date:20220717

[jira] [Commented] (MNG-7509) Huge memory cost when parent pom widely used in a big project for dependencyManagement

2022-07-17 Thread ASF GitHub Bot (Jira)



[ 
https://issues.apache.org/jira/browse/MNG-7509?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=17567632#comment-17567632
 ] 

ASF GitHub Bot commented on MNG-7509:
-

Yougoss opened a new pull request, #768:
URL: https://github.com/apache/maven/pull/768

   Following this checklist to help us incorporate your
   contribution quickly and easily:
   
- [x] Make sure there is a [JIRA 
issue](https://issues.apache.org/jira/browse/MNG) filed
  for the change (usually before you start working on it).  Trivial 
changes like typos do not
  require a JIRA issue. Your pull request should address just this 
issue, without
  pulling in other changes.
- [x] Each commit in the pull request should have a meaningful subject line 
and body.
- [x] Format the pull request title like `[MNG-XXX] SUMMARY`, where you 
replace `MNG-XXX`
  and `SUMMARY` with the appropriate JIRA issue. Best practice is to 
use the JIRA issue
  title in the pull request title and in the first line of the commit 
message.
- [x] Write a pull request description that is detailed enough to 
understand what the pull request does, how, and why.
- [x] Run `mvn clean verify` to make sure basic checks pass. A more 
thorough check will
  be performed on your pull request automatically.
- [ ] You have run the [Core IT][core-its] successfully.
   
   If your pull request is about ~20 lines of code you don't need to sign an
   [Individual Contributor License 
Agreement](https://www.apache.org/licenses/icla.pdf) if you are unsure
   please ask on the developers list.
   
   To make clear that you license your contribution under
   the [Apache License Version 2.0, January 
2004](http://www.apache.org/licenses/LICENSE-2.0)
   you have to acknowledge this by using the following check-box.
   
- [x] I hereby declare this contribution to be licenced under the [Apache 
License Version 2.0, January 2004](http://www.apache.org/licenses/LICENSE-2.0)
   
- [x] In any other case, please file an [Apache Individual Contributor 
License Agreement](https://www.apache.org/licenses/icla.pdf).
   
   [core-its]: https://maven.apache.org/core-its/core-it-suite/
   




> Huge memory cost when parent pom widely used in a big project for 
> dependencyManagement
> --
>
> Key: MNG-7509
> URL: https://issues.apache.org/jira/browse/MNG-7509
> Project: Maven
>  Issue Type: Improvement
>  Components: Performance
>Reporter: Xiong Luyao
>Priority: Major
> Attachments: image-2022-07-09-09-37-53-823.png, 
> image-2022-07-09-09-38-26-354.png, image-2022-07-09-10-27-12-668.png, 
> image-2022-07-09-10-27-56-437.png, image-2022-07-09-10-28-05-706.png, 
> image-2022-07-09-10-28-22-864.png, image-2022-07-09-10-28-35-341.png, 
> image-2022-07-09-10-28-40-612.png, image-2022-07-09-10-29-04-045.png, 
> image-2022-07-09-10-29-15-822.png, image-2022-07-09-10-29-21-991.png, 
> image-2022-07-09-10-29-46-216.png, image-2022-07-09-10-29-51-456.png
>
>
> When maven try to resolve dependency relationship, it will create many 
> instances of dependency / artifact, even the dependency/artifact content is 
> totally same, but just in different pom models. It cost huge memory if there 
> is a parent pom with dependencyManagement which managed a lot of 
> dependencies, and this parent pom are implemented by many project libraries.
> (libraries_count * managedDependency_count) dependency instances will be 
> created. For example, if there are 3000 libraries, and all the library 
> introduce same parent pom which managed 3000 dependencies version. There will 
> be 3000*3000 =9,000,000 dependency instances will be created. But most of 
> them are same, in fact, we only need one instance for each dependency in 
> parent pom (3000 dependency instances).
>  
> I'm from eBay, and here is a real case in enterprise level project. We have 
> about 3000 business domain libraries, there are dependency relationship 
> between them. We need to build all libraries in one release to keep all the 
> libraries in same release are based on same code. So we used a parent pom as 
> a central management to manage all the version for a release, and introduced 
> by those libraries.  As below picture, when the release start, it will 
> calculate and start with the library which doesn't depend on others, then 
> start the library which dependency libraries are already built. Keep this 
> process until all libraries are built.
> With current maven resolve logic, it costs huge memory in above ways to built 
> libraries. And even the libraries have been released, if the project which 
> contains a lot of above libraries, it also cost huge memory when building 
> project.
> So current now, we have to specify

[jira] [Commented] (SCM-945) Support OpenSSH private keys with maven-scm-provider-jgit

2022-07-17 Thread ASF GitHub Bot (Jira)



[ 
https://issues.apache.org/jira/browse/SCM-945?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=17567631#comment-17567631
 ] 

ASF GitHub Bot commented on SCM-945:


michael-o commented on PR #153:
URL: https://github.com/apache/maven-scm/pull/153#issuecomment-1186512316

   > git executable leverages the ssh executable for authentication and 
therefore there is no change with regard to supported private keys formats
   
   That's not what I mean, I mean that you can now supply an expliclt key which 
wasn't supported by now. Of course, the format and transport won't change.




> Support OpenSSH private keys with maven-scm-provider-jgit
> -
>
> Key: SCM-945
> URL: https://issues.apache.org/jira/browse/SCM-945
> Project: Maven SCM
>  Issue Type: Bug
>  Components: maven-scm-provider-jgit
>Affects Versions: 1.11.2
>Reporter: Konrad Windszus
>Assignee: Michael Osipov
>Priority: Major
>
> For SSH based authentication with private keys in the OpenSSH format the 
> following error is being emitted:  {{invalid privatekey: ...}}
> This is due to the use of JGit 4.5.4 
> (https://github.com/apache/maven-scm/blob/c5eb2c187568809e0dc0ea9ac83031f1dcb5ad1a/maven-scm-providers/maven-scm-providers-git/maven-scm-provider-jgit/pom.xml#L53)
>  which used JSch which lacks support for those private keys. JGit 5.2 comes 
> with a new SSH implementation 
> (https://bugs.eclipse.org/bugs/show_bug.cgi?id=520927) and should by that 
> also support OpenSSH private keys.



--
This message was sent by Atlassian Jira
(v8.20.10#820010)

[GitHub] [maven] Yougoss opened a new pull request, #768: [MNG-7509] - Huge memory cost when parent pom widely used in a big project for dependencyManagement for 3.9.x

2022-07-17 Thread GitBox



Yougoss opened a new pull request, #768:
URL: https://github.com/apache/maven/pull/768

   Following this checklist to help us incorporate your
   contribution quickly and easily:
   
- [x] Make sure there is a [JIRA 
issue](https://issues.apache.org/jira/browse/MNG) filed
  for the change (usually before you start working on it).  Trivial 
changes like typos do not
  require a JIRA issue. Your pull request should address just this 
issue, without
  pulling in other changes.
- [x] Each commit in the pull request should have a meaningful subject line 
and body.
- [x] Format the pull request title like `[MNG-XXX] SUMMARY`, where you 
replace `MNG-XXX`
  and `SUMMARY` with the appropriate JIRA issue. Best practice is to 
use the JIRA issue
  title in the pull request title and in the first line of the commit 
message.
- [x] Write a pull request description that is detailed enough to 
understand what the pull request does, how, and why.
- [x] Run `mvn clean verify` to make sure basic checks pass. A more 
thorough check will
  be performed on your pull request automatically.
- [ ] You have run the [Core IT][core-its] successfully.
   
   If your pull request is about ~20 lines of code you don't need to sign an
   [Individual Contributor License 
Agreement](https://www.apache.org/licenses/icla.pdf) if you are unsure
   please ask on the developers list.
   
   To make clear that you license your contribution under
   the [Apache License Version 2.0, January 
2004](http://www.apache.org/licenses/LICENSE-2.0)
   you have to acknowledge this by using the following check-box.
   
- [x] I hereby declare this contribution to be licenced under the [Apache 
License Version 2.0, January 2004](http://www.apache.org/licenses/LICENSE-2.0)
   
- [x] In any other case, please file an [Apache Individual Contributor 
License Agreement](https://www.apache.org/licenses/icla.pdf).
   
   [core-its]: https://maven.apache.org/core-its/core-it-suite/
   


-- 
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.

To unsubscribe, e-mail: issues-unsubscr...@maven.apache.org

For queries about this service, please contact Infrastructure at:
us...@infra.apache.org

[GitHub] [maven-scm] michael-o commented on pull request #153: [SCM-945] Update to JGit 5.13.1 leveraging Apache Mina SSHD

2022-07-17 Thread GitBox



michael-o commented on PR #153:
URL: https://github.com/apache/maven-scm/pull/153#issuecomment-1186512316

   > git executable leverages the ssh executable for authentication and 
therefore there is no change with regard to supported private keys formats
   
   That's not what I mean, I mean that you can now supply an expliclt key which 
wasn't supported by now. Of course, the format and transport won't change.


-- 
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.

