[jira] [Created] (MJAR-309) Modular Jar file permissions changed when fixing modification time
Laurent Goujon created MJAR-309: --- Summary: Modular Jar file permissions changed when fixing modification time Key: MJAR-309 URL: https://issues.apache.org/jira/browse/MJAR-309 Project: Maven JAR Plugin Issue Type: Bug Affects Versions: 3.4.1 Reporter: Laurent Goujon When a new modular jar file is generated with {{maven-jar-plugin}} with Java 11, the final permissions of the file are restricted to the current user instead of using the environment umask which usually allows for group and other users to access the file as well. This is caused by the use of {{Files#createTempFile()}} in {{plexus-archiver}} to rewrite the original jar file. The method has a restrictive file permission model for security reason but as the temporary file is generated next to the original jar file, and there's no sensitive reason to restrict its access, the restrictive file permission should not be needed. The change of permissions causes some issues in some build environment like Github Actions for example (used by Apache Arrow. See https://github.com/apache/arrow/pull/41309 for details) Issue has been reported to {{plexus-archiver}} as https://github.com/codehaus-plexus/plexus-archiver/issues/332 with a [fix|https://github.com/codehaus-plexus/plexus-archiver/pull/333] being merged in the project's master branch -- This message was sent by Atlassian Jira (v8.20.10#820010)
[jira] [Commented] (MSHARED-1394) Upgrade Maven core dependencies to the latest and make as provided
[ https://issues.apache.org/jira/browse/MSHARED-1394?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel=17845129#comment-17845129 ] ASF GitHub Bot commented on MSHARED-1394: - slawekjaranowski opened a new pull request, #119: URL: https://github.com/apache/maven-dependency-analyzer/pull/119 https://issues.apache.org/jira/browse/MSHARED-1394 > Upgrade Maven core dependencies to the latest and make as provided > -- > > Key: MSHARED-1394 > URL: https://issues.apache.org/jira/browse/MSHARED-1394 > Project: Maven Shared Components > Issue Type: Improvement > Components: maven-dependency-analyzer >Reporter: Slawomir Jaranowski >Assignee: Slawomir Jaranowski >Priority: Major > Fix For: maven-dependency-analyzer-1.14.0 > > > We need not to have a Maven core dependencies in compile scope. > When we use this artifact in another for analyze project all Maven > dependencies are in place also in provided scope. -- This message was sent by Atlassian Jira (v8.20.10#820010)
[PR] [MSHARED-1394] Upgrade Maven core dependencies to the latest and maka as provided [maven-dependency-analyzer]
slawekjaranowski opened a new pull request, #119: URL: https://github.com/apache/maven-dependency-analyzer/pull/119 https://issues.apache.org/jira/browse/MSHARED-1394 -- This is an automated message from the Apache Git Service. To respond to the message, please log on to GitHub and use the URL above to go to the specific comment. To unsubscribe, e-mail: issues-unsubscr...@maven.apache.org For queries about this service, please contact Infrastructure at: us...@infra.apache.org
[jira] [Created] (MSHARED-1394) Upgrade Maven core dependencies to the latest and make as provided
Slawomir Jaranowski created MSHARED-1394: Summary: Upgrade Maven core dependencies to the latest and make as provided Key: MSHARED-1394 URL: https://issues.apache.org/jira/browse/MSHARED-1394 Project: Maven Shared Components Issue Type: Improvement Components: maven-dependency-analyzer Reporter: Slawomir Jaranowski Assignee: Slawomir Jaranowski Fix For: maven-dependency-analyzer-1.14.0 We need not to have a Maven core dependencies in compile scope. When we use this artifact in another for analyze project all Maven dependencies are in place also in provided scope. -- This message was sent by Atlassian Jira (v8.20.10#820010)
[jira] [Commented] (MNG-8117) Improve prerequisite evaluation and plugin version selection logging
