[jira] [Updated] (IVY-1642) PomModuleDescriptorBuilder may lose depndencies in translation

[ https://issues.apache.org/jira/browse/IVY-1642?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ] Stefan Bodewig updated IVY-1642: Affects Version/s: 2.5.1 > PomModuleDescriptorBuilder may lose depndencies in translat

Re: Problem with resolving dependencies for saxon-HE on Maven repo

Hi Linus On 2023-04-13, LINUS FERNANDES wrote: > There is a problem downloading the dependencies for Saxon-HE from Maven > using Ivy. > The xmlresolver-5.1.1.jar does not download but it's classified jar > xmlresolver-data-5.1.1.jar does. Both jars are listed as dependencies in > the pom for

[jira] [Created] (IVY-1642) PomModuleDescriptorBuilder may lose depndencies in translation

Stefan Bodewig created IVY-1642: --- Summary: PomModuleDescriptorBuilder may lose depndencies in translation Key: IVY-1642 URL: https://issues.apache.org/jira/browse/IVY-1642 Project: Ivy Issue

Re: NullPointerException while resolving dependency

For now, I may look into creating a custom resolver for resolving > dependency from Bitbucket. If you have any pointers to any example of > custom resolvers, then please do share otherwise i may ask ChatGPT to help > here :D > Thanks again for all your help and time. > Kind Regard

Re: NullPointerException while resolving dependency

On 2023-03-20, Stefan Bodewig wrote: > On 2023-03-20, Stefan Bodewig wrote: >> Hi >> On 2023-03-20, Kamran Manzoor wrote: >>> Thanks a lot for looking into this. I thought the issue was request related >>> but it is in response handling. It means it does tri

Re: NullPointerException while resolving dependency

On 2023-03-20, Stefan Bodewig wrote: > Hi > On 2023-03-20, Kamran Manzoor wrote: >> Thanks a lot for looking into this. I thought the issue was request related >> but it is in response handling. It means it does trigger the request which >> I have verified and it se

Re: NullPointerException while resolving dependency

Hi On 2023-03-20, Kamran Manzoor wrote: > Thanks a lot for looking into this. I thought the issue was request related > but it is in response handling. It means it does trigger the request which > I have verified and it seems like the auth header is missing :(. I have > tried with default URL

Re: NullPointerException while resolving dependency

On 2023-03-17, Stefan Bodewig wrote: > On 2023-03-17, Stefan Bodewig wrote: >> and will open a JIRA ticket attaching oyur files when using Apache >> HttpClient. > https://issues.apache.org/jira/browse/IVY-1641 should be fixed by https://github.com/apa

[jira] [Updated] (IVY-1641) NullPointerException when using Basic Auth for repository together with Apache HttpClient

[ https://issues.apache.org/jira/browse/IVY-1641?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ] Stefan Bodewig updated IVY-1641: Attachment: ivysettings.xml ivy.xml build.xml > NullPointerExcept

[jira] [Updated] (IVY-1641) NullPointerException when using Basic Auth for repository together with Apache HttpClient

[ https://issues.apache.org/jira/browse/IVY-1641?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ] Stefan Bodewig updated IVY-1641: Fix Version/s: 2.5.2 > NullPointerException when using Basic Auth for repository toget

Re: NullPointerException while resolving dependency

On 2023-03-17, Stefan Bodewig wrote: > and will open a JIRA ticket attaching oyur files when using Apache > HttpClient. https://issues.apache.org/jira/browse/IVY-1641 Stefan

[jira] [Created] (IVY-1641) NullPointerException when using Basic Auth for repository together with Apache HttpClient

Stefan Bodewig created IVY-1641: --- Summary: NullPointerException when using Basic Auth for repository together with Apache HttpClient Key: IVY-1641 URL: https://issues.apache.org/jira/browse/IVY-1641

Re: NullPointerException while resolving dependency

On 2023-03-16, Kamran Manzoor wrote: > I am new to Apache Ivy and I am using it to manage dependency in one of my > ant projects. All I want is to retrieve a jar from a custom URL (Bitbucket) > which requires Basic Authentication. However, I am getting > NullPointerException when I am trying to

