[PR] Bump commons-io:commons-io from 2.16.0 to 2.16.1 [maven-assembly-plugin]

[via GitHub]

dependabot[bot] opened a new pull request, #201:
URL: https://github.com/apache/maven-assembly-plugin/pull/201

   Bumps commons-io:commons-io from 2.16.0 to 2.16.1.
   
   
   [![Dependabot compatibility 
score](https://dependabot-badges.githubapp.com/badges/compatibility_score?dependency-name=commons-io:commons-io=maven=2.16.0=2.16.1)](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores)
   
   Dependabot will resolve any conflicts with this PR as long as you don't 
alter it yourself. You can also trigger a rebase manually by commenting 
`@dependabot rebase`.
   
   [//]: # (dependabot-automerge-start)
   [//]: # (dependabot-automerge-end)
   
   ---
   
   
   Dependabot commands and options
   
   
   You can trigger Dependabot actions by commenting on this PR:
   - `@dependabot rebase` will rebase this PR
   - `@dependabot recreate` will recreate this PR, overwriting any edits that 
have been made to it
   - `@dependabot merge` will merge this PR after your CI passes on it
   - `@dependabot squash and merge` will squash and merge this PR after your CI 
passes on it
   - `@dependabot cancel merge` will cancel a previously requested merge and 
block automerging
   - `@dependabot reopen` will reopen this PR if it is closed
   - `@dependabot close` will close this PR and stop Dependabot recreating it. 
You can achieve the same result by closing it manually
   - `@dependabot show  ignore conditions` will show all of 
the ignore conditions of the specified dependency
   - `@dependabot ignore this major version` will close this PR and stop 
Dependabot creating any more for this major version (unless you reopen the PR 
or upgrade to it yourself)
   - `@dependabot ignore this minor version` will close this PR and stop 
Dependabot creating any more for this minor version (unless you reopen the PR 
or upgrade to it yourself)
   - `@dependabot ignore this dependency` will close this PR and stop 
Dependabot creating any more for this dependency (unless you reopen the PR or 
upgrade to it yourself)
   
   
   


-- 
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.

To unsubscribe, e-mail: issues-unsubscr...@maven.apache.org

For queries about this service, please contact Infrastructure at:
us...@infra.apache.org

[PR] Bump commons-io:commons-io from 2.16.0 to 2.16.1 [maven-doxia-converter]

[via GitHub]

dependabot[bot] opened a new pull request, #66:
URL: https://github.com/apache/maven-doxia-converter/pull/66

   Bumps commons-io:commons-io from 2.16.0 to 2.16.1.
   
   
   [![Dependabot compatibility 
score](https://dependabot-badges.githubapp.com/badges/compatibility_score?dependency-name=commons-io:commons-io=maven=2.16.0=2.16.1)](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores)
   
   Dependabot will resolve any conflicts with this PR as long as you don't 
alter it yourself. You can also trigger a rebase manually by commenting 
`@dependabot rebase`.
   
   [//]: # (dependabot-automerge-start)
   [//]: # (dependabot-automerge-end)
   
   ---
   
   
   Dependabot commands and options
   
   
   You can trigger Dependabot actions by commenting on this PR:
   - `@dependabot rebase` will rebase this PR
   - `@dependabot recreate` will recreate this PR, overwriting any edits that 
have been made to it
   - `@dependabot merge` will merge this PR after your CI passes on it
   - `@dependabot squash and merge` will squash and merge this PR after your CI 
passes on it
   - `@dependabot cancel merge` will cancel a previously requested merge and 
block automerging
   - `@dependabot reopen` will reopen this PR if it is closed
   - `@dependabot close` will close this PR and stop Dependabot recreating it. 
You can achieve the same result by closing it manually
   - `@dependabot show  ignore conditions` will show all of 
the ignore conditions of the specified dependency
   - `@dependabot ignore this major version` will close this PR and stop 
Dependabot creating any more for this major version (unless you reopen the PR 
or upgrade to it yourself)
   - `@dependabot ignore this minor version` will close this PR and stop 
Dependabot creating any more for this minor version (unless you reopen the PR 
or upgrade to it yourself)
   - `@dependabot ignore this dependency` will close this PR and stop 
Dependabot creating any more for this dependency (unless you reopen the PR or 
upgrade to it yourself)
   
   
   


-- 
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.

To unsubscribe, e-mail: issues-unsubscr...@maven.apache.org

For queries about this service, please contact Infrastructure at:
us...@infra.apache.org

[PR] Bump commons-io:commons-io from 2.16.0 to 2.16.1 [maven-script-interpreter]

[via GitHub]

dependabot[bot] opened a new pull request, #118:
URL: https://github.com/apache/maven-script-interpreter/pull/118

   Bumps commons-io:commons-io from 2.16.0 to 2.16.1.
   
   
   [![Dependabot compatibility 
score](https://dependabot-badges.githubapp.com/badges/compatibility_score?dependency-name=commons-io:commons-io=maven=2.16.0=2.16.1)](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores)
   
   Dependabot will resolve any conflicts with this PR as long as you don't 
alter it yourself. You can also trigger a rebase manually by commenting 
`@dependabot rebase`.
   
   [//]: # (dependabot-automerge-start)
   [//]: # (dependabot-automerge-end)
   
   ---
   
   
   Dependabot commands and options
   
   
   You can trigger Dependabot actions by commenting on this PR:
   - `@dependabot rebase` will rebase this PR
   - `@dependabot recreate` will recreate this PR, overwriting any edits that 
have been made to it
   - `@dependabot merge` will merge this PR after your CI passes on it
   - `@dependabot squash and merge` will squash and merge this PR after your CI 
passes on it
   - `@dependabot cancel merge` will cancel a previously requested merge and 
block automerging
   - `@dependabot reopen` will reopen this PR if it is closed
   - `@dependabot close` will close this PR and stop Dependabot recreating it. 
You can achieve the same result by closing it manually
   - `@dependabot show  ignore conditions` will show all of 
the ignore conditions of the specified dependency
   - `@dependabot ignore this major version` will close this PR and stop 
Dependabot creating any more for this major version (unless you reopen the PR 
or upgrade to it yourself)
   - `@dependabot ignore this minor version` will close this PR and stop 
Dependabot creating any more for this minor version (unless you reopen the PR 
or upgrade to it yourself)
   - `@dependabot ignore this dependency` will close this PR and stop 
Dependabot creating any more for this dependency (unless you reopen the PR or 
upgrade to it yourself)
   
   
   


-- 
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.

To unsubscribe, e-mail: issues-unsubscr...@maven.apache.org

For queries about this service, please contact Infrastructure at:
us...@infra.apache.org

[PR] Bump commons-io:commons-io from 2.16.0 to 2.16.1 [maven-jlink-plugin]

[via GitHub]

dependabot[bot] opened a new pull request, #203:
URL: https://github.com/apache/maven-jlink-plugin/pull/203

   Bumps commons-io:commons-io from 2.16.0 to 2.16.1.
   
   
   [![Dependabot compatibility 
score](https://dependabot-badges.githubapp.com/badges/compatibility_score?dependency-name=commons-io:commons-io=maven=2.16.0=2.16.1)](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores)
   
   Dependabot will resolve any conflicts with this PR as long as you don't 
alter it yourself. You can also trigger a rebase manually by commenting 
`@dependabot rebase`.
   
   [//]: # (dependabot-automerge-start)
   [//]: # (dependabot-automerge-end)
   
   ---
   
   
   Dependabot commands and options
   
   
   You can trigger Dependabot actions by commenting on this PR:
   - `@dependabot rebase` will rebase this PR
   - `@dependabot recreate` will recreate this PR, overwriting any edits that 
have been made to it
   - `@dependabot merge` will merge this PR after your CI passes on it
   - `@dependabot squash and merge` will squash and merge this PR after your CI 
passes on it
   - `@dependabot cancel merge` will cancel a previously requested merge and 
block automerging
   - `@dependabot reopen` will reopen this PR if it is closed
   - `@dependabot close` will close this PR and stop Dependabot recreating it. 
You can achieve the same result by closing it manually
   - `@dependabot show  ignore conditions` will show all of 
the ignore conditions of the specified dependency
   - `@dependabot ignore this major version` will close this PR and stop 
Dependabot creating any more for this major version (unless you reopen the PR 
or upgrade to it yourself)
   - `@dependabot ignore this minor version` will close this PR and stop 
Dependabot creating any more for this minor version (unless you reopen the PR 
or upgrade to it yourself)
   - `@dependabot ignore this dependency` will close this PR and stop 
Dependabot creating any more for this dependency (unless you reopen the PR or 
upgrade to it yourself)
   
   
   


-- 
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.