[ https://issues.apache.org/jira/browse/MNG-8117?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel=17845117#comment-17845117 ] ASF GitHub Bot commented on MNG-8117: - cstamas merged PR #1505: URL: https://github.com/apache/maven/pull/1505 > Improve prerequisite evaluation and plugin version selection logging > > > Key: MNG-8117 > URL: https://issues.apache.org/jira/browse/MNG-8117 > Project: Maven > Issue Type: Improvement > Components: Plugins and Lifecycle >Reporter: Tamas Cservenak >Priority: Major > Fix For: 3.9.7, 4.0.0, 4.0.0-beta-1 > > > Currently, when user uses {{G:A}} the plugin tried is {{G:A:LATEST}} and is > checked for "compatibility" (Maven prerequisite in Maven3 and Maven4, plus > for Java prerequisite in Maven4 only). This may lead that "latest" (by Maven > Metadata) version is not compatible, and Maven will cycle toward older > versions. But the console output is a mess. > Current output can be seen in this gist: > [https://gist.github.com/cstamas/e44a2e51f5ec9f2e803dfb1d487d2fd5] > PR creates output like this: > https://gist.github.com/cstamas/3ca4bc6cea5f701054061871b5db3f35 -- This message was sent by Atlassian Jira (v8.20.10#820010)
[jira] [Closed] (MNG-8117) Improve prerequisite evaluation and plugin version selection logging
[ https://issues.apache.org/jira/browse/MNG-8117?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ] Tamas Cservenak closed MNG-8117. Resolution: Fixed > Improve prerequisite evaluation and plugin version selection logging > > > Key: MNG-8117 > URL: https://issues.apache.org/jira/browse/MNG-8117 > Project: Maven > Issue Type: Improvement > Components: Plugins and Lifecycle >Reporter: Tamas Cservenak >Priority: Major > Fix For: 3.9.7, 4.0.0, 4.0.0-beta-1 > > > Currently, when user uses {{G:A}} the plugin tried is {{G:A:LATEST}} and is > checked for "compatibility" (Maven prerequisite in Maven3 and Maven4, plus > for Java prerequisite in Maven4 only). This may lead that "latest" (by Maven > Metadata) version is not compatible, and Maven will cycle toward older > versions. But the console output is a mess. > Current output can be seen in this gist: > [https://gist.github.com/cstamas/e44a2e51f5ec9f2e803dfb1d487d2fd5] > PR creates output like this: > https://gist.github.com/cstamas/3ca4bc6cea5f701054061871b5db3f35 -- This message was sent by Atlassian Jira (v8.20.10#820010)
[jira] [Assigned] (MNG-8117) Improve prerequisite evaluation and plugin version selection logging
[ https://issues.apache.org/jira/browse/MNG-8117?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ] Tamas Cservenak reassigned MNG-8117: Assignee: Tamas Cservenak > Improve prerequisite evaluation and plugin version selection logging > > > Key: MNG-8117 > URL: https://issues.apache.org/jira/browse/MNG-8117 > Project: Maven > Issue Type: Improvement > Components: Plugins and Lifecycle >Reporter: Tamas Cservenak >Assignee: Tamas Cservenak >Priority: Major > Fix For: 3.9.7, 4.0.0, 4.0.0-beta-1 > > > Currently, when user uses {{G:A}} the plugin tried is {{G:A:LATEST}} and is > checked for "compatibility" (Maven prerequisite in Maven3 and Maven4, plus > for Java prerequisite in Maven4 only). This may lead that "latest" (by Maven > Metadata) version is not compatible, and Maven will cycle toward older > versions. But the console output is a mess. > Current output can be seen in this gist: > [https://gist.github.com/cstamas/e44a2e51f5ec9f2e803dfb1d487d2fd5] > PR creates output like this: > https://gist.github.com/cstamas/3ca4bc6cea5f701054061871b5db3f35 -- This message was sent by Atlassian Jira (v8.20.10#820010)
Re: [PR] [3.9.x][MNG-8117] Backport to Maven 3.9.x [maven]
cstamas merged PR #1505: URL: https://github.com/apache/maven/pull/1505 -- This is an automated message from the Apache Git Service. To respond to the message, please log on to GitHub and use the URL above to go to the specific comment. To unsubscribe, e-mail: issues-unsubscr...@maven.apache.org For queries about this service, please contact Infrastructure at: us...@infra.apache.org
Re: [PR] [MNG-8117] Maven PluginVersionResolver improvement [maven]
