Re: [VOTE] Release Apache Sling Feature Launcher 1.2.2 and Feature Extensions Apiregions 1.6.4

2022-12-05 Thread Karl Pauls 
+1

regards,

Karl

On Tuesday, December 6, 2022, Angela Schreiber 
wrote:

> [x] +1 Approve the release
>
> kind regards
> angela
>
> 
> From: Carsten Ziegeler 
> Sent: Tuesday, December 6, 2022 06:33
> To: dev@sling.apache.org 
> Subject: [VOTE] Release Apache Sling Feature Launcher 1.2.2 and Feature
> Extensions Apiregions 1.6.4
>
>
> Hi,
>
> we solved 11 issues for the launcher
> https://issues.apache.org/jira/projects/SLING/versions/12351353
>
> and 2 issues for the apiregions extension
> https://issues.apache.org/jira/projects/SLING/versions/12352068
>
> Staging repository:
> https://repository.apache.org/content/repositories/orgapachesling-2703
>
> You can use this UNIX script to download the release and verify the
> signatures:
> https://gitbox.apache.org/repos/asf?p=sling-tooling-
> release.git;a=blob;f=check_staged_release.sh;hb=HEAD
>
> Usage:
> sh check_staged_release.sh 2703 /tmp/sling-staging
>
> Please vote to approve this release:
>
>[ ] +1 Approve the release
>[ ]  0 Don't care
>[ ] -1 Don't release, because ...
>
> This majority vote is open for at least 72 hours.
>
> Regards
> Carsten
> --
> Carsten Ziegeler
> Adobe
> cziege...@apache.org
>


-- 
Karl Pauls
karlpa...@gmail.com

[jira] [Created] (SLING-11720) Apache Sling web site update request

2022-12-05 Thread Yuri Simione (Jira) 
Yuri Simione created SLING-11720:


 Summary: Apache Sling web site update request
 Key: SLING-11720
 URL: https://issues.apache.org/jira/browse/SLING-11720
 Project: Sling
  Issue Type: Improvement
Reporter: Yuri Simione


I wrote two article on Apache Sling on Adobe Experience League Blog site. I 
suggest to add these to the Apache Sling, in this section: 
[https://sling.apache.org/links.html#articles]

 
 * [Is Adobe AEM a valid Content Services Platform? [Part one] by Yuri 
Simione|[https://experienceleaguecommunities.adobe.com/t5/adobe-experience-manager-blogs/is-adobe-aem-a-valid-content-services-platform-part-one-by-yuri/ba-p/559647]
 []|http://example.com]/]
 * [Is Adobe AEM a valid Content Services Platform? [Part one] by Yuri 
Simione|[https://experienceleaguecommunities.adobe.com/t5/adobe-experience-manager-blogs/is-adobe-aem-a-valid-content-services-platform-part-two-by-yuri/ba-p/559648]
 
[]|https://experienceleaguecommunities.adobe.com/t5/adobe-experience-manager-blogs/is-adobe-aem-a-valid-content-services-platform-part-one-by-yuri/ba-p/559647]

 



--
This message was sent by Atlassian Jira
(v8.20.10#820010)

[jira] [Commented] (SLING-11718) Migrate to Jakarta JSON API

2022-12-05 Thread Carsten Ziegeler (Jira) 


[ 
https://issues.apache.org/jira/browse/SLING-11718?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel=17643698#comment-17643698
 ] 

Carsten Ziegeler commented on SLING-11718:
--

Migrated feature launcher in 
https://github.com/apache/sling-org-apache-sling-feature-launcher/commit/cc75f4079c1d469e4523d1f61f11bec4f112e692

> Migrate to Jakarta JSON API
> ---
>
> Key: SLING-11718
> URL: https://issues.apache.org/jira/browse/SLING-11718
> Project: Sling
>  Issue Type: New Feature
>  Components: Feature Model, Feature Model Analyser, Maven Plugins and 
> Archetypes
>Reporter: Carsten Ziegeler
>Assignee: Carsten Ziegeler
>Priority: Major
> Fix For: Feature Model Analyser 2.0.0, Feature Model 2.0.0, 
> Feature Model API Regions Extension 2.0.0, Feature Model Launcher 1.2.4
>
>
> Starting with JEE 9 the package names for the enterprise APIs changed from 
> javax.* to jakarta.* which means that we will benefit from updates to those 
> APIs only if we make the move.
> For the feature model and the related tooling, it should be fairly easy to do 
> this move as this code is usually only used at tool time but not at 
> application runtime.
> We can simply replace javax.json with jakarta.json and do new releases of 
> everything involved with a new major version. As we are currently using 
> javax.json in parts of the API, this will be a breaking change, therefore the 
> major version update.



--
This message was sent by Atlassian Jira
(v8.20.10#820010)

[jira] [Updated] (SLING-11718) Migrate to Jakarta JSON API

2022-12-05 Thread Carsten Ziegeler (Jira) 


 [ 
https://issues.apache.org/jira/browse/SLING-11718?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel
 ]

Carsten Ziegeler updated SLING-11718:
-
Fix Version/s: Feature Model Launcher 1.2.4

> Migrate to Jakarta JSON API
> ---
>
> Key: SLING-11718
> URL: https://issues.apache.org/jira/browse/SLING-11718
> Project: Sling
>  Issue Type: New Feature
>  Components: Feature Model, Feature Model Analyser, Maven Plugins and 
> Archetypes
>Reporter: Carsten Ziegeler
>Assignee: Carsten Ziegeler
>Priority: Major
> Fix For: Feature Model Analyser 2.0.0, Feature Model 2.0.0, 
> Feature Model API Regions Extension 2.0.0, Feature Model Launcher 1.2.4
>
>
> Starting with JEE 9 the package names for the enterprise APIs changed from 
> javax.* to jakarta.* which means that we will benefit from updates to those 
> APIs only if we make the move.
> For the feature model and the related tooling, it should be fairly easy to do 
> this move as this code is usually only used at tool time but not at 
> application runtime.
> We can simply replace javax.json with jakarta.json and do new releases of 
> everything involved with a new major version. As we are currently using 
> javax.json in parts of the API, this will be a breaking change, therefore the 
> major version update.



--
This message was sent by Atlassian Jira
(v8.20.10#820010)

Re: [VOTE] Release Apache Sling Feature Launcher 1.2.2 and Feature Extensions Apiregions 1.6.4

2022-12-05 Thread Angela Schreiber 
[x] +1 Approve the release

kind regards
angela


From: Carsten Ziegeler 
Sent: Tuesday, December 6, 2022 06:33
To: dev@sling.apache.org 
Subject: [VOTE] Release Apache Sling Feature Launcher 1.2.2 and Feature 
Extensions Apiregions 1.6.4


Hi,

we solved 11 issues for the launcher
https://issues.apache.org/jira/projects/SLING/versions/12351353

and 2 issues for the apiregions extension
https://issues.apache.org/jira/projects/SLING/versions/12352068

Staging repository:
https://repository.apache.org/content/repositories/orgapachesling-2703

You can use this UNIX script to download the release and verify the
signatures:
https://gitbox.apache.org/repos/asf?p=sling-tooling-release.git;a=blob;f=check_staged_release.sh;hb=HEAD

Usage:
sh check_staged_release.sh 2703 /tmp/sling-staging

Please vote to approve this release:

   [ ] +1 Approve the release
   [ ]  0 Don't care
   [ ] -1 Don't release, because ...

This majority vote is open for at least 72 hours.

Regards
Carsten
--
Carsten Ziegeler
Adobe
cziege...@apache.org

[jira] [Closed] (SLING-11698) osgi-mock: Support injection of ComponentServiceObjects

2022-12-05 Thread Stefan Seifert (Jira) 


 [ 
https://issues.apache.org/jira/browse/SLING-11698?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel
 ]

Stefan Seifert closed SLING-11698.
--

> osgi-mock: Support injection of ComponentServiceObjects
> ---
>
> Key: SLING-11698
> URL: https://issues.apache.org/jira/browse/SLING-11698
> Project: Sling
>  Issue Type: Improvement
>  Components: Testing
>Reporter: Stefan Seifert
>Assignee: Stefan Seifert
>Priority: Major
> Fix For: Testing OSGi Mock 3.3.4
>
>  Time Spent: 1h
>  Remaining Estimate: 0h
>
> https://docs.osgi.org/specification/osgi.cmpn/7.0.0/service.component.html
> currently we are supporting for injection (field, collection field, 
> constructor):
> * service instance
> * ServiceReference instance
> we should also support 
> [ComponentServiceObjects|https://docs.osgi.org/specification/osgi.cmpn/7.0.0/service.component.html#org.osgi.service.component.ComponentServiceObjects]
>  which is a combination of both.



--
This message was sent by Atlassian Jira
(v8.20.10#820010)

[jira] [Closed] (SLING-11691) osgi-mock: Implement MockServiceReference.getProperties

2022-12-05 Thread Stefan Seifert (Jira) 


 [ 
https://issues.apache.org/jira/browse/SLING-11691?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel
 ]

Stefan Seifert closed SLING-11691.
--

> osgi-mock: Implement MockServiceReference.getProperties
> ---
>
> Key: SLING-11691
> URL: https://issues.apache.org/jira/browse/SLING-11691
> Project: Sling
>  Issue Type: Improvement
>  Components: Testing
>Affects Versions: Testing OSGi Mock 3.3.2
>Reporter: Stefan Seifert
>Assignee: Stefan Seifert
>Priority: Major
> Fix For: Testing OSGi Mock 3.3.4
>
>
> the method getProperties as added to ServiceInterface later than the other 
> property-related methods.



--
This message was sent by Atlassian Jira
(v8.20.10#820010)

[jira] [Updated] (SLING-11718) Migrate to Jakarta JSON API

2022-12-05 Thread Carsten Ziegeler (Jira) 


 [ 
https://issues.apache.org/jira/browse/SLING-11718?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel
 ]

Carsten Ziegeler updated SLING-11718:
-
Fix Version/s: Feature Model API Regions Extension 2.0.0
   (was: Feature Model API Regions Extension 1.6.4)

> Migrate to Jakarta JSON API
> ---
>
> Key: SLING-11718
> URL: https://issues.apache.org/jira/browse/SLING-11718
> Project: Sling
>  Issue Type: New Feature
>  Components: Feature Model, Feature Model Analyser, Maven Plugins and 
> Archetypes
>Reporter: Carsten Ziegeler
>Assignee: Carsten Ziegeler
>Priority: Major
> Fix For: Feature Model Analyser 2.0.0, Feature Model 2.0.0, 
> Feature Model API Regions Extension 2.0.0
>
>
> Starting with JEE 9 the package names for the enterprise APIs changed from 
> javax.* to jakarta.* which means that we will benefit from updates to those 
> APIs only if we make the move.
> For the feature model and the related tooling, it should be fairly easy to do 
> this move as this code is usually only used at tool time but not at 
> application runtime.
> We can simply replace javax.json with jakarta.json and do new releases of 
> everything involved with a new major version. As we are currently using 
> javax.json in parts of the API, this will be a breaking change, therefore the 
> major version update.



--
This message was sent by Atlassian Jira
(v8.20.10#820010)

[jira] [Updated] (SLING-11718) Migrate to Jakarta JSON API

2022-12-05 Thread Carsten Ziegeler (Jira) 


 [ 
https://issues.apache.org/jira/browse/SLING-11718?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel
 ]

Carsten Ziegeler updated SLING-11718:
-
Fix Version/s: Feature Model API Regions Extension 1.6.4

> Migrate to Jakarta JSON API
> ---
>
> Key: SLING-11718
> URL: https://issues.apache.org/jira/browse/SLING-11718
> Project: Sling
>  Issue Type: New Feature
>  Components: Feature Model, Feature Model Analyser, Maven Plugins and 
> Archetypes
>Reporter: Carsten Ziegeler
>Assignee: Carsten Ziegeler
>Priority: Major
> Fix For: Feature Model Analyser 2.0.0, Feature Model API Regions 
> Extension 1.6.4, Feature Model 2.0.0
>
>
> Starting with JEE 9 the package names for the enterprise APIs changed from 
> javax.* to jakarta.* which means that we will benefit from updates to those 
> APIs only if we make the move.
> For the feature model and the related tooling, it should be fairly easy to do 
> this move as this code is usually only used at tool time but not at 
> application runtime.
> We can simply replace javax.json with jakarta.json and do new releases of 
> everything involved with a new major version. As we are currently using 
> javax.json in parts of the API, this will be a breaking change, therefore the 
> major version update.



--
This message was sent by Atlassian Jira
(v8.20.10#820010)

[jira] [Updated] (SLING-11718) Migrate to Jakarta JSON API

2022-12-05 Thread Carsten Ziegeler (Jira) 


 [ 
https://issues.apache.org/jira/browse/SLING-11718?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel
 ]

Carsten Ziegeler updated SLING-11718:
-
Fix Version/s: Feature Model API Regions Extension 1.6.4

> Migrate to Jakarta JSON API
> ---
>
> Key: SLING-11718
> URL: https://issues.apache.org/jira/browse/SLING-11718
> Project: Sling
>  Issue Type: New Feature
>  Components: Feature Model, Feature Model Analyser, Maven Plugins and 
> Archetypes
>Reporter: Carsten Ziegeler
>Assignee: Carsten Ziegeler
>Priority: Major
> Fix For: Feature Model Analyser 2.0.0, Feature Model API Regions 
> Extension 1.6.4, Feature Model 2.0.0
>
>
> Starting with JEE 9 the package names for the enterprise APIs changed from 
> javax.* to jakarta.* which means that we will benefit from updates to those 
> APIs only if we make the move.
> For the feature model and the related tooling, it should be fairly easy to do 
> this move as this code is usually only used at tool time but not at 
> application runtime.
> We can simply replace javax.json with jakarta.json and do new releases of 
> everything involved with a new major version. As we are currently using 
> javax.json in parts of the API, this will be a breaking change, therefore the 
> major version update.



