Re: [VOTE] Release Maven Resolver 1.9.9

Howdy, I am CANCELLING this vote, as an issue was found in 1.9.9 (and exists in 1.9.8 as well) that could cause "dependency convergence" analysis to falsely report no issue in some cases. Issue https://issues.apache.org/jira/browse/MRESOLVER-357 Thanks T On Fri, Apr 28, 2023 at 12:33 PM Michael

Re: [VOTE] Release Maven Resolver 1.9.9

Am 2023-04-26 um 12:20 schrieb Tamás Cservenák: Howdy, We solved 2 issues (1 bug + 1 doco task): https://issues.apache.org/jira/secure/ReleaseNote.jspa?projectId=12320628&version=12353151 There are still some issues in JIRA: https://issues.apache.org/jira/projects/MRESOLVER/issues Staging repo

Re: [VOTE] Release Maven Resolver 1.9.9

*➜ Upgraded the Default PKCS12 Encryption Algorithms* The default encryption algorithms used in a PKCS #12 keystore have been updated. The new algorithms are based on AES-256 and SHA-256 and are stronger than the old

Re: [VOTE] Release Maven Resolver 1.9.9

Sure, and to repeat: Am fine with whatever Maven users install on their machines (managed or not), if they install Maven 3.1.0 in 2023, am fine with that. Naturally, when they will try to report an issue, our very first reaction will be "please upgrade". Plugins (or even Resolver) are NOT "bound"

Re: [VOTE] Release Maven Resolver 1.9.9

On Thu, Apr 27, 2023 at 6:52 AM Tamás Cservenák wrote: > > Thanks Elliotte! > > But allow me a bit of a rant here: > - You explicitly reported "on my personal and slightly more up to date > MacBook [...] [the test fails, hence am -1 on release]". > - Then it turns out, you use Maven 3.5.0 (from 20

Re: [VOTE] Release Maven Resolver 1.9.9

Thanks Elliotte! But allow me a bit of a rant here: - You explicitly reported "on my personal and slightly more up to date MacBook [...] [the test fails, hence am -1 on release]". - Then it turns out, you use Maven 3.5.0 (from 2018, unmaintained). - Then it turns out, you use Java 8u172 (from 2018

Re: [VOTE] Release Maven Resolver 1.9.9

After updating to openjdk version "1.8.0_372" OpenJDK Runtime Environment (build 1.8.0_372-bre_2023_04_25_03_25-b00) OpenJDK 64-Bit Server VM (build 25.372-b00, mixed mode) the tests now pass, so it does seem this is an issue with the JDK that made the keystore being newish. Only an issue for test

Re: [VOTE] Release Maven Resolver 1.9.9

On Wed, Apr 26, 2023 at 11:06 PM Jeremy Landis wrote: > > Without knowing more details myself, couple of possibilities come to mind... > > - Was keystore made with newer jdk? See > https://support.oracle.com/knowledge/More%20Applications%20and%20Technologies/2847060_1.html. > - Was the keystore

Re: [VOTE] Release Maven Resolver 1.9.9

Stack traces from both failing tests look similar, specifically failing in at org.eclipse.aether.transport.http.HttpServer.addSslConnector(HttpServer.java:165) at org.eclipse.aether.transport.http.HttpServer.addSelfSignedSslConnector(HttpServer.java:143) That seems to be thrown from her

RE: [VOTE] Release Maven Resolver 1.9.9

1.8.0_172 is (2018-04-17). -Original Message- From: Elliotte Rusty Harold Sent: Wednesday, April 26, 2023 6:46 PM To: Maven Developers List Subject: Re: [VOTE] Release Maven Resolver 1.9.9 here's my environment: ~/maven-fluido-skin$ mvn -version Apache Maven

Re: [VOTE] Release Maven Resolver 1.9.9

here's my environment: ~/maven-fluido-skin$ mvn -version Apache Maven 3.8.7 (b89d5959fcde851dcb1c8946a785a163f14e1e29) Maven home: /opt/java/apache-maven-3.8.7 Java version: 1.8.0_172, vendor: Oracle Corporation, runtime: /Library/Java/JavaVirtualMachines/jdk1.8.0_172.jdk/Contents/Home/jre Default

Re: [VOTE] Release Maven Resolver 1.9.9

+1 Build ok on: Apache Maven 3.9.1 (2e178502fcdbffc201671fb2537d0cb4b4cc58f8) Java version: 17.0.7, vendor: Homebrew, runtime: /usr/local/Cellar/openjdk@17/17.0.7/libexec/openjdk.jdk/Contents/Home Default locale: en_GB, platform encoding: UTF-8 OS name: "mac os x", version: "12.6.3", arch: "x86_6

Re: [VOTE] Release Maven Resolver 1.9.9

Yes, GH CI builds on macOS as well in matrix of Java 8/11/17 just like other nodes. T On Wed, Apr 26, 2023 at 7:14 PM Elliotte Rusty Harold wrote: > On Wed, Apr 26, 2023 at 11:18 AM Tamás Cservenák > wrote: > d to read at Elliotte workstation. > > > > Unsure what he tried to build in the first

Re: [VOTE] Release Maven Resolver 1.9.9

Is anyone able to reproduce Elliotte's HttpTransporterTest.testGet_HTTPS_Insecure_SecurityMode:416 » IllegalState java.io.IOException: Invalid keystore format on mac, the issue he called -1 for? I cannot: macOS Ventura 13.3.1 (22E261) ➜ maven-resolver git:(master) java -version openjdk version "