cstamas merged PR #1502: URL: https://github.com/apache/maven/pull/1502 -- This is an automated message from the Apache Git Service. To respond to the message, please log on to GitHub and use the URL above to go to the specific comment. To unsubscribe, e-mail: issues-unsubscr...@maven.apache.org For queries about this service, please contact Infrastructure at: us...@infra.apache.org
[jira] [Updated] (MNG-8117) Improve prerequisite evaluation and plugin version selection logging
[ https://issues.apache.org/jira/browse/MNG-8117?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ] Tamas Cservenak updated MNG-8117: - Fix Version/s: 3.9.7 > Improve prerequisite evaluation and plugin version selection logging > > > Key: MNG-8117 > URL: https://issues.apache.org/jira/browse/MNG-8117 > Project: Maven > Issue Type: Improvement > Components: Plugins and Lifecycle >Reporter: Tamas Cservenak >Priority: Major > Fix For: 3.9.7, 4.0.0, 4.0.0-beta-1 > > > Currently, when user uses {{G:A}} the plugin tried is {{G:A:LATEST}} and is > checked for "compatibility" (Maven prerequisite in Maven3 and Maven4, plus > for Java prerequisite in Maven4 only). This may lead that "latest" (by Maven > Metadata) version is not compatible, and Maven will cycle toward older > versions. But the console output is a mess. > Current output can be seen in this gist: > [https://gist.github.com/cstamas/e44a2e51f5ec9f2e803dfb1d487d2fd5] > PR creates output like this: > https://gist.github.com/cstamas/3ca4bc6cea5f701054061871b5db3f35 -- This message was sent by Atlassian Jira (v8.20.10#820010)
[jira] [Commented] (MSHARED-1393) Allow to exclude classes from verification - revert MSHARED-1248
[ https://issues.apache.org/jira/browse/MSHARED-1393?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel=17845109#comment-17845109 ] ASF GitHub Bot commented on MSHARED-1393: - slawekjaranowski commented on PR #118: URL: https://github.com/apache/maven-dependency-analyzer/pull/118#issuecomment-2103312054 @garydgregory - this revert only logs from https://github.com/apache/maven-dependency-analyzer/pull/89 But we have possibility to exclude what we want. Please look > Allow to exclude classes from verification - revert MSHARED-1248 > > > Key: MSHARED-1393 > URL: https://issues.apache.org/jira/browse/MSHARED-1393 > Project: Maven Shared Components > Issue Type: New Feature > Components: maven-dependency-analyzer >Reporter: Slawomir Jaranowski >Assignee: Slawomir Jaranowski >Priority: Major > Fix For: maven-dependency-analyzer-1.14.0 > > > In some situation project can contains corrupted classes. > Instead of skip it with only warning like in: MSHARED-1248 we should have > possibility to skip only known corrupted classes - not all. > When we skip all - we can stop analyzing anything when asm does not support > next byte code version. -- This message was sent by Atlassian Jira (v8.20.10#820010)
Re: [PR] [MSHARED-1393] Allow to exclude classes from verification [maven-dependency-analyzer]
slawekjaranowski commented on PR #118: URL: https://github.com/apache/maven-dependency-analyzer/pull/118#issuecomment-2103312054 @garydgregory - this revert only logs from https://github.com/apache/maven-dependency-analyzer/pull/89 But we have possibility to exclude what we want. Please look -- This is an automated message from the Apache Git Service. To respond to the message, please log on to GitHub and use the URL above to go to the specific comment. To unsubscribe, e-mail: issues-unsubscr...@maven.apache.org For queries about this service, please contact Infrastructure at: us...@infra.apache.org
[jira] [Commented] (MSHARED-1393) Allow to exclude classes from verification - revert MSHARED-1248