--
This message was sent by Atlassian Jira
(v8.20.10#820010)

[jira] [Updated] (SLING-11718) Migrate to Jakarta JSON API

2022-12-05 Thread Carsten Ziegeler (Jira) 


 [ 
https://issues.apache.org/jira/browse/SLING-11718?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel
 ]

Carsten Ziegeler updated SLING-11718:
-
Fix Version/s: (was: Feature Model API Regions Extension 1.6.4)

> Migrate to Jakarta JSON API
> ---
>
> Key: SLING-11718
> URL: https://issues.apache.org/jira/browse/SLING-11718
> Project: Sling
>  Issue Type: New Feature
>  Components: Feature Model, Feature Model Analyser, Maven Plugins and 
> Archetypes
>Reporter: Carsten Ziegeler
>Assignee: Carsten Ziegeler
>Priority: Major
> Fix For: Feature Model Analyser 2.0.0, Feature Model 2.0.0
>
>
> Starting with JEE 9 the package names for the enterprise APIs changed from 
> javax.* to jakarta.* which means that we will benefit from updates to those 
> APIs only if we make the move.
> For the feature model and the related tooling, it should be fairly easy to do 
> this move as this code is usually only used at tool time but not at 
> application runtime.
> We can simply replace javax.json with jakarta.json and do new releases of 
> everything involved with a new major version. As we are currently using 
> javax.json in parts of the API, this will be a breaking change, therefore the 
> major version update.



--
This message was sent by Atlassian Jira
(v8.20.10#820010)

[jira] [Updated] (SLING-11719) Remove deprecated API

2022-12-05 Thread Carsten Ziegeler (Jira) 


 [ 
https://issues.apache.org/jira/browse/SLING-11719?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel
 ]

Carsten Ziegeler updated SLING-11719:
-
Fix Version/s: Feature Model API Regions Extension 2.0.0

> Remove deprecated API
> -
>
> Key: SLING-11719
> URL: https://issues.apache.org/jira/browse/SLING-11719
> Project: Sling
>  Issue Type: Improvement
>  Components: Feature Model, Feature Model Analyser, Maven Plugins and 
> Archetypes
>Reporter: Carsten Ziegeler
>Assignee: Carsten Ziegeler
>Priority: Major
> Fix For: Feature Model Analyser 2.0.0, Feature Model 2.0.0, 
> Feature Model API Regions Extension 2.0.0
>
>
> With the move to the jakarta api (SLING-11718) we will have breaking api 
> changes, therefore we can at the same time get rid of deprecated api



--
This message was sent by Atlassian Jira
(v8.20.10#820010)

[jira] [Commented] (SLING-11719) Remove deprecated API

2022-12-05 Thread Carsten Ziegeler (Jira) 


[ 
https://issues.apache.org/jira/browse/SLING-11719?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel=17643694#comment-17643694
 ] 

Carsten Ziegeler commented on SLING-11719:
--

Removed deprecated api from api regions extension in 
https://github.com/apache/sling-org-apache-sling-feature-extension-apiregions/commit/ef62fc80a00c8788c8381b847436141ef36a5832

> Remove deprecated API
> -
>
> Key: SLING-11719
> URL: https://issues.apache.org/jira/browse/SLING-11719
> Project: Sling
>  Issue Type: Improvement
>  Components: Feature Model, Feature Model Analyser, Maven Plugins and 
> Archetypes
>Reporter: Carsten Ziegeler
>Assignee: Carsten Ziegeler
>Priority: Major
> Fix For: Feature Model Analyser 2.0.0, Feature Model 2.0.0
>
>
> With the move to the jakarta api (SLING-11718) we will have breaking api 
> changes, therefore we can at the same time get rid of deprecated api



--
This message was sent by Atlassian Jira
(v8.20.10#820010)

[jira] [Commented] (SLING-11718) Migrate to Jakarta JSON API

2022-12-05 Thread Carsten Ziegeler (Jira) 


[ 
https://issues.apache.org/jira/browse/SLING-11718?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel=17643693#comment-17643693
 ] 

Carsten Ziegeler commented on SLING-11718:
--

Migrated apiregions extension in 
https://github.com/apache/sling-org-apache-sling-feature-extension-apiregions/commit/ef62fc80a00c8788c8381b847436141ef36a5832

> Migrate to Jakarta JSON API
> ---
>
> Key: SLING-11718
> URL: https://issues.apache.org/jira/browse/SLING-11718
> Project: Sling
>  Issue Type: New Feature
>  Components: Feature Model, Feature Model Analyser, Maven Plugins and 
> Archetypes
>Reporter: Carsten Ziegeler
>Assignee: Carsten Ziegeler
>Priority: Major
> Fix For: Feature Model Analyser 2.0.0, Feature Model 2.0.0
>
>
> Starting with JEE 9 the package names for the enterprise APIs changed from 
> javax.* to jakarta.* which means that we will benefit from updates to those 
> APIs only if we make the move.
> For the feature model and the related tooling, it should be fairly easy to do 
> this move as this code is usually only used at tool time but not at 
> application runtime.
> We can simply replace javax.json with jakarta.json and do new releases of 
> everything involved with a new major version. As we are currently using 
> javax.json in parts of the API, this will be a breaking change, therefore the 
> major version update.



--
This message was sent by Atlassian Jira
(v8.20.10#820010)

[jira] [Updated] (SLING-11719) Remove deprecated API

2022-12-05 Thread Carsten Ziegeler (Jira) 


 [ 
https://issues.apache.org/jira/browse/SLING-11719?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel
 ]

Carsten Ziegeler updated SLING-11719:
-
Fix Version/s: Feature Model Analyser 1.6.10

> Remove deprecated API
> -
>
> Key: SLING-11719
> URL: https://issues.apache.org/jira/browse/SLING-11719
> Project: Sling
>  Issue Type: Improvement
>  Components: Feature Model, Feature Model Analyser, Maven Plugins and 
> Archetypes
>Reporter: Carsten Ziegeler
>Assignee: Carsten Ziegeler
>Priority: Major
> Fix For: Feature Model Analyser 1.6.10, Feature Model 2.0.0
>
>
> With the move to the jakarta api (SLING-11718) we will have breaking api 
> changes, therefore we can at the same time get rid of deprecated api



--
This message was sent by Atlassian Jira
(v8.20.10#820010)

[jira] [Commented] (SLING-11718) Migrate to Jakarta JSON API

2022-12-05 Thread Carsten Ziegeler (Jira) 


[ 
https://issues.apache.org/jira/browse/SLING-11718?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel=17643672#comment-17643672
 ] 

Carsten Ziegeler commented on SLING-11718:
--

Migrated feature analyser in 
https://github.com/apache/sling-org-apache-sling-feature-analyser/commit/dbda4568805c56a95345f75a85d9cf6aa9a6c629

> Migrate to Jakarta JSON API
> ---
>
> Key: SLING-11718
> URL: https://issues.apache.org/jira/browse/SLING-11718
> Project: Sling
>  Issue Type: New Feature
>  Components: Feature Model, Feature Model Analyser, Maven Plugins and 
> Archetypes
>Reporter: Carsten Ziegeler
>Assignee: Carsten Ziegeler
>Priority: Major
> Fix For: Feature Model 2.0.0
>
>
> Starting with JEE 9 the package names for the enterprise APIs changed from 
> javax.* to jakarta.* which means that we will benefit from updates to those 
> APIs only if we make the move.
> For the feature model and the related tooling, it should be fairly easy to do 
> this move as this code is usually only used at tool time but not at 
> application runtime.
> We can simply replace javax.json with jakarta.json and do new releases of 
> everything involved with a new major version. As we are currently using 
> javax.json in parts of the API, this will be a breaking change, therefore the 
> major version update.



--
This message was sent by Atlassian Jira
(v8.20.10#820010)

[jira] [Updated] (SLING-11718) Migrate to Jakarta JSON API

2022-12-05 Thread Carsten Ziegeler (Jira) 


 [ 
https://issues.apache.org/jira/browse/SLING-11718?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel
 ]

Carsten Ziegeler updated SLING-11718:
-
Fix Version/s: Feature Model Analyser 1.6.10

> Migrate to Jakarta JSON API
> ---
>
> Key: SLING-11718
> URL: https://issues.apache.org/jira/browse/SLING-11718
> Project: Sling
>  Issue Type: New Feature
>  Components: Feature Model, Feature Model Analyser, Maven Plugins and 
> Archetypes
>Reporter: Carsten Ziegeler
>Assignee: Carsten Ziegeler
>Priority: Major
> Fix For: Feature Model Analyser 1.6.10, Feature Model 2.0.0
>
>
> Starting with JEE 9 the package names for the enterprise APIs changed from 
> javax.* to jakarta.* which means that we will benefit from updates to those 
> APIs only if we make the move.
> For the feature model and the related tooling, it should be fairly easy to do 
> this move as this code is usually only used at tool time but not at 
> application runtime.
> We can simply replace javax.json with jakarta.json and do new releases of 
> everything involved with a new major version. As we are currently using 
> javax.json in parts of the API, this will be a breaking change, therefore the 
> major version update.



--
This message was sent by Atlassian Jira
(v8.20.10#820010)

[jira] [Commented] (SLING-11719) Remove deprecated API

2022-12-05 Thread Carsten Ziegeler (Jira) 


[ 
https://issues.apache.org/jira/browse/SLING-11719?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel=17643673#comment-17643673
 ] 

Carsten Ziegeler commented on SLING-11719:
--

Removed deprecated api from feature analyser in 
https://github.com/apache/sling-org-apache-sling-feature-analyser/commit/dbda4568805c56a95345f75a85d9cf6aa9a6c629

> Remove deprecated API
> -
>
> Key: SLING-11719
> URL: https://issues.apache.org/jira/browse/SLING-11719
> Project: Sling
>  Issue Type: Improvement
>  Components: Feature Model, Feature Model Analyser, Maven Plugins and 
> Archetypes
>Reporter: Carsten Ziegeler
>Assignee: Carsten Ziegeler
>Priority: Major
> Fix For: Feature Model 2.0.0
>
>
> With the move to the jakarta api (SLING-11718) we will have breaking api 
> changes, therefore we can at the same time get rid of deprecated api



--
This message was sent by Atlassian Jira
(v8.20.10#820010)

[jira] [Commented] (SLING-11718) Migrate to Jakarta JSON API

2022-12-05 Thread Carsten Ziegeler (Jira) 


[ 
https://issues.apache.org/jira/browse/SLING-11718?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel=17643665#comment-17643665
 ] 

Carsten Ziegeler commented on SLING-11718:
--

Migrated feature model in 
https://github.com/apache/sling-org-apache-sling-feature/commit/23978f6f1a84d1d58105cc8c33dbace77238

> Migrate to Jakarta JSON API
> ---
>
> Key: SLING-11718
> URL: https://issues.apache.org/jira/browse/SLING-11718
> Project: Sling
>  Issue Type: New Feature
>  Components: Feature Model, Feature Model Analyser, Maven Plugins and 
> Archetypes
>Reporter: Carsten Ziegeler
>Assignee: Carsten Ziegeler
>Priority: Major
> Fix For: Feature Model 2.0.0
>
>
> Starting with JEE 9 the package names for the enterprise APIs changed from 
> javax.* to jakarta.* which means that we will benefit from updates to those 
> APIs only if we make the move.
> For the feature model and the related tooling, it should be fairly easy to do 
> this move as this code is usually only used at tool time but not at 
> application runtime.
> We can simply replace javax.json with jakarta.json and do new releases of 
> everything involved with a new major version. As we are currently using 
> javax.json in parts of the API, this will be a breaking change, therefore the 
> major version update.



--
This message was sent by Atlassian Jira
(v8.20.10#820010)

[jira] [Commented] (SLING-11719) Remove deprecated API

2022-12-05 Thread Carsten Ziegeler (Jira) 


[ 
https://issues.apache.org/jira/browse/SLING-11719?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel=17643666#comment-17643666
 ] 

Carsten Ziegeler commented on SLING-11719:
--

Removed deprecated API from feature model with 
https://github.com/apache/sling-org-apache-sling-feature/commit/23978f6f1a84d1d58105cc8c33dbace77238

> Remove deprecated API
> -
>
> Key: SLING-11719
> URL: https://issues.apache.org/jira/browse/SLING-11719
> Project: Sling
>  Issue Type: Improvement
>  Components: Feature Model, Feature Model Analyser, Maven Plugins and 
> Archetypes
>Reporter: Carsten Ziegeler
>Assignee: Carsten Ziegeler
>Priority: Major
> Fix For: Feature Model 2.0.0
>
>
> With the move to the jakarta api (SLING-11718) we will have breaking api 
> changes, therefore we can at the same time get rid of deprecated api



--
This message was sent by Atlassian Jira
(v8.20.10#820010)

[jira] [Created] (SLING-11719) Remove deprecated API

2022-12-05 Thread Carsten Ziegeler (Jira) 
Carsten Ziegeler created SLING-11719:


 Summary: Remove deprecated API
 Key: SLING-11719
 URL: https://issues.apache.org/jira/browse/SLING-11719
 Project: Sling
  Issue Type: Improvement
  Components: Feature Model, Feature Model Analyser, Maven Plugins and 
Archetypes
Reporter: Carsten Ziegeler
Assignee: Carsten Ziegeler
 Fix For: Feature Model 2.0.0


With the move to the jakarta api (SLING-11718) we will have breaking api 
changes, therefore we can at the same time get rid of deprecated api



--
This message was sent by Atlassian Jira
(v8.20.10#820010)

[jira] [Updated] (SLING-11718) Migrate to Jakarta JSON API

2022-12-05 Thread Carsten Ziegeler (Jira) 


 [ 
https://issues.apache.org/jira/browse/SLING-11718?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel
 ]

Carsten Ziegeler updated SLING-11718:
-
Description: 
Starting with JEE 9 the package names for the enterprise APIs changed from 
javax.* to jakarta.* which means that we will benefit from updates to those 
APIs only if we make the move.

For the feature model and the related tooling, it should be fairly easy to do 
this move as this code is usually only used at tool time but not at application 
runtime.

We can simply replace javax.json with jakarta.json and do new releases of 
everything involved with a new major version. As we are currently using 
javax.json in parts of the API, this will be a breaking change, therefore the 
major version update.


> Migrate to Jakarta JSON API
> ---
>
> Key: SLING-11718
> URL: https://issues.apache.org/jira/browse/SLING-11718
> Project: Sling
>  Issue Type: New Feature
>  Components: Feature Model, Feature Model Analyser, Maven Plugins and 
> Archetypes
>Reporter: Carsten Ziegeler
>Assignee: Carsten Ziegeler
>Priority: Major
> Fix For: Feature Model 2.0.0
>
>
> Starting with JEE 9 the package names for the enterprise APIs changed from 
> javax.* to jakarta.* which means that we will benefit from updates to those 
> APIs only if we make the move.
> For the feature model and the related tooling, it should be fairly easy to do 
> this move as this code is usually only used at tool time but not at 
> application runtime.
> We can simply replace javax.json with jakarta.json and do new releases of 
> everything involved with a new major version. As we are currently using 
> javax.json in parts of the API, this will be a breaking change, therefore the 
> major version update.