[Xmlunit-general] XMLUNit.NET 2.9.2 Released

-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 Hi all I've just released a small minor release of XMLUnit.NET that fixes a bug with whitespace normalization/stripping and adds a small feature simplifying the use of NodeFilters. Full list of changes: * added NodeFilters#SatisfiesAll and

[REPORT] Gump - March 2023

## Description Apache Gump is a cross-project continuous integration server. Gump's intention isn't so much to be a CI server but rather a vehicle that makes people look beyond their project's boundaries and helps the projects to collaborate. Gump is written in Python and supports several build

Re: Direction of Gump

On 2023-03-05, Mark Thomas wrote: >> I'm not suggesting terminating Gump but I wonder whether there is any >> benefit in keeping it as a TLP if no other project is interested >> anymore. > What are the other options if it isn't a TLP? Close it down > obviously. Anything else? Things that come

Board report Draft

Hi all https://cwiki.apache.org/confluence/display/GUMP/20230315 is the current draft, I'll send it out next Wednesday. This time it is not a verbatim copy of the report I keep sending but rather contains two extra paragraphs. In "Project Activity" > Triggered by the board feedback to the last

Re: Problems with ftp download

On 2023-03-03, Frank Tornack wrote: > I am trying to build apache ant from source and unfortunately have a > problem. > -fetch-netrexx-no-commons-net: > Getting: ftp://ftp.software.ibm.com/software/awdtools/netrexx/NetRexx.zip > To: /root/.ant/tempcache/NetRexx.zip > Error getting >

Re: Improvement ideas for Ant 1.10.13

On 2023-03-02, Stefan Bodewig wrote: > On 2023-02-27, KUNES Michael wrote: >> 1) I agree that this NPE might not occur under normal >> circumstances. Therefore, I am quite sure that the finding is due to >> our static code analysis tool remarks and just some >>

Re: Improvement ideas for Ant 1.10.13

On 2023-03-02, KUNES Michael wrote: > Thank you for the hint! We will evaluate that alternative soon. > Problem for such an evaluation is: we've a huge amount of different HW types > (all embedded) with SW from brand new to VERY old (10y+). Therefore, such > replacements always are dangerous

Re: Improvement ideas for Ant 1.10.13

On 2023-02-27, KUNES Michael wrote: > We are using tar as part of our software to prepare data sent to > devices that use tar or tgz format for receiving e.g.: CSV, > XML,... files Then I'd strongly recommend you look into replacing it with Commons Commpress at one point in time. The libary does

Re: Improvement ideas for Ant 1.10.13

Hi Michael many thanks for your suggestions. You could have just opened enahncement requests in Bugzilla but personally I appreciate you trying to have a discussion about the changes here first. I am wondering whether you are using the tar package directly or you are actually facing issues with

Direction of Gump

Hi all after Gump's last board report one of the members asked whether we aren't disturbed by not adding any new committers for many years now (actually I don't believe anybody who is a not a PMC member already has posted anything to ths list for years). And whether Gump really mostly is on

Re: Moving to Java 17

On 2023-01-26, Mark Thomas wrote: > Looks to be back to where we were before the Java 17 update. Many thanks for doing all the work, Mark Stefan - To unsubscribe, e-mail: general-unsubscr...@gump.apache.org For additional

Re: Pass secret to Exec task

On 2023-01-30, Gilles Querret wrote: > I have to pass a secret to an Exec task (in a custom Ant plugin), and one > way to do that is to pipe the output of another command line to this exec > task. Unfortunately there is no direct support for pipes. > I've tried setInputString, but the

Re: Moving to Java 17

On 2023-01-11, Mark Thomas wrote: > Once I have confirmed Java 17 has been installed, I'll switch Gump > over to Java 17 and wait to see what fails. Once everything is fixed, > I'll remove the Java 11 package. +1 Thank you Stefan