[ https://issues.apache.org/jira/browse/MSHARED-1393?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel=17845108#comment-17845108 ] ASF GitHub Bot commented on MSHARED-1393: - slawekjaranowski opened a new pull request, #118: URL: https://github.com/apache/maven-dependency-analyzer/pull/118 https://issues.apache.org/jira/browse/MSHARED-1393 > Allow to exclude classes from verification - revert MSHARED-1248 > > > Key: MSHARED-1393 > URL: https://issues.apache.org/jira/browse/MSHARED-1393 > Project: Maven Shared Components > Issue Type: New Feature > Components: maven-dependency-analyzer >Reporter: Slawomir Jaranowski >Assignee: Slawomir Jaranowski >Priority: Major > Fix For: maven-dependency-analyzer-1.14.0 > > > In some situation project can contains corrupted classes. > Instead of skip it with only warning like in: MSHARED-1248 we should have > possibility to skip only known corrupted classes - not all. > When we skip all - we can stop analyzing anything when asm does not support > next byte code version. -- This message was sent by Atlassian Jira (v8.20.10#820010)
[PR] [MSHARED-1393] Allow to exclude classes from verification [maven-dependency-analyzer]
slawekjaranowski opened a new pull request, #118: URL: https://github.com/apache/maven-dependency-analyzer/pull/118 https://issues.apache.org/jira/browse/MSHARED-1393 -- This is an automated message from the Apache Git Service. To respond to the message, please log on to GitHub and use the URL above to go to the specific comment. To unsubscribe, e-mail: issues-unsubscr...@maven.apache.org For queries about this service, please contact Infrastructure at: us...@infra.apache.org
[jira] [Created] (MSHARED-1393) Allow to exclude classes from verification - revert MSHARED-1248
Slawomir Jaranowski created MSHARED-1393: Summary: Allow to exclude classes from verification - revert MSHARED-1248 Key: MSHARED-1393 URL: https://issues.apache.org/jira/browse/MSHARED-1393 Project: Maven Shared Components Issue Type: New Feature Components: maven-dependency-analyzer Reporter: Slawomir Jaranowski Assignee: Slawomir Jaranowski Fix For: maven-dependency-analyzer-1.14.0 In some situation project can contains corrupted classes. Instead of skip it with only warning like in: MSHARED-1248 we should have possibility to skip only known corrupted classes - not all. When we skip all - we can stop analyzing anything when asm does not support next byte code version. -- This message was sent by Atlassian Jira (v8.20.10#820010)
[jira] [Created] (MRELEASE-1143) MRELEASE should be able to recognise and update project.build.outputTimestamp in a profile
Thorsten Glaser created MRELEASE-1143: - Summary: MRELEASE should be able to recognise and update project.build.outputTimestamp in a profile Key: MRELEASE-1143 URL: https://issues.apache.org/jira/browse/MRELEASE-1143 Project: Maven Release Plugin Issue Type: Improvement Reporter: Thorsten Glaser Follow-up for: MRELEASE-1029 I have pretty much the same problem as the ASF has in MPOM-255 and MPOM-265: I build a parent POM in a project, and I want that project's output to be reproducible, but if I set `project.build.outputTimestamp` in the parent POM itself's ``, all users inherit it. This is suboptimal (even if not harmful), especially as users' `mvn artifact:check-buildplan` will now succeed with merely... {noformat} [WARNING] property is inherited, it should be defined in pom.xml{noformat} ... instead of erroring out when a user does _not_ define it. In my parent POM, I have already defined a profile `build-mvnparent` which I enable when releasing the parent POM project itself, which defines a couple of properties such as the copyright years which I also don't want users to inherit by accident. However, when I put the `project.build.outputTimestamp` property in there, not only do I get `mvn artifact:check-buildplan` warnings about the property being inherited when it's not (just pulled from a profile), but also does the maven-release-plugin not update it when releasing. I would request that this be fixed, so then the ASF and I could use the profile method of defining this in the parent POM without all users of the parent-POM-once-installed inheriting that value (while all other modules in the same project that _installs_ the parent POM _do_ get it), and once it's fixed, the `artifact:check-buildplan` be updated to recognise this situation. -- This message was sent by Atlassian Jira (v8.20.10#820010)