--
This message was sent by Atlassian Jira
(v8.20.10#820010)

[jira] [Created] (SLING-11718) Migrate to Jakarta JSON API

2022-12-05 Thread Carsten Ziegeler (Jira) 
Carsten Ziegeler created SLING-11718:


 Summary: Migrate to Jakarta JSON API
 Key: SLING-11718
 URL: https://issues.apache.org/jira/browse/SLING-11718
 Project: Sling
  Issue Type: New Feature
  Components: Feature Model, Feature Model Analyser, Maven Plugins and 
Archetypes
Reporter: Carsten Ziegeler
Assignee: Carsten Ziegeler
 Fix For: Feature Model 2.0.0






--
This message was sent by Atlassian Jira
(v8.20.10#820010)

[VOTE] Release Apache Sling Feature Launcher 1.2.2 and Feature Extensions Apiregions 1.6.4

2022-12-05 Thread Carsten Ziegeler 

Hi,

we solved 11 issues for the launcher
https://issues.apache.org/jira/projects/SLING/versions/12351353

and 2 issues for the apiregions extension
https://issues.apache.org/jira/projects/SLING/versions/12352068

Staging repository: 
https://repository.apache.org/content/repositories/orgapachesling-2703


You can use this UNIX script to download the release and verify the 
signatures:

https://gitbox.apache.org/repos/asf?p=sling-tooling-release.git;a=blob;f=check_staged_release.sh;hb=HEAD

Usage:
sh check_staged_release.sh 2703 /tmp/sling-staging

Please vote to approve this release:

  [ ] +1 Approve the release
  [ ]  0 Don't care
  [ ] -1 Don't release, because ...

This majority vote is open for at least 72 hours.

Regards
Carsten
--
Carsten Ziegeler
Adobe
cziege...@apache.org

[GitHub] [sling-org-apache-sling-discovery-oak] sonarcloud[bot] commented on pull request #12: Bump commons-net from 3.3 to 3.9.0

2022-12-05 Thread GitBox 


sonarcloud[bot] commented on PR #12:
URL: 
https://github.com/apache/sling-org-apache-sling-discovery-oak/pull/12#issuecomment-1338477754

   Kudos, SonarCloud Quality Gate passed!  [![Quality Gate 
passed](https://sonarsource.github.io/sonarcloud-github-static-resources/v2/checks/QualityGateBadge/passed-16px.png
 'Quality Gate 
passed')](https://sonarcloud.io/dashboard?id=apache_sling-org-apache-sling-discovery-oak=12)
   
   
[![Bug](https://sonarsource.github.io/sonarcloud-github-static-resources/v2/common/bug-16px.png
 
'Bug')](https://sonarcloud.io/project/issues?id=apache_sling-org-apache-sling-discovery-oak=12=false=BUG)
 
[![A](https://sonarsource.github.io/sonarcloud-github-static-resources/v2/checks/RatingBadge/A-16px.png
 
'A')](https://sonarcloud.io/project/issues?id=apache_sling-org-apache-sling-discovery-oak=12=false=BUG)
 [0 
Bugs](https://sonarcloud.io/project/issues?id=apache_sling-org-apache-sling-discovery-oak=12=false=BUG)
  
   
[![Vulnerability](https://sonarsource.github.io/sonarcloud-github-static-resources/v2/common/vulnerability-16px.png
 
'Vulnerability')](https://sonarcloud.io/project/issues?id=apache_sling-org-apache-sling-discovery-oak=12=false=VULNERABILITY)
 
[![A](https://sonarsource.github.io/sonarcloud-github-static-resources/v2/checks/RatingBadge/A-16px.png
 
'A')](https://sonarcloud.io/project/issues?id=apache_sling-org-apache-sling-discovery-oak=12=false=VULNERABILITY)
 [0 
Vulnerabilities](https://sonarcloud.io/project/issues?id=apache_sling-org-apache-sling-discovery-oak=12=false=VULNERABILITY)
  
   [![Security 
Hotspot](https://sonarsource.github.io/sonarcloud-github-static-resources/v2/common/security_hotspot-16px.png
 'Security 
Hotspot')](https://sonarcloud.io/project/security_hotspots?id=apache_sling-org-apache-sling-discovery-oak=12=false=SECURITY_HOTSPOT)
 
[![A](https://sonarsource.github.io/sonarcloud-github-static-resources/v2/checks/RatingBadge/A-16px.png
 
'A')](https://sonarcloud.io/project/security_hotspots?id=apache_sling-org-apache-sling-discovery-oak=12=false=SECURITY_HOTSPOT)
 [0 Security 
Hotspots](https://sonarcloud.io/project/security_hotspots?id=apache_sling-org-apache-sling-discovery-oak=12=false=SECURITY_HOTSPOT)
  
   [![Code 
Smell](https://sonarsource.github.io/sonarcloud-github-static-resources/v2/common/code_smell-16px.png
 'Code 
Smell')](https://sonarcloud.io/project/issues?id=apache_sling-org-apache-sling-discovery-oak=12=false=CODE_SMELL)
 
[![A](https://sonarsource.github.io/sonarcloud-github-static-resources/v2/checks/RatingBadge/A-16px.png
 
'A')](https://sonarcloud.io/project/issues?id=apache_sling-org-apache-sling-discovery-oak=12=false=CODE_SMELL)
 [0 Code 
Smells](https://sonarcloud.io/project/issues?id=apache_sling-org-apache-sling-discovery-oak=12=false=CODE_SMELL)
   
   [![No Coverage 
information](https://sonarsource.github.io/sonarcloud-github-static-resources/v2/checks/CoverageChart/NoCoverageInfo-16px.png
 'No Coverage 
information')](https://sonarcloud.io/component_measures?id=apache_sling-org-apache-sling-discovery-oak=12=coverage=list)
 No Coverage information  
   
[![0.0%](https://sonarsource.github.io/sonarcloud-github-static-resources/v2/checks/Duplications/3-16px.png
 
'0.0%')](https://sonarcloud.io/component_measures?id=apache_sling-org-apache-sling-discovery-oak=12=new_duplicated_lines_density=list)
 [0.0% 
Duplication](https://sonarcloud.io/component_measures?id=apache_sling-org-apache-sling-discovery-oak=12=new_duplicated_lines_density=list)
   
   


-- 
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.

To unsubscribe, e-mail: dev-unsubscr...@sling.apache.org

For queries about this service, please contact Infrastructure at:
us...@infra.apache.org

[GitHub] [sling-org-apache-sling-discovery-base] sonarcloud[bot] commented on pull request #11: Bump commons-net from 3.3 to 3.9.0

2022-12-05 Thread GitBox 


sonarcloud[bot] commented on PR #11:
URL: 
https://github.com/apache/sling-org-apache-sling-discovery-base/pull/11#issuecomment-1338442682

   Kudos, SonarCloud Quality Gate passed!  [![Quality Gate 
passed](https://sonarsource.github.io/sonarcloud-github-static-resources/v2/checks/QualityGateBadge/passed-16px.png
 'Quality Gate 
passed')](https://sonarcloud.io/dashboard?id=apache_sling-org-apache-sling-discovery-base=11)
   
   
[![Bug](https://sonarsource.github.io/sonarcloud-github-static-resources/v2/common/bug-16px.png
 
'Bug')](https://sonarcloud.io/project/issues?id=apache_sling-org-apache-sling-discovery-base=11=false=BUG)
 
[![A](https://sonarsource.github.io/sonarcloud-github-static-resources/v2/checks/RatingBadge/A-16px.png
 
'A')](https://sonarcloud.io/project/issues?id=apache_sling-org-apache-sling-discovery-base=11=false=BUG)
 [0 
Bugs](https://sonarcloud.io/project/issues?id=apache_sling-org-apache-sling-discovery-base=11=false=BUG)
  
   
[![Vulnerability](https://sonarsource.github.io/sonarcloud-github-static-resources/v2/common/vulnerability-16px.png
 
'Vulnerability')](https://sonarcloud.io/project/issues?id=apache_sling-org-apache-sling-discovery-base=11=false=VULNERABILITY)
 
[![A](https://sonarsource.github.io/sonarcloud-github-static-resources/v2/checks/RatingBadge/A-16px.png
 
'A')](https://sonarcloud.io/project/issues?id=apache_sling-org-apache-sling-discovery-base=11=false=VULNERABILITY)
 [0 
Vulnerabilities](https://sonarcloud.io/project/issues?id=apache_sling-org-apache-sling-discovery-base=11=false=VULNERABILITY)
  
   [![Security 
Hotspot](https://sonarsource.github.io/sonarcloud-github-static-resources/v2/common/security_hotspot-16px.png
 'Security 
Hotspot')](https://sonarcloud.io/project/security_hotspots?id=apache_sling-org-apache-sling-discovery-base=11=false=SECURITY_HOTSPOT)
 
[![A](https://sonarsource.github.io/sonarcloud-github-static-resources/v2/checks/RatingBadge/A-16px.png
 
'A')](https://sonarcloud.io/project/security_hotspots?id=apache_sling-org-apache-sling-discovery-base=11=false=SECURITY_HOTSPOT)
 [0 Security 
Hotspots](https://sonarcloud.io/project/security_hotspots?id=apache_sling-org-apache-sling-discovery-base=11=false=SECURITY_HOTSPOT)
  
   [![Code 
Smell](https://sonarsource.github.io/sonarcloud-github-static-resources/v2/common/code_smell-16px.png
 'Code 
Smell')](https://sonarcloud.io/project/issues?id=apache_sling-org-apache-sling-discovery-base=11=false=CODE_SMELL)
 
[![A](https://sonarsource.github.io/sonarcloud-github-static-resources/v2/checks/RatingBadge/A-16px.png
 
'A')](https://sonarcloud.io/project/issues?id=apache_sling-org-apache-sling-discovery-base=11=false=CODE_SMELL)
 [0 Code 
Smells](https://sonarcloud.io/project/issues?id=apache_sling-org-apache-sling-discovery-base=11=false=CODE_SMELL)
   
   [![No Coverage 
information](https://sonarsource.github.io/sonarcloud-github-static-resources/v2/checks/CoverageChart/NoCoverageInfo-16px.png
 'No Coverage 
information')](https://sonarcloud.io/component_measures?id=apache_sling-org-apache-sling-discovery-base=11=coverage=list)
 No Coverage information  
   
[![0.0%](https://sonarsource.github.io/sonarcloud-github-static-resources/v2/checks/Duplications/3-16px.png
 
'0.0%')](https://sonarcloud.io/component_measures?id=apache_sling-org-apache-sling-discovery-base=11=new_duplicated_lines_density=list)
 [0.0% 
Duplication](https://sonarcloud.io/component_measures?id=apache_sling-org-apache-sling-discovery-base=11=new_duplicated_lines_density=list)
   
   


-- 
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.

To unsubscribe, e-mail: dev-unsubscr...@sling.apache.org

For queries about this service, please contact Infrastructure at:
us...@infra.apache.org

[GitHub] [sling-org-apache-sling-discovery-impl] sonarcloud[bot] commented on pull request #2: Bump commons-net from 3.3 to 3.9.0

2022-12-05 Thread GitBox 


sonarcloud[bot] commented on PR #2:
URL: 
https://github.com/apache/sling-org-apache-sling-discovery-impl/pull/2#issuecomment-1338416904

   Kudos, SonarCloud Quality Gate passed!  [![Quality Gate 
passed](https://sonarsource.github.io/sonarcloud-github-static-resources/v2/checks/QualityGateBadge/passed-16px.png
 'Quality Gate 
passed')](https://sonarcloud.io/dashboard?id=apache_sling-org-apache-sling-discovery-impl=2)
   
   
[![Bug](https://sonarsource.github.io/sonarcloud-github-static-resources/v2/common/bug-16px.png
 
'Bug')](https://sonarcloud.io/project/issues?id=apache_sling-org-apache-sling-discovery-impl=2=false=BUG)
 
[![A](https://sonarsource.github.io/sonarcloud-github-static-resources/v2/checks/RatingBadge/A-16px.png
 
'A')](https://sonarcloud.io/project/issues?id=apache_sling-org-apache-sling-discovery-impl=2=false=BUG)
 [0 
Bugs](https://sonarcloud.io/project/issues?id=apache_sling-org-apache-sling-discovery-impl=2=false=BUG)
  
   
[![Vulnerability](https://sonarsource.github.io/sonarcloud-github-static-resources/v2/common/vulnerability-16px.png
 
'Vulnerability')](https://sonarcloud.io/project/issues?id=apache_sling-org-apache-sling-discovery-impl=2=false=VULNERABILITY)
 
[![A](https://sonarsource.github.io/sonarcloud-github-static-resources/v2/checks/RatingBadge/A-16px.png
 
'A')](https://sonarcloud.io/project/issues?id=apache_sling-org-apache-sling-discovery-impl=2=false=VULNERABILITY)
 [0 
Vulnerabilities](https://sonarcloud.io/project/issues?id=apache_sling-org-apache-sling-discovery-impl=2=false=VULNERABILITY)
  
   [![Security 
Hotspot](https://sonarsource.github.io/sonarcloud-github-static-resources/v2/common/security_hotspot-16px.png
 'Security 
Hotspot')](https://sonarcloud.io/project/security_hotspots?id=apache_sling-org-apache-sling-discovery-impl=2=false=SECURITY_HOTSPOT)
 
[![A](https://sonarsource.github.io/sonarcloud-github-static-resources/v2/checks/RatingBadge/A-16px.png
 
'A')](https://sonarcloud.io/project/security_hotspots?id=apache_sling-org-apache-sling-discovery-impl=2=false=SECURITY_HOTSPOT)
 [0 Security 
Hotspots](https://sonarcloud.io/project/security_hotspots?id=apache_sling-org-apache-sling-discovery-impl=2=false=SECURITY_HOTSPOT)
  
   [![Code 
Smell](https://sonarsource.github.io/sonarcloud-github-static-resources/v2/common/code_smell-16px.png
 'Code 
Smell')](https://sonarcloud.io/project/issues?id=apache_sling-org-apache-sling-discovery-impl=2=false=CODE_SMELL)
 
[![A](https://sonarsource.github.io/sonarcloud-github-static-resources/v2/checks/RatingBadge/A-16px.png
 
'A')](https://sonarcloud.io/project/issues?id=apache_sling-org-apache-sling-discovery-impl=2=false=CODE_SMELL)
 [0 Code 
Smells](https://sonarcloud.io/project/issues?id=apache_sling-org-apache-sling-discovery-impl=2=false=CODE_SMELL)
   
   [![No Coverage 
information](https://sonarsource.github.io/sonarcloud-github-static-resources/v2/checks/CoverageChart/NoCoverageInfo-16px.png
 'No Coverage 
information')](https://sonarcloud.io/component_measures?id=apache_sling-org-apache-sling-discovery-impl=2=coverage=list)
 No Coverage information  
   
[![0.0%](https://sonarsource.github.io/sonarcloud-github-static-resources/v2/checks/Duplications/3-16px.png
 
'0.0%')](https://sonarcloud.io/component_measures?id=apache_sling-org-apache-sling-discovery-impl=2=new_duplicated_lines_density=list)
 [0.0% 
Duplication](https://sonarcloud.io/component_measures?id=apache_sling-org-apache-sling-discovery-impl=2=new_duplicated_lines_density=list)
   
   


-- 
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.