To unsubscribe, e-mail: issues-unsubscr...@maven.apache.org

For queries about this service, please contact Infrastructure at:
us...@infra.apache.org

[PR] Bump commons-io:commons-io from 2.16.0 to 2.16.1 [maven-gpg-plugin]

[via GitHub]

dependabot[bot] opened a new pull request, #94:
URL: https://github.com/apache/maven-gpg-plugin/pull/94

   Bumps commons-io:commons-io from 2.16.0 to 2.16.1.
   
   
   [![Dependabot compatibility 
score](https://dependabot-badges.githubapp.com/badges/compatibility_score?dependency-name=commons-io:commons-io=maven=2.16.0=2.16.1)](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores)
   
   Dependabot will resolve any conflicts with this PR as long as you don't 
alter it yourself. You can also trigger a rebase manually by commenting 
`@dependabot rebase`.
   
   [//]: # (dependabot-automerge-start)
   [//]: # (dependabot-automerge-end)
   
   ---
   
   
   Dependabot commands and options
   
   
   You can trigger Dependabot actions by commenting on this PR:
   - `@dependabot rebase` will rebase this PR
   - `@dependabot recreate` will recreate this PR, overwriting any edits that 
have been made to it
   - `@dependabot merge` will merge this PR after your CI passes on it
   - `@dependabot squash and merge` will squash and merge this PR after your CI 
passes on it
   - `@dependabot cancel merge` will cancel a previously requested merge and 
block automerging
   - `@dependabot reopen` will reopen this PR if it is closed
   - `@dependabot close` will close this PR and stop Dependabot recreating it. 
You can achieve the same result by closing it manually
   - `@dependabot show  ignore conditions` will show all of 
the ignore conditions of the specified dependency
   - `@dependabot ignore this major version` will close this PR and stop 
Dependabot creating any more for this major version (unless you reopen the PR 
or upgrade to it yourself)
   - `@dependabot ignore this minor version` will close this PR and stop 
Dependabot creating any more for this minor version (unless you reopen the PR 
or upgrade to it yourself)
   - `@dependabot ignore this dependency` will close this PR and stop 
Dependabot creating any more for this dependency (unless you reopen the PR or 
upgrade to it yourself)
   
   
   


-- 
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.

To unsubscribe, e-mail: issues-unsubscr...@maven.apache.org

For queries about this service, please contact Infrastructure at:
us...@infra.apache.org

[PR] Bump commons-io:commons-io from 2.16.0 to 2.16.1 [maven-invoker-plugin]

[via GitHub]

dependabot[bot] opened a new pull request, #222:
URL: https://github.com/apache/maven-invoker-plugin/pull/222

   Bumps commons-io:commons-io from 2.16.0 to 2.16.1.
   
   
   [![Dependabot compatibility 
score](https://dependabot-badges.githubapp.com/badges/compatibility_score?dependency-name=commons-io:commons-io=maven=2.16.0=2.16.1)](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores)
   
   Dependabot will resolve any conflicts with this PR as long as you don't 
alter it yourself. You can also trigger a rebase manually by commenting 
`@dependabot rebase`.
   
   [//]: # (dependabot-automerge-start)
   [//]: # (dependabot-automerge-end)
   
   ---
   
   
   Dependabot commands and options
   
   
   You can trigger Dependabot actions by commenting on this PR:
   - `@dependabot rebase` will rebase this PR
   - `@dependabot recreate` will recreate this PR, overwriting any edits that 
have been made to it
   - `@dependabot merge` will merge this PR after your CI passes on it
   - `@dependabot squash and merge` will squash and merge this PR after your CI 
passes on it
   - `@dependabot cancel merge` will cancel a previously requested merge and 
block automerging
   - `@dependabot reopen` will reopen this PR if it is closed
   - `@dependabot close` will close this PR and stop Dependabot recreating it. 
You can achieve the same result by closing it manually
   - `@dependabot show  ignore conditions` will show all of 
the ignore conditions of the specified dependency
   - `@dependabot ignore this major version` will close this PR and stop 
Dependabot creating any more for this major version (unless you reopen the PR 
or upgrade to it yourself)
   - `@dependabot ignore this minor version` will close this PR and stop 
Dependabot creating any more for this minor version (unless you reopen the PR 
or upgrade to it yourself)
   - `@dependabot ignore this dependency` will close this PR and stop 
Dependabot creating any more for this dependency (unless you reopen the PR or 
upgrade to it yourself)
   
   
   


-- 
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.

To unsubscribe, e-mail: issues-unsubscr...@maven.apache.org

For queries about this service, please contact Infrastructure at:
us...@infra.apache.org

[PR] Bump org.apache.maven.shared:maven-script-interpreter from 1.4 to 1.5 [maven-invoker-plugin]

[via GitHub]

dependabot[bot] opened a new pull request, #221:
URL: https://github.com/apache/maven-invoker-plugin/pull/221

   Bumps 
[org.apache.maven.shared:maven-script-interpreter](https://github.com/apache/maven-script-interpreter)
 from 1.4 to 1.5.
   
   Release notes
   Sourced from https://github.com/apache/maven-script-interpreter/releases;>org.apache.maven.shared:maven-script-interpreter's
 releases.
   
   1.5
   
    New features and improvements
   
   https://issues.apache.org/jira/browse/MSHARED-1368;>[MSHARED-1368] - 
Synchronize interpreter execution (https://redirect.github.com/apache/maven-script-interpreter/pull/115;>#115)
 https://github.com/slawekjaranowski;>@​slawekjaranowski
   https://issues.apache.org/jira/browse/MSHARED-1359;>[MSHARED-1359] - 
Use child first classloader in BeanShellScriptInterpreter (https://redirect.github.com/apache/maven-script-interpreter/pull/114;>#114)
 https://github.com/slawekjaranowski;>@​slawekjaranowski
   https://issues.apache.org/jira/browse/MSHARED-1359;>[MSHARED-1359] - 
Optimize classloader in BeanShellScriptInterpreter (https://redirect.github.com/apache/maven-script-interpreter/pull/112;>#112)
 https://github.com/slawekjaranowski;>@​slawekjaranowski
   https://issues.apache.org/jira/browse/MSHARED-1359;>[MSHARED-1359] - 
Allow reuse the same classloader for multiple script executions (https://redirect.github.com/apache/maven-script-interpreter/pull/109;>#109)
 https://github.com/slawekjaranowski;>@​slawekjaranowski
   
    Dependency updates
   
   https://issues.apache.org/jira/browse/MSHARED-1370;>[MSHARED-1370] - 
Bump commons-io:commons-io from 2.11.0 to 2.16.0 (https://redirect.github.com/apache/maven-script-interpreter/pull/113;>#113)
 https://github.com/dependabot;>@​dependabot
   Bump org.apache.groovy:groovy from 4.0.18 to 4.0.20 (https://redirect.github.com/apache/maven-script-interpreter/pull/108;>#108)
 https://github.com/dependabot;>@​dependabot
   Bump apache/maven-gh-actions-shared from 3 to 4 (https://redirect.github.com/apache/maven-script-interpreter/pull/107;>#107)
 https://github.com/dependabot;>@​dependabot
   Bump org.junit:junit-bom from 5.10.1 to 5.10.2 (https://redirect.github.com/apache/maven-script-interpreter/pull/105;>#105)
 https://github.com/dependabot;>@​dependabot
   Bump org.apache.groovy:groovy from 4.0.17 to 4.0.18 (https://redirect.github.com/apache/maven-script-interpreter/pull/104;>#104)
 https://github.com/dependabot;>@​dependabot
   Bump org.apache.groovy:groovy from 4.0.6 to 4.0.17 (https://redirect.github.com/apache/maven-script-interpreter/pull/102;>#102)
 https://github.com/dependabot;>@​dependabot
   https://issues.apache.org/jira/browse/MSHARED-1350;>[MSHARED-1350] - 
Upgrade parent POM to version 41 (https://redirect.github.com/apache/maven-script-interpreter/pull/103;>#103)
 https://github.com/slachiewicz;>@​slachiewicz
   Bump org.junit:junit-bom from 5.10.0 to 5.10.1 (https://redirect.github.com/apache/maven-script-interpreter/pull/99;>#99)
 https://github.com/dependabot;>@​dependabot
   Bump org.junit:junit-bom from 5.9.2 to 5.10.0 (https://redirect.github.com/apache/maven-script-interpreter/pull/98;>#98)
 https://github.com/dependabot;>@​dependabot
   Bump junit-bom from 5.9.1 to 5.9.2 (https://redirect.github.com/apache/maven-script-interpreter/pull/90;>#90)
 https://github.com/dependabot;>@​dependabot
   Bump apache/maven-gh-actions-shared from 2 to 3 (https://redirect.github.com/apache/maven-script-interpreter/pull/93;>#93)
 https://github.com/dependabot;>@​dependabot
   
