651: On further inspection, there is a problem with excludedGroups, but the problem is not that JUnit5 ignores excludedGroups. See [https://github.com/junit-team/junit5/issues/2877] for details. > JUnit5 Vintage + Maven-Failsafe + Category = ??? > > > Key: SUREFIRE-1651 > URL: https://issues.apache.org/jira/browse/SUREFIRE-1651 > Project: Maven Surefire > Issue Type: Bug > Components: JUnit 5.x support >Affects Versions: 2.22.1 >Reporter: Torsten Mingers >Priority: Major > Fix For: waiting-for-apache-feedback > > Attachments: IntegrationTestJUnit5Vintage.zip > > > I finally managed to switch our test infrastructure to JUnit5. Strictly > speaking, it is the first step and the "old" tests are all still JUnit4 and > run via the Vintage engine. > I currently have a problem with this combination. > > *Some details:* > We separate unit tests and integration tests with @Category annotations and > then filter them out in Surefire and Failsafe. I'll add the setup below. > Since the change to JUnit5-Vintage, filtering has stopped working and all > tests are always running. > In JUnit5 the filtering happens via Tags. I can not specify these in > JUnit4-based tests. > According to the JUnit5 documentation, the categories should continue to > work: > https://junit.org/junit5/docs/current/user-guide/#migrating-from-junit4-categories-support > However, in the documentary of Surefire (or Failsafe) only tags covered: > https://maven.apache.org/surefire/maven-surefire-plugin/examples/junit-platform.html > The configuration for JUnit5 tags is done in _groups_ as previously with the > categories in JUnit4. But the configuration does not seem to work when using > JUnit5 Vintage engine to run the tests. > Is there a way to configure the Maven Failsafe and Surefire plugins to work > with tags *and* categories? > For a hint, I would be very grateful. > > *Configuration used* > {code} > > org.apache.maven.plugins > maven-surefire-plugin > 2.22.1 > > > **/*.class > > > net.veda.horizon.test.IntegrationTest, > net.veda.horizon.test.IntegrationTestGraphDB, > net.veda.horizon.test.IntegrationPermissionTest > > > > > ... > > > integrationtest > > > integrationTest > > > > > > > org.apache.maven.plugins > > maven-failsafe-plugin > 2.19.1 > > > > **/*.java > > > net.veda.horizon.test.IntegrationTest > > > ... > > > > > > ... > {code} > -- This message was sent by Atlassian Jira (v8.20.1#820001)
[GitHub] [maven-deploy-plugin] plotters opened a new pull request, #21: [doc] improve site documentation deploy-ssh-external example
plotters opened a new pull request, #21: URL: https://github.com/apache/maven-deploy-plugin/pull/21 Following this checklist to help us incorporate your contribution quickly and easily: - [ ] Make sure there is a [JIRA issue](https://issues.apache.org/jira/browse/MPH) filed for the change (usually before you start working on it). Trivial changes like typos do not require a JIRA issue. Your pull request should address just this issue, without pulling in other changes. - [ ] Each commit in the pull request should have a meaningful subject line and body. - [ ] Format the pull request title like `[MPH-XXX] - Fixes bug in ApproximateQuantiles`, where you replace `MPH-XXX` with the appropriate JIRA issue. Best practice is to use the JIRA issue title in the pull request title and in the first line of the commit message. - [ ] Write a pull request description that is detailed enough to understand what the pull request does, how, and why. - [ ] Run `mvn clean verify` to make sure basic checks pass. A more thorough check will be performed on your pull request automatically. - [ ] You have run the integration tests successfully (`mvn -Prun-its clean verify`). If your pull request is about ~20 lines of code you don't need to sign an [Individual Contributor License Agreement](https://www.apache.org/licenses/icla.pdf) if you are unsure please ask on the developers list. To make clear that you license your contribution under the [Apache License Version 2.0, January 2004](http://www.apache.org/licenses/LICENSE-2.0) you have to acknowledge this by using the following check-box. - [ ] I hereby declare this contribution to be licenced under the [Apache License Version 2.0, January 2004](http://www.apache.org/licenses/LICENSE-2.0) - [ ] In any other case, please file an [Apache Individual Contributor License Agreement](https://www.apache.org/licenses/icla.pdf). -- This is an automated message from the Apache Git Service. To respond to the message, please log on to GitHub and use the URL above to go to the specific comment. To unsubscribe, e-mail: issues-unsubscr...@maven.apache.org For queries about this service, please contact Infrastructure at: us...@infra.apache.org