Re: [PR] Bump testcontainersVersion from 1.19.7 to 1.19.8 [maven-resolver]
CrazyHZM merged PR #491: URL: https://github.com/apache/maven-resolver/pull/491 -- This is an automated message from the Apache Git Service. To respond to the message, please log on to GitHub and use the URL above to go to the specific comment. To unsubscribe, e-mail: issues-unsubscr...@maven.apache.org For queries about this service, please contact Infrastructure at: us...@infra.apache.org
Re: [PR] Bump org.testcontainers:testcontainers-bom from 1.19.7 to 1.19.8 [maven-build-cache-extension]
CrazyHZM merged PR #153: URL: https://github.com/apache/maven-build-cache-extension/pull/153 -- This is an automated message from the Apache Git Service. To respond to the message, please log on to GitHub and use the URL above to go to the specific comment. To unsubscribe, e-mail: issues-unsubscr...@maven.apache.org For queries about this service, please contact Infrastructure at: us...@infra.apache.org
[PR] Typos [maven-site]
elharo opened a new pull request, #524: URL: https://github.com/apache/maven-site/pull/524 (no comment) -- This is an automated message from the Apache Git Service. To respond to the message, please log on to GitHub and use the URL above to go to the specific comment. To unsubscribe, e-mail: issues-unsubscr...@maven.apache.org For queries about this service, please contact Infrastructure at: us...@infra.apache.org
Re: [PR] Remove Maven 3 note [maven-compiler-plugin]
elharo merged PR #241: URL: https://github.com/apache/maven-compiler-plugin/pull/241 -- This is an automated message from the Apache Git Service. To respond to the message, please log on to GitHub and use the URL above to go to the specific comment. To unsubscribe, e-mail: issues-unsubscr...@maven.apache.org For queries about this service, please contact Infrastructure at: us...@infra.apache.org
[jira] [Created] (MWRAPPER-137) Can't match distributionUrl when using MINGW64
Robert Scholte created MWRAPPER-137: --- Summary: Can't match distributionUrl when using MINGW64 Key: MWRAPPER-137 URL: https://issues.apache.org/jira/browse/MWRAPPER-137 Project: Maven Wrapper Issue Type: Bug Components: Maven Wrapper Scripts Affects Versions: 3.3.1 Reporter: Robert Scholte Any mvnw command fails with the following message: {noformat} $ ./mvnw verify 'istributionUrl is not valid, must match *-bin.zip or maven-mvnd-*.zip, but found 'https://repo.maven.apache.org/maven2/org/apache/maven/apache-maven/4.0.0-alpha-13/apache-maven-4.0.0-alpha-13-bin.zip {noformat} Also notice that the {{d}} from distributionUrl has been replaced with a single quote. -- This message was sent by Atlassian Jira (v8.20.10#820010)
Re: [PR] Bump com.google.guava:guava from 30.1.1-android to 32.0.0-android in /src/it/jarWithCompileDependency/project2 [maven-dependency-analyzer]
slawekjaranowski merged PR #117: URL: https://github.com/apache/maven-dependency-analyzer/pull/117 -- This is an automated message from the Apache Git Service. To respond to the message, please log on to GitHub and use the URL above to go to the specific comment. To unsubscribe, e-mail: issues-unsubscr...@maven.apache.org For queries about this service, please contact Infrastructure at: us...@infra.apache.org
[PR] Bump org.testcontainers:testcontainers-bom from 1.19.7 to 1.19.8 [maven-build-cache-extension]
dependabot[bot] opened a new pull request, #153: URL: https://github.com/apache/maven-build-cache-extension/pull/153 Bumps [org.testcontainers:testcontainers-bom](https://github.com/testcontainers/testcontainers-java) from 1.19.7 to 1.19.8. Release notes Sourced from https://github.com/testcontainers/testcontainers-java/releases;>org.testcontainers:testcontainers-bom's releases. 