    Maintenance
   
   https://issues.apache.org/jira/browse/MSHARED-1378;>[MSHARED-1378] - 
Cleanup of test code (https://redirect.github.com/apache/maven-script-interpreter/pull/117;>#117)
 https://github.com/slawekjaranowski;>@​slawekjaranowski
   https://issues.apache.org/jira/browse/MSHARED-1371;>[MSHARED-1371] - 
Refresh download page (https://redirect.github.com/apache/maven-script-interpreter/pull/116;>#116)
 https://github.com/slawekjaranowski;>@​slawekjaranowski
   Cleanups in dependabot configuration (https://redirect.github.com/apache/maven-script-interpreter/pull/111;>#111)
 https://github.com/slawekjaranowski;>@​slawekjaranowski
   Use default configuration for Jenkins build (https://redirect.github.com/apache/maven-script-interpreter/pull/110;>#110)
 https://github.com/slawekjaranowski;>@​slawekjaranowski
   https://issues.apache.org/jira/browse/MSHARED-1350;>[MSHARED-1350] - 
Upgrade parent POM to version 41 (https://redirect.github.com/apache/maven-script-interpreter/pull/103;>#103)
 https://github.com/slachiewicz;>@​slachiewicz
   Bump org.junit:junit-bom from 5.9.2 to 5.10.0 (https://redirect.github.com/apache/maven-script-interpreter/pull/98;>#98)
 https://github.com/dependabot;>@​dependabot
   Bump junit-bom from 5.9.1 to 5.9.2 (https://redirect.github.com/apache/maven-script-interpreter/pull/90;>#90)
 https://github.com/dependabot;>@​dependabot
   
   
   
   
   Commits
   
   

[PR] Bump commons-io:commons-io from 2.16.0 to 2.16.1 [maven-dependency-analyzer]

[via GitHub]

dependabot[bot] opened a new pull request, #114:
URL: https://github.com/apache/maven-dependency-analyzer/pull/114

   Bumps commons-io:commons-io from 2.16.0 to 2.16.1.
   
   
   [![Dependabot compatibility 
score](https://dependabot-badges.githubapp.com/badges/compatibility_score?dependency-name=commons-io:commons-io=maven=2.16.0=2.16.1)](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores)
   
   Dependabot will resolve any conflicts with this PR as long as you don't 
alter it yourself. You can also trigger a rebase manually by commenting 
`@dependabot rebase`.
   
   [//]: # (dependabot-automerge-start)
   [//]: # (dependabot-automerge-end)
   
   ---
   
   
   Dependabot commands and options
   
   
   You can trigger Dependabot actions by commenting on this PR:
   - `@dependabot rebase` will rebase this PR
   - `@dependabot recreate` will recreate this PR, overwriting any edits that 
have been made to it
   - `@dependabot merge` will merge this PR after your CI passes on it
   - `@dependabot squash and merge` will squash and merge this PR after your CI 
passes on it
   - `@dependabot cancel merge` will cancel a previously requested merge and 
block automerging
   - `@dependabot reopen` will reopen this PR if it is closed
   - `@dependabot close` will close this PR and stop Dependabot recreating it. 
You can achieve the same result by closing it manually
   - `@dependabot show  ignore conditions` will show all of 
the ignore conditions of the specified dependency
   - `@dependabot ignore this major version` will close this PR and stop 
Dependabot creating any more for this major version (unless you reopen the PR 
or upgrade to it yourself)
   - `@dependabot ignore this minor version` will close this PR and stop 
Dependabot creating any more for this minor version (unless you reopen the PR 
or upgrade to it yourself)
   - `@dependabot ignore this dependency` will close this PR and stop 
Dependabot creating any more for this dependency (unless you reopen the PR or 
upgrade to it yourself)
   
   
   


-- 
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.

To unsubscribe, e-mail: issues-unsubscr...@maven.apache.org

For queries about this service, please contact Infrastructure at:
us...@infra.apache.org

[PR] Bump commons-io:commons-io from 2.16.0 to 2.16.1 [maven-resources-plugin]

[via GitHub]

dependabot[bot] opened a new pull request, #70:
URL: https://github.com/apache/maven-resources-plugin/pull/70

   Bumps commons-io:commons-io from 2.16.0 to 2.16.1.
   
   
   [![Dependabot compatibility 
score](https://dependabot-badges.githubapp.com/badges/compatibility_score?dependency-name=commons-io:commons-io=maven=2.16.0=2.16.1)](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores)
   
   Dependabot will resolve any conflicts with this PR as long as you don't 
alter it yourself. You can also trigger a rebase manually by commenting 
`@dependabot rebase`.
   
   [//]: # (dependabot-automerge-start)
   [//]: # (dependabot-automerge-end)
   
   ---
   
   
   Dependabot commands and options
   
   
   You can trigger Dependabot actions by commenting on this PR:
   - `@dependabot rebase` will rebase this PR
   - `@dependabot recreate` will recreate this PR, overwriting any edits that 
have been made to it
   - `@dependabot merge` will merge this PR after your CI passes on it
   - `@dependabot squash and merge` will squash and merge this PR after your CI 
passes on it
   - `@dependabot cancel merge` will cancel a previously requested merge and 
block automerging
   - `@dependabot reopen` will reopen this PR if it is closed
   - `@dependabot close` will close this PR and stop Dependabot recreating it. 
You can achieve the same result by closing it manually
   - `@dependabot show  ignore conditions` will show all of 
the ignore conditions of the specified dependency
   - `@dependabot ignore this major version` will close this PR and stop 
Dependabot creating any more for this major version (unless you reopen the PR 
or upgrade to it yourself)
   - `@dependabot ignore this minor version` will close this PR and stop 
Dependabot creating any more for this minor version (unless you reopen the PR 
or upgrade to it yourself)
   - `@dependabot ignore this dependency` will close this PR and stop 
Dependabot creating any more for this dependency (unless you reopen the PR or 
upgrade to it yourself)
   
   
   


-- 
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.

To unsubscribe, e-mail: issues-unsubscr...@maven.apache.org

For queries about this service, please contact Infrastructure at:
us...@infra.apache.org

[PR] Bump commons-io:commons-io from 2.16.0 to 2.16.1 [maven-javadoc-plugin]

[via GitHub]

dependabot[bot] opened a new pull request, #276:
URL: https://github.com/apache/maven-javadoc-plugin/pull/276

   Bumps commons-io:commons-io from 2.16.0 to 2.16.1.
   
   
   [![Dependabot compatibility 
score](https://dependabot-badges.githubapp.com/badges/compatibility_score?dependency-name=commons-io:commons-io=maven=2.16.0=2.16.1)](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores)
   
   Dependabot will resolve any conflicts with this PR as long as you don't 
alter it yourself. You can also trigger a rebase manually by commenting 
`@dependabot rebase`.
   
   [//]: # (dependabot-automerge-start)
   [//]: # (dependabot-automerge-end)
   
   ---
   
   
   Dependabot commands and options
   
   
   You can trigger Dependabot actions by commenting on this PR:
   - `@dependabot rebase` will rebase this PR
   - `@dependabot recreate` will recreate this PR, overwriting any edits that 
have been made to it
   - `@dependabot merge` will merge this PR after your CI passes on it
   - `@dependabot squash and merge` will squash and merge this PR after your CI 
passes on it
   - `@dependabot cancel merge` will cancel a previously requested merge and 
block automerging
   - `@dependabot reopen` will reopen this PR if it is closed
   - `@dependabot close` will close this PR and stop Dependabot recreating it. 
You can achieve the same result by closing it manually
   - `@dependabot show  ignore conditions` will show all of 
the ignore conditions of the specified dependency
   - `@dependabot ignore this major version` will close this PR and stop 
Dependabot creating any more for this major version (unless you reopen the PR 
or upgrade to it yourself)
   - `@dependabot ignore this minor version` will close this PR and stop 
Dependabot creating any more for this minor version (unless you reopen the PR 
or upgrade to it yourself)
   - `@dependabot ignore this dependency` will close this PR and stop 
Dependabot creating any more for this dependency (unless you reopen the PR or 
upgrade to it yourself)
   
   
   


-- 
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.