[GitHub] [maven-invoker] slawekjaranowski merged pull request #48: Add Release Drafter to project
slawekjaranowski merged PR #48: URL: https://github.com/apache/maven-invoker/pull/48 -- This is an automated message from the Apache Git Service. To respond to the message, please log on to GitHub and use the URL above to go to the specific comment. To unsubscribe, e-mail: issues-unsubscr...@maven.apache.org For queries about this service, please contact Infrastructure at: us...@infra.apache.org
[GitHub] [maven-invoker] slawekjaranowski opened a new pull request, #48: Add Release Drafter to project
slawekjaranowski opened a new pull request, #48: URL: https://github.com/apache/maven-invoker/pull/48 Following this checklist to help us incorporate your contribution quickly and easily: - [ ] Make sure there is a [JIRA issue](https://issues.apache.org/jira/projects/MSHARED) filed for the change (usually before you start working on it). Trivial changes like typos do not require a JIRA issue. Your pull request should address just this issue, without pulling in other changes. - [x] Each commit in the pull request should have a meaningful subject line and body. - [ ] Format the pull request title like `[MSHARED-XXX] - Fixes bug in ApproximateQuantiles`, where you replace `MSHARED-XXX` with the appropriate JIRA issue. Best practice is to use the JIRA issue title in the pull request title and in the first line of the commit message. - [ ] Write a pull request description that is detailed enough to understand what the pull request does, how, and why. - [x] Run `mvn clean verify` to make sure basic checks pass. A more thorough check will be performed on your pull request automatically. If your pull request is about ~20 lines of code you don't need to sign an [Individual Contributor License Agreement](https://www.apache.org/licenses/icla.pdf) if you are unsure please ask on the developers list. To make clear that you license your contribution under the [Apache License Version 2.0, January 2004](http://www.apache.org/licenses/LICENSE-2.0) you have to acknowledge this by using the following check-box. - [x] I hereby declare this contribution to be licenced under the [Apache License Version 2.0, January 2004](http://www.apache.org/licenses/LICENSE-2.0) - [x] In any other case, please file an [Apache Individual Contributor License Agreement](https://www.apache.org/licenses/icla.pdf). -- This is an automated message from the Apache Git Service. To respond to the message, please log on to GitHub and use the URL above to go to the specific comment. To unsubscribe, e-mail: issues-unsubscr...@maven.apache.org For queries about this service, please contact Infrastructure at: us...@infra.apache.org
[jira] [Created] (MCLEAN-102) Fast is slower on windows with many cores
Delany created MCLEAN-102: - Summary: Fast is slower on windows with many cores Key: MCLEAN-102 URL: https://issues.apache.org/jira/browse/MCLEAN-102 Project: Maven Clean Plugin Issue Type: Bug Affects Versions: 3.2.0 Environment: Windows 10 Reporter: Delany I run a 500+ module project with 4 core Linux and experience a 20sec improvement in reactor build time when enabling the fast. My one colleagues runs the same build with 4 cores on Windows and also sees an improvement. But two other colleagues run the same build with 12 cores on Windows (one uses cygwin, the other powershell) and they consistently see a slowdown from 2:14 to 3:23, for example. -- This message was sent by Atlassian Jira (v8.20.1#820001)
[GitHub] [maven] mthmulders commented on a diff in pull request #697: [MNG-7360] Fix xml transformation to ensure proper context