To unsubscribe, e-mail: issues-unsubscr...@maven.apache.org

For queries about this service, please contact Infrastructure at:
us...@infra.apache.org

[jira] [Updated] (MGPG-86) NullPointerException when gpg executable cannot be found

2022-07-17 Thread Sylwester Lachiewicz (Jira)



 [ 
https://issues.apache.org/jira/browse/MGPG-86?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel
 ]

Sylwester Lachiewicz updated MGPG-86:
-
Fix Version/s: 3.1.0

> NullPointerException when gpg executable cannot be found
> 
>
> Key: MGPG-86
> URL: https://issues.apache.org/jira/browse/MGPG-86
> Project: Maven GPG Plugin
>  Issue Type: Bug
>Affects Versions: 1.5, 1.6, 3.0.1
> Environment: linux, macos
>Reporter: Chas Honton
>Priority: Major
> Fix For: 3.1.0
>
>
> {noformat}
> [ERROR] Failed to execute goal 
> org.apache.maven.plugins:maven-gpg-plugin:3.0.1:sign (sign-artifacts) on 
> project git-tag-maven-plugin: Execution sign-artifacts of goal 
> org.apache.maven.plugins:maven-gpg-plugin:3.0.1:sign failed.: 
> NullPointerException -> [Help 1]
> org.apache.maven.lifecycle.LifecycleExecutionException: Failed to execute 
> goal org.apache.maven.plugins:maven-gpg-plugin:3.0.1:sign (sign-artifacts) on 
> project git-tag-maven-plugin: Execution sign-artifacts of goal 
> org.apache.maven.plugins:maven-gpg-plugin:3.0.1:sign failed.
> at org.apache.maven.lifecycle.internal.MojoExecutor.doExecute 
> (MojoExecutor.java:306)
> at org.apache.maven.lifecycle.internal.MojoExecutor.execute 
> (MojoExecutor.java:211)
> at org.apache.maven.lifecycle.internal.MojoExecutor.execute 
> (MojoExecutor.java:165)
> at org.apache.maven.lifecycle.internal.MojoExecutor.execute 
> (MojoExecutor.java:157)
> at 
> org.apache.maven.lifecycle.internal.LifecycleModuleBuilder.buildProject 
> (LifecycleModuleBuilder.java:121)
> at 
> org.apache.maven.lifecycle.internal.LifecycleModuleBuilder.buildProject 
> (LifecycleModuleBuilder.java:81)
> at 
> org.apache.maven.lifecycle.internal.builder.singlethreaded.SingleThreadedBuilder.build
>  (SingleThreadedBuilder.java:56)
> at org.apache.maven.lifecycle.internal.LifecycleStarter.execute 
> (LifecycleStarter.java:127)
> at org.apache.maven.DefaultMaven.doExecute (DefaultMaven.java:294)
> at org.apache.maven.DefaultMaven.doExecute (DefaultMaven.java:192)
> at org.apache.maven.DefaultMaven.execute (DefaultMaven.java:105)
> at org.apache.maven.cli.MavenCli.execute (MavenCli.java:960)
> at org.apache.maven.cli.MavenCli.doMain (MavenCli.java:293)
> at org.apache.maven.cli.MavenCli.main (MavenCli.java:196)
> at jdk.internal.reflect.NativeMethodAccessorImpl.invoke0 (Native Method)
> at jdk.internal.reflect.NativeMethodAccessorImpl.invoke 
> (NativeMethodAccessorImpl.java:62)
> at jdk.internal.reflect.DelegatingMethodAccessorImpl.invoke 
> (DelegatingMethodAccessorImpl.java:43)
> at java.lang.reflect.Method.invoke (Method.java:566)
> at org.codehaus.plexus.classworlds.launcher.Launcher.launchEnhanced 
> (Launcher.java:282)
> at org.codehaus.plexus.classworlds.launcher.Launcher.launch 
> (Launcher.java:225)
> at org.codehaus.plexus.classworlds.launcher.Launcher.mainWithExitCode 
> (Launcher.java:406)
> at org.codehaus.plexus.classworlds.launcher.Launcher.main 
> (Launcher.java:347)
> Caused by: org.apache.maven.plugin.PluginExecutionException: Execution 
> sign-artifacts of goal org.apache.maven.plugins:maven-gpg-plugin:3.0.1:sign 
> failed.
> at org.apache.maven.plugin.DefaultBuildPluginManager.executeMojo 
> (DefaultBuildPluginManager.java:148)
> at org.apache.maven.lifecycle.internal.MojoExecutor.doExecute 
> (MojoExecutor.java:301)
> at org.apache.maven.lifecycle.internal.MojoExecutor.execute 
> (MojoExecutor.java:211)
> at org.apache.maven.lifecycle.internal.MojoExecutor.execute 
> (MojoExecutor.java:165)
> at org.apache.maven.lifecycle.internal.MojoExecutor.execute 
> (MojoExecutor.java:157)
> at 
> org.apache.maven.lifecycle.internal.LifecycleModuleBuilder.buildProject 
> (LifecycleModuleBuilder.java:121)
> at 
> org.apache.maven.lifecycle.internal.LifecycleModuleBuilder.buildProject 
> (LifecycleModuleBuilder.java:81)
> at 
> org.apache.maven.lifecycle.internal.builder.singlethreaded.SingleThreadedBuilder.build
>  (SingleThreadedBuilder.java:56)
> at org.apache.maven.lifecycle.internal.LifecycleStarter.execute 
> (LifecycleStarter.java:127)
> at org.apache.maven.DefaultMaven.doExecute (DefaultMaven.java:294)
> at org.apache.maven.DefaultMaven.doExecute (DefaultMaven.java:192)
> at org.apache.maven.DefaultMaven.execute (DefaultMaven.java:105)
> at org.apache.maven.cli.MavenCli.execute (MavenCli.java:960)
> at org.apache.maven.cli.MavenCli.doMain (MavenCli.java:293)
> at org.apache.maven.cli.MavenCli.main (MavenCli.java:196)
> at jdk.internal.reflect.NativeMethodAccessorImpl.invoke0 (Native Method)
> at jdk.internal.reflect.NativeMethodAccessorImpl.invoke 
> (NativeMethodAccessorImpl.java:62)
> at jdk.internal.reflect.Delegat

[jira] [Commented] (SCM-945) Support OpenSSH private keys with maven-scm-provider-jgit

2022-07-17 Thread ASF GitHub Bot (Jira)



[ 
https://issues.apache.org/jira/browse/SCM-945?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=17567629#comment-17567629
 ] 

ASF GitHub Bot commented on SCM-945:


kwin commented on PR #153:
URL: https://github.com/apache/maven-scm/pull/153#issuecomment-1186509299

   git executable leverages the ssh executable for authentication and therefore 
there is no change with regard to supported private keys formats




> Support OpenSSH private keys with maven-scm-provider-jgit
> -
>
> Key: SCM-945
> URL: https://issues.apache.org/jira/browse/SCM-945
> Project: Maven SCM
>  Issue Type: Bug
>  Components: maven-scm-provider-jgit
>Affects Versions: 1.11.2
>Reporter: Konrad Windszus
>Assignee: Michael Osipov
>Priority: Major
>
> For SSH based authentication with private keys in the OpenSSH format the 
> following error is being emitted:  {{invalid privatekey: ...}}
> This is due to the use of JGit 4.5.4 
> (https://github.com/apache/maven-scm/blob/c5eb2c187568809e0dc0ea9ac83031f1dcb5ad1a/maven-scm-providers/maven-scm-providers-git/maven-scm-provider-jgit/pom.xml#L53)
>  which used JSch which lacks support for those private keys. JGit 5.2 comes 
> with a new SSH implementation 
> (https://bugs.eclipse.org/bugs/show_bug.cgi?id=520927) and should by that 
> also support OpenSSH private keys.



--
This message was sent by Atlassian Jira
(v8.20.10#820010)

[GitHub] [maven-scm] kwin commented on pull request #153: [SCM-945] Update to JGit 5.13.1 leveraging Apache Mina SSHD

2022-07-17 Thread GitBox



kwin commented on PR #153:
URL: https://github.com/apache/maven-scm/pull/153#issuecomment-1186509299

   git executable leverages the ssh executable for authentication and therefore 
there is no change with regard to supported private keys formats


-- 
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.

To unsubscribe, e-mail: issues-unsubscr...@maven.apache.org

For queries about this service, please contact Infrastructure at:
us...@infra.apache.org

[jira] [Commented] (SCM-945) Support OpenSSH private keys with maven-scm-provider-jgit

2022-07-17 Thread ASF GitHub Bot (Jira)



[ 
https://issues.apache.org/jira/browse/SCM-945?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=17567628#comment-17567628
 ] 

ASF GitHub Bot commented on SCM-945:


michael-o commented on PR #153:
URL: https://github.com/apache/maven-scm/pull/153#issuecomment-1186508402

   > Maybe split up into a) update JGit b) add credentials provider for JGit c) 
add IT for SSH authentication during git clone (both git providers)
   > 
   > Then the environment variable would belong to c)
   
   That sounds good, though advertising that gitexe supports alternative SSH 
private keys would we that bad, no? Especially in consistency with JGit. WDYT?




> Support OpenSSH private keys with maven-scm-provider-jgit
> -
>
> Key: SCM-945
> URL: https://issues.apache.org/jira/browse/SCM-945
> Project: Maven SCM
>  Issue Type: Bug
>  Components: maven-scm-provider-jgit
>Affects Versions: 1.11.2
>Reporter: Konrad Windszus
>Assignee: Michael Osipov
>Priority: Major
>
> For SSH based authentication with private keys in the OpenSSH format the 
> following error is being emitted:  {{invalid privatekey: ...}}
> This is due to the use of JGit 4.5.4 
> (https://github.com/apache/maven-scm/blob/c5eb2c187568809e0dc0ea9ac83031f1dcb5ad1a/maven-scm-providers/maven-scm-providers-git/maven-scm-provider-jgit/pom.xml#L53)
>  which used JSch which lacks support for those private keys. JGit 5.2 comes 
> with a new SSH implementation 
> (https://bugs.eclipse.org/bugs/show_bug.cgi?id=520927) and should by that 
> also support OpenSSH private keys.



--
This message was sent by Atlassian Jira
(v8.20.10#820010)

[GitHub] [maven-scm] michael-o commented on pull request #153: [SCM-945] Update to JGit 5.13.1 leveraging Apache Mina SSHD

2022-07-17 Thread GitBox



michael-o commented on PR #153:
URL: https://github.com/apache/maven-scm/pull/153#issuecomment-1186508402

   > Maybe split up into a) update JGit b) add credentials provider for JGit c) 
add IT for SSH authentication during git clone (both git providers)
   > 
   > Then the environment variable would belong to c)
   
   That sounds good, though advertising that gitexe supports alternative SSH 
private keys would we that bad, no? Especially in consistency with JGit. WDYT?


-- 
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.