[Xmlunit-general] XMLUnit for Java 2.9.1 Released

full list of changes: * fixed some AssertJ tests that didn't work on Windows. Issue #252 and PR #253 by @Boiarshinov * added overloads to ElementSelectors.byXPath that accept a XPathEngine argument. Issue #255 * added Cyclone DX SBOMs to release artifacts

Re: Need help with Ant versions in bugzilla

On 2023-01-10, Jaikiran Pai wrote: > Now that we have released 1.10.13 of Ant, could someone with bugzilla > access please create a new 1.10.13 product version and a new 1.10.14 > milestone version, for Ant? I have already done so when you closed the vote :-) Stefan

Re: [VOTE] Release Apache Ant 1.10.13 based on RC1

On 2023-01-04, Jaikiran Pai wrote: > Happy new year, everyone :) to you as well > I've created RC1 release candidate for Ant 1.10.13 release: > git tag: ANT_1.10.13_RC1 >     on commit: 6996b80b5fb59cc2769f7098d837de32680a > tarballs: https://dist.apache.org/repos/dist/dev/ant/ +1

Re: SSHEXEC Command Line Equivalent

On 2022-12-28, Eric Fetzer wrote: > Hi! Can anyone tell me what the command line equivalent to the following > directive in ant is? I'm afraid this is not easy to answer as Ant does not use the command line for this. Ant uses http://www.jcraft.com/jsch/ in order to execute the command and it is

Re: Release Ant 1.10.13?

On 2022-12-11, Jaikiran Pai wrote: > On 26/11/22 11:33 pm, Stefan Bodewig wrote: >> On 2022-11-19, Stefan Bodewig wrote: >> Finding A solution was a nice puzzle, but that doesn't mean we have to >> use it. > I had a look at that commit and the PR discussion where the i

[REPORT] Gump - December 2022

[Sorry, I by now completely rely on the automated reminder and when it came in I was pretty much under water - so I didn't have the time to ask for input to the report this time around] # Description Apache Gump is a cross-project continuous integration server. Gump's intention isn't so much to

Re: Jira account with IvyDE issue reporting ability

On 2022-12-10, KDV wrote: > i would like to vote for a bug and add comment to it in IvyDE project. > could you please...? I've moderated this mail through to the list as at least I have missed the annoucement of our infra team which said we'd no longer allow public signup of JIRA ccounts. For

Re: Release Ant 1.10.13?

On 2022-11-19, Stefan Bodewig wrote: > while running all tests locally I realized > https://github.com/apache/ant/pull/194 introduces a bug when tars have > an encoding set. You can see this with UntarTest failing. A multibyte > encoding like UTF16 may contain NUL bytes inside of

Re: Release Ant 1.10.13?

On 2022-11-18, Stefan Bodewig wrote: > On my personal TODO list there are a few minor things like Java 20 > removing another target option that we may want to tell users > about. Nothing of this is critical AFAIR and shouldn't hold up a release > if I don't get to them soon enough.

Re: [DISCUSS] Speed up release process?

Hi I'm not a member of the developer community here, just a watcher offering a comment from the peanut gallery. On 2022-11-18, Tamás Cservenák wrote: > * vote cannot be vetoed by definition (only release mgr can cancel it). while this is true there also is a rule that says "and more positive

Re: Release Ant 1.10.13?

On 2022-11-16, Jaikiran Pai wrote: > Users can still use the current released Ant version against these > recent Java versions, but they additionally have to set a system > property while launching Ant to allow setting the security > manager. Ant's mainline code has changes where it does the

Re: Pull request process

On 2022-11-07, Keith Campbell wrote: > I created https://github.com/apache/ant/pull/194, but since that > repository is just a mirror, perhaps I should instead create a pull > request at https://gitbox.apache.org/repos/asf?p=ant.git;a=summary > instead. No, everything you've done is correct. We