To unsubscribe, e-mail: dev-unsubscr...@sling.apache.org

For queries about this service, please contact Infrastructure at:
us...@infra.apache.org

[GitHub] [sling-org-apache-sling-discovery-oak] dependabot[bot] opened a new pull request, #12: Bump commons-net from 3.3 to 3.9.0

2022-12-05 Thread GitBox 


dependabot[bot] opened a new pull request, #12:
URL: https://github.com/apache/sling-org-apache-sling-discovery-oak/pull/12

   Bumps commons-net from 3.3 to 3.9.0.
   
   
   [![Dependabot compatibility 
score](https://dependabot-badges.githubapp.com/badges/compatibility_score?dependency-name=commons-net:commons-net=maven=3.3=3.9.0)](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores)
   
   Dependabot will resolve any conflicts with this PR as long as you don't 
alter it yourself. You can also trigger a rebase manually by commenting 
`@dependabot rebase`.
   
   [//]: # (dependabot-automerge-start)
   [//]: # (dependabot-automerge-end)
   
   ---
   
   
   Dependabot commands and options
   
   
   You can trigger Dependabot actions by commenting on this PR:
   - `@dependabot rebase` will rebase this PR
   - `@dependabot recreate` will recreate this PR, overwriting any edits that 
have been made to it
   - `@dependabot merge` will merge this PR after your CI passes on it
   - `@dependabot squash and merge` will squash and merge this PR after your CI 
passes on it
   - `@dependabot cancel merge` will cancel a previously requested merge and 
block automerging
   - `@dependabot reopen` will reopen this PR if it is closed
   - `@dependabot close` will close this PR and stop Dependabot recreating it. 
You can achieve the same result by closing it manually
   - `@dependabot ignore this major version` will close this PR and stop 
Dependabot creating any more for this major version (unless you reopen the PR 
or upgrade to it yourself)
   - `@dependabot ignore this minor version` will close this PR and stop 
Dependabot creating any more for this minor version (unless you reopen the PR 
or upgrade to it yourself)
   - `@dependabot ignore this dependency` will close this PR and stop 
Dependabot creating any more for this dependency (unless you reopen the PR or 
upgrade to it yourself)
   - `@dependabot use these labels` will set the current labels as the default 
for future PRs for this repo and language
   - `@dependabot use these reviewers` will set the current reviewers as the 
default for future PRs for this repo and language
   - `@dependabot use these assignees` will set the current assignees as the 
default for future PRs for this repo and language
   - `@dependabot use this milestone` will set the current milestone as the 
default for future PRs for this repo and language
   
   You can disable automated security fix PRs for this repo from the [Security 
Alerts 
page](https://github.com/apache/sling-org-apache-sling-discovery-oak/network/alerts).
   
   


-- 
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.

To unsubscribe, e-mail: dev-unsubscr...@sling.apache.org

For queries about this service, please contact Infrastructure at:
us...@infra.apache.org

[GitHub] [sling-org-apache-sling-discovery-base] dependabot[bot] opened a new pull request, #11: Bump commons-net from 3.3 to 3.9.0

2022-12-05 Thread GitBox 


dependabot[bot] opened a new pull request, #11:
URL: https://github.com/apache/sling-org-apache-sling-discovery-base/pull/11

   Bumps commons-net from 3.3 to 3.9.0.
   
   
   [![Dependabot compatibility 
score](https://dependabot-badges.githubapp.com/badges/compatibility_score?dependency-name=commons-net:commons-net=maven=3.3=3.9.0)](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores)
   
   Dependabot will resolve any conflicts with this PR as long as you don't 
alter it yourself. You can also trigger a rebase manually by commenting 
`@dependabot rebase`.
   
   [//]: # (dependabot-automerge-start)
   [//]: # (dependabot-automerge-end)
   
   ---
   
   
   Dependabot commands and options
   
   
   You can trigger Dependabot actions by commenting on this PR:
   - `@dependabot rebase` will rebase this PR
   - `@dependabot recreate` will recreate this PR, overwriting any edits that 
have been made to it
   - `@dependabot merge` will merge this PR after your CI passes on it
   - `@dependabot squash and merge` will squash and merge this PR after your CI 
passes on it
   - `@dependabot cancel merge` will cancel a previously requested merge and 
block automerging
   - `@dependabot reopen` will reopen this PR if it is closed
   - `@dependabot close` will close this PR and stop Dependabot recreating it. 
You can achieve the same result by closing it manually
   - `@dependabot ignore this major version` will close this PR and stop 
Dependabot creating any more for this major version (unless you reopen the PR 
or upgrade to it yourself)
   - `@dependabot ignore this minor version` will close this PR and stop 
Dependabot creating any more for this minor version (unless you reopen the PR 
or upgrade to it yourself)
   - `@dependabot ignore this dependency` will close this PR and stop 
Dependabot creating any more for this dependency (unless you reopen the PR or 
upgrade to it yourself)
   - `@dependabot use these labels` will set the current labels as the default 
for future PRs for this repo and language
   - `@dependabot use these reviewers` will set the current reviewers as the 
default for future PRs for this repo and language
   - `@dependabot use these assignees` will set the current assignees as the 
default for future PRs for this repo and language
   - `@dependabot use this milestone` will set the current milestone as the 
default for future PRs for this repo and language
   
   You can disable automated security fix PRs for this repo from the [Security 
Alerts 
page](https://github.com/apache/sling-org-apache-sling-discovery-base/network/alerts).
   
   


-- 
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.

To unsubscribe, e-mail: dev-unsubscr...@sling.apache.org

For queries about this service, please contact Infrastructure at:
us...@infra.apache.org

[GitHub] [sling-org-apache-sling-discovery-impl] dependabot[bot] opened a new pull request, #2: Bump commons-net from 3.3 to 3.9.0

2022-12-05 Thread GitBox 


dependabot[bot] opened a new pull request, #2:
URL: https://github.com/apache/sling-org-apache-sling-discovery-impl/pull/2

   Bumps commons-net from 3.3 to 3.9.0.
   
   
   [![Dependabot compatibility 
score](https://dependabot-badges.githubapp.com/badges/compatibility_score?dependency-name=commons-net:commons-net=maven=3.3=3.9.0)](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores)
   
   Dependabot will resolve any conflicts with this PR as long as you don't 
alter it yourself. You can also trigger a rebase manually by commenting 
`@dependabot rebase`.
   
   [//]: # (dependabot-automerge-start)
   [//]: # (dependabot-automerge-end)
   
   ---
   
   
   Dependabot commands and options
   
   
   You can trigger Dependabot actions by commenting on this PR:
   - `@dependabot rebase` will rebase this PR
   - `@dependabot recreate` will recreate this PR, overwriting any edits that 
have been made to it
   - `@dependabot merge` will merge this PR after your CI passes on it
   - `@dependabot squash and merge` will squash and merge this PR after your CI 
passes on it
   - `@dependabot cancel merge` will cancel a previously requested merge and 
block automerging
   - `@dependabot reopen` will reopen this PR if it is closed
   - `@dependabot close` will close this PR and stop Dependabot recreating it. 
You can achieve the same result by closing it manually
   - `@dependabot ignore this major version` will close this PR and stop 
Dependabot creating any more for this major version (unless you reopen the PR 
or upgrade to it yourself)
   - `@dependabot ignore this minor version` will close this PR and stop 
Dependabot creating any more for this minor version (unless you reopen the PR 
or upgrade to it yourself)
   - `@dependabot ignore this dependency` will close this PR and stop 
Dependabot creating any more for this dependency (unless you reopen the PR or 
upgrade to it yourself)
   - `@dependabot use these labels` will set the current labels as the default 
for future PRs for this repo and language
   - `@dependabot use these reviewers` will set the current reviewers as the 
default for future PRs for this repo and language
   - `@dependabot use these assignees` will set the current assignees as the 
default for future PRs for this repo and language
   - `@dependabot use this milestone` will set the current milestone as the 
default for future PRs for this repo and language
   
   You can disable automated security fix PRs for this repo from the [Security 
Alerts 
page](https://github.com/apache/sling-org-apache-sling-discovery-impl/network/alerts).
   
   


-- 
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.

To unsubscribe, e-mail: dev-unsubscr...@sling.apache.org

For queries about this service, please contact Infrastructure at:
us...@infra.apache.org

Re: Principal names used in org.apache.sling.serviceusermapping.impl.ServiceUserMapperImpl and "everyone" group

2022-12-05 Thread Angela Schreiber 
hi konrad,

yes, you are right. when using the format with [], the resulting resource 
resolver / session will get a subject that aggregates the specified principals 
and only those.

adding a group principal name will only work if you disable the 
JcrSystemUserValidator.
but from a security point of view i would not recommend this. system users and 
their permissions should IMHO be considered part of the application, while 
permissions of groups like everyone may change independent of the code that 
delegates tasks to a system-sessions. this opens the door for privilege 
escalations.

hope that helps
angela



From: Konrad Windszus 
Sent: Monday, December 5, 2022 10:58
To: dev@sling.apache.org 
Subject: Re: Principal names used in 
org.apache.sling.serviceusermapping.impl.ServiceUserMapperImpl and "everyone" 
group

EXTERNAL: Use caution when clicking on links or opening attachments.


To answer my own question: Even the "everyone" group membership is not 
considered (if not explicitly added as principal name to the config).
Konrad

On 2022/12/02 19:01:57 Konrad Windszus wrote:
> Hi,
> With https://issues.apache.org/jira/browse/SLING-6963 
>  the support for principal 
> names has been added to the Service User Mapper.
> That in general does not consider group memberships.
> What about the special group “everyone” 
> (https://jackrabbit.apache.org/oak/docs/security/user/membership.html#everyone-group-and-everyone-as-member
>  
> ).
>  Are the rights inherited in this case?
>
> I have seen weird effects were the rights are only inherited sometimes…
>
> Thanks for clarification.
> Konrad

[jira] [Commented] (SLING-11467) support to update existing paths via repoinit statement

2022-12-05 Thread Angela Schreiber (Jira) 


[ 
https://issues.apache.org/jira/browse/SLING-11467?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel=17643384#comment-17643384
 ] 

Angela Schreiber commented on SLING-11467:
--

if this improvement is adopted i would suggest to use a similar solution than 
exists for user/group creation that allows to make sure the specified 
intermediate path is really used (and not ignored if the user/group already 
exists) with a 'forced' key word (see 
https://github.com/apache/sling-org-apache-sling-repoinit-parser/blob/master/src/main/javacc/RepoInitGrammar.jjt#L103).

> support to update existing paths via repoinit statement
> ---
>
> Key: SLING-11467
> URL: https://issues.apache.org/jira/browse/SLING-11467
> Project: Sling
>  Issue Type: Improvement
>  Components: Repoinit
>Reporter: Darshan Mahor
>Priority: Major
>
> As of now we can't update the path if it already exists in repository[1] via 
> repoinit statements like update primary type etc. This request is to support 
> the mechanism via which we can modify/update the existing paths with the 
> update/modification provided in repoinit statement. e.g. lets suppose we have 
> a path in repostiory  /content/test/testchild(nt:folder) and we want to 
> modify it to /content/test/testchild(sling:Folder).
>  
> [1]. 
> [https://github.com/apache/sling-org-apache-sling-jcr-repoinit/blob/master/src/main/java/org/apache/sling/jcr/repoinit/impl/AclVisitor.java#L189]
>  



--
This message was sent by Atlassian Jira
(v8.20.10#820010)

[GitHub] [sling-org-apache-sling-extensions-webconsolesecurityprovider] cziegeler merged pull request #3: SLING-11620 - Synchronization issue in Webconsole Security Provider

2022-12-05 Thread GitBox 


cziegeler merged PR #3:
URL: 
https://github.com/apache/sling-org-apache-sling-extensions-webconsolesecurityprovider/pull/3


-- 
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.