To unsubscribe, e-mail: issues-unsubscr...@maven.apache.org

For queries about this service, please contact Infrastructure at:
us...@infra.apache.org

[jira] [Commented] (SCM-945) Support OpenSSH private keys with maven-scm-provider-jgit

2022-07-17 Thread ASF GitHub Bot (Jira)



[ 
https://issues.apache.org/jira/browse/SCM-945?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=17567627#comment-17567627
 ] 

ASF GitHub Bot commented on SCM-945:


kwin commented on PR #153:
URL: https://github.com/apache/maven-scm/pull/153#issuecomment-1186505043

   Maybe split up into
   a) update JGit
   b) add credentials provider for JGit
   c) add IT for SSH authentication during git clone (both git providers)
   
   Then the environment variable would belong to c)




> Support OpenSSH private keys with maven-scm-provider-jgit
> -
>
> Key: SCM-945
> URL: https://issues.apache.org/jira/browse/SCM-945
> Project: Maven SCM
>  Issue Type: Bug
>  Components: maven-scm-provider-jgit
>Affects Versions: 1.11.2
>Reporter: Konrad Windszus
>Assignee: Michael Osipov
>Priority: Major
>
> For SSH based authentication with private keys in the OpenSSH format the 
> following error is being emitted:  {{invalid privatekey: ...}}
> This is due to the use of JGit 4.5.4 
> (https://github.com/apache/maven-scm/blob/c5eb2c187568809e0dc0ea9ac83031f1dcb5ad1a/maven-scm-providers/maven-scm-providers-git/maven-scm-provider-jgit/pom.xml#L53)
>  which used JSch which lacks support for those private keys. JGit 5.2 comes 
> with a new SSH implementation 
> (https://bugs.eclipse.org/bugs/show_bug.cgi?id=520927) and should by that 
> also support OpenSSH private keys.



--
This message was sent by Atlassian Jira
(v8.20.10#820010)

[GitHub] [maven-scm] kwin commented on pull request #153: [SCM-945] Update to JGit 5.13.1 leveraging Apache Mina SSHD

2022-07-17 Thread GitBox



kwin commented on PR #153:
URL: https://github.com/apache/maven-scm/pull/153#issuecomment-1186505043

   Maybe split up into
   a) update JGit
   b) add credentials provider for JGit
   c) add IT for SSH authentication during git clone (both git providers)
   
   Then the environment variable would belong to c)


-- 
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.

To unsubscribe, e-mail: issues-unsubscr...@maven.apache.org

For queries about this service, please contact Infrastructure at:
us...@infra.apache.org

[GitHub] [maven-scm] michael-o commented on pull request #153: [SCM-945] Update to JGit 5.13.1 leveraging Apache Mina SSHD

2022-07-17 Thread GitBox



michael-o commented on PR #153:
URL: https://github.com/apache/maven-scm/pull/153#issuecomment-1186494030

   > > * Create three issues: (issue a) Upgrade JGit to XXX, (issue b) rework 
OpenSSH private key handing for gitexe and jgit providers, (issue c) Support 
alternative SSH private keys with gitexe provider
   > 
   > This PR does not "rework OpenSSH private key handing for gitexe" nor does 
it "Support alternative SSH private keys with gitexe provider". The environment 
variables are only necessary to test existing functionality in gitexe (namely 
test authorization with SSH).
   
   Please summarize what is necessary to make this proper.


-- 
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.

To unsubscribe, e-mail: issues-unsubscr...@maven.apache.org

For queries about this service, please contact Infrastructure at:
us...@infra.apache.org

[jira] [Commented] (SCM-945) Support OpenSSH private keys with maven-scm-provider-jgit

2022-07-17 Thread ASF GitHub Bot (Jira)



[ 
https://issues.apache.org/jira/browse/SCM-945?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=17567617#comment-17567617
 ] 

ASF GitHub Bot commented on SCM-945:


michael-o commented on PR #153:
URL: https://github.com/apache/maven-scm/pull/153#issuecomment-1186494030

   > > * Create three issues: (issue a) Upgrade JGit to XXX, (issue b) rework 
OpenSSH private key handing for gitexe and jgit providers, (issue c) Support 
alternative SSH private keys with gitexe provider
   > 
   > This PR does not "rework OpenSSH private key handing for gitexe" nor does 
it "Support alternative SSH private keys with gitexe provider". The environment 
variables are only necessary to test existing functionality in gitexe (namely 
test authorization with SSH).
   
   Please summarize what is necessary to make this proper.




> Support OpenSSH private keys with maven-scm-provider-jgit
> -
>
> Key: SCM-945
> URL: https://issues.apache.org/jira/browse/SCM-945
> Project: Maven SCM
>  Issue Type: Bug
>  Components: maven-scm-provider-jgit
>Affects Versions: 1.11.2
>Reporter: Konrad Windszus
>Assignee: Michael Osipov
>Priority: Major
>
> For SSH based authentication with private keys in the OpenSSH format the 
> following error is being emitted:  {{invalid privatekey: ...}}
> This is due to the use of JGit 4.5.4 
> (https://github.com/apache/maven-scm/blob/c5eb2c187568809e0dc0ea9ac83031f1dcb5ad1a/maven-scm-providers/maven-scm-providers-git/maven-scm-provider-jgit/pom.xml#L53)
>  which used JSch which lacks support for those private keys. JGit 5.2 comes 
> with a new SSH implementation 
> (https://bugs.eclipse.org/bugs/show_bug.cgi?id=520927) and should by that 
> also support OpenSSH private keys.



--
This message was sent by Atlassian Jira
(v8.20.10#820010)

[jira] [Commented] (SCM-945) Support OpenSSH private keys with maven-scm-provider-jgit

2022-07-17 Thread ASF GitHub Bot (Jira)



[ 
https://issues.apache.org/jira/browse/SCM-945?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=17567616#comment-17567616
 ] 

ASF GitHub Bot commented on SCM-945:


michael-o commented on code in PR #153:
URL: https://github.com/apache/maven-scm/pull/153#discussion_r922820340


##
maven-scm-providers/maven-scm-providers-git/maven-scm-provider-jgit/src/main/java/org/apache/maven/scm/provider/git/jgit/command/PlexusInteractivityCredentialsProvider.java:
##
@@ -0,0 +1,101 @@
+package org.apache.maven.scm.provider.git.jgit.command;
+
+/*
+ * Licensed to the Apache Software Foundation (ASF) under one
+ * or more contributor license agreements.  See the NOTICE file
+ * distributed with this work for additional information
+ * regarding copyright ownership.  The ASF licenses this file
+ * to you under the Apache License, Version 2.0 (the
+ * "License"); you may not use this file except in compliance
+ * with the License.  You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing,
+ * software distributed under the License is distributed on an
+ * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
+ * KIND, either express or implied.  See the License for the
+ * specific language governing permissions and limitations
+ * under the License.
+ */
+
+
+import java.util.Arrays;
+
+import org.codehaus.plexus.components.interactivity.Prompter;
+import org.codehaus.plexus.components.interactivity.PrompterException;
+import org.eclipse.jgit.errors.UnsupportedCredentialItem;
+import org.eclipse.jgit.transport.CredentialItem;
+import org.eclipse.jgit.transport.CredentialsProvider;
+import org.eclipse.jgit.transport.URIish;
+
+/**
+ * {@link CredentialsProvider} leveraging the {@link Prompter} component.
+ *
+ */
+public class PlexusInteractivityCredentialsProvider extends CredentialsProvider
+{
+private final boolean isInteractive;

Review Comment:
   But beside that, the code does not respect the flag at all. It should be 
`interactive`, I think Maven uses the same in CLI in Java.





> Support OpenSSH private keys with maven-scm-provider-jgit
> -
>
> Key: SCM-945
> URL: https://issues.apache.org/jira/browse/SCM-945
> Project: Maven SCM
>  Issue Type: Bug
>  Components: maven-scm-provider-jgit
>Affects Versions: 1.11.2
>Reporter: Konrad Windszus
>Assignee: Michael Osipov
>Priority: Major
>
> For SSH based authentication with private keys in the OpenSSH format the 
> following error is being emitted:  {{invalid privatekey: ...}}
> This is due to the use of JGit 4.5.4 
> (https://github.com/apache/maven-scm/blob/c5eb2c187568809e0dc0ea9ac83031f1dcb5ad1a/maven-scm-providers/maven-scm-providers-git/maven-scm-provider-jgit/pom.xml#L53)
>  which used JSch which lacks support for those private keys. JGit 5.2 comes 
> with a new SSH implementation 
> (https://bugs.eclipse.org/bugs/show_bug.cgi?id=520927) and should by that 
> also support OpenSSH private keys.



--
This message was sent by Atlassian Jira
(v8.20.10#820010)

[GitHub] [maven-scm] michael-o commented on a diff in pull request #153: [SCM-945] Update to JGit 5.13.1 leveraging Apache Mina SSHD

2022-07-17 Thread GitBox



michael-o commented on code in PR #153:
URL: https://github.com/apache/maven-scm/pull/153#discussion_r922820340


##
maven-scm-providers/maven-scm-providers-git/maven-scm-provider-jgit/src/main/java/org/apache/maven/scm/provider/git/jgit/command/PlexusInteractivityCredentialsProvider.java:
##
@@ -0,0 +1,101 @@
+package org.apache.maven.scm.provider.git.jgit.command;
+
+/*
+ * Licensed to the Apache Software Foundation (ASF) under one
+ * or more contributor license agreements.  See the NOTICE file
+ * distributed with this work for additional information
+ * regarding copyright ownership.  The ASF licenses this file
+ * to you under the Apache License, Version 2.0 (the
+ * "License"); you may not use this file except in compliance
+ * with the License.  You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing,
+ * software distributed under the License is distributed on an
+ * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
+ * KIND, either express or implied.  See the License for the
+ * specific language governing permissions and limitations
+ * under the License.
+ */
+
+
+import java.util.Arrays;
+
+import org.codehaus.plexus.components.interactivity.Prompter;
+import org.codehaus.plexus.components.interactivity.PrompterException;
+import org.eclipse.jgit.errors.UnsupportedCredentialItem;
+import org.eclipse.jgit.transport.CredentialItem;
+import org.eclipse.jgit.transport.CredentialsProvider;
+import org.eclipse.jgit.transport.URIish;
+
+/**
+ * {@link CredentialsProvider} leveraging the {@link Prompter} component.
+ *
+ */
+public class PlexusInteractivityCredentialsProvider extends CredentialsProvider
+{
+private final boolean isInteractive;

Review Comment:
   But beside that, the code does not respect the flag at all. It should be 
`interactive`, I think Maven uses the same in CLI in Java.