mthmulders commented on code in PR #697: URL: https://github.com/apache/maven/pull/697#discussion_r842727086 ## maven-model-transform/src/main/java/org/apache/maven/model/transform/pull/NodeBufferingParser.java: ## @@ -38,44 +37,54 @@ private final List buffer = new ArrayList<>(); -private final String nodeName; +private final ArrayList stack = new ArrayList<>(); Review Comment: Shouldn't this variable be of type `List`? "Program against interfaces, not implementations." ## maven-model-transform/src/main/java/org/apache/maven/model/transform/pull/NodeBufferingParser.java: ## @@ -38,44 +37,54 @@ private final List buffer = new ArrayList<>(); -private final String nodeName; +private final ArrayList stack = new ArrayList<>(); private boolean buffering; -public NodeBufferingParser( XmlPullParser xmlPullParser, String nodeName ) +public NodeBufferingParser( XmlPullParser xmlPullParser ) { super( xmlPullParser ); -this.nodeName = Objects.requireNonNull( nodeName ); } @Override protected boolean accept() throws XmlPullParserException, IOException { -if ( nodeName.equals( xmlPullParser.getName() ) ) +int event = xmlPullParser.getEventType(); +if ( event == START_TAG ) { -if ( xmlPullParser.getEventType() == START_TAG && !buffering ) +String name = xmlPullParser.getName(); +stack.add( name ); +if ( !buffering ) { -buffer.add( bufferEvent() ); -buffering = true; -return false; +buffering = shouldBuffer( stack ); } -if ( xmlPullParser.getEventType() == END_TAG && buffering ) +} +else if ( event == END_TAG ) +{ +stack.remove( stack.size() - 1 ); +if ( buffering ) { -buffer.add( bufferEvent() ); -process( buffer ); -buffering = false; -buffer.clear(); -return false; +buffering = shouldBuffer( stack ); +if ( !buffering ) +{ +buffer.add( bufferEvent() ); +process( buffer ); +buffering = false; +buffer.clear(); +return false; +} } } -else if ( buffering ) +if ( buffering ) { buffer.add( bufferEvent() ); return false; } return true; } +protected abstract boolean shouldBuffer( ArrayList stack ); Review Comment: Shouldn't this method argument (and its implementations) declare `List`? "Program against interfaces, not implementations." -- This is an automated message from the Apache Git Service. To respond to the message, please log on to GitHub and use the URL above to go to the specific comment. To unsubscribe, e-mail: issues-unsubscr...@maven.apache.org For queries about this service, please contact Infrastructure at: us...@infra.apache.org
[jira] [Commented] (MRELEASE-1079) scm tag is added to child module
[ https://issues.apache.org/jira/browse/MRELEASE-1079?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel=17517392#comment-17517392 ] Markus Schäfer commented on MRELEASE-1079: -- Yes, we use git as vcs. I've forked the maven-release repo and added a new integrationtest to reproduce the behaviour. See: [[MRELEASE-1079] new integration test|https://github.com/markusschaefer/maven-release/commit/0c020ca17aba843d1fe8ee3b70b45843655855a9] > scm tag is added to child module > > > Key: MRELEASE-1079 > URL: https://issues.apache.org/jira/browse/MRELEASE-1079 > Project: Maven Release Plugin > Issue Type: Bug > Components: prepare >Affects Versions: 3.0.0-M5 >Reporter: Markus Schäfer >Priority: Critical > > With Version 3.0.0-M5 child modules gets an scm tag during the prepare step > when there is more than one module level. > The Bug seems to be in RewritePomsForReleasePhase. > RewritePomsForDevelopmentPhase removes the scm tag. Only the tagged release > has these scm tags. > > -- This message was sent by Atlassian Jira (v8.20.1#820001)
[jira] [Commented] (MRELEASE-1079) scm tag is added to child module
[ https://issues.apache.org/jira/browse/MRELEASE-1079?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel=17517384#comment-17517384 ] Karl Heinz Marbaise commented on MRELEASE-1079: --- Do you have an example project to reproduce the issue? Furthermore which version control tool do you use? Git? > scm tag is added to child module > > > Key: MRELEASE-1079 > URL: https://issues.apache.org/jira/browse/MRELEASE-1079 > Project: Maven Release Plugin > Issue Type: Bug > Components: prepare >Affects Versions: 3.0.0-M5 >Reporter: Markus Schäfer >Priority: Critical > > With Version 3.0.0-M5 child modules gets an scm tag during the prepare step > when there is more than one module level. > The Bug seems to be in RewritePomsForReleasePhase. > RewritePomsForDevelopmentPhase removes the scm tag. Only the tagged release > has these scm tags. > > -- This message was sent by Atlassian Jira (v8.20.1#820001)