To unsubscribe, e-mail: issues-unsubscr...@maven.apache.org

For queries about this service, please contact Infrastructure at:
us...@infra.apache.org

Re: [PR] Bump commons-io:commons-io from 2.13.0 to 2.16.0 [maven-file-management]

[via GitHub]

dependabot[bot] commented on PR #33:
URL: 
https://github.com/apache/maven-file-management/pull/33#issuecomment-2044044982

   Superseded by #34.


-- 
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.

To unsubscribe, e-mail: issues-unsubscr...@maven.apache.org

For queries about this service, please contact Infrastructure at:
us...@infra.apache.org

Re: [PR] Bump commons-io:commons-io from 2.13.0 to 2.16.0 [maven-file-management]

[via GitHub]

dependabot[bot] closed pull request #33: Bump commons-io:commons-io from 2.13.0 
to 2.16.0
URL: https://github.com/apache/maven-file-management/pull/33


-- 
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.

To unsubscribe, e-mail: issues-unsubscr...@maven.apache.org

For queries about this service, please contact Infrastructure at:
us...@infra.apache.org

[PR] Bump commons-io:commons-io from 2.13.0 to 2.16.1 [maven-file-management]

[via GitHub]

dependabot[bot] opened a new pull request, #34:
URL: https://github.com/apache/maven-file-management/pull/34

   Bumps commons-io:commons-io from 2.13.0 to 2.16.1.
   
   
   [![Dependabot compatibility 
score](https://dependabot-badges.githubapp.com/badges/compatibility_score?dependency-name=commons-io:commons-io=maven=2.13.0=2.16.1)](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores)
   
   Dependabot will resolve any conflicts with this PR as long as you don't 
alter it yourself. You can also trigger a rebase manually by commenting 
`@dependabot rebase`.
   
   [//]: # (dependabot-automerge-start)
   [//]: # (dependabot-automerge-end)
   
   ---
   
   
   Dependabot commands and options
   
   
   You can trigger Dependabot actions by commenting on this PR:
   - `@dependabot rebase` will rebase this PR
   - `@dependabot recreate` will recreate this PR, overwriting any edits that 
have been made to it
   - `@dependabot merge` will merge this PR after your CI passes on it
   - `@dependabot squash and merge` will squash and merge this PR after your CI 
passes on it
   - `@dependabot cancel merge` will cancel a previously requested merge and 
block automerging
   - `@dependabot reopen` will reopen this PR if it is closed
   - `@dependabot close` will close this PR and stop Dependabot recreating it. 
You can achieve the same result by closing it manually
   - `@dependabot show  ignore conditions` will show all of 
the ignore conditions of the specified dependency
   - `@dependabot ignore this major version` will close this PR and stop 
Dependabot creating any more for this major version (unless you reopen the PR 
or upgrade to it yourself)
   - `@dependabot ignore this minor version` will close this PR and stop 
Dependabot creating any more for this minor version (unless you reopen the PR 
or upgrade to it yourself)
   - `@dependabot ignore this dependency` will close this PR and stop 
Dependabot creating any more for this dependency (unless you reopen the PR or 
upgrade to it yourself)
   
   
   


-- 
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.

To unsubscribe, e-mail: issues-unsubscr...@maven.apache.org

For queries about this service, please contact Infrastructure at:
us...@infra.apache.org

[PR] Bump commons-io:commons-io from 2.16.0 to 2.16.1 [maven-wrapper]

[via GitHub]

dependabot[bot] opened a new pull request, #124:
URL: https://github.com/apache/maven-wrapper/pull/124

   Bumps commons-io:commons-io from 2.16.0 to 2.16.1.
   
   
   [![Dependabot compatibility 
score](https://dependabot-badges.githubapp.com/badges/compatibility_score?dependency-name=commons-io:commons-io=maven=2.16.0=2.16.1)](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores)
   
   Dependabot will resolve any conflicts with this PR as long as you don't 
alter it yourself. You can also trigger a rebase manually by commenting 
`@dependabot rebase`.
   
   [//]: # (dependabot-automerge-start)
   [//]: # (dependabot-automerge-end)
   
   ---
   
   
   Dependabot commands and options
   
   
   You can trigger Dependabot actions by commenting on this PR:
   - `@dependabot rebase` will rebase this PR
   - `@dependabot recreate` will recreate this PR, overwriting any edits that 
have been made to it
   - `@dependabot merge` will merge this PR after your CI passes on it
   - `@dependabot squash and merge` will squash and merge this PR after your CI 
passes on it
   - `@dependabot cancel merge` will cancel a previously requested merge and 
block automerging
   - `@dependabot reopen` will reopen this PR if it is closed
   - `@dependabot close` will close this PR and stop Dependabot recreating it. 
You can achieve the same result by closing it manually
   - `@dependabot show  ignore conditions` will show all of 
the ignore conditions of the specified dependency
   - `@dependabot ignore this major version` will close this PR and stop 
Dependabot creating any more for this major version (unless you reopen the PR 
or upgrade to it yourself)
   - `@dependabot ignore this minor version` will close this PR and stop 
Dependabot creating any more for this minor version (unless you reopen the PR 
or upgrade to it yourself)
   - `@dependabot ignore this dependency` will close this PR and stop 
Dependabot creating any more for this dependency (unless you reopen the PR or 
upgrade to it yourself)
   
   
   


-- 
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.

To unsubscribe, e-mail: issues-unsubscr...@maven.apache.org

For queries about this service, please contact Infrastructure at:
us...@infra.apache.org

Re: [PR] Bump commons-io:commons-io from 2.13.0 to 2.16.0 [maven-war-plugin]

[via GitHub]

dependabot[bot] closed pull request #67: Bump commons-io:commons-io from 2.13.0 
to 2.16.0
URL: https://github.com/apache/maven-war-plugin/pull/67


-- 
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.

To unsubscribe, e-mail: issues-unsubscr...@maven.apache.org

For queries about this service, please contact Infrastructure at:
us...@infra.apache.org

Re: [PR] Bump commons-io:commons-io from 2.13.0 to 2.16.0 [maven-war-plugin]

[via GitHub]

dependabot[bot] commented on PR #67:
URL: https://github.com/apache/maven-war-plugin/pull/67#issuecomment-2043967502

   Superseded by #70.


-- 
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.

To unsubscribe, e-mail: issues-unsubscr...@maven.apache.org

For queries about this service, please contact Infrastructure at:
us...@infra.apache.org

[PR] Bump commons-io:commons-io from 2.13.0 to 2.16.1 [maven-war-plugin]

[via GitHub]

dependabot[bot] opened a new pull request, #70:
URL: https://github.com/apache/maven-war-plugin/pull/70

   Bumps commons-io:commons-io from 2.13.0 to 2.16.1.
   
   
   [![Dependabot compatibility 
score](https://dependabot-badges.githubapp.com/badges/compatibility_score?dependency-name=commons-io:commons-io=maven=2.13.0=2.16.1)](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores)
   
   Dependabot will resolve any conflicts with this PR as long as you don't 
alter it yourself. You can also trigger a rebase manually by commenting 
`@dependabot rebase`.
   
   [//]: # (dependabot-automerge-start)
   [//]: # (dependabot-automerge-end)
   
   ---
   
   
   Dependabot commands and options
   
   
   You can trigger Dependabot actions by commenting on this PR:
   - `@dependabot rebase` will rebase this PR
   - `@dependabot recreate` will recreate this PR, overwriting any edits that 
have been made to it
   - `@dependabot merge` will merge this PR after your CI passes on it
   - `@dependabot squash and merge` will squash and merge this PR after your CI 
passes on it
   - `@dependabot cancel merge` will cancel a previously requested merge and 
block automerging
   - `@dependabot reopen` will reopen this PR if it is closed
   - `@dependabot close` will close this PR and stop Dependabot recreating it. 
You can achieve the same result by closing it manually
   - `@dependabot show  ignore conditions` will show all of 
the ignore conditions of the specified dependency
   - `@dependabot ignore this major version` will close this PR and stop 
Dependabot creating any more for this major version (unless you reopen the PR 
or upgrade to it yourself)
   - `@dependabot ignore this minor version` will close this PR and stop 
Dependabot creating any more for this minor version (unless you reopen the PR 
or upgrade to it yourself)
   - `@dependabot ignore this dependency` will close this PR and stop 
Dependabot creating any more for this dependency (unless you reopen the PR or 
upgrade to it yourself)
   
   
   


-- 
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.