-- 
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.

To unsubscribe, e-mail: issues-unsubscr...@maven.apache.org

For queries about this service, please contact Infrastructure at:
us...@infra.apache.org

[jira] [Commented] (SCM-945) Support OpenSSH private keys with maven-scm-provider-jgit

2022-07-17 Thread ASF GitHub Bot (Jira)



[ 
https://issues.apache.org/jira/browse/SCM-945?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=17567615#comment-17567615
 ] 

ASF GitHub Bot commented on SCM-945:


michael-o commented on code in PR #153:
URL: https://github.com/apache/maven-scm/pull/153#discussion_r922820137


##
maven-scm-providers/maven-scm-providers-git/maven-scm-provider-jgit/src/main/java/org/apache/maven/scm/provider/git/jgit/command/PlexusInteractivityCredentialsProvider.java:
##
@@ -0,0 +1,101 @@
+package org.apache.maven.scm.provider.git.jgit.command;
+
+/*
+ * Licensed to the Apache Software Foundation (ASF) under one
+ * or more contributor license agreements.  See the NOTICE file
+ * distributed with this work for additional information
+ * regarding copyright ownership.  The ASF licenses this file
+ * to you under the Apache License, Version 2.0 (the
+ * "License"); you may not use this file except in compliance
+ * with the License.  You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing,
+ * software distributed under the License is distributed on an
+ * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
+ * KIND, either express or implied.  See the License for the
+ * specific language governing permissions and limitations
+ * under the License.
+ */
+
+
+import java.util.Arrays;
+
+import org.codehaus.plexus.components.interactivity.Prompter;
+import org.codehaus.plexus.components.interactivity.PrompterException;
+import org.eclipse.jgit.errors.UnsupportedCredentialItem;
+import org.eclipse.jgit.transport.CredentialItem;
+import org.eclipse.jgit.transport.CredentialsProvider;
+import org.eclipse.jgit.transport.URIish;
+
+/**
+ * {@link CredentialsProvider} leveraging the {@link Prompter} component.
+ *
+ */
+public class PlexusInteractivityCredentialsProvider extends CredentialsProvider
+{
+private final boolean isInteractive;

Review Comment:
   The only option I can think of is that a setter on the provider being 
interactive by default and the caller sets to false. E.g., Maven Release can 
piggy back this. WDYT?





> Support OpenSSH private keys with maven-scm-provider-jgit
> -
>
> Key: SCM-945
> URL: https://issues.apache.org/jira/browse/SCM-945
> Project: Maven SCM
>  Issue Type: Bug
>  Components: maven-scm-provider-jgit
>Affects Versions: 1.11.2
>Reporter: Konrad Windszus
>Assignee: Michael Osipov
>Priority: Major
>
> For SSH based authentication with private keys in the OpenSSH format the 
> following error is being emitted:  {{invalid privatekey: ...}}
> This is due to the use of JGit 4.5.4 
> (https://github.com/apache/maven-scm/blob/c5eb2c187568809e0dc0ea9ac83031f1dcb5ad1a/maven-scm-providers/maven-scm-providers-git/maven-scm-provider-jgit/pom.xml#L53)
>  which used JSch which lacks support for those private keys. JGit 5.2 comes 
> with a new SSH implementation 
> (https://bugs.eclipse.org/bugs/show_bug.cgi?id=520927) and should by that 
> also support OpenSSH private keys.



--
This message was sent by Atlassian Jira
(v8.20.10#820010)

[GitHub] [maven-scm] michael-o commented on a diff in pull request #153: [SCM-945] Update to JGit 5.13.1 leveraging Apache Mina SSHD

2022-07-17 Thread GitBox



michael-o commented on code in PR #153:
URL: https://github.com/apache/maven-scm/pull/153#discussion_r922820137


##
maven-scm-providers/maven-scm-providers-git/maven-scm-provider-jgit/src/main/java/org/apache/maven/scm/provider/git/jgit/command/PlexusInteractivityCredentialsProvider.java:
##
@@ -0,0 +1,101 @@
+package org.apache.maven.scm.provider.git.jgit.command;
+
+/*
+ * Licensed to the Apache Software Foundation (ASF) under one
+ * or more contributor license agreements.  See the NOTICE file
+ * distributed with this work for additional information
+ * regarding copyright ownership.  The ASF licenses this file
+ * to you under the Apache License, Version 2.0 (the
+ * "License"); you may not use this file except in compliance
+ * with the License.  You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing,
+ * software distributed under the License is distributed on an
+ * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
+ * KIND, either express or implied.  See the License for the
+ * specific language governing permissions and limitations
+ * under the License.
+ */
+
+
+import java.util.Arrays;
+
+import org.codehaus.plexus.components.interactivity.Prompter;
+import org.codehaus.plexus.components.interactivity.PrompterException;
+import org.eclipse.jgit.errors.UnsupportedCredentialItem;
+import org.eclipse.jgit.transport.CredentialItem;
+import org.eclipse.jgit.transport.CredentialsProvider;
+import org.eclipse.jgit.transport.URIish;
+
+/**
+ * {@link CredentialsProvider} leveraging the {@link Prompter} component.
+ *
+ */
+public class PlexusInteractivityCredentialsProvider extends CredentialsProvider
+{
+private final boolean isInteractive;

Review Comment:
   The only option I can think of is that a setter on the provider being 
interactive by default and the caller sets to false. E.g., Maven Release can 
piggy back this. WDYT?



-- 
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.

To unsubscribe, e-mail: issues-unsubscr...@maven.apache.org

For queries about this service, please contact Infrastructure at:
us...@infra.apache.org

[jira] [Commented] (SCM-945) Support OpenSSH private keys with maven-scm-provider-jgit

2022-07-17 Thread ASF GitHub Bot (Jira)



[ 
https://issues.apache.org/jira/browse/SCM-945?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=17567614#comment-17567614
 ] 

ASF GitHub Bot commented on SCM-945:


michael-o commented on code in PR #153:
URL: https://github.com/apache/maven-scm/pull/153#discussion_r922819720


##
maven-scm-providers/maven-scm-providers-git/maven-scm-provider-gitexe/src/main/java/org/apache/maven/scm/provider/git/gitexe/command/checkin/GitCheckInCommand.java:
##
@@ -57,6 +58,14 @@
 extends AbstractCheckInCommand
 implements GitCommand
 {
+private final Map environmentVariables;
+
+public GitCheckInCommand( Map environmentVariables )
+{
+super();
+this.environmentVariables = environmentVariables;
+}

Review Comment:
   Alright, let's leave then as-is as long as it is consistent with the rest.





> Support OpenSSH private keys with maven-scm-provider-jgit
> -
>
> Key: SCM-945
> URL: https://issues.apache.org/jira/browse/SCM-945
> Project: Maven SCM
>  Issue Type: Bug
>  Components: maven-scm-provider-jgit
>Affects Versions: 1.11.2
>Reporter: Konrad Windszus
>Assignee: Michael Osipov
>Priority: Major
>
> For SSH based authentication with private keys in the OpenSSH format the 
> following error is being emitted:  {{invalid privatekey: ...}}
> This is due to the use of JGit 4.5.4 
> (https://github.com/apache/maven-scm/blob/c5eb2c187568809e0dc0ea9ac83031f1dcb5ad1a/maven-scm-providers/maven-scm-providers-git/maven-scm-provider-jgit/pom.xml#L53)
>  which used JSch which lacks support for those private keys. JGit 5.2 comes 
> with a new SSH implementation 
> (https://bugs.eclipse.org/bugs/show_bug.cgi?id=520927) and should by that 
> also support OpenSSH private keys.



--
This message was sent by Atlassian Jira
(v8.20.10#820010)

[GitHub] [maven-scm] michael-o commented on a diff in pull request #153: [SCM-945] Update to JGit 5.13.1 leveraging Apache Mina SSHD

2022-07-17 Thread GitBox



michael-o commented on code in PR #153:
URL: https://github.com/apache/maven-scm/pull/153#discussion_r922819720


##
maven-scm-providers/maven-scm-providers-git/maven-scm-provider-gitexe/src/main/java/org/apache/maven/scm/provider/git/gitexe/command/checkin/GitCheckInCommand.java:
##
@@ -57,6 +58,14 @@
 extends AbstractCheckInCommand
 implements GitCommand
 {
+private final Map environmentVariables;
+
+public GitCheckInCommand( Map environmentVariables )
+{
+super();
+this.environmentVariables = environmentVariables;
+}

Review Comment:
   Alright, let's leave then as-is as long as it is consistent with the rest.



-- 
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.

To unsubscribe, e-mail: issues-unsubscr...@maven.apache.org

For queries about this service, please contact Infrastructure at:
us...@infra.apache.org

[jira] [Commented] (SCM-945) Support OpenSSH private keys with maven-scm-provider-jgit

2022-07-17 Thread ASF GitHub Bot (Jira)



[ 
https://issues.apache.org/jira/browse/SCM-945?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=17567613#comment-17567613
 ] 

ASF GitHub Bot commented on SCM-945:


kwin commented on PR #153:
URL: https://github.com/apache/maven-scm/pull/153#issuecomment-1186492662

   > * Create three issues: (issue a) Upgrade JGit to XXX, (issue b) rework 
OpenSSH private key handing for gitexe and jgit providers, (issue c) Support 
alternative SSH private keys with gitexe provider
   
   This PR does not "rework OpenSSH private key handing for gitexe" nor does it 
"Support alternative SSH private keys with gitexe provider". The environment 
variables are only necessary to test existing functionality in gitexe (namely 
test authorization with SSH).