To unsubscribe, e-mail: dev-unsubscr...@sling.apache.org

For queries about this service, please contact Infrastructure at:
us...@infra.apache.org

[jira] [Updated] (SLING-11717) Sling WebConsoleSecurityProvider extension seems to deadlock in certain cases - Dupe

2022-12-05 Thread Henry Kuijpers (Jira) 


 [ 
https://issues.apache.org/jira/browse/SLING-11717?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel
 ]

Henry Kuijpers updated SLING-11717:
---
Summary: Sling WebConsoleSecurityProvider extension seems to deadlock in 
certain cases - Dupe  (was: Sling WebConsoleSecurityProvider extension seems to 
deadlock in certain cases)

> Sling WebConsoleSecurityProvider extension seems to deadlock in certain cases 
> - Dupe
> 
>
> Key: SLING-11717
> URL: https://issues.apache.org/jira/browse/SLING-11717
> Project: Sling
>  Issue Type: Bug
>Affects Versions: Web Console Security Provider 1.2.4, Web Console 
> Security Provider 1.2.6
>Reporter: Henry Kuijpers
>Priority: Major
>
> {code:java}
> Found one Java-level deadlock:
> =
> "FelixDispatchQueue":
>   waiting to lock monitor 7f8a5595d180 (object 7f8b03e7, a 
> org.apache.sling.extensions.webconsolesecurityprovider.internal.ServicesListener$Listener),
>   which is held by "Apache Sling Repository Startup Thread #1"
> "Apache Sling Repository Startup Thread #1":
>   waiting to lock monitor 7f8a5595d180 (object 45551fe9, a 
> org.apache.sling.extensions.webconsolesecurityprovider.internal.ServicesListener),
>   which is held by "FelixDispatchQueue"
> {code}
> The issue seems to be in 
> https://github.com/apache/sling-org-apache-sling-extensions-webconsolesecurityprovider/blob/fd7f0e9e4e287ceb72211ee2e08e55568713ddbd/src/main/java/org/apache/sling/extensions/webconsolesecurityprovider/internal/ServicesListener.java
>  and it could very well be that the last commit was the cause(?). 
> https://github.com/apache/sling-org-apache-sling-extensions-webconsolesecurityprovider/commit/fd7f0e9e4e287ceb72211ee2e08e55568713ddbd
>  
> {code:java}
> Java stack information for the threads listed above:
> ===
> "FelixDispatchQueue" prio=5 tid=0xd nid=0x waiting for monitor entry
>java.lang.Thread.State: BLOCKED
>   at 
> org.apache.sling.extensions.webconsolesecurityprovider.internal.ServicesListener$Listener.getService(ServicesListener.java:247)
>   - waiting to lock <0x7f8b03e7> (a 
> org.apache.sling.extensions.webconsolesecurityprovider.internal.ServicesListener$Listener)
>  owned by "Apache Sling Repository Startup Thread #1" tid=0x80
>   at 
> org.apache.sling.extensions.webconsolesecurityprovider.internal.ServicesListener.notifyChange(ServicesListener.java:121)
>   - locked <0x45551fe9> (a 
> org.apache.sling.extensions.webconsolesecurityprovider.internal.ServicesListener)
>   at 
> org.apache.sling.extensions.webconsolesecurityprovider.internal.ServicesListener.startupFinished(ServicesListener.java:105)
>   at 
> org.apache.sling.launchpad.base.impl.DefaultStartupHandler.startupFinished(DefaultStartupHandler.java:366)
>   at 
> org.apache.sling.launchpad.base.impl.DefaultStartupHandler.frameworkEvent(DefaultStartupHandler.java:287)
>   at 
> org.apache.felix.framework.EventDispatcher.invokeFrameworkListenerCallback(EventDispatcher.java:881)
>   at 
> org.apache.felix.framework.EventDispatcher.fireEventImmediately(EventDispatcher.java:830)
>   at 
> org.apache.felix.framework.EventDispatcher.run(EventDispatcher.java:1147)
>   at 
> org.apache.felix.framework.EventDispatcher.access$000(EventDispatcher.java:54)
>   at 
> org.apache.felix.framework.EventDispatcher$1.run(EventDispatcher.java:102)
>   at java.base@11.0.16.1/java.lang.Thread.run(Thread.java:834)
> "Apache Sling Repository Startup Thread #1" daemon prio=5 tid=0x50 
> nid=0x waiting for monitor entry
>java.lang.Thread.State: BLOCKED
>   at 
> org.apache.sling.extensions.webconsolesecurityprovider.internal.ServicesListener.notifyChange(ServicesListener.java:121)
>   - waiting to lock <0x45551fe9> (a 
> org.apache.sling.extensions.webconsolesecurityprovider.internal.ServicesListener)
>  owned by "FelixDispatchQueue" tid=0x13
>   at 
> org.apache.sling.extensions.webconsolesecurityprovider.internal.ServicesListener$Listener.retainService(ServicesListener.java:270)
>   - locked <0x7f8b03e7> (a 
> org.apache.sling.extensions.webconsolesecurityprovider.internal.ServicesListener$Listener)
>   at 
> org.apache.sling.extensions.webconsolesecurityprovider.internal.ServicesListener$Listener.serviceChanged(ServicesListener.java:295)
>   at 
> org.apache.felix.framework.EventDispatcher.invokeServiceListenerCallback(EventDispatcher.java:990)
>   at 
> org.apache.felix.framework.EventDispatcher.fireEventImmediately(EventDispatcher.java:838)
>   at 
> org.apache.felix.framework.EventDispatcher.fireServiceEvent(EventDispatcher.java:545)
>   at org.apache.felix.framework.Felix.fireServiceEvent(Felix.java:4833)
>   at

[jira] [Resolved] (SLING-11717) Sling WebConsoleSecurityProvider extension seems to deadlock in certain cases

2022-12-05 Thread Henry Kuijpers (Jira) 


 [ 
https://issues.apache.org/jira/browse/SLING-11717?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel
 ]

Henry Kuijpers resolved SLING-11717.

Resolution: Duplicate

> Sling WebConsoleSecurityProvider extension seems to deadlock in certain cases
> -
>
> Key: SLING-11717
> URL: https://issues.apache.org/jira/browse/SLING-11717
> Project: Sling
>  Issue Type: Bug
>Affects Versions: Web Console Security Provider 1.2.4, Web Console 
> Security Provider 1.2.6
>Reporter: Henry Kuijpers
>Priority: Major
>
> {code:java}
> Found one Java-level deadlock:
> =
> "FelixDispatchQueue":
>   waiting to lock monitor 7f8a5595d180 (object 7f8b03e7, a 
> org.apache.sling.extensions.webconsolesecurityprovider.internal.ServicesListener$Listener),
>   which is held by "Apache Sling Repository Startup Thread #1"
> "Apache Sling Repository Startup Thread #1":
>   waiting to lock monitor 7f8a5595d180 (object 45551fe9, a 
> org.apache.sling.extensions.webconsolesecurityprovider.internal.ServicesListener),
>   which is held by "FelixDispatchQueue"
> {code}
> The issue seems to be in 
> https://github.com/apache/sling-org-apache-sling-extensions-webconsolesecurityprovider/blob/fd7f0e9e4e287ceb72211ee2e08e55568713ddbd/src/main/java/org/apache/sling/extensions/webconsolesecurityprovider/internal/ServicesListener.java
>  and it could very well be that the last commit was the cause(?). 
> https://github.com/apache/sling-org-apache-sling-extensions-webconsolesecurityprovider/commit/fd7f0e9e4e287ceb72211ee2e08e55568713ddbd
>  
> {code:java}
> Java stack information for the threads listed above:
> ===
> "FelixDispatchQueue" prio=5 tid=0xd nid=0x waiting for monitor entry
>java.lang.Thread.State: BLOCKED
>   at 
> org.apache.sling.extensions.webconsolesecurityprovider.internal.ServicesListener$Listener.getService(ServicesListener.java:247)
>   - waiting to lock <0x7f8b03e7> (a 
> org.apache.sling.extensions.webconsolesecurityprovider.internal.ServicesListener$Listener)
>  owned by "Apache Sling Repository Startup Thread #1" tid=0x80
>   at 
> org.apache.sling.extensions.webconsolesecurityprovider.internal.ServicesListener.notifyChange(ServicesListener.java:121)
>   - locked <0x45551fe9> (a 
> org.apache.sling.extensions.webconsolesecurityprovider.internal.ServicesListener)
>   at 
> org.apache.sling.extensions.webconsolesecurityprovider.internal.ServicesListener.startupFinished(ServicesListener.java:105)
>   at 
> org.apache.sling.launchpad.base.impl.DefaultStartupHandler.startupFinished(DefaultStartupHandler.java:366)
>   at 
> org.apache.sling.launchpad.base.impl.DefaultStartupHandler.frameworkEvent(DefaultStartupHandler.java:287)
>   at 
> org.apache.felix.framework.EventDispatcher.invokeFrameworkListenerCallback(EventDispatcher.java:881)
>   at 
> org.apache.felix.framework.EventDispatcher.fireEventImmediately(EventDispatcher.java:830)
>   at 
> org.apache.felix.framework.EventDispatcher.run(EventDispatcher.java:1147)
>   at 
> org.apache.felix.framework.EventDispatcher.access$000(EventDispatcher.java:54)
>   at 
> org.apache.felix.framework.EventDispatcher$1.run(EventDispatcher.java:102)
>   at java.base@11.0.16.1/java.lang.Thread.run(Thread.java:834)
> "Apache Sling Repository Startup Thread #1" daemon prio=5 tid=0x50 
> nid=0x waiting for monitor entry
>java.lang.Thread.State: BLOCKED
>   at 
> org.apache.sling.extensions.webconsolesecurityprovider.internal.ServicesListener.notifyChange(ServicesListener.java:121)
>   - waiting to lock <0x45551fe9> (a 
> org.apache.sling.extensions.webconsolesecurityprovider.internal.ServicesListener)
>  owned by "FelixDispatchQueue" tid=0x13
>   at 
> org.apache.sling.extensions.webconsolesecurityprovider.internal.ServicesListener$Listener.retainService(ServicesListener.java:270)
>   - locked <0x7f8b03e7> (a 
> org.apache.sling.extensions.webconsolesecurityprovider.internal.ServicesListener$Listener)
>   at 
> org.apache.sling.extensions.webconsolesecurityprovider.internal.ServicesListener$Listener.serviceChanged(ServicesListener.java:295)
>   at 
> org.apache.felix.framework.EventDispatcher.invokeServiceListenerCallback(EventDispatcher.java:990)
>   at 
> org.apache.felix.framework.EventDispatcher.fireEventImmediately(EventDispatcher.java:838)
>   at 
> org.apache.felix.framework.EventDispatcher.fireServiceEvent(EventDispatcher.java:545)
>   at org.apache.felix.framework.Felix.fireServiceEvent(Felix.java:4833)
>   at org.apache.felix.framework.Felix.registerService(Felix.java:3804)
>   at 
> org.apache.felix.framework.BundleContextImpl.registerService(BundleContextImpl.java:328)
>   at

[jira] [Commented] (SLING-11717) Sling WebConsoleSecurityProvider extension seems to deadlock in certain cases

2022-12-05 Thread Henry Kuijpers (Jira) 


[ 
https://issues.apache.org/jira/browse/SLING-11717?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel=17643350#comment-17643350
 ] 

Henry Kuijpers commented on SLING-11717:


Yes, indeed, that is exactly our problem! I'm closing this one.

> Sling WebConsoleSecurityProvider extension seems to deadlock in certain cases
> -
>
> Key: SLING-11717
> URL: https://issues.apache.org/jira/browse/SLING-11717
> Project: Sling
>  Issue Type: Bug
>Affects Versions: Web Console Security Provider 1.2.4, Web Console 
> Security Provider 1.2.6
>Reporter: Henry Kuijpers
>Priority: Major
>
> {code:java}
> Found one Java-level deadlock:
> =
> "FelixDispatchQueue":
>   waiting to lock monitor 7f8a5595d180 (object 7f8b03e7, a 
> org.apache.sling.extensions.webconsolesecurityprovider.internal.ServicesListener$Listener),
>   which is held by "Apache Sling Repository Startup Thread #1"
> "Apache Sling Repository Startup Thread #1":
>   waiting to lock monitor 7f8a5595d180 (object 45551fe9, a 
> org.apache.sling.extensions.webconsolesecurityprovider.internal.ServicesListener),
>   which is held by "FelixDispatchQueue"
> {code}
> The issue seems to be in 
> https://github.com/apache/sling-org-apache-sling-extensions-webconsolesecurityprovider/blob/fd7f0e9e4e287ceb72211ee2e08e55568713ddbd/src/main/java/org/apache/sling/extensions/webconsolesecurityprovider/internal/ServicesListener.java
>  and it could very well be that the last commit was the cause(?). 
> https://github.com/apache/sling-org-apache-sling-extensions-webconsolesecurityprovider/commit/fd7f0e9e4e287ceb72211ee2e08e55568713ddbd
>  
> {code:java}
> Java stack information for the threads listed above:
> ===
> "FelixDispatchQueue" prio=5 tid=0xd nid=0x waiting for monitor entry
>java.lang.Thread.State: BLOCKED
>   at 
> org.apache.sling.extensions.webconsolesecurityprovider.internal.ServicesListener$Listener.getService(ServicesListener.java:247)
>   - waiting to lock <0x7f8b03e7> (a 
> org.apache.sling.extensions.webconsolesecurityprovider.internal.ServicesListener$Listener)
>  owned by "Apache Sling Repository Startup Thread #1" tid=0x80
>   at 
> org.apache.sling.extensions.webconsolesecurityprovider.internal.ServicesListener.notifyChange(ServicesListener.java:121)
>   - locked <0x45551fe9> (a 
> org.apache.sling.extensions.webconsolesecurityprovider.internal.ServicesListener)
>   at 
> org.apache.sling.extensions.webconsolesecurityprovider.internal.ServicesListener.startupFinished(ServicesListener.java:105)
>   at 
> org.apache.sling.launchpad.base.impl.DefaultStartupHandler.startupFinished(DefaultStartupHandler.java:366)
>   at 
> org.apache.sling.launchpad.base.impl.DefaultStartupHandler.frameworkEvent(DefaultStartupHandler.java:287)
>   at 
> org.apache.felix.framework.EventDispatcher.invokeFrameworkListenerCallback(EventDispatcher.java:881)
>   at 
> org.apache.felix.framework.EventDispatcher.fireEventImmediately(EventDispatcher.java:830)
>   at 
> org.apache.felix.framework.EventDispatcher.run(EventDispatcher.java:1147)
>   at 
> org.apache.felix.framework.EventDispatcher.access$000(EventDispatcher.java:54)
>   at 
> org.apache.felix.framework.EventDispatcher$1.run(EventDispatcher.java:102)
>   at java.base@11.0.16.1/java.lang.Thread.run(Thread.java:834)
> "Apache Sling Repository Startup Thread #1" daemon prio=5 tid=0x50 
> nid=0x waiting for monitor entry
>java.lang.Thread.State: BLOCKED
>   at 
> org.apache.sling.extensions.webconsolesecurityprovider.internal.ServicesListener.notifyChange(ServicesListener.java:121)
>   - waiting to lock <0x45551fe9> (a 
> org.apache.sling.extensions.webconsolesecurityprovider.internal.ServicesListener)
>  owned by "FelixDispatchQueue" tid=0x13
>   at 
> org.apache.sling.extensions.webconsolesecurityprovider.internal.ServicesListener$Listener.retainService(ServicesListener.java:270)
>   - locked <0x7f8b03e7> (a 
> org.apache.sling.extensions.webconsolesecurityprovider.internal.ServicesListener$Listener)
>   at 
> org.apache.sling.extensions.webconsolesecurityprovider.internal.ServicesListener$Listener.serviceChanged(ServicesListener.java:295)
>   at 
> org.apache.felix.framework.EventDispatcher.invokeServiceListenerCallback(EventDispatcher.java:990)
>   at 
> org.apache.felix.framework.EventDispatcher.fireEventImmediately(EventDispatcher.java:838)
>   at 
> org.apache.felix.framework.EventDispatcher.fireServiceEvent(EventDispatcher.java:545)
>   at org.apache.felix.framework.Felix.fireServiceEvent(Felix.java:4833)
>   at org.apache.felix.framework.Felix.registerService(Felix.java:3804)
>   at 
>

[GitHub] [sling-org-apache-sling-extensions-webconsolesecurityprovider] henrykuijpers commented on pull request #3: SLING-11620 - Synchronization issue in Webconsole Security Provider

2022-12-05 Thread GitBox 


henrykuijpers commented on PR #3:
URL: 
https://github.com/apache/sling-org-apache-sling-extensions-webconsolesecurityprovider/pull/3#issuecomment-1337367107

   @cziegeler @joerghoh Can you please check this PR? It seems we are hitting 
this issue during repository startup (sometimes) in our production machine as 
well. We restart this machine every night, so every night it will be a gamble 
if this thing actually comes up and runs fine. :)


-- 
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.