CVE-2022-37866: Apache Ivy: Ivy Path traversal

-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 Severity: medium Description: When Apache Ivy downloads artifacts from a repository it stores them in the local file system based on a user-supplied "pattern" that may include placeholders for artifacts coordinates like the organisation, module or

CVE-2022-37865: Apache Ivy allow create/overwrite any file on the system

Severity: medium Description: With Apache Ivy 2.4.0 an optional packaging attribute has been introduced that allows artifacts to be unpacked on the fly if they used pack200 or zip packaging. For artifacts using the "zip", "jar" or "war" packaging Ivy prior to 2.5.1 doesn't verify the target

[ANN] Apache Ivy 2.5.1 Released

on how to submit bug reports, patches, or suggestions for improvement, see the Apache Ivy website: https://ant.apache.org/ivy/ Stefan Bodewig, on behalf of the Apache Ant community -BEGIN PGP SIGNATURE- Version: GnuPG v1 iEYEARECAAYFAmNk8ecACgkQohFa4V9ri3KZ5wCgqMKXyK

CVE-2022-37866: Apache Ivy: Ivy Path traversal

-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 Severity: medium Description: When Apache Ivy downloads artifacts from a repository it stores them in the local file system based on a user-supplied "pattern" that may include placeholders for artifacts coordinates like the organisation, module or

CVE-2022-37866: Apache Ivy: Ivy Path traversal

-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 Severity: medium Description: When Apache Ivy downloads artifacts from a repository it stores them in the local file system based on a user-supplied "pattern" that may include placeholders for artifacts coordinates like the organisation, module or

CVE-2022-37865: Apache Ivy allow create/overwrite any file on the system

Severity: medium Description: With Apache Ivy 2.4.0 an optional packaging attribute has been introduced that allows artifacts to be unpacked on the fly if they used pack200 or zip packaging. For artifacts using the "zip", "jar" or "war" packaging Ivy prior to 2.5.1 doesn't verify the target

CVE-2022-37865: Apache Ivy allow create/overwrite any file on the system

Severity: medium Description: With Apache Ivy 2.4.0 an optional packaging attribute has been introduced that allows artifacts to be unpacked on the fly if they used pack200 or zip packaging. For artifacts using the "zip", "jar" or "war" packaging Ivy prior to 2.5.1 doesn't verify the target

[ANN] Apache Ivy 2.5.1 Released

on how to submit bug reports, patches, or suggestions for improvement, see the Apache Ivy website: https://ant.apache.org/ivy/ Stefan Bodewig, on behalf of the Apache Ant community -BEGIN PGP SIGNATURE- Version: GnuPG v1 iEYEARECAAYFAmNk8ecACgkQohFa4V9ri3KZ5wCgqMKXyK

[ANN] Apache Ivy 2.5.1 Released

on how to submit bug reports, patches, or suggestions for improvement, see the Apache Ivy website: https://ant.apache.org/ivy/ Stefan Bodewig, on behalf of the Apache Ant community -BEGIN PGP SIGNATURE- Version: GnuPG v1 iEYEARECAAYFAmNk8ecACgkQohFa4V9ri3KZ5wCgqMKXyK

[RESULT] Release Iyv 2.5.1 Based on RC1

Hi all with +1s by Jaikiran, Martijn and my own implicit one, the vote has passed. I'll start publishing the reease and send out the announcements soonish. Thanks to all who helped with the release Stefan - To unsubscribe,

[VOTE] Release Iyv 2.5.1 Based on RC1

Hi all I've built a release candidate for Ivy 2.5.1 Changelog: - BREAKING: Removed old fr\jayasoft\ivy\ant\antlib.xml AntLib definition file (jira:IVY-1612[]) - FIX: ResolveEngine resets dictator resolver to null in the global configuration (jira:IVY-1618[]) - FIX:

Ivy 2.5.1 Release

Hi all it's been three years since we last had a release of Ivy and there are a few fixes in master, so I'm planning to cut a patch release. For the release notes I'm going through the commits to make sure I've got all things covered. I should be labelling all JIRA issues that I find so