> Support OpenSSH private keys with maven-scm-provider-jgit
> -
>
> Key: SCM-945
> URL: https://issues.apache.org/jira/browse/SCM-945
> Project: Maven SCM
>  Issue Type: Bug
>  Components: maven-scm-provider-jgit
>Affects Versions: 1.11.2
>Reporter: Konrad Windszus
>Assignee: Michael Osipov
>Priority: Major
>
> For SSH based authentication with private keys in the OpenSSH format the 
> following error is being emitted:  {{invalid privatekey: ...}}
> This is due to the use of JGit 4.5.4 
> (https://github.com/apache/maven-scm/blob/c5eb2c187568809e0dc0ea9ac83031f1dcb5ad1a/maven-scm-providers/maven-scm-providers-git/maven-scm-provider-jgit/pom.xml#L53)
>  which used JSch which lacks support for those private keys. JGit 5.2 comes 
> with a new SSH implementation 
> (https://bugs.eclipse.org/bugs/show_bug.cgi?id=520927) and should by that 
> also support OpenSSH private keys.



--
This message was sent by Atlassian Jira
(v8.20.10#820010)

[GitHub] [maven-scm] kwin commented on pull request #153: [SCM-945] Update to JGit 5.13.1 leveraging Apache Mina SSHD

2022-07-17 Thread GitBox



kwin commented on PR #153:
URL: https://github.com/apache/maven-scm/pull/153#issuecomment-1186492662

   > * Create three issues: (issue a) Upgrade JGit to XXX, (issue b) rework 
OpenSSH private key handing for gitexe and jgit providers, (issue c) Support 
alternative SSH private keys with gitexe provider
   
   This PR does not "rework OpenSSH private key handing for gitexe" nor does it 
"Support alternative SSH private keys with gitexe provider". The environment 
variables are only necessary to test existing functionality in gitexe (namely 
test authorization with SSH).


-- 
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.

To unsubscribe, e-mail: issues-unsubscr...@maven.apache.org

For queries about this service, please contact Infrastructure at:
us...@infra.apache.org

[jira] [Commented] (SCM-945) Support OpenSSH private keys with maven-scm-provider-jgit

2022-07-17 Thread ASF GitHub Bot (Jira)



[ 
https://issues.apache.org/jira/browse/SCM-945?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=17567611#comment-17567611
 ] 

ASF GitHub Bot commented on SCM-945:


kwin commented on code in PR #153:
URL: https://github.com/apache/maven-scm/pull/153#discussion_r922819277


##
maven-scm-providers/maven-scm-providers-git/maven-scm-provider-jgit/src/main/java/org/apache/maven/scm/provider/git/jgit/JGitScmProvider.java:
##
@@ -54,6 +58,12 @@
 public class JGitScmProvider
 extends AbstractGitScmProvider
 {
+@Inject
+public JGitScmProvider( Prompter prompter )
+{
+CredentialsProvider.setDefault( new 
PlexusInteractivityCredentialsProvider( true, prompter ) );

Review Comment:
   https://github.com/apache/maven-scm/pull/153#discussion_r922819246





> Support OpenSSH private keys with maven-scm-provider-jgit
> -
>
> Key: SCM-945
> URL: https://issues.apache.org/jira/browse/SCM-945
> Project: Maven SCM
>  Issue Type: Bug
>  Components: maven-scm-provider-jgit
>Affects Versions: 1.11.2
>Reporter: Konrad Windszus
>Assignee: Michael Osipov
>Priority: Major
>
> For SSH based authentication with private keys in the OpenSSH format the 
> following error is being emitted:  {{invalid privatekey: ...}}
> This is due to the use of JGit 4.5.4 
> (https://github.com/apache/maven-scm/blob/c5eb2c187568809e0dc0ea9ac83031f1dcb5ad1a/maven-scm-providers/maven-scm-providers-git/maven-scm-provider-jgit/pom.xml#L53)
>  which used JSch which lacks support for those private keys. JGit 5.2 comes 
> with a new SSH implementation 
> (https://bugs.eclipse.org/bugs/show_bug.cgi?id=520927) and should by that 
> also support OpenSSH private keys.



--
This message was sent by Atlassian Jira
(v8.20.10#820010)

[GitHub] [maven-scm] kwin commented on a diff in pull request #153: [SCM-945] Update to JGit 5.13.1 leveraging Apache Mina SSHD

2022-07-17 Thread GitBox



kwin commented on code in PR #153:
URL: https://github.com/apache/maven-scm/pull/153#discussion_r922819277


##
maven-scm-providers/maven-scm-providers-git/maven-scm-provider-jgit/src/main/java/org/apache/maven/scm/provider/git/jgit/JGitScmProvider.java:
##
@@ -54,6 +58,12 @@
 public class JGitScmProvider
 extends AbstractGitScmProvider
 {
+@Inject
+public JGitScmProvider( Prompter prompter )
+{
+CredentialsProvider.setDefault( new 
PlexusInteractivityCredentialsProvider( true, prompter ) );

Review Comment:
   https://github.com/apache/maven-scm/pull/153#discussion_r922819246



-- 
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.

To unsubscribe, e-mail: issues-unsubscr...@maven.apache.org

For queries about this service, please contact Infrastructure at:
us...@infra.apache.org

[jira] [Commented] (SCM-929) Release plugin does not work with central repository and always performs clone operation

2022-07-17 Thread Michael Osipov (Jira)



[ 
https://issues.apache.org/jira/browse/SCM-929?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=17567609#comment-17567609
 ] 

Michael Osipov commented on SCM-929:


[~infestator], do you want to pursue this?

> Release plugin does not work with central repository and always performs 
> clone operation
> 
>
> Key: SCM-929
> URL: https://issues.apache.org/jira/browse/SCM-929
> Project: Maven SCM
>  Issue Type: Improvement
>  Components: maven-scm-provider-mercurial (hg)
> Environment: Ubuntu 11.04/ArchLinux
> Maven 3.0.3
> Mercurial 1.7.5/1.9.1
> vars:
> MAVEN_OPTS="-DaltDeploymentRepository=abetaev::default::file://$HOME/mvn"
>Reporter: Alexander Betaev
>Priority: Major
> Fix For: waiting-for-feedback
>
> Attachments: maven-release-plugin.patch, maven-release-plugin.patch, 
> maven-scm.patch, maven-test-project.tar.bz2
>
>
> Plugin cannot work with repositories as if they were central ones. It pushes 
> and updates data from central repo.
> Please take a look at the patch here: SCM-631
> Also look at MRELEASE-707 issue. The patch from attachment enables usage of 
> $\{project.scm.developerConnection} var.
> The attached patch makes plugin to work with repository as if it was central. 
> The following arguments were used for manual testing:
> {noformat}
> mvn -f parent/pom.xml -DpushChanges=false -DscmPerformLocalUpdate=true 
> -Dproject.scm.developerConnection=scm:hg:file://\${basedir}/../ 
> release:prepare
> mvn -f parent/pom.xml -DpushChanges=false -DscmPerformLocalUpdate=true 
> -Dproject.scm.developerConnection=scm:hg:file://\${basedir}/../ 
> release:perform
> {noformat}



--
This message was sent by Atlassian Jira
(v8.20.10#820010)

[jira] [Commented] (SCM-833) getLastChangedRevision() returns null whereas as getRevision() get correct versions

2022-07-17 Thread Michael Osipov (Jira)



[ 
https://issues.apache.org/jira/browse/SCM-833?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=17567607#comment-17567607
 ] 

Michael Osipov commented on SCM-833:


[~khmarbaise], do you want to pursue this?

> getLastChangedRevision() returns null whereas as getRevision() get correct 
> versions
> ---
>
> Key: SCM-833
> URL: https://issues.apache.org/jira/browse/SCM-833
> Project: Maven SCM
>  Issue Type: Bug
>  Components: maven-scm-api, maven-scm-provider-jgit
>Affects Versions: 1.9.4, 1.9.5
>Reporter: Karl Heinz Marbaise
>Priority: Minor
>
> Currently there is a method like this in the code (buildnumber-maven-plugin): 
> AbstractScmMojo.java:
> {code:java}
> protected String getScmRevision()
> throws ScmException
> {
> ScmRepository repository = getScmRepository();
> InfoScmResult scmResult = info( repository, new ScmFileSet( 
> scmDirectory ) );
> if ( scmResult == null || scmResult.getInfoItems().isEmpty() )
> {
> return ( !StringUtils.isEmpty( revisionOnScmFailure ) ) ? 
> revisionOnScmFailure : null;
> }
> checkResult( scmResult );
> InfoItem info = scmResult.getInfoItems().get( 0 );
> 
> List infoItems = scmResult.getInfoItems();
> 
> for (InfoItem infoItem : infoItems) {
>   getLog().info("Item: " +infoItem.getRevision() + " lcr: "  + 
> infoItem.getLastChangedRevision() );
>   }
> getLog().info("useLastCommittedRevision: " + 
> useLastCommittedRevision);
> if ( useLastCommittedRevision )
> {
> return info.getLastChangedRevision();
> }
> return info.getRevision();
> }
> {code}
> The problem is simply that {{getLastChangedRevision()}} returns null whereas 
> {{getRevision()}} returns the requested value?...
> So ATM I'm not sure if this is really a bug in SCM or a misusage in 
> buildnumber-maven-plugin ? 