To unsubscribe, e-mail: issues-unsubscr...@maven.apache.org

For queries about this service, please contact Infrastructure at:
us...@infra.apache.org

[PR] Bump commons-io:commons-io from 2.16.0 to 2.16.1 [maven-doxia-sitetools]

[via GitHub]

dependabot[bot] opened a new pull request, #146:
URL: https://github.com/apache/maven-doxia-sitetools/pull/146

   Bumps commons-io:commons-io from 2.16.0 to 2.16.1.
   
   
   [![Dependabot compatibility 
score](https://dependabot-badges.githubapp.com/badges/compatibility_score?dependency-name=commons-io:commons-io=maven=2.16.0=2.16.1)](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores)
   
   Dependabot will resolve any conflicts with this PR as long as you don't 
alter it yourself. You can also trigger a rebase manually by commenting 
`@dependabot rebase`.
   
   [//]: # (dependabot-automerge-start)
   [//]: # (dependabot-automerge-end)
   
   ---
   
   
   Dependabot commands and options
   
   
   You can trigger Dependabot actions by commenting on this PR:
   - `@dependabot rebase` will rebase this PR
   - `@dependabot recreate` will recreate this PR, overwriting any edits that 
have been made to it
   - `@dependabot merge` will merge this PR after your CI passes on it
   - `@dependabot squash and merge` will squash and merge this PR after your CI 
passes on it
   - `@dependabot cancel merge` will cancel a previously requested merge and 
block automerging
   - `@dependabot reopen` will reopen this PR if it is closed
   - `@dependabot close` will close this PR and stop Dependabot recreating it. 
You can achieve the same result by closing it manually
   - `@dependabot show  ignore conditions` will show all of 
the ignore conditions of the specified dependency
   - `@dependabot ignore this major version` will close this PR and stop 
Dependabot creating any more for this major version (unless you reopen the PR 
or upgrade to it yourself)
   - `@dependabot ignore this minor version` will close this PR and stop 
Dependabot creating any more for this minor version (unless you reopen the PR 
or upgrade to it yourself)
   - `@dependabot ignore this dependency` will close this PR and stop 
Dependabot creating any more for this dependency (unless you reopen the PR or 
upgrade to it yourself)
   
   
   


-- 
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.

To unsubscribe, e-mail: issues-unsubscr...@maven.apache.org

For queries about this service, please contact Infrastructure at:
us...@infra.apache.org

[PR] Bump net.sourceforge.plantuml:plantuml from 1.2024.3 to 1.2024.4 [maven-site]

[via GitHub]

dependabot[bot] opened a new pull request, #507:
URL: https://github.com/apache/maven-site/pull/507

   Bumps 
[net.sourceforge.plantuml:plantuml](https://github.com/plantuml/plantuml) from 
1.2024.3 to 1.2024.4.
   
   Commits
   
   https://github.com/plantuml/plantuml/commit/9432e0b1e5231e9843b846b83e00d623953cc2c1;>9432e0b
 chore: version 1.2024.4
   https://github.com/plantuml/plantuml/commit/460d53f12b3eed00567b4dc55cd3bfb415b0bee1;>460d53f
 refactor: Replace computeIfAbsent with manual check for Java 1.7 
compatibility
   https://github.com/plantuml/plantuml/commit/06d06e729b26cb6b83a6037d226f20c0a99813e7;>06d06e7
 Merge pull request https://redirect.github.com/plantuml/plantuml/issues/1724;>#1724 from 
travkin79/patch/fix-NPE
   https://github.com/plantuml/plantuml/commit/8bc1c27c237b75f50e645c89426eca13acfe16ad;>8bc1c27
 Merge pull request https://redirect.github.com/plantuml/plantuml/issues/1701;>#1701 from 
DaumAlexande/create_script_xmi
   https://github.com/plantuml/plantuml/commit/04eada12abd73d350e5d78bc0975644fe9e89d0d;>04eada1
 refactor: Replaced stream usage with loops for Java 1.7 compatibility (!)
   https://github.com/plantuml/plantuml/commit/33e5903e8059468a0da2deffe3270198293cf853;>33e5903
 Avoid NPE when a remote input stream cannot be read
   https://github.com/plantuml/plantuml/commit/7755ae5be4a38f1aaf98ff775ae7b46039fe367d;>7755ae5
 Merge pull request https://redirect.github.com/plantuml/plantuml/issues/1720;>#1720 from 
diguage/select-line
   https://github.com/plantuml/plantuml/commit/3cc580ebd1f861b8e03621be250a43a48dc4ad94;>3cc580e
 Supports double-clicking to select all elements and links on a line
   https://github.com/plantuml/plantuml/commit/4afe3ef7fee65a6ce1445a8a5c40133da065a6e5;>4afe3ef
 Merge pull request https://redirect.github.com/plantuml/plantuml/issues/1718;>#1718 from 
Benjamin-Davies/cheneer
   https://github.com/plantuml/plantuml/commit/4b5bcd3bca2726ab8ded2f7ad1061d6cd489d4a0;>4b5bcd3
 Fix compatibility with Java 8
   Additional commits viewable in https://github.com/plantuml/plantuml/compare/v1.2024.3...v1.2024.4;>compare
 view
   
   
   
   
   
   [![Dependabot compatibility 
score](https://dependabot-badges.githubapp.com/badges/compatibility_score?dependency-name=net.sourceforge.plantuml:plantuml=maven=1.2024.3=1.2024.4)](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores)
   
   Dependabot will resolve any conflicts with this PR as long as you don't 
alter it yourself. You can also trigger a rebase manually by commenting 
`@dependabot rebase`.
   
   [//]: # (dependabot-automerge-start)
   [//]: # (dependabot-automerge-end)
   
   ---
   
   
   Dependabot commands and options
   
   
   You can trigger Dependabot actions by commenting on this PR:
   - `@dependabot rebase` will rebase this PR
   - `@dependabot recreate` will recreate this PR, overwriting any edits that 
have been made to it
   - `@dependabot merge` will merge this PR after your CI passes on it
   - `@dependabot squash and merge` will squash and merge this PR after your CI 
passes on it
   - `@dependabot cancel merge` will cancel a previously requested merge and 
block automerging
   - `@dependabot reopen` will reopen this PR if it is closed
   - `@dependabot close` will close this PR and stop Dependabot recreating it. 
You can achieve the same result by closing it manually
   - `@dependabot show  ignore conditions` will show all of 
the ignore conditions of the specified dependency
   - `@dependabot ignore this major version` will close this PR and stop 
Dependabot creating any more for this major version (unless you reopen the PR 
or upgrade to it yourself)
   - `@dependabot ignore this minor version` will close this PR and stop 
Dependabot creating any more for this minor version (unless you reopen the PR 
or upgrade to it yourself)
   - `@dependabot ignore this dependency` will close this PR and stop 
Dependabot creating any more for this dependency (unless you reopen the PR or 
upgrade to it yourself)
   
   
   


-- 
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.

To unsubscribe, e-mail: issues-unsubscr...@maven.apache.org

For queries about this service, please contact Infrastructure at:
us...@infra.apache.org

[jira] [Commented] (ARCHETYPE-626) mvn install deploy does not work with 3.2.1 but worked with 3.2.0

[ASF GitHub Bot (Jira)]

[ 
https://issues.apache.org/jira/browse/ARCHETYPE-626?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel=17835081#comment-17835081
 ] 

ASF GitHub Bot commented on ARCHETYPE-626:
--

hboutemy commented on PR #118:
URL: https://github.com/apache/maven-archetype/pull/118#issuecomment-2043838878

   test was useful when we were fighting a regression, without really knowing 
why
   with #188, it's not a regression but a change with a purpose in mind: I just 
did not expect this would solve also ARCHETYPE-626 :)




> mvn install deploy does not work with 3.2.1 but worked with 3.2.0
> -
>
> Key: ARCHETYPE-626
> URL: https://issues.apache.org/jira/browse/ARCHETYPE-626
> Project: Maven Archetype
>  Issue Type: Bug
>  Components: Plugin
>Affects Versions: 3.2.1
> Environment: * Linux machine (Kernel 3.10.0)
> * OpenJDK 11.0.13.0.8-1.el7_9.x86_64 (11.0.1)
> * Maven 3.8.4 (did also occur with 3.3.9)
>Reporter: Jan Mosig
>Priority: Major
> Fix For: 3.3.0
>
> Attachments: archetype-plugin-failed-build.txt, 
> archetype-plugin-successful-build.txt
>
>
> Hi there,
> I've got an archetype build that used to work fine with 3.2.0 but fails with 
> 3.2.1.
> The problem with 3.2.1 is that all the files in 
> target/test-classes/projects/it-basic/project/basic-project do exist but are 
> all empty (0 bytes).
> The build is run with {{mvn -U clean install deploy}}. If I run it with {{mvn 
> -U clean deploy}} it works. Although the install goal may be superfluous, I 
> guess there is something wrong there with version 3.2.1.
> I attached the logs of a successful run and a failed one to this ticket.
> You may find the failing project here (Branch archetype-plugin-321-bug): 
> https://github.com/itemis/fluffyj-archetype/tree/archetype-plugin-321-bug



--
This message was sent by Atlassian Jira
(v8.20.10#820010)

Re: [PR] [ARCHETYPE-626] mvn install deploy does not work with 3.2.1 [maven-archetype]

[via GitHub]

hboutemy commented on PR #118:
URL: https://github.com/apache/maven-archetype/pull/118#issuecomment-2043838878

   test was useful when we were fighting a regression, without really knowing 
why
   with #188, it's not a regression but a change with a purpose in mind: I just 
did not expect this would solve also ARCHETYPE-626 :)


-- 
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.