[jira] [Updated] (IVY-1632) Ivy can't access AWS CodeArtifact Repository

[ https://issues.apache.org/jira/browse/IVY-1632?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ] Stefan Bodewig updated IVY-1632: Fix Version/s: 2.5.1 > Ivy can't access AWS CodeArtifact Reposit

[jira] [Resolved] (IVY-1632) Ivy can't access AWS CodeArtifact Repository

[ https://issues.apache.org/jira/browse/IVY-1632?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ] Stefan Bodewig resolved IVY-1632. - Resolution: Fixed > Ivy can't access AWS CodeArtifact Reposit

[jira] [Updated] (IVY-1626) Investigate impact of Bintray/JCenter shutdown

[ https://issues.apache.org/jira/browse/IVY-1626?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ] Stefan Bodewig updated IVY-1626: Fix Version/s: 2.5.1 (was: master) > Investigate impact of Bintray/JCen

[jira] [Updated] (IVY-1618) ResolveEngine resets dictator resolver to null in the global configuration

[ https://issues.apache.org/jira/browse/IVY-1618?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ] Stefan Bodewig updated IVY-1618: Fix Version/s: 2.5.1 (was: master) > ResolveEngine resets dictator resol

[jira] [Updated] (IVY-1612) Remove old fr\jayasoft\ivy\ant\antlib.xml from the jar

[ https://issues.apache.org/jira/browse/IVY-1612?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ] Stefan Bodewig updated IVY-1612: Fix Version/s: 2.5.1 (was: master) > Remove old fr\jayasoft\ivy\

[jira] [Reopened] (IVY-1612) Remove old fr\jayasoft\ivy\ant\antlib.xml from the jar

[ https://issues.apache.org/jira/browse/IVY-1612?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ] Stefan Bodewig reopened IVY-1612: - Assignee: (was: Jan Materne) > Remove old fr\jayasoft\ivy\ant\antlib.xml from the

[jira] [Resolved] (IVY-1612) Remove old fr\jayasoft\ivy\ant\antlib.xml from the jar

[ https://issues.apache.org/jira/browse/IVY-1612?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ] Stefan Bodewig resolved IVY-1612. - Resolution: Fixed > Remove old fr\jayasoft\ivy\ant\antlib.xml from the

[jira] [Updated] (IVY-1631) ivy:retrieve task doesn't create empty set

[ https://issues.apache.org/jira/browse/IVY-1631?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ] Stefan Bodewig updated IVY-1631: Fix Version/s: 2.5.1 (was: master) > ivy:retrieve task doesn't create em

[jira] [Updated] (IVY-1615) Ivy standalone : specify settings from URL

[ https://issues.apache.org/jira/browse/IVY-1615?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ] Stefan Bodewig updated IVY-1615: Fix Version/s: 2.5.1 (was: master) > Ivy standalone : specify settings f

[jira] [Updated] (IVY-1616) useOrigin="true" fails with file-based ibiblio

[ https://issues.apache.org/jira/browse/IVY-1616?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ] Stefan Bodewig updated IVY-1616: Fix Version/s: 2.5.1 (was: master) > useOrigin="true" fails wi

[jira] [Updated] (IVY-1628) ConcurrentModificationException in MessageLoggerHelper.sumupProblems

[ https://issues.apache.org/jira/browse/IVY-1628?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ] Stefan Bodewig updated IVY-1628: Fix Version/s: 2.5.1 (was: master) > ConcurrentModificationExcept

[REPORT] Gump - September 2022

# Description Apache Gump is a cross-project continuous integration server. Gump's intention isn't so much to be a CI server but rather a vehicle that makes people look beyond their project's boundaries and helps the projects to collaborate. Gump is written in Python and supports several build

Re: No junitlauncher in Debian Bullseye

Hi Ronald On 2022-09-02, Ronald Bergmann wrote: > this is my first message here and I hope it's the correct place to put > this. I was trying to install ant and run jUnit tests via ant in > Debian Bullseye but apparently the junitlauncher jar is not > available. The Debian packages of Ant are