--
This message was sent by Atlassian Jira
(v8.20.10#820010)

[jira] [Updated] (SCM-833) getLastChangedRevision() returns null whereas as getRevision() get correct versions

2022-07-17 Thread Michael Osipov (Jira)



 [ 
https://issues.apache.org/jira/browse/SCM-833?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel
 ]

Michael Osipov updated SCM-833:
---
Fix Version/s: waiting-for-feedback

> getLastChangedRevision() returns null whereas as getRevision() get correct 
> versions
> ---
>
> Key: SCM-833
> URL: https://issues.apache.org/jira/browse/SCM-833
> Project: Maven SCM
>  Issue Type: Bug
>  Components: maven-scm-api, maven-scm-provider-jgit
>Affects Versions: 1.9.4, 1.9.5
>Reporter: Karl Heinz Marbaise
>Priority: Minor
> Fix For: waiting-for-feedback
>
>
> Currently there is a method like this in the code (buildnumber-maven-plugin): 
> AbstractScmMojo.java:
> {code:java}
> protected String getScmRevision()
> throws ScmException
> {
> ScmRepository repository = getScmRepository();
> InfoScmResult scmResult = info( repository, new ScmFileSet( 
> scmDirectory ) );
> if ( scmResult == null || scmResult.getInfoItems().isEmpty() )
> {
> return ( !StringUtils.isEmpty( revisionOnScmFailure ) ) ? 
> revisionOnScmFailure : null;
> }
> checkResult( scmResult );
> InfoItem info = scmResult.getInfoItems().get( 0 );
> 
> List infoItems = scmResult.getInfoItems();
> 
> for (InfoItem infoItem : infoItems) {
>   getLog().info("Item: " +infoItem.getRevision() + " lcr: "  + 
> infoItem.getLastChangedRevision() );
>   }
> getLog().info("useLastCommittedRevision: " + 
> useLastCommittedRevision);
> if ( useLastCommittedRevision )
> {
> return info.getLastChangedRevision();
> }
> return info.getRevision();
> }
> {code}
> The problem is simply that {{getLastChangedRevision()}} returns null whereas 
> {{getRevision()}} returns the requested value?...
> So ATM I'm not sure if this is really a bug in SCM or a misusage in 
> buildnumber-maven-plugin ? 



--
This message was sent by Atlassian Jira
(v8.20.10#820010)

[jira] [Updated] (SCM-929) Release plugin does not work with central repository and always performs clone operation

2022-07-17 Thread Michael Osipov (Jira)



 [ 
https://issues.apache.org/jira/browse/SCM-929?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel
 ]

Michael Osipov updated SCM-929:
---
Fix Version/s: waiting-for-feedback

> Release plugin does not work with central repository and always performs 
> clone operation
> 
>
> Key: SCM-929
> URL: https://issues.apache.org/jira/browse/SCM-929
> Project: Maven SCM
>  Issue Type: Improvement
>  Components: maven-scm-provider-mercurial (hg)
> Environment: Ubuntu 11.04/ArchLinux
> Maven 3.0.3
> Mercurial 1.7.5/1.9.1
> vars:
> MAVEN_OPTS="-DaltDeploymentRepository=abetaev::default::file://$HOME/mvn"
>Reporter: Alexander Betaev
>Priority: Major
> Fix For: waiting-for-feedback
>
> Attachments: maven-release-plugin.patch, maven-release-plugin.patch, 
> maven-scm.patch, maven-test-project.tar.bz2
>
>
> Plugin cannot work with repositories as if they were central ones. It pushes 
> and updates data from central repo.
> Please take a look at the patch here: SCM-631
> Also look at MRELEASE-707 issue. The patch from attachment enables usage of 
> $\{project.scm.developerConnection} var.
> The attached patch makes plugin to work with repository as if it was central. 
> The following arguments were used for manual testing:
> {noformat}
> mvn -f parent/pom.xml -DpushChanges=false -DscmPerformLocalUpdate=true 
> -Dproject.scm.developerConnection=scm:hg:file://\${basedir}/../ 
> release:prepare
> mvn -f parent/pom.xml -DpushChanges=false -DscmPerformLocalUpdate=true 
> -Dproject.scm.developerConnection=scm:hg:file://\${basedir}/../ 
> release:perform
> {noformat}



--
This message was sent by Atlassian Jira
(v8.20.10#820010)

[jira] [Commented] (SCM-945) Support OpenSSH private keys with maven-scm-provider-jgit

2022-07-17 Thread ASF GitHub Bot (Jira)



[ 
https://issues.apache.org/jira/browse/SCM-945?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=17567608#comment-17567608
 ] 

ASF GitHub Bot commented on SCM-945:


kwin commented on code in PR #153:
URL: https://github.com/apache/maven-scm/pull/153#discussion_r922819148


##
maven-scm-providers/maven-scm-providers-git/maven-scm-provider-gitexe/src/main/java/org/apache/maven/scm/provider/git/gitexe/command/checkin/GitCheckInCommand.java:
##
@@ -57,6 +58,14 @@
 extends AbstractCheckInCommand
 implements GitCommand
 {
+private final Map environmentVariables;
+
+public GitCheckInCommand( Map environmentVariables )
+{
+super();
+this.environmentVariables = environmentVariables;
+}

Review Comment:
   I didn't consider this API, the only usage is from within 
`GitExeScmProvider` and that one only leverages the one with map.





> Support OpenSSH private keys with maven-scm-provider-jgit
> -
>
> Key: SCM-945
> URL: https://issues.apache.org/jira/browse/SCM-945
> Project: Maven SCM
>  Issue Type: Bug
>  Components: maven-scm-provider-jgit
>Affects Versions: 1.11.2
>Reporter: Konrad Windszus
>Assignee: Michael Osipov
>Priority: Major
>
> For SSH based authentication with private keys in the OpenSSH format the 
> following error is being emitted:  {{invalid privatekey: ...}}
> This is due to the use of JGit 4.5.4 
> (https://github.com/apache/maven-scm/blob/c5eb2c187568809e0dc0ea9ac83031f1dcb5ad1a/maven-scm-providers/maven-scm-providers-git/maven-scm-provider-jgit/pom.xml#L53)
>  which used JSch which lacks support for those private keys. JGit 5.2 comes 
> with a new SSH implementation 
> (https://bugs.eclipse.org/bugs/show_bug.cgi?id=520927) and should by that 
> also support OpenSSH private keys.



--
This message was sent by Atlassian Jira
(v8.20.10#820010)

[jira] [Commented] (SCM-945) Support OpenSSH private keys with maven-scm-provider-jgit

2022-07-17 Thread ASF GitHub Bot (Jira)



[ 
https://issues.apache.org/jira/browse/SCM-945?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=17567610#comment-17567610
 ] 

ASF GitHub Bot commented on SCM-945:


kwin commented on code in PR #153:
URL: https://github.com/apache/maven-scm/pull/153#discussion_r922819246


##
maven-scm-providers/maven-scm-providers-git/maven-scm-provider-jgit/src/main/java/org/apache/maven/scm/provider/git/jgit/command/PlexusInteractivityCredentialsProvider.java:
##
@@ -0,0 +1,101 @@
+package org.apache.maven.scm.provider.git.jgit.command;
+
+/*
+ * Licensed to the Apache Software Foundation (ASF) under one
+ * or more contributor license agreements.  See the NOTICE file
+ * distributed with this work for additional information
+ * regarding copyright ownership.  The ASF licenses this file
+ * to you under the Apache License, Version 2.0 (the
+ * "License"); you may not use this file except in compliance
+ * with the License.  You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing,
+ * software distributed under the License is distributed on an
+ * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
+ * KIND, either express or implied.  See the License for the
+ * specific language governing permissions and limitations
+ * under the License.
+ */
+
+
+import java.util.Arrays;
+
+import org.codehaus.plexus.components.interactivity.Prompter;
+import org.codehaus.plexus.components.interactivity.PrompterException;
+import org.eclipse.jgit.errors.UnsupportedCredentialItem;
+import org.eclipse.jgit.transport.CredentialItem;
+import org.eclipse.jgit.transport.CredentialsProvider;
+import org.eclipse.jgit.transport.URIish;
+
+/**
+ * {@link CredentialsProvider} leveraging the {@link Prompter} component.
+ *
+ */
+public class PlexusInteractivityCredentialsProvider extends CredentialsProvider
+{
+private final boolean isInteractive;

Review Comment:
   I was hoping that I somehow can figure out if Maven is called in batch mode 
or not via some injections. Any ideas?





> Support OpenSSH private keys with maven-scm-provider-jgit
> -
>
> Key: SCM-945
> URL: https://issues.apache.org/jira/browse/SCM-945
> Project: Maven SCM
>  Issue Type: Bug
>  Components: maven-scm-provider-jgit
>Affects Versions: 1.11.2
>Reporter: Konrad Windszus
>Assignee: Michael Osipov
>Priority: Major
>
> For SSH based authentication with private keys in the OpenSSH format the 
> following error is being emitted:  {{invalid privatekey: ...}}
> This is due to the use of JGit 4.5.4 
> (https://github.com/apache/maven-scm/blob/c5eb2c187568809e0dc0ea9ac83031f1dcb5ad1a/maven-scm-providers/maven-scm-providers-git/maven-scm-provider-jgit/pom.xml#L53)
>  which used JSch which lacks support for those private keys. JGit 5.2 comes 
> with a new SSH implementation 
> (https://bugs.eclipse.org/bugs/show_bug.cgi?id=520927) and should by that 
> also support OpenSSH private keys.



--
This message was sent by Atlassian Jira
(v8.20.10#820010)

[GitHub] [maven-scm] kwin commented on a diff in pull request #153: [SCM-945] Update to JGit 5.13.1 leveraging Apache Mina SSHD

2022-07-17 Thread GitBox



kwin commented on code in PR #153:
URL: https://github.com/apache/maven-scm/pull/153#discussion_r922819246


##
maven-scm-providers/maven-scm-providers-git/maven-scm-provider-jgit/src/main/java/org/apache/maven/scm/provider/git/jgit/command/PlexusInteractivityCredentialsProvider.java:
##
@@ -0,0 +1,101 @@
+package org.apache.maven.scm.provider.git.jgit.command;
+
+/*
+ * Licensed to the Apache Software Foundation (ASF) under one
+ * or more contributor license agreements.  See the NOTICE file
+ * distributed with this work for additional information
+ * regarding copyright ownership.  The ASF licenses this file
+ * to you under the Apache License, Version 2.0 (the
+ * "License"); you may not use this file except in compliance
+ * with the License.  You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing,
+ * software distributed under the License is distributed on an
+ * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
+ * KIND, either express or implied.  See the License for the
+ * specific language governing permissions and limitations
+ * under the License.
+ */
+
+
+import java.util.Arrays;
+
+import org.codehaus.plexus.components.interactivity.Prompter;
+import org.codehaus.plexus.components.interactivity.PrompterException;
+import org.eclipse.jgit.errors.UnsupportedCredentialItem;
+import org.eclipse.jgit.transport.CredentialItem;
+import org.eclipse.jgit.transport.CredentialsProvider;
+import org.eclipse.jgit.transport.URIish;
+
+/**
+ * {@link CredentialsProvider} leveraging the {@link Prompter} component.
+ *
+ */
+public class PlexusInteractivityCredentialsProvider extends CredentialsProvider
+{
+private final boolean isInteractive;

Review Comment:
   I was hoping that I somehow can figure out if Maven is called in batch mode 
or not via some injections. Any ideas?



