Re: [VOTE] Release Apache ManifoldCF 2.23, RC0

[Karl Wright]

Ran tests.
+1 from me.
Karl


On Wed, Aug 24, 2022 at 3:47 AM Karl Wright  wrote:

> Please vote on whether to release Apache ManifoldCF 2.23, RC0.  The
> artifact can be found at
> https://svn.apache.org/repos/asf/manifoldcf/branches/release-2.23-branch
> .  There is also a release tag at
> https://svn.apache.org/repos/asf/manifoldcf/tags/release-2.23-RC0 .
>
> This release contains few changes from 2.22.1 but does include many
> dependency related minor fixes, such as:
>
> 
> r1902902 | kwright | 2022-07-21 04:27:31 -0400 (Thu, 21 Jul 2022) | 1 line
>
> CONNECTORS-1541, revisited
> 
> r1902854 | jmssiera | 2022-07-19 09:27:31 -0400 (Tue, 19 Jul 2022) | 1 line
>
> CONNECTORS-1721: Confluence v6 does not distinguish 404 errors
> 
> r1902717 | kwright | 2022-07-14 06:57:25 -0400 (Thu, 14 Jul 2022) | 1 line
>
> Armor code against null bin names
> 
> r1902684 | kwright | 2022-07-12 16:29:10 -0400 (Tue, 12 Jul 2022) | 1 line
>
> Fix for CONNECTORS-1720.
> 
> r1902537 | jmssiera | 2022-07-07 13:02:53 -0400 (Thu, 07 Jul 2022) | 1 line
>
> CONNECTORS-1719: Handle MariaDB in JDBC connector
> 
> r1901792 | kwright | 2022-06-09 17:13:01 -0400 (Thu, 09 Jun 2022) | 1 line
>
> Update xerces version
> 
> r1901783 | kwright | 2022-06-09 10:12:30 -0400 (Thu, 09 Jun 2022) | 1 line
>
> CONNECTORS-1717: Update log4j dependency
> 
> r1901778 | kwright | 2022-06-09 08:30:52 -0400 (Thu, 09 Jun 2022) | 1 line
>
> More fixes related to CONNECTORS-1714
> 
> r1901777 | kwright | 2022-06-09 07:25:31 -0400 (Thu, 09 Jun 2022) | 1 line
>
> CONNECTORS-1714: Update commons-beanutils to latest version
> 
> r1901774 | kwright | 2022-06-09 05:58:24 -0400 (Thu, 09 Jun 2022) | 1 line
>
> CONNECTORS-1716: Use SSL for downloading nuxeo
> 
> r1900835 | kwright | 2022-05-12 07:45:26 -0400 (Thu, 12 May 2022) | 1 line
>
> Karl
>
>
>

[GitHub] [manifoldcf] dependabot[bot] closed pull request #128: Bump jsoup from 1.8.1 to 1.14.2 in /connectors/searchblox

[GitBox]

dependabot[bot] closed pull request #128: Bump jsoup from 1.8.1 to 1.14.2 in 
/connectors/searchblox
URL: https://github.com/apache/manifoldcf/pull/128


-- 
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.

To unsubscribe, e-mail: dev-unsubscr...@manifoldcf.apache.org

For queries about this service, please contact Infrastructure at:
us...@infra.apache.org

[GitHub] [manifoldcf] dependabot[bot] commented on pull request #128: Bump jsoup from 1.8.1 to 1.14.2 in /connectors/searchblox

[GitBox]

dependabot[bot] commented on PR #128:
URL: https://github.com/apache/manifoldcf/pull/128#issuecomment-1234865357

   Superseded by #135.


-- 
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.

To unsubscribe, e-mail: dev-unsubscr...@manifoldcf.apache.org

For queries about this service, please contact Infrastructure at:
us...@infra.apache.org

[GitHub] [manifoldcf] dependabot[bot] opened a new pull request, #135: Bump jsoup from 1.8.1 to 1.15.3 in /connectors/searchblox

[GitBox]

dependabot[bot] opened a new pull request, #135:
URL: https://github.com/apache/manifoldcf/pull/135

   Bumps [jsoup](https://github.com/jhy/jsoup) from 1.8.1 to 1.15.3.
   