[jira] [Created] (SUREFIRE-2058) Corrupted STDOUT by directly writing to native stream in forked JVM 1 with UTF-8 console logging
Zoltan Meze created SUREFIRE-2058: - Summary: Corrupted STDOUT by directly writing to native stream in forked JVM 1 with UTF-8 console logging Key: SUREFIRE-2058 URL: https://issues.apache.org/jira/browse/SUREFIRE-2058 Project: Maven Surefire Issue Type: Bug Components: JUnit 5.x support, Maven Surefire Plugin Affects Versions: 3.0.0-M6 Reporter: Zoltan Meze With 3.0.0-M6 surefire and slf4j + logback, most test runs end up with: {code:java} [WARNING] Corrupted channel by directly writing to native stream in forked JVM 1. {code} This only affects *3.0.0-M6* (3.0.0-M5 version is working fine in test project). After some digging, there are two different scenarios (most likely caused by the same issue): * 2-byte character at position 1023 (or N * 1024 - 1) in log message is causing the following warning {code:java} [WARNING] Corrupted channel by directly writing to native stream in forked JVM 1. {code} To reproduce this issue logback (with slf4j) should be used. Not able to reproduce with System.out.println. * 4-byte character at position 1023 (or N * 1024 - 1) in log message. Can be reproduced with System.out.println (logback not required in this case). This blocks surefire entirely at (from jstack): {code:java} "fork-1-event-thread" #30 daemon prio=5 os_prio=0 cpu=32350.09ms elapsed=32.94s tid=0x7ff8292d7800 nid=0x3caef runnable [0x7ff7876f6000] java.lang.Thread.State: RUNNABLE at org.apache.maven.surefire.api.stream.AbstractStreamDecoder.decodeString(AbstractStreamDecoder.java:350) at org.apache.maven.surefire.api.stream.AbstractStreamDecoder.readString(AbstractStreamDecoder.java:322) at org.apache.maven.surefire.api.stream.AbstractStreamDecoder.readString(AbstractStreamDecoder.java:196) at org.apache.maven.surefire.stream.EventDecoder.decode(EventDecoder.java:176) at org.apache.maven.plugin.surefire.extensions.EventConsumerThread.run(EventConsumerThread.java:73) {code} Project with reproducible tests (for both scenarios, more in README): [https://github.com/zoltanmeze/surefire-corrupted-channel] One workaround on M6 for now is to use different charset (instead of default UTF-8) or limit message size. -- This message was sent by Atlassian Jira (v8.20.1#820001)
[GitHub] [maven-surefire] slawekjaranowski commented on a diff in pull request #507: [SUREFIRE-2044] Upgrade Maven Verifier to 1.8.0
slawekjaranowski commented on code in PR #507: URL: https://github.com/apache/maven-surefire/pull/507#discussion_r842466292 ## surefire-its/src/test/java/org/apache/maven/surefire/its/fixture/MavenLauncher.java: ## @@ -186,9 +186,9 @@ public MavenLauncher addEnvVar( String key, String value ) return this; } -public MavenLauncher assertNotPresent( String subFile ) +public MavenLauncher verifyFileNotPresent( String subFile ) throws VerificationException { -getVerifier().assertFileNotPresent( getValidator().getSubFile( subFile ).getAbsolutePath() ); Review Comment: old method was deprecated https://github.com/apache/maven-verifier/pull/9 -- This is an automated message from the Apache Git Service. To respond to the message, please log on to GitHub and use the URL above to go to the specific comment. To unsubscribe, e-mail: issues-unsubscr...@maven.apache.org For queries about this service, please contact Infrastructure at: us...@infra.apache.org
[GitHub] [maven-resolver] cstamas commented on a diff in pull request #161: [MRESOLVER-248] Make BF and DF collectors coexists