-- 
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.

To unsubscribe, e-mail: issues-unsubscr...@maven.apache.org

For queries about this service, please contact Infrastructure at:
us...@infra.apache.org

[GitHub] [maven-scm] kwin commented on a diff in pull request #153: [SCM-945] Update to JGit 5.13.1 leveraging Apache Mina SSHD

2022-07-17 Thread GitBox



kwin commented on code in PR #153:
URL: https://github.com/apache/maven-scm/pull/153#discussion_r922819148


##
maven-scm-providers/maven-scm-providers-git/maven-scm-provider-gitexe/src/main/java/org/apache/maven/scm/provider/git/gitexe/command/checkin/GitCheckInCommand.java:
##
@@ -57,6 +58,14 @@
 extends AbstractCheckInCommand
 implements GitCommand
 {
+private final Map environmentVariables;
+
+public GitCheckInCommand( Map environmentVariables )
+{
+super();
+this.environmentVariables = environmentVariables;
+}

Review Comment:
   I didn't consider this API, the only usage is from within 
`GitExeScmProvider` and that one only leverages the one with map.



-- 
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.

To unsubscribe, e-mail: issues-unsubscr...@maven.apache.org

For queries about this service, please contact Infrastructure at:
us...@infra.apache.org

[jira] [Commented] (SCM-924) Enhance SCM changelog model to hold information about tagged commits

2022-07-17 Thread Michael Osipov (Jira)



[ 
https://issues.apache.org/jira/browse/SCM-924?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=17567606#comment-17567606
 ] 

Michael Osipov commented on SCM-924:


Is this still an issue with upcoming 2.0.0-M2?

> Enhance SCM changelog model to hold information about tagged commits
> 
>
> Key: SCM-924
> URL: https://issues.apache.org/jira/browse/SCM-924
> Project: Maven SCM
>  Issue Type: Improvement
>  Components: maven-scm-api, maven-scm-provider-gitexe
>Affects Versions: 1.11.2
>Reporter: Sven Linstaedt
>Priority: Minor
>
> Hi, in order to support something like semantic releases via maven directly 
> and not some 3rd party tools, not only being able to create tags, but also 
> processing them as part of the changelog would be great.
> Tag information are are part of the commit history, accessible via git 
> commandline 
> {{git log --decorate}}
> This additional information could be parsed to enhance the ChangeSet model 
> containing optional  information about any tags for this particular commit.
> A patch at least for gitexe could be provided, if needed.



--
This message was sent by Atlassian Jira
(v8.20.10#820010)

[jira] [Updated] (SCM-924) Enhance SCM changelog model to hold information about tagged commits

2022-07-17 Thread Michael Osipov (Jira)



 [ 
https://issues.apache.org/jira/browse/SCM-924?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel
 ]

Michael Osipov updated SCM-924:
---
Fix Version/s: waiting-for-feedback

> Enhance SCM changelog model to hold information about tagged commits
> 
>
> Key: SCM-924
> URL: https://issues.apache.org/jira/browse/SCM-924
> Project: Maven SCM
>  Issue Type: Improvement
>  Components: maven-scm-api, maven-scm-provider-gitexe
>Affects Versions: 1.11.2
>Reporter: Sven Linstaedt
>Priority: Minor
> Fix For: waiting-for-feedback
>
>
> Hi, in order to support something like semantic releases via maven directly 
> and not some 3rd party tools, not only being able to create tags, but also 
> processing them as part of the changelog would be great.
> Tag information are are part of the commit history, accessible via git 
> commandline 
> {{git log --decorate}}
> This additional information could be parsed to enhance the ChangeSet model 
> containing optional  information about any tags for this particular commit.
> A patch at least for gitexe could be provided, if needed.



--
This message was sent by Atlassian Jira
(v8.20.10#820010)

[jira] [Commented] (SCM-914) InfoItem.lastChangedDate is leaky abstraction

2022-07-17 Thread Michael Osipov (Jira)



[ 
https://issues.apache.org/jira/browse/SCM-914?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=17567605#comment-17567605
 ] 

Michael Osipov commented on SCM-914:


Still interested in pursuing this?

> InfoItem.lastChangedDate is leaky abstraction
> -
>
> Key: SCM-914
> URL: https://issues.apache.org/jira/browse/SCM-914
> Project: Maven SCM
>  Issue Type: Bug
>  Components: maven-scm-api
>Reporter: Tobias Gruetzmacher
>Priority: Minor
>
> I was looking into implementing 
> [https://github.com/mojohaus/buildnumber-maven-plugin/pull/16] in a sane way, 
> but had to conclude that InfoItem.lastChangedDate is unfortunately just a 
> string and not a Data, so will leak the console output of different providers 
> to the user.
> Does anybody see a sane way to fix this API and create a sane abstraction for 
> different SCMs? If yes, I would try to go ahead with the following tasks:
>  # Fix InfoItem, so that lastChangedDate is a Date
>  # Fix the current providers filling this field (svnexe and svnjava AFAICS - 
> aside: why is svnjava not part of the maven-scm repository?)
>  # Implement this feature for at least gitexe (and maybe jgit) so I can use 
> it for my usecase
> Ideas, comments?



--
This message was sent by Atlassian Jira
(v8.20.10#820010)

[GitHub] [maven-common-artifact-filters] michael-o commented on a diff in pull request #29: [MSHARED-1104] Four element pattern may be GATV or GATC

2022-07-17 Thread GitBox



michael-o commented on code in PR #29:
URL: 
https://github.com/apache/maven-common-artifact-filters/pull/29#discussion_r922818348


##
src/main/java/org/apache/maven/shared/artifact/filter/PatternIncludesArtifactFilter.java:
##
@@ -481,15 +475,22 @@ else if ( ANY.equals( tokens[1] ) )
 }
 }
 
-private static Pattern toPattern( final String token, final Coordinate 
coordinate )
+private static Pattern toPattern( final String token, final Coordinate... 
coordinate )
+{
+return toPattern( token, token, coordinate );
+}
+
+private static Pattern toPattern( final String pattern, final String 
token, final Coordinate... coordinate )

Review Comment:
   coordinates



##
src/main/java/org/apache/maven/shared/artifact/filter/PatternIncludesArtifactFilter.java:
##
@@ -481,15 +475,22 @@ else if ( ANY.equals( tokens[1] ) )
 }
 }
 
-private static Pattern toPattern( final String token, final Coordinate 
coordinate )
+private static Pattern toPattern( final String token, final Coordinate... 
coordinate )

Review Comment:
   coordinates



-- 
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.

To unsubscribe, e-mail: issues-unsubscr...@maven.apache.org

For queries about this service, please contact Infrastructure at:
us...@infra.apache.org

[jira] [Assigned] (SCM-945) Support OpenSSH private keys with maven-scm-provider-jgit

2022-07-17 Thread Michael Osipov (Jira)



 [ 
https://issues.apache.org/jira/browse/SCM-945?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel
 ]

Michael Osipov reassigned SCM-945:
--

Assignee: Michael Osipov

> Support OpenSSH private keys with maven-scm-provider-jgit
> -
>
> Key: SCM-945
> URL: https://issues.apache.org/jira/browse/SCM-945
> Project: Maven SCM
>  Issue Type: Bug
>  Components: maven-scm-provider-jgit
>Affects Versions: 1.11.2
>Reporter: Konrad Windszus
>Assignee: Michael Osipov
>Priority: Major
>
> For SSH based authentication with private keys in the OpenSSH format the 
> following error is being emitted:  {{invalid privatekey: ...}}
> This is due to the use of JGit 4.5.4 
> (https://github.com/apache/maven-scm/blob/c5eb2c187568809e0dc0ea9ac83031f1dcb5ad1a/maven-scm-providers/maven-scm-providers-git/maven-scm-provider-jgit/pom.xml#L53)
>  which used JSch which lacks support for those private keys. JGit 5.2 comes 
> with a new SSH implementation 
> (https://bugs.eclipse.org/bugs/show_bug.cgi?id=520927) and should by that 
> also support OpenSSH private keys.



--
This message was sent by Atlassian Jira
(v8.20.10#820010)

[jira] [Commented] (SCM-945) Support OpenSSH private keys with maven-scm-provider-jgit

2022-07-17 Thread ASF GitHub Bot (Jira)



[ 
https://issues.apache.org/jira/browse/SCM-945?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=17567601#comment-17567601
 ] 

ASF GitHub Bot commented on SCM-945:


michael-o commented on PR #153:
URL: https://github.com/apache/maven-scm/pull/153#issuecomment-1186476412

   Since the title of this PR is different to the JIRA issue, I have the 
following understanding:
   * It is hard to split apart to due to inter-PR dependencies
   * You need to upgrade JGit for OpenSSH style key format
   
   My proposal w/o ripping this apart:
   * Create three issues: (issue a) Upgrade JGit to XXX, (issue b) rework 
OpenSSH private key handing for gitexe and jgit providers, (issue c) Support 
alternative SSH private keys with gitexe provider
   * Issue a will depend on issue b
   * Issue b will do all the hard work with proper description
   * SCM-945 will depend on issue b
   * Issue c depends on issue b
   
   Thus, all requirements/changes are visible and understood.
   
   WDYT?




> Support OpenSSH private keys with maven-scm-provider-jgit
> -
>
> Key: SCM-945
> URL: https://issues.apache.org/jira/browse/SCM-945
> Project: Maven SCM
>  Issue Type: Bug
>  Components: maven-scm-provider-jgit
>Affects Versions: 1.11.2
>Reporter: Konrad Windszus
>Priority: Major
>
> For SSH based authentication with private keys in the OpenSSH format the 
> following error is being emitted:  {{invalid privatekey: ...}}
> This is due to the use of JGit 4.5.4 
> (https://github.com/apache/maven-scm/blob/c5eb2c187568809e0dc0ea9ac83031f1dcb5ad1a/maven-scm-providers/maven-scm-providers-git/maven-scm-provider-jgit/pom.xml#L53)
>  which used JSch which lacks support for those private keys. JGit 5.2 comes 
> with a new SSH implementation 
> (https://bugs.eclipse.org/bugs/show_bug.cgi?id=520927) and should by that 
> also support OpenSSH private keys.