To unsubscribe, e-mail: issues-unsubscr...@maven.apache.org

For queries about this service, please contact Infrastructure at:
us...@infra.apache.org

[PR] Bump commons-io:commons-io from 2.16.0 to 2.16.1 [maven-dependency-plugin]

[via GitHub]

dependabot[bot] opened a new pull request, #370:
URL: https://github.com/apache/maven-dependency-plugin/pull/370

   Bumps commons-io:commons-io from 2.16.0 to 2.16.1.
   
   
   [![Dependabot compatibility 
score](https://dependabot-badges.githubapp.com/badges/compatibility_score?dependency-name=commons-io:commons-io=maven=2.16.0=2.16.1)](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores)
   
   Dependabot will resolve any conflicts with this PR as long as you don't 
alter it yourself. You can also trigger a rebase manually by commenting 
`@dependabot rebase`.
   
   [//]: # (dependabot-automerge-start)
   [//]: # (dependabot-automerge-end)
   
   ---
   
   
   Dependabot commands and options
   
   
   You can trigger Dependabot actions by commenting on this PR:
   - `@dependabot rebase` will rebase this PR
   - `@dependabot recreate` will recreate this PR, overwriting any edits that 
have been made to it
   - `@dependabot merge` will merge this PR after your CI passes on it
   - `@dependabot squash and merge` will squash and merge this PR after your CI 
passes on it
   - `@dependabot cancel merge` will cancel a previously requested merge and 
block automerging
   - `@dependabot reopen` will reopen this PR if it is closed
   - `@dependabot close` will close this PR and stop Dependabot recreating it. 
You can achieve the same result by closing it manually
   - `@dependabot show  ignore conditions` will show all of 
the ignore conditions of the specified dependency
   - `@dependabot ignore this major version` will close this PR and stop 
Dependabot creating any more for this major version (unless you reopen the PR 
or upgrade to it yourself)
   - `@dependabot ignore this minor version` will close this PR and stop 
Dependabot creating any more for this minor version (unless you reopen the PR 
or upgrade to it yourself)
   - `@dependabot ignore this dependency` will close this PR and stop 
Dependabot creating any more for this dependency (unless you reopen the PR or 
upgrade to it yourself)
   
   
   


-- 
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.

To unsubscribe, e-mail: issues-unsubscr...@maven.apache.org

For queries about this service, please contact Infrastructure at:
us...@infra.apache.org

[jira] [Commented] (MJAR-296) No way to suppress default excludes in maven-jar-plugin

[ASF GitHub Bot (Jira)]

[ 
https://issues.apache.org/jira/browse/MJAR-296?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel=17835073#comment-17835073
 ] 

ASF GitHub Bot commented on MJAR-296:
-

slawekjaranowski commented on PR #67:
URL: https://github.com/apache/maven-jar-plugin/pull/67#issuecomment-2043758679

   @redzi , @michael-o - fixed  and tested - should be ok




> No way to suppress default excludes in maven-jar-plugin
> ---
>
> Key: MJAR-296
> URL: https://issues.apache.org/jira/browse/MJAR-296
> Project: Maven JAR Plugin
>  Issue Type: Improvement
>Affects Versions: 3.3.0
>Reporter: G.Vaysman
>Assignee: Slawomir Jaranowski
>Priority: Major
> Fix For: 3.4.0
>
> Attachments: jar-default-excludes.zip
>
>
> With the default excludes being expanded further (see 
> org.codehaus.plexus.util.AbstractScanner.{*}_DEFAULTEXCLUDES_{*}), a resource 
> directory **/ChangeSet/** will never be included in the JAR artifact.
> Some plugins (maven-resources-plugin, maven-assembly-plugin) already allow 
> suppressing the exclusion, but not the maven-jar-plugin. Code analysis of the 
> JarMojo -> DirectoryScanner call path confirms that there is no way to affect 
> the FileSet configuration. 
> Again, with ever expanding list of *_DEFAULTEXCLUDES,_* this, on our opinion, 
> is quite detrimental, and due to backward compatibility, changing 
> resource/package path (say, to ChangeSet2) is not an option. 
> I am attaching a very simple project that shows two things:
>  # The jar plugin skips adding the **/ChangeSet/** files
>  # The resources plugin is configured not to skip (addDefaultExcludes) and 
> behaves properly



--
This message was sent by Atlassian Jira
(v8.20.10#820010)

[jira] [Commented] (MJAR-306) Defined versions of plugins in LifecycleMapping should be up-to day

[ASF GitHub Bot (Jira)]

[ 
https://issues.apache.org/jira/browse/MJAR-306?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel=17835074#comment-17835074
 ] 

ASF GitHub Bot commented on MJAR-306:
-

slawekjaranowski opened a new pull request, #82:
URL: https://github.com/apache/maven-jar-plugin/pull/82

   properties are defined in parent
   
   




> Defined versions of plugins in LifecycleMapping should be up-to day
> ---
>
> Key: MJAR-306
> URL: https://issues.apache.org/jira/browse/MJAR-306
> Project: Maven JAR Plugin
>  Issue Type: Dependency upgrade
>Reporter: Slawomir Jaranowski
>Priority: Major
>
> We add {{LifecycleMapping}} in MJAR-183 we should have up-to day plugins 
> versions



--
This message was sent by Atlassian Jira
(v8.20.10#820010)

Re: [PR] [MJAR-296] Allow including files excluded by default. [maven-jar-plugin]

[via GitHub]

slawekjaranowski commented on PR #67:
URL: https://github.com/apache/maven-jar-plugin/pull/67#issuecomment-2043758679

   @redzi , @michael-o - fixed  and tested - should be ok


-- 
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.

To unsubscribe, e-mail: issues-unsubscr...@maven.apache.org

For queries about this service, please contact Infrastructure at:
us...@infra.apache.org

[jira] [Updated] (MJAR-306) Defined versions of plugins in LifecycleMapping should be up-to day

[Slawomir Jaranowski (Jira)]

 [ 
https://issues.apache.org/jira/browse/MJAR-306?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel
 ]

Slawomir Jaranowski updated MJAR-306:
-
Summary: Defined versions of plugins in LifecycleMapping should be up-to 
day  (was: Defined versions of plugin in LifecycleMapping should be up-to day)

> Defined versions of plugins in LifecycleMapping should be up-to day
> ---
>
> Key: MJAR-306
> URL: https://issues.apache.org/jira/browse/MJAR-306
> Project: Maven JAR Plugin
>  Issue Type: Dependency upgrade
>Reporter: Slawomir Jaranowski
>Priority: Major
>
> We add {{LifecycleMapping}} in MJAR-183 we should have up-to day plugins 
> versions



--
This message was sent by Atlassian Jira
(v8.20.10#820010)

[jira] [Updated] (MJAR-306) Defined versions of plugin in LifecycleMapping should be up-to day

[Slawomir Jaranowski (Jira)]

 [ 
https://issues.apache.org/jira/browse/MJAR-306?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel
 ]

Slawomir Jaranowski updated MJAR-306:
-
Description: We add {{LifecycleMapping}} in MJAR-183 we should have up-to 
day plugins versions  (was: We add {{)

> Defined versions of plugin in LifecycleMapping should be up-to day
> --
>
> Key: MJAR-306
> URL: https://issues.apache.org/jira/browse/MJAR-306
> Project: Maven JAR Plugin
>  Issue Type: Dependency upgrade
>Reporter: Slawomir Jaranowski
>Priority: Major
>
> We add {{LifecycleMapping}} in MJAR-183 we should have up-to day plugins 
> versions



--
This message was sent by Atlassian Jira
(v8.20.10#820010)

[jira] [Updated] (MJAR-306) Defined versions of plugin in LifecycleMapping should be up-to day