To unsubscribe, e-mail: dev-unsubscr...@sling.apache.org

For queries about this service, please contact Infrastructure at:
us...@infra.apache.org

[GitHub] [sling-site] kwin merged pull request #103: Descripe priorities

2022-12-05 Thread GitBox 


kwin merged PR #103:
URL: https://github.com/apache/sling-site/pull/103


-- 
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.

To unsubscribe, e-mail: dev-unsubscr...@sling.apache.org

For queries about this service, please contact Infrastructure at:
us...@infra.apache.org

[jira] [Commented] (SLING-11717) Sling WebConsoleSecurityProvider extension seems to deadlock in certain cases

2022-12-05 Thread Carsten Ziegeler (Jira) 


[ 
https://issues.apache.org/jira/browse/SLING-11717?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel=17643347#comment-17643347
 ] 

Carsten Ziegeler commented on SLING-11717:
--

Might be a duplicate of SLING-11620

> Sling WebConsoleSecurityProvider extension seems to deadlock in certain cases
> -
>
> Key: SLING-11717
> URL: https://issues.apache.org/jira/browse/SLING-11717
> Project: Sling
>  Issue Type: Bug
>Affects Versions: Web Console Security Provider 1.2.4, Web Console 
> Security Provider 1.2.6
>Reporter: Henry Kuijpers
>Priority: Major
>
> {code:java}
> Found one Java-level deadlock:
> =
> "FelixDispatchQueue":
>   waiting to lock monitor 7f8a5595d180 (object 7f8b03e7, a 
> org.apache.sling.extensions.webconsolesecurityprovider.internal.ServicesListener$Listener),
>   which is held by "Apache Sling Repository Startup Thread #1"
> "Apache Sling Repository Startup Thread #1":
>   waiting to lock monitor 7f8a5595d180 (object 45551fe9, a 
> org.apache.sling.extensions.webconsolesecurityprovider.internal.ServicesListener),
>   which is held by "FelixDispatchQueue"
> {code}
> The issue seems to be in 
> https://github.com/apache/sling-org-apache-sling-extensions-webconsolesecurityprovider/blob/fd7f0e9e4e287ceb72211ee2e08e55568713ddbd/src/main/java/org/apache/sling/extensions/webconsolesecurityprovider/internal/ServicesListener.java
>  and it could very well be that the last commit was the cause(?). 
> https://github.com/apache/sling-org-apache-sling-extensions-webconsolesecurityprovider/commit/fd7f0e9e4e287ceb72211ee2e08e55568713ddbd
>  
> {code:java}
> Java stack information for the threads listed above:
> ===
> "FelixDispatchQueue" prio=5 tid=0xd nid=0x waiting for monitor entry
>java.lang.Thread.State: BLOCKED
>   at 
> org.apache.sling.extensions.webconsolesecurityprovider.internal.ServicesListener$Listener.getService(ServicesListener.java:247)
>   - waiting to lock <0x7f8b03e7> (a 
> org.apache.sling.extensions.webconsolesecurityprovider.internal.ServicesListener$Listener)
>  owned by "Apache Sling Repository Startup Thread #1" tid=0x80
>   at 
> org.apache.sling.extensions.webconsolesecurityprovider.internal.ServicesListener.notifyChange(ServicesListener.java:121)
>   - locked <0x45551fe9> (a 
> org.apache.sling.extensions.webconsolesecurityprovider.internal.ServicesListener)
>   at 
> org.apache.sling.extensions.webconsolesecurityprovider.internal.ServicesListener.startupFinished(ServicesListener.java:105)
>   at 
> org.apache.sling.launchpad.base.impl.DefaultStartupHandler.startupFinished(DefaultStartupHandler.java:366)
>   at 
> org.apache.sling.launchpad.base.impl.DefaultStartupHandler.frameworkEvent(DefaultStartupHandler.java:287)
>   at 
> org.apache.felix.framework.EventDispatcher.invokeFrameworkListenerCallback(EventDispatcher.java:881)
>   at 
> org.apache.felix.framework.EventDispatcher.fireEventImmediately(EventDispatcher.java:830)
>   at 
> org.apache.felix.framework.EventDispatcher.run(EventDispatcher.java:1147)
>   at 
> org.apache.felix.framework.EventDispatcher.access$000(EventDispatcher.java:54)
>   at 
> org.apache.felix.framework.EventDispatcher$1.run(EventDispatcher.java:102)
>   at java.base@11.0.16.1/java.lang.Thread.run(Thread.java:834)
> "Apache Sling Repository Startup Thread #1" daemon prio=5 tid=0x50 
> nid=0x waiting for monitor entry
>java.lang.Thread.State: BLOCKED
>   at 
> org.apache.sling.extensions.webconsolesecurityprovider.internal.ServicesListener.notifyChange(ServicesListener.java:121)
>   - waiting to lock <0x45551fe9> (a 
> org.apache.sling.extensions.webconsolesecurityprovider.internal.ServicesListener)
>  owned by "FelixDispatchQueue" tid=0x13
>   at 
> org.apache.sling.extensions.webconsolesecurityprovider.internal.ServicesListener$Listener.retainService(ServicesListener.java:270)
>   - locked <0x7f8b03e7> (a 
> org.apache.sling.extensions.webconsolesecurityprovider.internal.ServicesListener$Listener)
>   at 
> org.apache.sling.extensions.webconsolesecurityprovider.internal.ServicesListener$Listener.serviceChanged(ServicesListener.java:295)
>   at 
> org.apache.felix.framework.EventDispatcher.invokeServiceListenerCallback(EventDispatcher.java:990)
>   at 
> org.apache.felix.framework.EventDispatcher.fireEventImmediately(EventDispatcher.java:838)
>   at 
> org.apache.felix.framework.EventDispatcher.fireServiceEvent(EventDispatcher.java:545)
>   at org.apache.felix.framework.Felix.fireServiceEvent(Felix.java:4833)
>   at org.apache.felix.framework.Felix.registerService(Felix.java:3804)
>   at 
>

[jira] [Updated] (SLING-11717) Sling WebConsoleSecurityProvider extension seems to deadlock in certain cases

2022-12-05 Thread Henry Kuijpers (Jira) 


 [ 
https://issues.apache.org/jira/browse/SLING-11717?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel
 ]

Henry Kuijpers updated SLING-11717:
---
Affects Version/s: Web Console Security Provider 1.2.4

> Sling WebConsoleSecurityProvider extension seems to deadlock in certain cases
> -
>
> Key: SLING-11717
> URL: https://issues.apache.org/jira/browse/SLING-11717
> Project: Sling
>  Issue Type: Bug
>Affects Versions: Web Console Security Provider 1.2.4, Web Console 
> Security Provider 1.2.6
>Reporter: Henry Kuijpers
>Priority: Major
>
> {code:java}
> Found one Java-level deadlock:
> =
> "FelixDispatchQueue":
>   waiting to lock monitor 7f8a5595d180 (object 7f8b03e7, a 
> org.apache.sling.extensions.webconsolesecurityprovider.internal.ServicesListener$Listener),
>   which is held by "Apache Sling Repository Startup Thread #1"
> "Apache Sling Repository Startup Thread #1":
>   waiting to lock monitor 7f8a5595d180 (object 45551fe9, a 
> org.apache.sling.extensions.webconsolesecurityprovider.internal.ServicesListener),
>   which is held by "FelixDispatchQueue"
> {code}
> The issue seems to be in 
> https://github.com/apache/sling-org-apache-sling-extensions-webconsolesecurityprovider/blob/fd7f0e9e4e287ceb72211ee2e08e55568713ddbd/src/main/java/org/apache/sling/extensions/webconsolesecurityprovider/internal/ServicesListener.java
>  and it could very well be that the last commit was the cause(?). 
> https://github.com/apache/sling-org-apache-sling-extensions-webconsolesecurityprovider/commit/fd7f0e9e4e287ceb72211ee2e08e55568713ddbd
>  
> {code:java}
> Java stack information for the threads listed above:
> ===
> "FelixDispatchQueue" prio=5 tid=0xd nid=0x waiting for monitor entry
>java.lang.Thread.State: BLOCKED
>   at 
> org.apache.sling.extensions.webconsolesecurityprovider.internal.ServicesListener$Listener.getService(ServicesListener.java:247)
>   - waiting to lock <0x7f8b03e7> (a 
> org.apache.sling.extensions.webconsolesecurityprovider.internal.ServicesListener$Listener)
>  owned by "Apache Sling Repository Startup Thread #1" tid=0x80
>   at 
> org.apache.sling.extensions.webconsolesecurityprovider.internal.ServicesListener.notifyChange(ServicesListener.java:121)
>   - locked <0x45551fe9> (a 
> org.apache.sling.extensions.webconsolesecurityprovider.internal.ServicesListener)
>   at 
> org.apache.sling.extensions.webconsolesecurityprovider.internal.ServicesListener.startupFinished(ServicesListener.java:105)
>   at 
> org.apache.sling.launchpad.base.impl.DefaultStartupHandler.startupFinished(DefaultStartupHandler.java:366)
>   at 
> org.apache.sling.launchpad.base.impl.DefaultStartupHandler.frameworkEvent(DefaultStartupHandler.java:287)
>   at 
> org.apache.felix.framework.EventDispatcher.invokeFrameworkListenerCallback(EventDispatcher.java:881)
>   at 
> org.apache.felix.framework.EventDispatcher.fireEventImmediately(EventDispatcher.java:830)
>   at 
> org.apache.felix.framework.EventDispatcher.run(EventDispatcher.java:1147)
>   at 
> org.apache.felix.framework.EventDispatcher.access$000(EventDispatcher.java:54)
>   at 
> org.apache.felix.framework.EventDispatcher$1.run(EventDispatcher.java:102)
>   at java.base@11.0.16.1/java.lang.Thread.run(Thread.java:834)
> "Apache Sling Repository Startup Thread #1" daemon prio=5 tid=0x50 
> nid=0x waiting for monitor entry
>java.lang.Thread.State: BLOCKED
>   at 
> org.apache.sling.extensions.webconsolesecurityprovider.internal.ServicesListener.notifyChange(ServicesListener.java:121)
>   - waiting to lock <0x45551fe9> (a 
> org.apache.sling.extensions.webconsolesecurityprovider.internal.ServicesListener)
>  owned by "FelixDispatchQueue" tid=0x13
>   at 
> org.apache.sling.extensions.webconsolesecurityprovider.internal.ServicesListener$Listener.retainService(ServicesListener.java:270)
>   - locked <0x7f8b03e7> (a 
> org.apache.sling.extensions.webconsolesecurityprovider.internal.ServicesListener$Listener)
>   at 
> org.apache.sling.extensions.webconsolesecurityprovider.internal.ServicesListener$Listener.serviceChanged(ServicesListener.java:295)
>   at 
> org.apache.felix.framework.EventDispatcher.invokeServiceListenerCallback(EventDispatcher.java:990)
>   at 
> org.apache.felix.framework.EventDispatcher.fireEventImmediately(EventDispatcher.java:838)
>   at 
> org.apache.felix.framework.EventDispatcher.fireServiceEvent(EventDispatcher.java:545)
>   at org.apache.felix.framework.Felix.fireServiceEvent(Felix.java:4833)
>   at org.apache.felix.framework.Felix.registerService(Felix.java:3804)
>   at 
>

[jira] [Updated] (SLING-11717) Sling WebConsoleSecurityProvider extension seems to deadlock in certain cases

2022-12-05 Thread Henry Kuijpers (Jira) 


 [ 
https://issues.apache.org/jira/browse/SLING-11717?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel
 ]

Henry Kuijpers updated SLING-11717:
---
Affects Version/s: Web Console Security Provider 1.2.6