cstamas commented on code in PR #161: URL: https://github.com/apache/maven-resolver/pull/161#discussion_r842419539 ## maven-resolver-impl/src/main/java/org/eclipse/aether/internal/impl/collect/DefaultDependencyGraphTransformationContext.java: ## @@ -28,15 +28,15 @@ /** */ -class DefaultDependencyGraphTransformationContext +public class DefaultDependencyGraphTransformationContext Review Comment: Fixed -- This is an automated message from the Apache Git Service. To respond to the message, please log on to GitHub and use the URL above to go to the specific comment. To unsubscribe, e-mail: issues-unsubscr...@maven.apache.org For queries about this service, please contact Infrastructure at: us...@infra.apache.org
[GitHub] [maven-resolver] cstamas commented on a diff in pull request #161: [MRESOLVER-248] Make BF and DF collectors coexists
cstamas commented on code in PR #161: URL: https://github.com/apache/maven-resolver/pull/161#discussion_r842416268 ## maven-resolver-impl/src/main/java/org/eclipse/aether/internal/impl/collect/bf/BfProcessingContext.java: ## @@ -29,7 +29,7 @@ import org.eclipse.aether.graph.DependencyNode; import org.eclipse.aether.repository.RemoteRepository; -final class DependencyProcessingContext +final class BfProcessingContext Review Comment: Named it as DependencyProcessingContext as it is already BF specific (same naming pattern that Skipper has) -- This is an automated message from the Apache Git Service. To respond to the message, please log on to GitHub and use the URL above to go to the specific comment. To unsubscribe, e-mail: issues-unsubscr...@maven.apache.org For queries about this service, please contact Infrastructure at: us...@infra.apache.org
[GitHub] [maven-resolver] cstamas commented on a diff in pull request #161: [MRESOLVER-248] Make BF and DF collectors coexists
cstamas commented on code in PR #161: URL: https://github.com/apache/maven-resolver/pull/161#discussion_r842415939 ## maven-resolver-impl/src/main/java/org/eclipse/aether/internal/impl/collect/DependencyCollectorDelegate.java: ## @@ -0,0 +1,96 @@ +package org.eclipse.aether.internal.impl.collect; + +/* + * Licensed to the Apache Software Foundation (ASF) under one + * or more contributor license agreements. See the NOTICE file + * distributed with this work for additional information + * regarding copyright ownership. The ASF licenses this file + * to you under the Apache License, Version 2.0 (the + * "License"); you may not use this file except in compliance + * with the License. You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, + * software distributed under the License is distributed on an + * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY + * KIND, either express or implied. See the License for the + * specific language governing permissions and limitations + * under the License. + */ + +import org.eclipse.aether.impl.ArtifactDescriptorReader; +import org.eclipse.aether.impl.DependencyCollector; +import org.eclipse.aether.impl.RemoteRepositoryManager; +import org.eclipse.aether.impl.VersionRangeResolver; +import org.eclipse.aether.spi.locator.ServiceLocator; +import org.slf4j.Logger; +import org.slf4j.LoggerFactory; + +import static java.util.Objects.requireNonNull; + +/** + * The delegate to the actual implementation. + * + * @since 1.8.0 + */ +public abstract class DependencyCollectorDelegate implements DependencyCollector +{ +protected static final String CONFIG_PROP_MAX_EXCEPTIONS = "aether.dependencyCollector.maxExceptions"; + +protected static final int CONFIG_PROP_MAX_EXCEPTIONS_DEFAULT = 50; + +protected static final String CONFIG_PROP_MAX_CYCLES = "aether.dependencyCollector.maxCycles"; + +protected static final int CONFIG_PROP_MAX_CYCLES_DEFAULT = 10; + +protected final Logger logger = LoggerFactory.getLogger( getClass() ); + +protected RemoteRepositoryManager remoteRepositoryManager; + +protected ArtifactDescriptorReader descriptorReader; + +protected VersionRangeResolver versionRangeResolver; + +public DependencyCollectorDelegate() +{ +// enables default constructor +} + +protected DependencyCollectorDelegate( RemoteRepositoryManager remoteRepositoryManager, + ArtifactDescriptorReader artifactDescriptorReader, + VersionRangeResolver versionRangeResolver ) +{ +setRemoteRepositoryManager( remoteRepositoryManager ); +setArtifactDescriptorReader( artifactDescriptorReader ); +setVersionRangeResolver( versionRangeResolver ); +} + +public void initService( ServiceLocator locator ) +{ +setRemoteRepositoryManager( locator.getService( RemoteRepositoryManager.class ) ); +setArtifactDescriptorReader( locator.getService( ArtifactDescriptorReader.class ) ); +setVersionRangeResolver( locator.getService( VersionRangeResolver.class ) ); +} + +public DependencyCollector setRemoteRepositoryManager( RemoteRepositoryManager remoteRepositoryManager ) +{ +this.remoteRepositoryManager = +requireNonNull( remoteRepositoryManager, "remote repository provider cannot be null" ); Review Comment: fixed -- This is an automated message from the Apache Git Service. To respond to the message, please log on to GitHub and use the URL above to go to the specific comment. To unsubscribe, e-mail: issues-unsubscr...@maven.apache.org For queries about this service, please contact Infrastructure at: us...@infra.apache.org
[GitHub] [maven-surefire] yrodiere commented on pull request #506: SUREFIRE-2056 BufferOverflowException when encoding message with null testId
yrodiere commented on PR #506: URL: https://github.com/apache/maven-surefire/pull/506#issuecomment-1088329572 @Tibor17 I would have, but the bug only occurs the message is an empty string, unlike the existing test, and I assumed this would be too big of a change? Not testing the nominal case with both a message and a test run ID seemed unwise, but what do I know :) I suspect the reason we don't get the bug with a non-empty message is that we over-allocate space in the buffer for the message: length * : https://github.com/apache/maven-surefire/blob/79db90338fb474f91c76991388a35bc412ee1d46/surefire-api/src/main/java/org/apache/maven/surefire/api/stream/AbstractStreamEncoder.java#L206 In the case of UTF-8 the max bytes per char is `3.0f`, while most characters are just 1 byte, so this leaves a few extra bytes in the buffer that can be used for something else, and this over-allocation ends up "compensating" the bug. I adjusted the test name and added a comment to make this clear. Of course if you just wanted me to keep the testing code and shove it into the existing test method, I can do that. -- This is an automated message from the Apache Git Service. To respond to the message, please log on to GitHub and use the URL above to go to the specific comment. To unsubscribe, e-mail: issues-unsubscr...@maven.apache.org For queries about this service, please contact Infrastructure at: us...@infra.apache.org
[GitHub] [maven-resolver] cstamas commented on a diff in pull request #161: [MRESOLVER-248] Make BF and DF collectors coexists
cstamas commented on code in PR #161: URL: https://github.com/apache/maven-resolver/pull/161#discussion_r842415793 ## maven-resolver-impl/src/main/java/org/eclipse/aether/internal/impl/collect/DefaultDependencyCycle.java: ## @@ -30,17 +30,16 @@ import org.eclipse.aether.util.artifact.ArtifactIdUtils; /** - * @see DefaultDependencyCollector + * Default implementation of {@link DependencyCycle}. */ -final class DefaultDependencyCycle +public final class DefaultDependencyCycle Review Comment: fixed ## maven-resolver-impl/src/main/java/org/eclipse/aether/internal/impl/collect/DefaultVersionFilterContext.java: ## @@ -36,7 +36,7 @@ /** * @see DefaultDependencyCollector */ -final class DefaultVersionFilterContext +public final class DefaultVersionFilterContext Review Comment: fixed -- This is an automated message from the Apache Git Service. To respond to the message, please log on to GitHub and use the URL above to go to the specific comment. To unsubscribe, e-mail: issues-unsubscr...@maven.apache.org For queries about this service, please contact Infrastructure at: us...@infra.apache.org
[GitHub] [maven-resolver] cstamas commented on a diff in pull request #161: [MRESOLVER-248] Make BF and DF collectors coexists
