WRT releasing, the new file system class needs to be finished/cleanup or
removed.
Gary
On Thu, May 17, 2018 at 1:27 PM, Stefan Bodewig wrote:
> On 2018-05-17, Pascal Schumacher wrote:
>
> > Am 16.05.2018 um 08:24 schrieb Stefan Bodewig:
>
> >> Also, would there be any reason to not cut a new re
On 2018-05-17, Pascal Schumacher wrote:
> Am 16.05.2018 um 08:24 schrieb Stefan Bodewig:
>> Also, would there be any reason to not cut a new release from master? I
>> mean is there any work in progress that needs to be finished?
> I think a new release from master can be done any time.
Thanks,
Am 16.05.2018 um 08:24 schrieb Stefan Bodewig:
Also, would there be any reason to not cut a new release from master? I
mean is there any work in progress that needs to be finished?
I think a new release from master can be done any time.
-Pascal
On 2018-05-16, Otto Fowler wrote:
> I believe all security related issues and vulnerabilities need to be
> handled privately by the PMC for the project.
> Has this issue gone through he PMC?
The "issue" is public discussion in a JIRA issue, it is public knowledge
anyway.
Stefan
I believe all security related issues and vulnerabilities need to be
handled privately by the PMC for the project.
Has this issue gone through he PMC?
On May 16, 2018 at 10:50:21, Gilles (gil...@harfang.homelinux.org) wrote:
On Wed, 16 May 2018 07:33:54 -0700, Otto Fowler wrote:
> Is there a PMC
On Wed, 16 May 2018 07:33:54 -0700, Otto Fowler wrote:
Is there a PMC for IO?
There is a PMC for all of "Commons".
Components are unequal wrt the number of contributors (and
attention they get from the PMC).
Gilles
On May 16, 2018 at 02:24:44, Stefan Bodewig (bode...@apache.org)
wrote:
Hi
On 2018-05-16, Otto Fowler wrote:
> Is there a PMC for IO?
Sure, IO is a component overseen by the Apache Commons PMC.
Maybe I should also point at http://commons.apache.org/security.html ?
Stefan
-
To unsubscribe, e-mail: dev
Is there a PMC for IO?
On May 16, 2018 at 02:24:44, Stefan Bodewig (bode...@apache.org) wrote:
Hi all
https://issues.apache.org/jira/browse/IO-559 says BlackDuck would call
IO 2.5 vulnerable because of this issue - so far I've not been able to
verify this claim. I guess it is because of IO-556
Hi all
https://issues.apache.org/jira/browse/IO-559 says BlackDuck would call
IO 2.5 vulnerable because of this issue - so far I've not been able to
verify this claim. I guess it is because of IO-556 that has been closed
as a duplicate of IO-559.
There is a PR (by me) to fix the bug
https://githu