--
This message was sent by Atlassian Jira
(v8.20.10#820010)

[GitHub] [maven-scm] michael-o commented on pull request #153: [SCM-945] Update to JGit 5.13.1 leveraging Apache Mina SSHD

2022-07-17 Thread GitBox



michael-o commented on PR #153:
URL: https://github.com/apache/maven-scm/pull/153#issuecomment-1186476412

   Since the title of this PR is different to the JIRA issue, I have the 
following understanding:
   * It is hard to split apart to due to inter-PR dependencies
   * You need to upgrade JGit for OpenSSH style key format
   
   My proposal w/o ripping this apart:
   * Create three issues: (issue a) Upgrade JGit to XXX, (issue b) rework 
OpenSSH private key handing for gitexe and jgit providers, (issue c) Support 
alternative SSH private keys with gitexe provider
   * Issue a will depend on issue b
   * Issue b will do all the hard work with proper description
   * SCM-945 will depend on issue b
   * Issue c depends on issue b
   
   Thus, all requirements/changes are visible and understood.
   
   WDYT?


-- 
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.

To unsubscribe, e-mail: issues-unsubscr...@maven.apache.org

For queries about this service, please contact Infrastructure at:
us...@infra.apache.org

[jira] [Commented] (SCM-945) Support OpenSSH private keys with maven-scm-provider-jgit

2022-07-17 Thread ASF GitHub Bot (Jira)



[ 
https://issues.apache.org/jira/browse/SCM-945?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=17567598#comment-17567598
 ] 

ASF GitHub Bot commented on SCM-945:


michael-o commented on code in PR #153:
URL: https://github.com/apache/maven-scm/pull/153#discussion_r922809389


##
maven-scm-providers/maven-scm-providers-git/maven-scm-provider-gitexe/src/main/java/org/apache/maven/scm/provider/git/gitexe/command/checkin/GitCheckInCommand.java:
##
@@ -211,11 +220,12 @@ protected CheckInScmResult executeCheckInCommand( 
ScmProviderRepository repo, Sc
 //
 // --
 
-public static Commandline createPushCommandLine( GitScmProviderRepository 
repository,
+public Commandline createPushCommandLine( GitScmProviderRepository 
repository,
  ScmFileSet fileSet, 
ScmVersion version )

Review Comment:
   indent wrong



##
maven-scm-providers/maven-scm-providers-git/maven-scm-provider-gitexe/src/main/java/org/apache/maven/scm/provider/git/gitexe/command/checkin/GitCheckInCommand.java:
##
@@ -232,10 +242,18 @@ public static Commandline createPushCommandLine( 
GitScmProviderRepository reposi
 }
 
 public static Commandline createCommitCommandLine( 
GitScmProviderRepository repository, ScmFileSet fileSet,
-   File messageFile )
+File messageFile )

Review Comment:
   ditto



##
maven-scm-providers/maven-scm-providers-git/maven-scm-provider-jgit/pom.xml:
##
@@ -45,16 +45,26 @@
   maven-scm-provider-git-commons
 
 
-  org.eclipse.jgit
-  org.eclipse.jgit
-  4.5.4.201711221230-r
+  plexus-interactivity-api
+  org.codehaus.plexus
+  1.1
   
 
-  commons-logging
-  commons-logging
+  org.codehaus.plexus
+  plexus-container-default
 

Review Comment:
   Why did you change positions? It makes reading the PR harder.



##
maven-scm-providers/maven-scm-providers-git/maven-scm-provider-gittest/pom.xml:
##
@@ -46,6 +46,29 @@
   org.codehaus.plexus
   plexus-utils
 
+ Support OpenSSH private keys with maven-scm-provider-jgit
> -
>
> Key: SCM-945
> URL: https://issues.apache.org/jira/browse/SCM-945
> Project: Maven SCM
>  Issue Type: Bug
>  Components: maven-scm-provider-jgit
>Affects Versions: 1.11.2
>Reporter: Konrad Windszus
>Priority: Major
>
> For SSH based authentication with private keys in the OpenSSH format the 
> following error is being emitted:  {{invalid privatekey: ...}}
> This is due to the use of JGit 4.5.4 
> (https://github.com/apache/maven-scm/blob/c5eb2c187568809e0dc0ea9ac83031f1dcb5ad1a/maven-scm-providers/maven-scm-providers-git/maven-scm-provider-jgit/pom.xml#L53)
>  which used JSch which lacks support for those private keys. JGit 5.2 comes 
> with a new SSH implementation 
> (https://bugs.eclipse.org/bugs/show_bug.cgi?id=520927) and should by that 
> also support OpenSSH private keys.



--
This message was sent by Atlassian Jira
(v8.20.10#820010)

[GitHub] [maven-scm] michael-o commented on a diff in pull request #153: [SCM-945] Update to JGit 5.13.1 leveraging Apache Mina SSHD

2022-07-17 Thread GitBox



michael-o commented on code in PR #153:
URL: https://github.com/apache/maven-scm/pull/153#discussion_r922809389


##
maven-scm-providers/maven-scm-providers-git/maven-scm-provider-gitexe/src/main/java/org/apache/maven/scm/provider/git/gitexe/command/checkin/GitCheckInCommand.java:
##
@@ -211,11 +220,12 @@ protected CheckInScmResult executeCheckInCommand( 
ScmProviderRepository repo, Sc
 //
 // --
 
-public static Commandline createPushCommandLine( GitScmProviderRepository 
repository,
+public Commandline createPushCommandLine( GitScmProviderRepository 
repository,
  ScmFileSet fileSet, 
ScmVersion version )

Review Comment:
   indent wrong



##
maven-scm-providers/maven-scm-providers-git/maven-scm-provider-gitexe/src/main/java/org/apache/maven/scm/provider/git/gitexe/command/checkin/GitCheckInCommand.java:
##
@@ -232,10 +242,18 @@ public static Commandline createPushCommandLine( 
GitScmProviderRepository reposi
 }
 
 public static Commandline createCommitCommandLine( 
GitScmProviderRepository repository, ScmFileSet fileSet,
-   File messageFile )
+File messageFile )

Review Comment:
   ditto



##
maven-scm-providers/maven-scm-providers-git/maven-scm-provider-jgit/pom.xml:
##
@@ -45,16 +45,26 @@
   maven-scm-provider-git-commons
 
 
-  org.eclipse.jgit
-  org.eclipse.jgit
-  4.5.4.201711221230-r
+  plexus-interactivity-api
+  org.codehaus.plexus
+  1.1
   
 
-  commons-logging
-  commons-logging
+  org.codehaus.plexus
+  plexus-container-default
 

Review Comment:
   Why did you change positions? It makes reading the PR harder.



##
maven-scm-providers/maven-scm-providers-git/maven-scm-provider-gittest/pom.xml:
##
@@ -46,6 +46,29 @@
   org.codehaus.plexus
   plexus-utils
 
+
+
+  org.apache.sshd
+  sshd-git
+  2.8.0

Review Comment:
   Use a property for this.



##
maven-scm-providers/maven-scm-providers-git/maven-scm-provider-gitexe/src/main/java/org/apache/maven/scm/provider/git/gitexe/command/checkin/GitCheckInCommand.java:
##
@@ -57,6 +58,14 @@
 extends AbstractCheckInCommand
 implements GitCommand
 {
+private final Map environmentVariables;
+
+public GitCheckInCommand( Map environmentVariables )
+{
+super();
+this.environmentVariables = environmentVariables;
+}

Review Comment:
   There should be a zero-arg ctor too, no?



##
maven-scm-providers/maven-scm-providers-git/maven-scm-provider-gitexe/src/main/java/org/apache/maven/scm/provider/git/gitexe/command/remoteinfo/GitRemoteInfoCommand.java:
##
@@ -38,6 +40,13 @@
 extends AbstractRemoteInfoCommand
 implements GitCommand
 {
+private final Map environmentVariables;
+
+public GitRemoteInfoCommand( Map environmentVariables )
+{
+super();
+this.environmentVariables = environmentVariables;
+}

Review Comment:
   zero-arg ctor



##
maven-scm-providers/maven-scm-providers-git/maven-scm-provider-gitexe/src/test/java/org/apache/maven/scm/provider/git/gitexe/command/checkout/GitExeSshCheckOutCommandTckTest.java:
##
@@ -0,0 +1,70 @@
+package org.apache.maven.scm.provider.git.gitexe.command.checkout;
+
+/*
+ * Licensed to the Apache Software Foundation (ASF) under one
+ * or more contributor license agreements.  See the NOTICE file
+ * distributed with this work for additional information
+ * regarding copyright ownership.  The ASF licenses this file
+ * to you under the Apache License, Version 2.0 (the
+ * "License"); you may not use this file except in compliance
+ * with the License.  You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing,
+ * software distributed under the License is distributed on an
+ * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
+ * KIND, either express or implied.  See the License for the
+ * specific language governing permissions and limitations
+ * under the License.
+ */
+
+import java.io.IOException;
+import java.nio.file.Files;
+import java.nio.file.Path;
+import java.security.GeneralSecurityException;
+
+import org.apache.commons.io.FilenameUtils;
+import 
org.apache.maven.scm.provider.git.command.checkout.GitSshCheckOutCommandTckTest;
+import org.apache.maven.scm.provider.git.gitexe.GitExeScmProvider;
+import org.apache.maven.scm.provider.git.repository.GitScmProviderRepository;
+
+/**
+ *
+ */
+public class GitExeSshCheckOutCommandTckTest
+extends GitSshCheckOutCommandTckTest
+{
+private Path knownHostsFile;
+
+public static final String VARIABLE_GIT_SSH_COMMAND = "GIT_SSH_COMMAND"; 
// ht

< 1 2

101 - 140 of 140 matches

Mail list logo