> Sling WebConsoleSecurityProvider extension seems to deadlock in certain cases
> -
>
> Key: SLING-11717
> URL: https://issues.apache.org/jira/browse/SLING-11717
> Project: Sling
>  Issue Type: Bug
>Affects Versions: Web Console Security Provider 1.2.6
>Reporter: Henry Kuijpers
>Priority: Major
>
> {code:java}
> Found one Java-level deadlock:
> =
> "FelixDispatchQueue":
>   waiting to lock monitor 7f8a5595d180 (object 7f8b03e7, a 
> org.apache.sling.extensions.webconsolesecurityprovider.internal.ServicesListener$Listener),
>   which is held by "Apache Sling Repository Startup Thread #1"
> "Apache Sling Repository Startup Thread #1":
>   waiting to lock monitor 7f8a5595d180 (object 45551fe9, a 
> org.apache.sling.extensions.webconsolesecurityprovider.internal.ServicesListener),
>   which is held by "FelixDispatchQueue"
> {code}
> The issue seems to be in 
> https://github.com/apache/sling-org-apache-sling-extensions-webconsolesecurityprovider/blob/fd7f0e9e4e287ceb72211ee2e08e55568713ddbd/src/main/java/org/apache/sling/extensions/webconsolesecurityprovider/internal/ServicesListener.java
>  and it could very well be that the last commit was the cause(?). 
> https://github.com/apache/sling-org-apache-sling-extensions-webconsolesecurityprovider/commit/fd7f0e9e4e287ceb72211ee2e08e55568713ddbd
>  
> {code:java}
> Java stack information for the threads listed above:
> ===
> "FelixDispatchQueue" prio=5 tid=0xd nid=0x waiting for monitor entry
>java.lang.Thread.State: BLOCKED
>   at 
> org.apache.sling.extensions.webconsolesecurityprovider.internal.ServicesListener$Listener.getService(ServicesListener.java:247)
>   - waiting to lock <0x7f8b03e7> (a 
> org.apache.sling.extensions.webconsolesecurityprovider.internal.ServicesListener$Listener)
>  owned by "Apache Sling Repository Startup Thread #1" tid=0x80
>   at 
> org.apache.sling.extensions.webconsolesecurityprovider.internal.ServicesListener.notifyChange(ServicesListener.java:121)
>   - locked <0x45551fe9> (a 
> org.apache.sling.extensions.webconsolesecurityprovider.internal.ServicesListener)
>   at 
> org.apache.sling.extensions.webconsolesecurityprovider.internal.ServicesListener.startupFinished(ServicesListener.java:105)
>   at 
> org.apache.sling.launchpad.base.impl.DefaultStartupHandler.startupFinished(DefaultStartupHandler.java:366)
>   at 
> org.apache.sling.launchpad.base.impl.DefaultStartupHandler.frameworkEvent(DefaultStartupHandler.java:287)
>   at 
> org.apache.felix.framework.EventDispatcher.invokeFrameworkListenerCallback(EventDispatcher.java:881)
>   at 
> org.apache.felix.framework.EventDispatcher.fireEventImmediately(EventDispatcher.java:830)
>   at 
> org.apache.felix.framework.EventDispatcher.run(EventDispatcher.java:1147)
>   at 
> org.apache.felix.framework.EventDispatcher.access$000(EventDispatcher.java:54)
>   at 
> org.apache.felix.framework.EventDispatcher$1.run(EventDispatcher.java:102)
>   at java.base@11.0.16.1/java.lang.Thread.run(Thread.java:834)
> "Apache Sling Repository Startup Thread #1" daemon prio=5 tid=0x50 
> nid=0x waiting for monitor entry
>java.lang.Thread.State: BLOCKED
>   at 
> org.apache.sling.extensions.webconsolesecurityprovider.internal.ServicesListener.notifyChange(ServicesListener.java:121)
>   - waiting to lock <0x45551fe9> (a 
> org.apache.sling.extensions.webconsolesecurityprovider.internal.ServicesListener)
>  owned by "FelixDispatchQueue" tid=0x13
>   at 
> org.apache.sling.extensions.webconsolesecurityprovider.internal.ServicesListener$Listener.retainService(ServicesListener.java:270)
>   - locked <0x7f8b03e7> (a 
> org.apache.sling.extensions.webconsolesecurityprovider.internal.ServicesListener$Listener)
>   at 
> org.apache.sling.extensions.webconsolesecurityprovider.internal.ServicesListener$Listener.serviceChanged(ServicesListener.java:295)
>   at 
> org.apache.felix.framework.EventDispatcher.invokeServiceListenerCallback(EventDispatcher.java:990)
>   at 
> org.apache.felix.framework.EventDispatcher.fireEventImmediately(EventDispatcher.java:838)
>   at 
> org.apache.felix.framework.EventDispatcher.fireServiceEvent(EventDispatcher.java:545)
>   at org.apache.felix.framework.Felix.fireServiceEvent(Felix.java:4833)
>   at org.apache.felix.framework.Felix.registerService(Felix.java:3804)
>   at 
> org.apache.felix.framework.BundleContextImpl.registerService(BundleContextImpl.java:328)
>   at 
>

[jira] [Updated] (SLING-11717) Sling WebConsoleSecurityProvider extension seems to deadlock in certain cases

2022-12-05 Thread Henry Kuijpers (Jira) 


 [ 
https://issues.apache.org/jira/browse/SLING-11717?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel
 ]

Henry Kuijpers updated SLING-11717:
---
Description: 
{code:java}
Found one Java-level deadlock:
=
"FelixDispatchQueue":
  waiting to lock monitor 7f8a5595d180 (object 7f8b03e7, a 
org.apache.sling.extensions.webconsolesecurityprovider.internal.ServicesListener$Listener),
  which is held by "Apache Sling Repository Startup Thread #1"
"Apache Sling Repository Startup Thread #1":
  waiting to lock monitor 7f8a5595d180 (object 45551fe9, a 
org.apache.sling.extensions.webconsolesecurityprovider.internal.ServicesListener),
  which is held by "FelixDispatchQueue"
{code}

The issue seems to be in 
https://github.com/apache/sling-org-apache-sling-extensions-webconsolesecurityprovider/blob/fd7f0e9e4e287ceb72211ee2e08e55568713ddbd/src/main/java/org/apache/sling/extensions/webconsolesecurityprovider/internal/ServicesListener.java
 and it could very well be that the last commit was the cause(?). 
https://github.com/apache/sling-org-apache-sling-extensions-webconsolesecurityprovider/commit/fd7f0e9e4e287ceb72211ee2e08e55568713ddbd
 


{code:java}
Java stack information for the threads listed above:
===
"FelixDispatchQueue" prio=5 tid=0xd nid=0x waiting for monitor entry
   java.lang.Thread.State: BLOCKED
at 
org.apache.sling.extensions.webconsolesecurityprovider.internal.ServicesListener$Listener.getService(ServicesListener.java:247)
- waiting to lock <0x7f8b03e7> (a 
org.apache.sling.extensions.webconsolesecurityprovider.internal.ServicesListener$Listener)
 owned by "Apache Sling Repository Startup Thread #1" tid=0x80
at 
org.apache.sling.extensions.webconsolesecurityprovider.internal.ServicesListener.notifyChange(ServicesListener.java:121)
- locked <0x45551fe9> (a 
org.apache.sling.extensions.webconsolesecurityprovider.internal.ServicesListener)
at 
org.apache.sling.extensions.webconsolesecurityprovider.internal.ServicesListener.startupFinished(ServicesListener.java:105)
at 
org.apache.sling.launchpad.base.impl.DefaultStartupHandler.startupFinished(DefaultStartupHandler.java:366)
at 
org.apache.sling.launchpad.base.impl.DefaultStartupHandler.frameworkEvent(DefaultStartupHandler.java:287)
at 
org.apache.felix.framework.EventDispatcher.invokeFrameworkListenerCallback(EventDispatcher.java:881)
at 
org.apache.felix.framework.EventDispatcher.fireEventImmediately(EventDispatcher.java:830)
at 
org.apache.felix.framework.EventDispatcher.run(EventDispatcher.java:1147)
at 
org.apache.felix.framework.EventDispatcher.access$000(EventDispatcher.java:54)
at 
org.apache.felix.framework.EventDispatcher$1.run(EventDispatcher.java:102)
at java.base@11.0.16.1/java.lang.Thread.run(Thread.java:834)
"Apache Sling Repository Startup Thread #1" daemon prio=5 tid=0x50 
nid=0x waiting for monitor entry
   java.lang.Thread.State: BLOCKED
at 
org.apache.sling.extensions.webconsolesecurityprovider.internal.ServicesListener.notifyChange(ServicesListener.java:121)
- waiting to lock <0x45551fe9> (a 
org.apache.sling.extensions.webconsolesecurityprovider.internal.ServicesListener)
 owned by "FelixDispatchQueue" tid=0x13
at 
org.apache.sling.extensions.webconsolesecurityprovider.internal.ServicesListener$Listener.retainService(ServicesListener.java:270)
- locked <0x7f8b03e7> (a 
org.apache.sling.extensions.webconsolesecurityprovider.internal.ServicesListener$Listener)
at 
org.apache.sling.extensions.webconsolesecurityprovider.internal.ServicesListener$Listener.serviceChanged(ServicesListener.java:295)
at 
org.apache.felix.framework.EventDispatcher.invokeServiceListenerCallback(EventDispatcher.java:990)
at 
org.apache.felix.framework.EventDispatcher.fireEventImmediately(EventDispatcher.java:838)
at 
org.apache.felix.framework.EventDispatcher.fireServiceEvent(EventDispatcher.java:545)
at org.apache.felix.framework.Felix.fireServiceEvent(Felix.java:4833)
at org.apache.felix.framework.Felix.registerService(Felix.java:3804)
at 
org.apache.felix.framework.BundleContextImpl.registerService(BundleContextImpl.java:328)
at 
org.apache.felix.scr.impl.manager.AbstractComponentManager$3.register(AbstractComponentManager.java:907)
at 
org.apache.felix.scr.impl.manager.AbstractComponentManager$3.register(AbstractComponentManager.java:893)
at 
org.apache.felix.scr.impl.manager.RegistrationManager.changeRegistration(RegistrationManager.java:128)
at 
org.apache.felix.scr.impl.manager.AbstractComponentManager.registerService(AbstractComponentManager.java:960)
at 
org.apache.felix.scr.impl.manager.AbstractComponentManager.activateInternal(AbstractComponentManager.java:733)
at

[jira] [Updated] (SLING-11717) Sling WebConsoleSecurityProvider extension seems to deadlock in certain cases

2022-12-05 Thread Henry Kuijpers (Jira) 


 [ 
https://issues.apache.org/jira/browse/SLING-11717?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel
 ]

Henry Kuijpers updated SLING-11717:
---
Description: 
{code:java}
Found one Java-level deadlock:
=
"FelixDispatchQueue":
  waiting to lock monitor 7f8a5595d180 (object 7f8b03e7, a 
org.apache.sling.extensions.webconsolesecurityprovider.internal.ServicesListener$Listener),
  which is held by "Apache Sling Repository Startup Thread #1"
"Apache Sling Repository Startup Thread #1":
  waiting to lock monitor 7f8a5595d180 (object 45551fe9, a 
org.apache.sling.extensions.webconsolesecurityprovider.internal.ServicesListener),
  which is held by "FelixDispatchQueue"
{code}

The issue seems to be in 
https://github.com/apache/sling-org-apache-sling-extensions-webconsolesecurityprovider/blob/fd7f0e9e4e287ceb72211ee2e08e55568713ddbd/src/main/java/org/apache/sling/extensions/webconsolesecurityprovider/internal/ServicesListener.java
 and it could very well be that the last commit was the cause(?). 
https://github.com/apache/sling-org-apache-sling-extensions-webconsolesecurityprovider/commit/fd7f0e9e4e287ceb72211ee2e08e55568713ddbd
 


> Sling WebConsoleSecurityProvider extension seems to deadlock in certain cases
> -
>
> Key: SLING-11717
> URL: https://issues.apache.org/jira/browse/SLING-11717
> Project: Sling
>  Issue Type: Bug
>Reporter: Henry Kuijpers
>Priority: Major
>
> {code:java}
> Found one Java-level deadlock:
> =
> "FelixDispatchQueue":
>   waiting to lock monitor 7f8a5595d180 (object 7f8b03e7, a 
> org.apache.sling.extensions.webconsolesecurityprovider.internal.ServicesListener$Listener),
>   which is held by "Apache Sling Repository Startup Thread #1"
> "Apache Sling Repository Startup Thread #1":
>   waiting to lock monitor 7f8a5595d180 (object 45551fe9, a 
> org.apache.sling.extensions.webconsolesecurityprovider.internal.ServicesListener),
>   which is held by "FelixDispatchQueue"
> {code}
> The issue seems to be in 
> https://github.com/apache/sling-org-apache-sling-extensions-webconsolesecurityprovider/blob/fd7f0e9e4e287ceb72211ee2e08e55568713ddbd/src/main/java/org/apache/sling/extensions/webconsolesecurityprovider/internal/ServicesListener.java
>  and it could very well be that the last commit was the cause(?). 
> https://github.com/apache/sling-org-apache-sling-extensions-webconsolesecurityprovider/commit/fd7f0e9e4e287ceb72211ee2e08e55568713ddbd
>  



--
This message was sent by Atlassian Jira
(v8.20.10#820010)

[jira] [Updated] (SLING-11717) Sling WebConsoleSecurityProvider extension seems to deadlock in certain cases

2022-12-05 Thread Henry Kuijpers (Jira) 


 [ 
https://issues.apache.org/jira/browse/SLING-11717?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel
 ]

Henry Kuijpers updated SLING-11717:
---
Summary: Sling WebConsoleSecurityProvider extension seems to deadlock in 
certain cases  (was: Sling WebConsoleProvider )

> Sling WebConsoleSecurityProvider extension seems to deadlock in certain cases
> -
>
> Key: SLING-11717
> URL: https://issues.apache.org/jira/browse/SLING-11717
> Project: Sling
>  Issue Type: Bug
>Reporter: Henry Kuijpers
>Priority: Major
>




--
This message was sent by Atlassian Jira
(v8.20.10#820010)

[jira] [Created] (SLING-11717) Sling WebConsoleProvider

2022-12-05 Thread Henry Kuijpers (Jira) 
Henry Kuijpers created SLING-11717:
--

 Summary: Sling WebConsoleProvider 
 Key: SLING-11717
 URL: https://issues.apache.org/jira/browse/SLING-11717
 Project: Sling
  Issue Type: Bug
Reporter: Henry Kuijpers






--
This message was sent by Atlassian Jira
(v8.20.10#820010)

[GitHub] [sling-site] kwin opened a new pull request, #103: Descripe priorities

2022-12-05 Thread GitBox 


kwin opened a new pull request, #103:
URL: https://github.com/apache/sling-site/pull/103

   Add reference to Launchpad provider


-- 
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.