   Release notes
   Sourced from https://github.com/jhy/jsoup/releases;>jsoup's 
releases.
   
   jsoup 1.15.3
   jsoup 1.15.3 is out now, and includes a security fix for 
potential XSS attacks, along with other bug fixes and improvements, including 
more descriptive validation error messages.
   Details:
   
   https://github.com/jhy/jsoup/security/advisories/GHSA-gp7f-rwcx-9369;>Security
 advisory
   https://jsoup.org/news/release-1.15.3;>Release notes
   https://jsoup.org/download;>Download
   
   jsoup 1.15.2 is out now with a bunch of https://jsoup.org/news/release-1.15.2;>improvements and bug fixes.
   jsoup 1.15.1 is out now with a bunch of https://jsoup.org/news/release-1.15.1;>improvements and bug fixes.
   jsoup 1.14.3
   jsoup 1.14.3 is out now, adding native 
XPath selector support, improved 
\template support, and also includes a bunch of bug fixes, 
improvements, and performance enhancements.
   See the https://jsoup.org/news/release-1.14.3;>release 
announcement for the full changelog.
   jsoup 1.14.2
   Caught by the fuzz! jsoup 1.14.2 is out now, and 
includes a set of parser bug fixes and improvements for handling rough HTML and 
XML, as identified by the Jazzer JVM fuzzer. This release also includes other 
fixes and improvements.
   See the https://jsoup.org/news/release-1.14.2;>release 
announcement for the full changelog.
   jsoup 1.14.1
   jsoup 1.14.1 is out now, with simple request session 
management, increased parse robustness, and a ton of other improvements, 
speed-ups, and bug fixes.
   See the full https://jsoup.org/news/release-1.14.1;>announcement for all the 
details on what's changed.
   jsoup 1.13.1
   See the https://jsoup.org/news/release-1.13.1;>release 
notes.
   dependency
 !-- jsoup HTML parser library @ https://jsoup.org/ --
 groupIdorg.jsoup/groupId
 artifactIdjsoup/artifactId
 version1.13.1/version
   /dependency
   
   jsoup-1.12.2
   No release notes provided.
   
   
   
   Changelog
   Sourced from https://github.com/jhy/jsoup/blob/master/CHANGES;>jsoup's 
changelog.
   
   jsoup changelog
   Release 1.15.3 [2022-Aug-24]
   
   
   Security: fixed an issue where the jsoup cleaner may incorrectly sanitize 
crafted XSS attempts if
   SafeList.preserveRelativeLinks is enabled.
   https://github.com/jhy/jsoup/security/advisories/GHSA-gp7f-rwcx-9369;>https://github.com/jhy/jsoup/security/advisories/GHSA-gp7f-rwcx-9369
   
   
   Improvement: the Cleaner will preserve the source position of cleaned 
elements, if source tracking is enabled in the
   original parse.
   
   
   Improvement: the error messages output from Validate are more 
descriptive. Exceptions are now ValidationExceptions
   (extending IllegalArgumentException). Stack traces do not include the 
Validate class, to make it simpler to see
   where the exception originated. Common validation errors including malformed 
URLs and empty selector results have
   more explicit error messages.
   
   
   Bugfix: the DataUtil would incorrectly read from InputStreams that 
emitted reads less than the requested size. This
   lead to incorrect results when parsing from chunked server responses, for 
e.g.
   https://github-redirect.dependabot.com/jhy/jsoup/issues/1807;>jhy/jsoup#1807
   
   
   Build Improvement: added implementation version and related fields to the 
jar manifest.
   https://github-redirect.dependabot.com/jhy/jsoup/issues/1809;>jhy/jsoup#1809
   
   
   *** Release 1.15.2 [2022-Jul-04]
   
   
   Improvement: added the ability to track the position (line, column, 
index) in the original input source from where
   a given node was parsed. Accessible via Node.sourceRange() and 
Element.endSourceRange().
   https://github-redirect.dependabot.com/jhy/jsoup/pull/1790;>jhy/jsoup#1790
   
   
   Improvement: added Element.firstElementChild(), 
Element.lastElementChild(), Node.firstChild(), Node.lastChild(),
   as convenient accessors to those child nodes and elements.
   
   
   Improvement: added Element.expectFirst(cssQuery), which is just like 
Element.selectFirst(), but instead of returning
   a null if there is no match, will throw an IllegalArgumentException. This is 
useful if you want to simply abort
   processing if an expected match is not found.
   
   
   Improvement: when pretty-printing HTML, doctypes are emitted on a newline 
if there is a preceding comment.
   https://github-redirect.dependabot.com/jhy/jsoup/pull/1664;>jhy/jsoup#1664
   
   
   Improvement: when pretty-printing, trim the leading and trailing spaces 
of textnodes in block tags when possible,
   so that they are indented correctly.
   https://github-redirect.dependabot.com/jhy/jsoup/issues/1798;>jhy/jsoup#1798
   
   
   Improvement: in Element#selectXpath(), disable namespace awareness. This 
makes it possible to always select