[Slawomir Jaranowski (Jira)]

 [ 
https://issues.apache.org/jira/browse/MJAR-306?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel
 ]

Slawomir Jaranowski updated MJAR-306:
-
Description: We add 

> Defined versions of plugin in LifecycleMapping should be up-to day
> --
>
> Key: MJAR-306
> URL: https://issues.apache.org/jira/browse/MJAR-306
> Project: Maven JAR Plugin
>  Issue Type: Dependency upgrade
>Reporter: Slawomir Jaranowski
>Priority: Major
>
> We add 



--
This message was sent by Atlassian Jira
(v8.20.10#820010)

[jira] [Updated] (MJAR-306) Defined versions of plugin in LifecycleMapping should be up-to day

[Slawomir Jaranowski (Jira)]

 [ 
https://issues.apache.org/jira/browse/MJAR-306?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel
 ]

Slawomir Jaranowski updated MJAR-306:
-
Description: We add {{  (was: We add )

> Defined versions of plugin in LifecycleMapping should be up-to day
> --
>
> Key: MJAR-306
> URL: https://issues.apache.org/jira/browse/MJAR-306
> Project: Maven JAR Plugin
>  Issue Type: Dependency upgrade
>Reporter: Slawomir Jaranowski
>Priority: Major
>
> We add {{



--
This message was sent by Atlassian Jira
(v8.20.10#820010)

[jira] [Updated] (MJAR-306) Defined versions of plugin in LifecycleMapping should be up-to day

[Slawomir Jaranowski (Jira)]

 [ 
https://issues.apache.org/jira/browse/MJAR-306?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel
 ]

Slawomir Jaranowski updated MJAR-306:
-
Summary: Defined versions of plugin in LifecycleMapping should be up-to day 
 (was: Defined version of plugin in LifecycleMapping should be up-to day)

> Defined versions of plugin in LifecycleMapping should be up-to day
> --
>
> Key: MJAR-306
> URL: https://issues.apache.org/jira/browse/MJAR-306
> Project: Maven JAR Plugin
>  Issue Type: Dependency upgrade
>Reporter: Slawomir Jaranowski
>Priority: Major
>




--
This message was sent by Atlassian Jira
(v8.20.10#820010)

[PR] Bump commons-io:commons-io from 2.16.0 to 2.16.1 [maven-scm-publish-plugin]

[via GitHub]

dependabot[bot] opened a new pull request, #34:
URL: https://github.com/apache/maven-scm-publish-plugin/pull/34

   Bumps commons-io:commons-io from 2.16.0 to 2.16.1.
   
   
   [![Dependabot compatibility 
score](https://dependabot-badges.githubapp.com/badges/compatibility_score?dependency-name=commons-io:commons-io=maven=2.16.0=2.16.1)](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores)
   
   Dependabot will resolve any conflicts with this PR as long as you don't 
alter it yourself. You can also trigger a rebase manually by commenting 
`@dependabot rebase`.
   
   [//]: # (dependabot-automerge-start)
   [//]: # (dependabot-automerge-end)
   
   ---
   
   
   Dependabot commands and options
   
   
   You can trigger Dependabot actions by commenting on this PR:
   - `@dependabot rebase` will rebase this PR
   - `@dependabot recreate` will recreate this PR, overwriting any edits that 
have been made to it
   - `@dependabot merge` will merge this PR after your CI passes on it
   - `@dependabot squash and merge` will squash and merge this PR after your CI 
passes on it
   - `@dependabot cancel merge` will cancel a previously requested merge and 
block automerging
   - `@dependabot reopen` will reopen this PR if it is closed
   - `@dependabot close` will close this PR and stop Dependabot recreating it. 
You can achieve the same result by closing it manually
   - `@dependabot show  ignore conditions` will show all of 
the ignore conditions of the specified dependency
   - `@dependabot ignore this major version` will close this PR and stop 
Dependabot creating any more for this major version (unless you reopen the PR 
or upgrade to it yourself)
   - `@dependabot ignore this minor version` will close this PR and stop 
Dependabot creating any more for this minor version (unless you reopen the PR 
or upgrade to it yourself)
   - `@dependabot ignore this dependency` will close this PR and stop 
Dependabot creating any more for this dependency (unless you reopen the PR or 
upgrade to it yourself)
   
   
   


-- 
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.

To unsubscribe, e-mail: issues-unsubscr...@maven.apache.org

For queries about this service, please contact Infrastructure at:
us...@infra.apache.org

[jira] [Created] (MJAR-306) Defined version of plugin in LifecycleMapping should be up-to day

[Slawomir Jaranowski (Jira)]

Slawomir Jaranowski created MJAR-306:


 Summary: Defined version of plugin in LifecycleMapping should be 
up-to day
 Key: MJAR-306
 URL: https://issues.apache.org/jira/browse/MJAR-306
 Project: Maven JAR Plugin
  Issue Type: Dependency upgrade
Reporter: Slawomir Jaranowski






--
This message was sent by Atlassian Jira
(v8.20.10#820010)

[jira] [Commented] (MJAR-265) Resources not copied

[Slawomir Jaranowski (Jira)]

[ 
https://issues.apache.org/jira/browse/MJAR-265?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel=17835063#comment-17835063
 ] 

Slawomir Jaranowski commented on MJAR-265:
--

Will be resolved by MJAR-296 with new parameter {{addDefaultExcludes}}

> Resources not copied
> 
>
> Key: MJAR-265
> URL: https://issues.apache.org/jira/browse/MJAR-265
> Project: Maven JAR Plugin
>  Issue Type: New Feature
>Affects Versions: 3.1.2
> Environment: windows 7, Maven 3.3.9 Java version: 1.7.0_80
>Reporter: vincent c
>Priority: Minor
> Fix For: 3.4.0
>
> Attachments: example.7z
>
>
> I have a folder named *.metadata* that is in the target/classes folder.
> But it is not copied to the jar archive. It looks like a default exclusion 
> filter is used.
> It is working with version maven-jar-plugin:2.3 but version 2.4 and upper it 
> is not.
>  
> The issue seams to be also discussed on 
> [stackoverflow|https://stackoverflow.com/questions/55514758/maven-jar-plugin-does-not-include-gitignore-file/55522970#55522970].



--
This message was sent by Atlassian Jira
(v8.20.10#820010)

[jira] [Updated] (MJAR-265) Resources not copied

[Slawomir Jaranowski (Jira)]

 [ 
https://issues.apache.org/jira/browse/MJAR-265?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel
 ]

Slawomir Jaranowski updated MJAR-265:
-
Fix Version/s: 3.4.0

> Resources not copied
> 
>
> Key: MJAR-265
> URL: https://issues.apache.org/jira/browse/MJAR-265
> Project: Maven JAR Plugin
>  Issue Type: New Feature
>Affects Versions: 3.1.2
> Environment: windows 7, Maven 3.3.9 Java version: 1.7.0_80
>Reporter: vincent c
>Priority: Minor
> Fix For: 3.4.0
>
> Attachments: example.7z
>
>
> I have a folder named *.metadata* that is in the target/classes folder.
> But it is not copied to the jar archive. It looks like a default exclusion 
> filter is used.
> It is working with version maven-jar-plugin:2.3 but version 2.4 and upper it 
> is not.
>  
> The issue seams to be also discussed on 
> [stackoverflow|https://stackoverflow.com/questions/55514758/maven-jar-plugin-does-not-include-gitignore-file/55522970#55522970].