1.19.8 Testcontainers for Java 1.19.8 Features Enhancements support backtick enquoting in SQL script splitter (https://redirect.github.com/testcontainers/testcontainers-java/issues/8593;>#8593) https://github.com/peterhalicky;>@peterhalicky [localstack] Automatically add LAMBDA_DOCKER_FLAGS with testcontainers labels (https://redirect.github.com/testcontainers/testcontainers-java/issues/8595;>#8595) https://github.com/dfangl;>@dfangl [qdrant] Allow to set key and config file (https://redirect.github.com/testcontainers/testcontainers-java/issues/8556;>#8556) https://github.com/eddumelendez;>@eddumelendez [weaviate] Support new project container registry (https://redirect.github.com/testcontainers/testcontainers-java/issues/8512;>#8512) https://github.com/ThomasVitale;>@ThomasVitale [kafka] Add support for apache/kafka (https://redirect.github.com/testcontainers/testcontainers-java/issues/8416;>#8416) https://github.com/eddumelendez;>@eddumelendez [kafka] Skip starting zookeeper when using a Kafka container with the provided Zookeeper (https://redirect.github.com/testcontainers/testcontainers-java/issues/8433;>#8433) https://github.com/silh;>@silh Use Awaitility to Poll the Image Pull (https://redirect.github.com/testcontainers/testcontainers-java/issues/8453;>#8453) https://github.com/JKomoroski;>@JKomoroski Avoid usage of the non monotonic clock System.currentTimeMillis() in favor of System.nanoTime() (https://redirect.github.com/testcontainers/testcontainers-java/issues/6392;>#6392) https://github.com/Nateckert;>@Nateckert Fix DateTimeParseException when created is not set in image config (https://redirect.github.com/testcontainers/testcontainers-java/issues/8302;>#8302) https://github.com/SgtSilvio;>@SgtSilvio [redpanda] Override entrypoint (https://redirect.github.com/testcontainers/testcontainers-java/issues/8450;>#8450) https://github.com/eddumelendez;>@eddumelendez [weaviae] Add method for getting gRPC port (https://redirect.github.com/testcontainers/testcontainers-java/issues/8431;>#8431) https://github.com/antas-marcin;>@antas-marcin [clickhouse] Add getDatabaseName() method (https://redirect.github.com/testcontainers/testcontainers-java/issues/8339;>#8339) https://github.com/colin-lee;>@colin-lee Bug Fixes Pass env to ComposeDelegate in DockerComposeContainer#stop (https://redirect.github.com/testcontainers/testcontainers-java/issues/8493;>#8493) https://github.com/mmusenbr;>@mmusenbr Documentation 粒 Housekeeping Add Weaviate module tests with modules (https://redirect.github.com/testcontainers/testcontainers-java/issues/8481;>#8481) https://github.com/antas-marcin;>@antas-marcin Update alpine image version to 3.17 (https://redirect.github.com/testcontainers/testcontainers-java/issues/8476;>#8476) https://github.com/eddumelendez;>@eddumelendez fix getConnectionString javadoc (https://redirect.github.com/testcontainers/testcontainers-java/issues/8129;>#8129) https://github.com/gabrielluciano;>@gabrielluciano Dependency updates Move to gradle/actions/wrapper-validation (https://redirect.github.com/testcontainers/testcontainers-java/issues/8559;>#8559) https://github.com/eddumelendez;>@eddumelendez upgrade to github actions setup-java v4 (https://redirect.github.com/testcontainers/testcontainers-java/issues/8475;>#8475) https://github.com/sullis;>@sullis Update ryuk version to 0.7.0 (https://redirect.github.com/testcontainers/testcontainers-java/issues/8451;>#8451) https://github.com/eddumelendez;>@eddumelendez chore: use new sshd:1.2.0 image (https://redirect.github.com/testcontainers/testcontainers-java/issues/8574;>#8574) https://github.com/mdelapenya;>@mdelapenya Commits https://github.com/testcontainers/testcontainers-java/commit/9b780dd8f27b7665f34c54ae738c41eccf73ad44;>9b780dd Add support for backtick enquoting in SQL script splitter (https://redirect.github.com/testcontainers/testcontainers-java/issues/8593;>#8593) https://github.com/testcontainers/testcontainers-java/commit/8b9eb0cdd8c7b7d6b04ef68c21b89e771441a758;>8b9eb0c Fix Ollama code snippet https://github.com/testcontainers/testcontainers-java/commit/2195610f0d2a0864d1f9bd79bedf2c66e8386393;>2195610 Add LAMBDA_DOCKER_FLAGS with testcontainers labels (https://redirect.github.com/testcontainers/testcontainers-java/issues/8595;>#8595) https://github.com/testcontainers/testcontainers-java/commit/994b385761dde7d832ab7b6c10bc62747fe4b340;>994b385