Re: Bundling Ant Tasks

On 2022-08-22, Hiran Chaudhuri wrote: > If it is a bit buried but exists it might be nice to have a reference > from the 'Developing with Ant' guide. This is true. Have you got any suggestion where and how to do that? Maybe even a blurb of text that you could contribute given that you are

Re: Bundling Ant Tasks

On 2022-08-19, Hiran Chaudhuri wrote: > From other libraries I have seen there are things like property or XML > files bundled with the tasks that can host such information - but they > seem to be an undocumented feature? You are describing tasks bundled as an antlib. The documentation is a bit

Re: Migrate from Bugzilla to GitHub Issues

Hi Vladimir I guess we have to agree that we disagree - and this is fine. Our perception of how development of Ant happens are quite different. The issue you are trying to solve is a non-issue for me. And the reasons I do not want to move to github issues are likely irrelevant to you. No need to

Re: Migrate from Bugzilla to GitHub Issues

On 2022-08-08, Vladimir Sitnikov wrote: > Have you considered migrating from Bugzilla to GitHub Issues? I don't think we ever talked about that, no. > I think co-locating issues and PRs at GitHub would make it easier to > navigate between issues and PRs. PRs are not the only way of

Re: Variable substitution in target descriptions

Hi Roger sorry for the delay On 2022/07/20 16:43:16 Roger Whitcomb wrote: > Would it be as simple as calling PropertyHelper.replaceProperties(…) at line > 1143 in Main with the “targetDescription” string? or a few lines later when you can be sure targetDescription is not null. Yes, that would

Re: Variable substitution in target descriptions

On 2022-07-19, Roger Whitcomb wrote: > I have a target description that has “${result.jar}” embedded > within. But “ant -p” doesn’t do the substitution. I’m presuming that’s > because the “-p” processing doesn’t evaluate condition or property > tasks. But, should it? Would that be a huge code

Re: Please need help in ANT.

Hi Deepack On 2022-07-10, Deepak Lalchandani wrote: > Screenshot is attached to this email which depicts the folder structure. > RecentError.txt has part of build.xml file and project_build.properties > file. The mailing list is set up to strip all attachments, so nobody has seen your

Re: synchronized and Loom

On 2022-06-06, Jaikiran Pai wrote: > My personal opinion is that we continue with our release plans > (whenever we do it) instead of waiting for completing these > changes. The virtual threads feature is a preview feature in JDK 19, > so I think as long as our tests pass and Ant is usable in Java

Re: Ant does not work unless with debug option

On 2022-06-23, W wrote: > I got a new laptop, so I build my work environment on new laptop. I > call  ant distit should build my dist. But it only execute default > task, not "dist". But if I add debug option like:  ant -d distIt build > "dist" as expected. What is wrong please? I use Windows

[REPORT] Apache Gump - June 2022

## Description: Apache Gump is a cross-project continuous integration server. Gump's intention isn't so much to be a CI server but rather a vehicle that makes people look beyond their project's boundaries and helps the projects to collaborate. Gump is written in Python and supports several build

Board Report Draft

Hi all current draft is here https://cwiki.apache.org/confluence/display/GUMP/20220615 - I'll send the latest vesion sometime on Wednesday. As usual, please correct any mistakes and add things I may have missed. Stefan - To

synchronized and Loom

Hi right now the Loom prototype doesn't play well with synchronized and the recommended approach is to use ReentrantLock instead. A quick grep over Ant's codebase turns up more than 500 hits for synchronized - many of which in method declarations. So updating it will be a bigger task, in

[REPORT] Gump - March 2022

## Description: Apache Gump is a cross-project continuous integration server. Gump's intention isn't so much to be a CI server but rather a vehicle that makes people look beyond their project's boundaries and helps the projects to collaborate. Gump is written in Python and supports several build