cstamas commented on code in PR #161: URL: https://github.com/apache/maven-resolver/pull/161#discussion_r842415618 ## maven-resolver-impl/src/main/java/org/eclipse/aether/internal/impl/collect/DataPool.java: ## @@ -49,7 +49,7 @@ /** */ -final class DataPool +public final class DataPool Review Comment: fixed ## maven-resolver-impl/src/main/java/org/eclipse/aether/internal/impl/collect/DefaultDependencyCollectionContext.java: ## @@ -29,7 +29,7 @@ /** * @see DefaultDependencyCollector */ -final class DefaultDependencyCollectionContext +public final class DefaultDependencyCollectionContext Review Comment: fixed -- This is an automated message from the Apache Git Service. To respond to the message, please log on to GitHub and use the URL above to go to the specific comment. To unsubscribe, e-mail: issues-unsubscr...@maven.apache.org For queries about this service, please contact Infrastructure at: us...@infra.apache.org
[GitHub] [maven-resolver] cstamas commented on a diff in pull request #161: [MRESOLVER-248] Make BF and DF collectors coexists
cstamas commented on code in PR #161: URL: https://github.com/apache/maven-resolver/pull/161#discussion_r842415466 ## maven-resolver-impl/src/main/java/org/eclipse/aether/impl/guice/AetherModule.java: ## @@ -212,6 +221,19 @@ protected void configure() } +@Provides +@Singleton +Map dependencyCollectorDelegates( +@Named( BfDependencyCollector.NAME ) DependencyCollectorDelegate bf, +@Named( DfDependencyCollector.NAME ) DependencyCollectorDelegate df +) +{ +Map providedChecksumsSource = new HashMap<>(); Review Comment: fixed ## maven-resolver-impl/src/main/java/org/eclipse/aether/internal/impl/collect/CachingArtifactTypeRegistry.java: ## @@ -29,7 +29,7 @@ /** * A short-lived artifact type registry that caches results from a presumedly slower type registry. */ -class CachingArtifactTypeRegistry +public class CachingArtifactTypeRegistry Review Comment: fixed -- This is an automated message from the Apache Git Service. To respond to the message, please log on to GitHub and use the URL above to go to the specific comment. To unsubscribe, e-mail: issues-unsubscr...@maven.apache.org For queries about this service, please contact Infrastructure at: us...@infra.apache.org
[GitHub] [maven-resolver] cstamas commented on pull request #161: [MRESOLVER-248] Make BF and DF collectors coexists
cstamas commented on PR #161: URL: https://github.com/apache/maven-resolver/pull/161#issuecomment-1088318575 General remark: the convention to name package as "internal" or "impl" should automatically imply this is INTERNAL thing (AFAIK, some OSGi tooling and Takari life-cycle even enforce this). In this case we deal with "internal.impl" :smile: so IMHO it should be really really clear to developer that this is internal implementation... Am just saying this is something generally used, but agree, will update javadoc -- This is an automated message from the Apache Git Service. To respond to the message, please log on to GitHub and use the URL above to go to the specific comment. To unsubscribe, e-mail: issues-unsubscr...@maven.apache.org For queries about this service, please contact Infrastructure at: us...@infra.apache.org
[jira] [Commented] (MSHADE-160) change default location of dependency-reduced-pom.xml
[ https://issues.apache.org/jira/browse/MSHADE-160?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel=17517235#comment-17517235 ] James Z.M. Gao commented on MSHADE-160: --- as [~rfscholte] suggest, a new [pr|https://github.com/apache/maven-shade-plugin/pull/128] can solve MSHADE-124, then this issue can be solved finally > change default location of dependency-reduced-pom.xml > - > > Key: MSHADE-160 > URL: https://issues.apache.org/jira/browse/MSHADE-160 > Project: Maven Shade Plugin > Issue Type: Wish >Affects Versions: 2.2 >Reporter: Gabriele Catania >Priority: Trivial > Fix For: more-investigation > > > The current defaults of the plugin place the dependency reduced pom alongside > the pom.xml as a sibling file. > Given that it's a generated file, wouldn't it be best to place it by default > inside the target directory? > either something like this: > {code:xml} > > ${project.build.directory}/dependency-reduced-pom.xml > {code} > or, even better (to conform with conventions from other plugins): > {code:xml} > > ${project.build.directory}/generated/shade/dependency-reduced-pom.xml > {code} -- This message was sent by Atlassian Jira (v8.20.1#820001)