[ANN] Apache Maven Dependency Plugin 3.7.1 released
The Apache Maven team is pleased to announce the release of the Maven Dependency Plugin version 3.7.1 https://maven.apache.org/plugins/maven-dependency-plugin/ You should specify the version in your project's plugin configuration: org.apache.maven.plugins maven-dependency-plugin 3.7.1 You can download the appropriate sources etc. from the download page: https://maven.apache.org/plugins/maven-dependency-plugin/download.cgi Release Notes - Maven Dependency Plugin - Version 3.7.1 ** Bug * [MDEP-943] - [REGRESSION] appendOutput for tree goal broken for multi-module project ** Improvement * [MDEP-940] - Use Resolver API instead of m-a-t for resolving artifacts ** Task * [MDEP-945] - Fix documentation about get goal ** Dependency upgrade * [MDEP-944] - Bump org.apache.maven.shared:maven-common-artifact-filters from 3.3.2 to 3.4.0 Enjoy, -The Apache Maven team
Re: Common Artifact Filters -> Downgrade from maven-resolver-util 1.6.3 to 1.4.1
pt., 21 cze 2024 o 16:39 Michael Osipov napisał(a): > On 2024/06/21 13:18:26 STEFFAN Alexandra wrote: > > Hi, > > > > We've noticed that the Maven Common Artifact Filters has a dependency on > maven-resolver-util. This dependency has been downgraded from 1.6.3 to > 1.4.1 in Common Artifact Filters 3.4.0. > > > > This was done in commit > https://github.com/apache/maven-common-artifact-filters/pull/36/files#diff-9c5fb3d1b7e3b0f54bc5c4182965c4fe1f9023d449017cece3005d3f90e8e4d8L60-R60 > . > > > > It has come to our attention that version 1.4.1 uses a PGP Key without a > UID and we can't verify the maintainer of this version. > > > > a) Was the change intentional? > > Yes > > > b) Is the PGP key verifiable with the fingerprint > org.apache.maven.resolver:maven-resolver-api:1.4.1 = > 0x522CA055B326A636D833EF6A0551FD3684FCBBB7? > > > https://keyserver.ubuntu.com/pks/lookup?search=0x522CA055B326A636D833EF6A0551FD3684FCBBB7=on=index also can check key in: https://downloads.apache.org/maven/KEYS > > > - > To unsubscribe, e-mail: users-unsubscr...@maven.apache.org > For additional commands, e-mail: users-h...@maven.apache.org > > -- Sławomir Jaranowski
Re: Common Artifact Filters -> Downgrade from maven-resolver-util 1.6.3 to 1.4.1
On 2024/06/21 13:18:26 STEFFAN Alexandra wrote: > Hi, > > We've noticed that the Maven Common Artifact Filters has a dependency on > maven-resolver-util. This dependency has been downgraded from 1.6.3 to 1.4.1 > in Common Artifact Filters 3.4.0. > > This was done in commit > https://github.com/apache/maven-common-artifact-filters/pull/36/files#diff-9c5fb3d1b7e3b0f54bc5c4182965c4fe1f9023d449017cece3005d3f90e8e4d8L60-R60 > . > > It has come to our attention that version 1.4.1 uses a PGP Key without a UID > and we can't verify the maintainer of this version. > > a) Was the change intentional? Yes > b) Is the PGP key verifiable with the fingerprint > org.apache.maven.resolver:maven-resolver-api:1.4.1 = > 0x522CA055B326A636D833EF6A0551FD3684FCBBB7? https://keyserver.ubuntu.com/pks/lookup?search=0x522CA055B326A636D833EF6A0551FD3684FCBBB7=on=index - To unsubscribe, e-mail: users-unsubscr...@maven.apache.org For additional commands, e-mail: users-h...@maven.apache.org
Common Artifact Filters -> Downgrade from maven-resolver-util 1.6.3 to 1.4.1
Hi, We've noticed that the Maven Common Artifact Filters has a dependency on maven-resolver-util. This dependency has been downgraded from 1.6.3 to 1.4.1 in Common Artifact Filters 3.4.0. This was done in commit https://github.com/apache/maven-common-artifact-filters/pull/36/files#diff-9c5fb3d1b7e3b0f54bc5c4182965c4fe1f9023d449017cece3005d3f90e8e4d8L60-R60 . It has come to our attention that version 1.4.1 uses a PGP Key without a UID and we can't verify the maintainer of this version. a) Was the change intentional? b) Is the PGP key verifiable with the fingerprint org.apache.maven.resolver:maven-resolver-api:1.4.1 = 0x522CA055B326A636D833EF6A0551FD3684FCBBB7? Best regards Alexandra Steffan C1-Internal Use - To unsubscribe, e-mail: users-unsubscr...@maven.apache.org For additional commands, e-mail: users-h...@maven.apache.org