Re: [ant] branch master updated: support default value for scriptdef attribute

On 2022-03-06, Matt Benson wrote: > I fully planned to do so once I know what next version number we'd be > targeting. Ah, thanks > Minor or point? I believe the last time we did a minor release has been five years ago, it's just not going on that much anymore :-) Most likely we'll have to

Board Report Draft

Hi all I've created a verbatim copy of the last report as draft for the report that is due next Wednesday: https://cwiki.apache.org/confluence/display/GUMP/20220316 I don't recall anything noteworthy during the past three months. If you do, please don't hesitate and adapt the draft. Thanks

Re: [ant] branch master updated: support default value for scriptdef attribute

On 2022-03-06, Stefan Bodewig wrote: > On 2022-02-25, wrote: >>> >>>default >>>the default value of the attribute >>>No >>> > please add "since ..." somewhere here and a small note in WHATSNEW. and please do the sa

Re: [ant] branch master updated: support default value for scriptdef attribute

On 2022-02-25, wrote: >> >>default >>the default value of the attribute >>No >> please add "since ..." somewhere here and a small note in WHATSNEW. Thanks Stefan - To unsubscribe, e-mail:

Re: Jenkins build became unstable: Ant » Ant-Build-Matrix-master-Linux » ubuntu,jdk_1.8_latest #128

On 2022-02-15, Matt Benson wrote: > So my tests for scriptcondition return values were using beanshell > because I couldn't figure out any way to get rhino to return a value > from the script. I can't understand which optional dependencies are > present during the build, where they are, nor how

Re: New Antlib

On 2022-02-20, Matt Benson wrote: > The plan from this thread is two years old, so I want to revisit. As > of now the extant antlibs seem to have their own repos. If I am > creating a new one, do I want to create its own repo now, or would we > rather create a sandbox repo and promote its

Re: Java 8 for AntUnit

On 2022-02-09, Matt Benson wrote: > Similarly to the question on Ivy, is there any compelling reason we should > continue to constrain this antlib to its current level of Java (1.)5? We still create Ant 1.9.x releases from time to time and 1.9.x would not be able to use newer releases. Having

Re: [ant] branch master updated: add java.security.manager=allow while launching against Java 19

On 2022-02-08, Jaikiran Pai wrote: > Hello Earl, > On 08/02/22 12:59 am, Earl Hood wrote: >> How exactly does setting the sysprop for only 18 and 19 allow folks to test >> their stuff? If Ant currently depends on the security manager to operate, >> why not set the sysprop regardless, then

Re: [ant] branch master updated: add java.security.manager=allow while launching against Java 19

On 2022-02-07, Jaikiran Pai wrote: > So the launch scripts (the Linux one and the .bat for Windows one) > have both been updated to set this system property only for Java 18 > and 19. I expect this to be a temporary thing till the new API is > available. Once the new API is available, I think we

Re: [ant] branch master updated: add java.security.manager=allow while launching against Java 19

On 2022-02-07, wrote: > - if [ "$JAVA_SPEC_VERSION" = "java.specification.version=18" ]; then > + if [ "$JAVA_SPEC_VERSION" = "java.specification.version=18" ] || [ > "$JAVA_SPEC_VERSION" = "java.specification.version=19" ]; then Bourne shell's case may make this more readable (not sure

Re: Antlib test classpath

On 2022-02-04, Matt Benson wrote: > I am working on a new antlib (discussed a couple of years ago on list), and > trying to figure out how to get antunit to run tests using Ivy's created > classpath.test from the common build framework. I have tried combinations > of the (hidden) classloader task

Re: Apache Ant Vulnerability

Hi Ashish On 2022-02-02, Ashish Verma V wrote: > We are using "maven-antrun-plugin" that internally uses apache ant. > Recently high severity vulnerability > (CVE-2020-11979) is observed > specific to apache ant > Kindly let us know the plan to take the

[Xmlunit-general] [ANN] XMLUnit for Java 2.9.0 Released

-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 The major change of XMLUnit for Java 2.9.0 is the addition of a new module xmlunit-jakarta-jaxb-impl that can be used in addition to xmlunit-core when you want to use the Jakarta XML Binding API in version 3. For details please see the user's guide at