To unsubscribe, e-mail: dev-unsubscr...@sling.apache.org

For queries about this service, please contact Infrastructure at:
us...@infra.apache.org

[GitHub] [sling-org-apache-sling-caconfig-impl] sonarcloud[bot] commented on pull request #6: SLING-11716 add caching in caconfig

2022-12-05 Thread GitBox 


sonarcloud[bot] commented on PR #6:
URL: 
https://github.com/apache/sling-org-apache-sling-caconfig-impl/pull/6#issuecomment-1337143982

   SonarCloud Quality Gate failed.  [![Quality Gate 
failed](https://sonarsource.github.io/sonarcloud-github-static-resources/v2/checks/QualityGateBadge/failed-16px.png
 'Quality Gate 
failed')](https://sonarcloud.io/dashboard?id=apache_sling-org-apache-sling-caconfig-impl=6)
   
   
[![Bug](https://sonarsource.github.io/sonarcloud-github-static-resources/v2/common/bug-16px.png
 
'Bug')](https://sonarcloud.io/project/issues?id=apache_sling-org-apache-sling-caconfig-impl=6=false=BUG)
 
[![C](https://sonarsource.github.io/sonarcloud-github-static-resources/v2/checks/RatingBadge/C-16px.png
 
'C')](https://sonarcloud.io/project/issues?id=apache_sling-org-apache-sling-caconfig-impl=6=false=BUG)
 [1 
Bug](https://sonarcloud.io/project/issues?id=apache_sling-org-apache-sling-caconfig-impl=6=false=BUG)
  
   
[![Vulnerability](https://sonarsource.github.io/sonarcloud-github-static-resources/v2/common/vulnerability-16px.png
 
'Vulnerability')](https://sonarcloud.io/project/issues?id=apache_sling-org-apache-sling-caconfig-impl=6=false=VULNERABILITY)
 
[![A](https://sonarsource.github.io/sonarcloud-github-static-resources/v2/checks/RatingBadge/A-16px.png
 
'A')](https://sonarcloud.io/project/issues?id=apache_sling-org-apache-sling-caconfig-impl=6=false=VULNERABILITY)
 [0 
Vulnerabilities](https://sonarcloud.io/project/issues?id=apache_sling-org-apache-sling-caconfig-impl=6=false=VULNERABILITY)
  
   [![Security 
Hotspot](https://sonarsource.github.io/sonarcloud-github-static-resources/v2/common/security_hotspot-16px.png
 'Security 
Hotspot')](https://sonarcloud.io/project/security_hotspots?id=apache_sling-org-apache-sling-caconfig-impl=6=false=SECURITY_HOTSPOT)
 
[![A](https://sonarsource.github.io/sonarcloud-github-static-resources/v2/checks/RatingBadge/A-16px.png
 
'A')](https://sonarcloud.io/project/security_hotspots?id=apache_sling-org-apache-sling-caconfig-impl=6=false=SECURITY_HOTSPOT)
 [0 Security 
Hotspots](https://sonarcloud.io/project/security_hotspots?id=apache_sling-org-apache-sling-caconfig-impl=6=false=SECURITY_HOTSPOT)
  
   [![Code 
Smell](https://sonarsource.github.io/sonarcloud-github-static-resources/v2/common/code_smell-16px.png
 'Code 
Smell')](https://sonarcloud.io/project/issues?id=apache_sling-org-apache-sling-caconfig-impl=6=false=CODE_SMELL)
 
[![A](https://sonarsource.github.io/sonarcloud-github-static-resources/v2/checks/RatingBadge/A-16px.png
 
'A')](https://sonarcloud.io/project/issues?id=apache_sling-org-apache-sling-caconfig-impl=6=false=CODE_SMELL)
 [0 Code 
Smells](https://sonarcloud.io/project/issues?id=apache_sling-org-apache-sling-caconfig-impl=6=false=CODE_SMELL)
   
   
[![100.0%](https://sonarsource.github.io/sonarcloud-github-static-resources/v2/checks/CoverageChart/100-16px.png
 
'100.0%')](https://sonarcloud.io/component_measures?id=apache_sling-org-apache-sling-caconfig-impl=6=new_coverage=list)
 [100.0% 
Coverage](https://sonarcloud.io/component_measures?id=apache_sling-org-apache-sling-caconfig-impl=6=new_coverage=list)
  
   
[![0.0%](https://sonarsource.github.io/sonarcloud-github-static-resources/v2/checks/Duplications/3-16px.png
 
'0.0%')](https://sonarcloud.io/component_measures?id=apache_sling-org-apache-sling-caconfig-impl=6=new_duplicated_lines_density=list)
 [0.0% 
Duplication](https://sonarcloud.io/component_measures?id=apache_sling-org-apache-sling-caconfig-impl=6=new_duplicated_lines_density=list)
   
   


-- 
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.

To unsubscribe, e-mail: dev-unsubscr...@sling.apache.org

For queries about this service, please contact Infrastructure at:
us...@infra.apache.org

[jira] [Commented] (SLING-11716) Avoid redundant resolutions of context-aware resource

2022-12-05 Thread Joerg Hoh (Jira) 


[ 
https://issues.apache.org/jira/browse/SLING-11716?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel=17643252#comment-17643252
 ] 

Joerg Hoh commented on SLING-11716:
---

PR https://github.com/apache/sling-org-apache-sling-caconfig-impl/pull/6

> Avoid redundant resolutions of context-aware resource
> -
>
> Key: SLING-11716
> URL: https://issues.apache.org/jira/browse/SLING-11716
> Project: Sling
>  Issue Type: Improvement
>Affects Versions: Context-Aware Configuration Impl 1.6.0
>Reporter: Joerg Hoh
>Assignee: Joerg Hoh
>Priority: Major
>  Time Spent: 10m
>  Remaining Estimate: 0h
>
> Duplicate resolutions of the context-aware resource of the same resource (by 
> path) should be avoided, if they have happen with the same instance of a 
> ResourceResolver.
> This helps to avoid repository access, which is known to be a major factor in 
> runtime performance.



--
This message was sent by Atlassian Jira
(v8.20.10#820010)

[GitHub] [sling-org-apache-sling-caconfig-impl] joerghoh opened a new pull request, #6: SLING-11716 add caching in caconfig

2022-12-05 Thread GitBox 


joerghoh opened a new pull request, #6:
URL: https://github.com/apache/sling-org-apache-sling-caconfig-impl/pull/6

   * cache successful resolutions and avoid duplicate resolutions of the same 
resource (path) and cah 
   * updates to a later version of the ResourceResolver API


-- 
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.

To unsubscribe, e-mail: dev-unsubscr...@sling.apache.org

For queries about this service, please contact Infrastructure at:
us...@infra.apache.org

[jira] [Created] (SLING-11716) Avoid redundant resolutions of context-aware resource

2022-12-05 Thread Joerg Hoh (Jira) 
Joerg Hoh created SLING-11716:
-

 Summary: Avoid redundant resolutions of context-aware resource
 Key: SLING-11716
 URL: https://issues.apache.org/jira/browse/SLING-11716
 Project: Sling
  Issue Type: Improvement
Affects Versions: Context-Aware Configuration Impl 1.6.0
Reporter: Joerg Hoh


Duplicate resolutions of the context-aware resource of the same resource (by 
path) should be avoided, if they have happen with the same instance of a 
ResourceResolver.

This helps to avoid repository access, which is known to be a major factor in 
runtime performance.



--
This message was sent by Atlassian Jira
(v8.20.10#820010)

[jira] [Assigned] (SLING-11716) Avoid redundant resolutions of context-aware resource

2022-12-05 Thread Joerg Hoh (Jira) 


 [ 
https://issues.apache.org/jira/browse/SLING-11716?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel
 ]

Joerg Hoh reassigned SLING-11716:
-

Assignee: Joerg Hoh

> Avoid redundant resolutions of context-aware resource
> -
>
> Key: SLING-11716
> URL: https://issues.apache.org/jira/browse/SLING-11716
> Project: Sling
>  Issue Type: Improvement
>Affects Versions: Context-Aware Configuration Impl 1.6.0
>Reporter: Joerg Hoh
>Assignee: Joerg Hoh
>Priority: Major
>
> Duplicate resolutions of the context-aware resource of the same resource (by 
> path) should be avoided, if they have happen with the same instance of a 
> ResourceResolver.
> This helps to avoid repository access, which is known to be a major factor in 
> runtime performance.



--
This message was sent by Atlassian Jira
(v8.20.10#820010)

Re: Principal names used in org.apache.sling.serviceusermapping.impl.ServiceUserMapperImpl and "everyone" group

2022-12-05 Thread Konrad Windszus 
To answer my own question: Even the "everyone" group membership is not 
considered (if not explicitly added as principal name to the config).
Konrad

On 2022/12/02 19:01:57 Konrad Windszus wrote:
> Hi,
> With https://issues.apache.org/jira/browse/SLING-6963 
>  the support for principal 
> names has been added to the Service User Mapper.
> That in general does not consider group memberships.
> What about the special group “everyone” 
> (https://jackrabbit.apache.org/oak/docs/security/user/membership.html#everyone-group-and-everyone-as-member
>  
> ).
>  Are the rights inherited in this case?
> 
> I have seen weird effects were the rights are only inherited sometimes…
> 
> Thanks for clarification.
> Konrad

[GitHub] [sling-org-apache-sling-scripting-sightly] royteeuwen opened a new pull request, #22: SLING-11706: Add basename provider to allow global basename setting i…

2022-12-05 Thread GitBox 


royteeuwen opened a new pull request, #22:
URL: https://github.com/apache/sling-org-apache-sling-scripting-sightly/pull/22

   …nstead of only per component


-- 
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.

To unsubscribe, e-mail: dev-unsubscr...@sling.apache.org

For queries about this service, please contact Infrastructure at:
us...@infra.apache.org

[jira] [Closed] (SLING-11538) Add display context for JSON string

2022-12-05 Thread Konrad Windszus (Jira) 


 [ 
https://issues.apache.org/jira/browse/SLING-11538?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel
 ]

Konrad Windszus closed SLING-11538.
---

> Add display context for JSON string
> ---
>
> Key: SLING-11538
> URL: https://issues.apache.org/jira/browse/SLING-11538
> Project: Sling
>  Issue Type: Improvement
>  Components: HTL
>Reporter: Konrad Windszus
>Assignee: Konrad Windszus
>Priority: Major
> Fix For: Scripting HTL Engine 1.4.22-1.4.0
>
>  Time Spent: 1h 50m
>  Remaining Estimate: 0h
>
> It would be useful to add an output context to HTL to be used inside JSON. As 
> JSON is very complex, the most essential one which currently cannot be 
> achieved with any other existing contexts is escaping for a JSON String value 
> (compare with https://github.com/adobe/htl-spec/issues/5).
> I propose to introduce a new context {{jsonString}} next to {{scriptString}} 
> in 
> https://github.com/apache/sling-org-apache-sling-scripting-sightly/blob/192d953514e6e579428cda157a7e83fc2a05cc01/src/main/java/org/apache/sling/scripting/sightly/impl/engine/extension/XSSRuntimeExtension.java#L93.
> As it is not part of the official HTL spec at 
> https://github.com/adobe/htl-spec/blob/master/SPECIFICATION.md#121-display-context
>  it needs to be listed as Sling-specific addition in 
> https://sling.apache.org/documentation/bundles/scripting/scripting-htl.html#extensions-of-the-htl-specification.



--
This message was sent by Atlassian Jira
(v8.20.10#820010)

[jira] [Closed] (SLING-10654) HTL optionally support ICU4j MessageFormat for string formatting

2022-12-05 Thread Konrad Windszus (Jira) 


 [ 
https://issues.apache.org/jira/browse/SLING-10654?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel
 ]

Konrad Windszus closed SLING-10654.
---

> HTL optionally support ICU4j MessageFormat for string formatting
> 
>
> Key: SLING-10654
> URL: https://issues.apache.org/jira/browse/SLING-10654
> Project: Sling
>  Issue Type: New Feature
>  Components: Scripting
>Reporter: Dirk Rudolph
>Assignee: Dirk Rudolph
>Priority: Major
> Fix For: Scripting HTL Engine 1.4.22-1.4.0
>
>  Time Spent: 5h 20m
>  Remaining Estimate: 0h
>
> The [ICU 
> MessageFormat|https://unicode-org.github.io/icu-docs/apidoc/dev/icu4j/com/ibm/icu/text/MessageFormat.html]
>  provides a rich set of features compared to the currently implemented, 
> simple placeholder replacement. In particular I am referring to the support 
> for plural rules. Plural forms for words in combination with numbers are not 
> as simple in all language as they are in English (or German), for example 
> consider the following format {{\{0} result(s)}}
> ||Language||One||Few||Many||
> |English|1 result|3 results|15 results|
> |German|1 Ergebnis|3 Ergebnisse|15 Ergebnisse|
> |Czech|1 výsledek|3 výsledky|15 výsledků|
> With the ICU Message Format the above format could be modified according to a 
> locale to support this
> ||Locale||Format||
> |en|{{\{0,plural, one \{# result} other \{# results|
> |de|{{\{0,plural, one \{# Ergebnis} other \{# Ergebnisse|
> |cs|{{\{0,plural, one \{# výsledek} few \{# výsledky} other \{# výsledků|
> According to the HTL specification the format option allows [to replace 
> placeholders|https://github.com/adobe/htl-spec/blob/1.4/SPECIFICATION.md#122-format]
>  in {{Strings}}.
> {quote}placeholders (eg: \{0}) in the pattern, triggers string formatting
> {quote}
> It does not define a specific definition of a placeholder and simply refers 
> to {{\{0}}} as an example. The support of complex placeholders as described 
> above should be a valid implementation detail.
> However, with only regular placeholders the overhead of parsing the format as 
> ICU MessageFormat comes with a performance penalty. So it must only be used 
> if the format contains at least one complex placeholder, for example 
> identified by {{\{\d+,[^}]+}}}. The support can be implemented completely 
> optional, depending on the existence of icu4j at runtime.



--
This message was sent by Atlassian Jira
(v8.20.10#820010)

[RESULT] [VOTE] Release Apache Sling Scripting HTL Engine version 1.4.22-1.4.0

2022-12-05 Thread Konrad Windszus 
Hi, The vote has passed with the following result : 

 +1 (binding): Stefan, Robert, Radu, Carsten

I will copy this release to the Sling dist directory and promote the artifacts 
to the central Maven repository.
Thanks for voting,
Konrad

> On 1. Dec 2022, at 18:01, Konrad Windszus  wrote:
> 
> Hi, 
> We solved some issues in this release: 
> https://issues.apache.org/jira/projects/SLING/versions/12352203
> 
> Staging repository: 
> https://repository.apache.org/content/repositories/orgapachesling-2702/
> 
> You can use this UNIX script to download the release and verify the 
> signatures: 
> https://gitbox.apache.org/repos/asf?p=sling-tooling-release.git;a=blob;f=check_staged_release.sh;hb=HEAD
> Usage: sh check_staged_release.sh 2702 /tmp/sling-staging 
> 
> Please vote to approve this release: 
> [ ] +1 Approve the release
> [ ] 0 Don't care
> [ ] -1 Don't release, because …
> 
> This majority vote is open for at least 72 hours.
> Thanks,
> Konrad