On Wed, Sep 13, 2017 at 11:34 PM, Ian Boston wrote:
> On the other hand, if you are saying that the Oak Threat model has to be
> developed and agreed, before this patch can be added, then I am concerned
> that will take too long. Doing justice to an Oak Treat model will require
> resource.
I thin
Hello Team,
the vote passes as follows:
+1 Andrei Dulceanu
+1 Davide Giannella
+1 Robert Munteanu
+1 Tommaso Teofili
+1 Amit Jain
Thanks for voting. I'll push the release out.
-- Davide
Hi,
> I don't think this patch bypasses Oak security, and since the API can only
> be implemented by Oak itself. I am sure any future patch would be subject
> to the same scrutiny. If it can be implemented outside Oak, then Oak has
> already been breached, something I can see no evidence of.
I do
Hi,
On 14 September 2017 at 06:05, Alex Deparvu wrote:
> Hi,
>
> > I don't think this patch bypasses Oak security, and since the API can
> only
> > be implemented by Oak itself. I am sure any future patch would be subject
> > to the same scrutiny. If it can be implemented outside Oak, then Oak h
Hi,
On September 14, 2017 at 7:05:28 AM, Alex Deparvu (a...@pfalabs.com) wrote:
how to make sure
this ttl will not get bumped up to a point where it becomes a real problem
(1 min/5mins is probably fine, what if someone sets it to a few hours).
Not to sound cold or uncaring, but IMO that’s a u
> Not to sound cold or uncaring, but IMO that’s a user configuration
concern, it shouldn’t be Oak’s concern. What if a user fails to put the
proper ACLs on a resource in Oak and thus allows users to access it who
shouldn’t? Isn’t that basically the same concern?
Except there's a subtle differenc
The Apache Jackrabbit community is pleased to announce the release of
Apache Jackrabbit 2.14.3. The release is available for download at:
https://jackrabbit.apache.org/jcr/downloads.html#v2.14
See the full release notes below for details about this release:
Release Notes -- Apache Jackrabbi
...please ignore, incorrect subject line...
Hi,
On 14 September 2017 at 06:56, Alex Deparvu wrote:
> > Not to sound cold or uncaring, but IMO that’s a user configuration
> concern, it shouldn’t be Oak’s concern. What if a user fails to put the
> proper ACLs on a resource in Oak and thus allows users to access it who
> shouldn’t? Isn’t t
The Apache Jenkins build system has built Jackrabbit Oak (build #745)
Status: Failure
Check console output at https://builds.apache.org/job/Jackrabbit%20Oak/745/ to
view the results.
Changes:
[adulceanu] OAK-6659 - Cold standby should fail loudly when a big blob can't be
timely transferred
Res
The Apache Jenkins build system has built Jackrabbit Oak (build #746)
Status: Still Failing
Check console output at https://builds.apache.org/job/Jackrabbit%20Oak/746/ to
view the results.
Changes:
[chetanm] OAK-6669 - Blob serializer to serialize BlobStoreBlob
Test results:
1 tests failed.
The Apache Jenkins build system has built Jackrabbit Oak (build #747)
Status: Still Failing
Check console output at https://builds.apache.org/job/Jackrabbit%20Oak/747/ to
view the results.
Changes:
[chetanm] OAK-6670 - Move FSBlobSerializer to oak-blob-plugins module
Test results:
1 tests f
The Apache Jenkins build system has built Jackrabbit Oak (build #748)
Status: Still Failing
Check console output at https://builds.apache.org/job/Jackrabbit%20Oak/748/ to
view the results.
Changes:
[chetanm] OAK-6353 - Use Document order traversal for reindexing performed on
DocumentNodeStore
Hi Ian
On 13/09/17 23:34, "Ian Boston" wrote:
>Hi Angela,
>
>On 13 September 2017 at 06:50, Angela Schreiber
>
>wrote:
>
>> Hi Ian
>>
>> The new proposal looks a lot better to me.
>>
>> The only concern from a security perspective I could come up with is the
>> one we expressed already with the
Hi all,
After the the fix for OAK-6659 landed in trunk,
ExternalPrivateStoreIT.testSyncBigBlob
is consistently failing. This is OAK-6641 and I am looking into it right
now.
Regards,
Andrei
2017-09-15 9:15 GMT+03:00 Apache Jenkins Server :
> The Apache Jenkins build system has built Jackrabbit O
15 matches
Mail list logo