Re: Apache Ant: Log4j 1.x Vulnerabilities

On 2022-01-13, Christopher Schultz wrote: > On 1/12/22 15:57, Stefan Bodewig wrote: >> On 2022-01-12, wrote: >>>1. Do you have any mitigation options available for addressing both >>> CVE-2019-17571 and CVE-2021-4104? >>> https://nvd.nist.gov/

Re: Need Input to resolve error

On 2022-01-13, Manjunath S wrote: > Path to, File ant-contrib-1.0b3.jar file is valid and it is downloaded from > Git via jenkins script. The same is working on the Windows platform. could still be corrupted locally. Can you open it with your ZIP tool of choice (JARs are ZIPs after all). zip

Re: Need Input to resolve error

On 2022-01-12, Manjunath S wrote: > Hi, > Using ANT tool to build my project in MAC Platform. > Getting the following error > CLASSPATH element > /Users/rrr/workspace/_xxx_/_yyy_/ant-contrib-1.0b2.jar is not a JAR. > when below is executed. > > >

Re: Apache Ant: Log4j 1.x Vulnerabilities

On 2022-01-12, wrote: > Can the following questions be confirmed for Ant? easily > 1. Which versions of your products utilize Log4j 1.x, if any? By default Ant doesn't use any version of Apache Log4J at all. There is a deprecated BuildLogger using Log4J 1.x. It will only be used if you

[Xmlunit-general] XMLUnit for Java 2.8.4 and XMLUnit.NET 2.9.1 Released

the last announcement had the wrong version for XMLUnit.NET the new release is 2.9.1 not 2.9.2. sorry Stefan signature.asc Description: PGP signature ___ Xmlunit-general mailing list Xmlunit-general@lists.sourceforge.net

[Xmlunit-general] XMLUnit for Java 2.8.4 and XMLUnit.NET 2.9.2 Released

-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 Hi all I've just released new minor versions of XMLUnit for Java and XMLUnit.NET. Both releases are improvements. Changelog for XMLUnit for Java 2.8.4: * improved comparison performance for documents with many siblings based on a suggestion by

Re: Query regarding impact due to Log4j Tool : Zero Day in Ubiquitous Under Active Attack (CVE-2021-44228)

Hi Apache Ant does not depend on log4j 2.x at all and never has. There is an optional Log4JListener that can be used to send Ant's logs through log4j 1.x that has been deprecated for quite some time now. Even if you still use it, logj 1.x is not affected by CVE-2021-44228 (but by several others,

Re: [Xmlunit-general] Bad signature on xmlunit 1.3 jar

On 2021-11-18, Stefan Bodewig via Xmlunit-general wrote: > On 2021-11-17, Amarendra Godbole via Xmlunit-general wrote: > > > I wanted to highlight that the signature on xmlunit-1.3.jar is bad and > > won't verify with the key. However, it verifies fine on the associated .pom &g

[REPORT] Apache Gump - Q4 2021

## Description: Apache Gump is a cross-project continuous integration server. Gump's intention isn't so much to be a CI server but rather a vehicle that makes people look beyond their project's boundaries and helps the projects to collaborate. Gump is written in Python and supports several build

Board Report Draft

Hi all as by now usual a pretty minimal draft which repeats what we've said the last time: https://cwiki.apache.org/confluence/display/GUMP/20211215 I hope I haven't missed any noteworthy activity. The report is due tomorrow and I'll send it by then. Cheers Stefan

Re: [Xmlunit-general] Bad signature on xmlunit 1.3 jar

On 2021-11-17, Amarendra Godbole via Xmlunit-general wrote: > I wanted to highlight that the signature on xmlunit-1.3.jar is bad and > won't verify with the key. However, it verifies fine on the associated .pom > file. Thank you. I can confirm the signature is reported as bad. The non-crypto

<    1   2   3   4   5   6   7   8   9   10   >