Re: [VOTE] Release Maven Resolver 1.9.9

What Java version? śr., 26 kwi 2023, 13:57 użytkownik Elliotte Rusty Harold napisał: > And on my personal and slightly more up to date MacBook mvn -Prun-its > test reveals: > > [ERROR] Errors: > [ERROR] HttpTransporterTest.testGet_HTTPS_Insecure_SecurityMode:416 > » IllegalState java.io.IOExce

Re: [VOTE] Release Maven Resolver 1.9.9

On Wed, Apr 26, 2023 at 11:18 AM Tamás Cservenák wrote: d to read at Elliotte workstation. > > Unsure what he tried to build in the first place, as it is possible that > source ZIP is corrupted, I have no idea. > But one thing for sure, if this is the case, then 1.9.8, 1.9.7, 1.9.6 > releases shou

Re: [VOTE] Release Maven Resolver 1.9.9

IMHO is not even resembling: there (if this is about 0 byte "marker" file) a _state_ was recorded (and kept) on disk, making the disk carrying the "state" that determined the outcome of the build. here, a file is being read by JDK, and it is read successfully on many, and failed to read at Elliott

Re: [VOTE] Release Maven Resolver 1.9.9

Am 2023-04-26 um 16:44 schrieb Tamás Cservenák: Howdy, Am fine with that, what I don't understand is: 1. how are both CIs on 3 different JDKs not catching this? This is logically identical to MSITE-960, not catched by me and partially not in CI. Took me hours and there was one serious bug AND

Re: [VOTE] Release Maven Resolver 1.9.9

Howdy, Am fine with that, what I don't understand is: 1. how are both CIs on 3 different JDKs not catching this? 2. "Invalid keystore format" would mean the file is corrupted (unreadable) -- again, how is the file then read on those computers? T On Wed, Apr 26, 2023 at 4:37 PM Michael Osipov wr

Re: [VOTE] Release Maven Resolver 1.9.9

Am 2023-04-26 um 13:56 schrieb Elliotte Rusty Harold: And on my personal and slightly more up to date MacBook mvn -Prun-its test reveals: [ERROR] Errors: [ERROR] HttpTransporterTest.testGet_HTTPS_Insecure_SecurityMode:416 » IllegalState java.io.IOException: Invalid keystore format [ERROR] Ht

Re: [VOTE] Release Maven Resolver 1.9.9

And one more thing regarding your "a fully up-to-date corp managed MacBook with the version of Maven installed by homebrew." If I ask homebrew about Maven, it says this: https://gist.github.com/cstamas/2bc091174919c007d57475262d49df75 But also look at "maven@3.5" output: "Disabled because it is n

Re: [VOTE] Release Maven Resolver 1.9.9

Howdy, m-dep-p output should be always interpreted with a "grain of salt". For example, how do you "use" (according to m-dep-p) slf4j-simple? Also, for sisu and related, they are required to bring up container, even if not ":used" (according to m-dep-p) etc. So most of it is just noise. T On We

Re: [VOTE] Release Maven Resolver 1.9.9

Howdy, unsure what your workstation does that bot CI (ASF and GH) nor my WS does not do, but: [INFO] Running org.eclipse.aether.transport.http.HttpTransporterTest [INFO] Tests run: 72, Failures: 0, Errors: 0, Skipped: 0, Time elapsed: 3.849 s - in org.eclipse.aether.transport.http.HttpTransporter

Re: [VOTE] Release Maven Resolver 1.9.9

Howdy, It merely requires "recent version" of Maven, see https://maven.apache.org/docs/history.html for what it means T On Wed, Apr 26, 2023 at 1:37 PM Elliotte Rusty Harold wrote: > The weekly reminder that the world is not nearly as up to date as we might > like: > > [ERROR] Rule 0: org.apac

Re: [VOTE] Release Maven Resolver 1.9.9

The dependencies could also use a little cleanup, though treu positives are mostly test dependencies so this isn't too critical: [INFO] --- maven-dependency-plugin:3.4.0:analyze (default-cli) @ maven-resolver-util --- [WARNING] Used undeclared dependencies found: [WARNING]org.hamcrest:hamcrest

Re: [VOTE] Release Maven Resolver 1.9.9

And on my personal and slightly more up to date MacBook mvn -Prun-its test reveals: [ERROR] Errors: [ERROR] HttpTransporterTest.testGet_HTTPS_Insecure_SecurityMode:416 » IllegalState java.io.IOException: Invalid keystore format [ERROR] HttpTransporterTest.testGet_HTTPS_Unknown_SecurityMode:401

Re: [VOTE] Release Maven Resolver 1.9.9

The weekly reminder that the world is not nearly as up to date as we might like: [ERROR] Rule 0: org.apache.maven.plugins.enforcer.RequireMavenVersion failed with message: Detected Maven Version: 3.5.0 is not in the allowed range 3.8.4. This is from a fully up-to-date corp managed MacBook with th

Re: [VOTE] Release Maven Resolver 1.9.9

+1 śr., 26 kwi 2023, 12:21 użytkownik Tamás Cservenák napisał: > Howdy, > > We solved 2 issues (1 bug + 1 doco task): > > https://issues.apache.org/jira/secure/ReleaseNote.jspa?projectId=12320628&version=12353151 > > There are still some issues in JIRA: > https://issues.apache.org/jira/projects/