--
This message was sent by Atlassian Jira
(v8.20.10#820010)

[jira] [Deleted] (MJAR-305) Refresh download page

[Slawomir Jaranowski (Jira)]

 [ 
https://issues.apache.org/jira/browse/MJAR-305?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel
 ]

Slawomir Jaranowski deleted MJAR-305:
-


> Refresh download page
> -
>
> Key: MJAR-305
> URL: https://issues.apache.org/jira/browse/MJAR-305
> Project: Maven JAR Plugin
>  Issue Type: Task
>Reporter: Slawomir Jaranowski
>Assignee: Slawomir Jaranowski
>Priority: Major
>




--
This message was sent by Atlassian Jira
(v8.20.10#820010)

[jira] [Created] (MJAR-305) Refresh download page

[Slawomir Jaranowski (Jira)]

Slawomir Jaranowski created MJAR-305:


 Summary: Refresh download page
 Key: MJAR-305
 URL: https://issues.apache.org/jira/browse/MJAR-305
 Project: Maven JAR Plugin
  Issue Type: Task
Reporter: Slawomir Jaranowski
Assignee: Slawomir Jaranowski
 Fix For: 3.4.0






--
This message was sent by Atlassian Jira
(v8.20.10#820010)

[jira] [Updated] (MJAR-296) No way to suppress default excludes in maven-jar-plugin

[Slawomir Jaranowski (Jira)]

 [ 
https://issues.apache.org/jira/browse/MJAR-296?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel
 ]

Slawomir Jaranowski updated MJAR-296:
-
Fix Version/s: 3.4.0

> No way to suppress default excludes in maven-jar-plugin
> ---
>
> Key: MJAR-296
> URL: https://issues.apache.org/jira/browse/MJAR-296
> Project: Maven JAR Plugin
>  Issue Type: Improvement
>Affects Versions: 3.3.0
>Reporter: G.Vaysman
>Assignee: Slawomir Jaranowski
>Priority: Major
> Fix For: 3.4.0
>
> Attachments: jar-default-excludes.zip
>
>
> With the default excludes being expanded further (see 
> org.codehaus.plexus.util.AbstractScanner.{*}_DEFAULTEXCLUDES_{*}), a resource 
> directory **/ChangeSet/** will never be included in the JAR artifact.
> Some plugins (maven-resources-plugin, maven-assembly-plugin) already allow 
> suppressing the exclusion, but not the maven-jar-plugin. Code analysis of the 
> JarMojo -> DirectoryScanner call path confirms that there is no way to affect 
> the FileSet configuration. 
> Again, with ever expanding list of *_DEFAULTEXCLUDES,_* this, on our opinion, 
> is quite detrimental, and due to backward compatibility, changing 
> resource/package path (say, to ChangeSet2) is not an option. 
> I am attaching a very simple project that shows two things:
>  # The jar plugin skips adding the **/ChangeSet/** files
>  # The resources plugin is configured not to skip (addDefaultExcludes) and 
> behaves properly



--
This message was sent by Atlassian Jira
(v8.20.10#820010)

[jira] [Assigned] (MJAR-296) No way to suppress default excludes in maven-jar-plugin

[Slawomir Jaranowski (Jira)]

 [ 
https://issues.apache.org/jira/browse/MJAR-296?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel
 ]

Slawomir Jaranowski reassigned MJAR-296:


Assignee: Slawomir Jaranowski

> No way to suppress default excludes in maven-jar-plugin
> ---
>
> Key: MJAR-296
> URL: https://issues.apache.org/jira/browse/MJAR-296
> Project: Maven JAR Plugin
>  Issue Type: Improvement
>Affects Versions: 3.3.0
>Reporter: G.Vaysman
>Assignee: Slawomir Jaranowski
>Priority: Major
> Attachments: jar-default-excludes.zip
>
>
> With the default excludes being expanded further (see 
> org.codehaus.plexus.util.AbstractScanner.{*}_DEFAULTEXCLUDES_{*}), a resource 
> directory **/ChangeSet/** will never be included in the JAR artifact.
> Some plugins (maven-resources-plugin, maven-assembly-plugin) already allow 
> suppressing the exclusion, but not the maven-jar-plugin. Code analysis of the 
> JarMojo -> DirectoryScanner call path confirms that there is no way to affect 
> the FileSet configuration. 
> Again, with ever expanding list of *_DEFAULTEXCLUDES,_* this, on our opinion, 
> is quite detrimental, and due to backward compatibility, changing 
> resource/package path (say, to ChangeSet2) is not an option. 
> I am attaching a very simple project that shows two things:
>  # The jar plugin skips adding the **/ChangeSet/** files
>  # The resources plugin is configured not to skip (addDefaultExcludes) and 
> behaves properly



--
This message was sent by Atlassian Jira
(v8.20.10#820010)

[jira] [Assigned] (SCM-939) Assume SCM is present

[Michael Osipov (Jira)]

 [ 
https://issues.apache.org/jira/browse/SCM-939?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel
 ]

Michael Osipov reassigned SCM-939:
--

Assignee: Michael Osipov

> Assume SCM is present
> -
>
> Key: SCM-939
> URL: https://issues.apache.org/jira/browse/SCM-939
> Project: Maven SCM
>  Issue Type: Bug
>Reporter: Elliotte Rusty Harold
>Assignee: Michael Osipov
>Priority: Minor
>
> We have a lot of tests that do something like this:
>  
> if ( !ScmTestCase.isSystemCmd( SvnScmTestUtils.SVN_COMMAND_LINE ) )
>  {
>  ScmTestCase.printSystemCmdUnavail( SvnScmTestUtils.SVN_COMMAND_LINE, 
> getName() );
>  return;
>  }
>  
> We should instead use org.*junit*.*Assume* here so these are marked as 
> skipped rather than passed.
>  



--
This message was sent by Atlassian Jira
(v8.20.10#820010)

[jira] [Updated] (SCM-939) Assume SCM is present

[Michael Osipov (Jira)]

 [ 
https://issues.apache.org/jira/browse/SCM-939?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel
 ]

Michael Osipov updated SCM-939:
---
Fix Version/s: 2.1.0

> Assume SCM is present
> -
>
> Key: SCM-939
> URL: https://issues.apache.org/jira/browse/SCM-939
> Project: Maven SCM
>  Issue Type: Bug
>Reporter: Elliotte Rusty Harold
>Assignee: Michael Osipov
>Priority: Minor
> Fix For: 2.1.0
>
>
> We have a lot of tests that do something like this:
>  
> if ( !ScmTestCase.isSystemCmd( SvnScmTestUtils.SVN_COMMAND_LINE ) )
>  {
>  ScmTestCase.printSystemCmdUnavail( SvnScmTestUtils.SVN_COMMAND_LINE, 
> getName() );
>  return;
>  }
>  
> We should instead use org.*junit*.*Assume* here so these are marked as 
> skipped rather than passed.
>  



--
This message was sent by Atlassian Jira
(v8.20.10#820010)

[jira] [Commented] (MJAR-296) No way to suppress default excludes in maven-jar-plugin

[ASF GitHub Bot (Jira)]

[ 
https://issues.apache.org/jira/browse/MJAR-296?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel=17835031#comment-17835031
 ] 

ASF GitHub Bot commented on MJAR-296:
-

slawekjaranowski commented on code in PR #67:
URL: https://github.com/apache/maven-jar-plugin/pull/67#discussion_r1556394300


##
src/it/MJAR-296/src/main/resources/.gitignore:
##


Review Comment:
   `.gitignore` is not excluded by default: 
https://github.com/codehaus-plexus/plexus-utils/blob/master/src/main/java/org/codehaus/plexus/util/AbstractScanner.java
   
   





> No way to suppress default excludes in maven-jar-plugin
> ---
>
> Key: MJAR-296
> URL: https://issues.apache.org/jira/browse/MJAR-296
> Project: Maven JAR Plugin
>  Issue Type: Improvement
>Affects Versions: 3.3.0
>Reporter: G.Vaysman
>Priority: Major
> Attachments: jar-default-excludes.zip
>
>
> With the default excludes being expanded further (see 
> org.codehaus.plexus.util.AbstractScanner.{*}_DEFAULTEXCLUDES_{*}), a resource 
> directory **/ChangeSet/** will never be included in the JAR artifact.
> Some plugins (maven-resources-plugin, maven-assembly-plugin) already allow 
> suppressing the exclusion, but not the maven-jar-plugin. Code analysis of the 
> JarMojo -> DirectoryScanner call path confirms that there is no way to affect 
> the FileSet configuration. 
> Again, with ever expanding list of *_DEFAULTEXCLUDES,_* this, on our opinion, 
> is quite detrimental, and due to backward compatibility, changing 
> resource/package path (say, to ChangeSet2) is not an option. 
> I am attaching a very simple project that shows two things:
>  # The jar plugin skips adding the **/ChangeSet/** files
>  # The resources plugin is configured not to skip (addDefaultExcludes) and 
> behaves properly



--
This message was sent by Atlassian Jira
(v8.20.10#820010)

[jira] [Commented] (MJAR-296) No way to suppress default excludes in maven-jar-plugin

[ASF GitHub Bot (Jira)]

[ 
https://issues.apache.org/jira/browse/MJAR-296?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel=17835032#comment-17835032
 ] 

ASF GitHub Bot commented on MJAR-296:
-

slawekjaranowski commented on code in PR #67:
URL: https://github.com/apache/maven-jar-plugin/pull/67#discussion_r1556394734


##
src/it/MJAR-296/pom.xml:
##
@@ -0,0 +1,49 @@
+
+
+http://maven.apache.org/POM/4.0.0;
+ xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance;
+ xsi:schemaLocation="http://maven.apache.org/POM/4.0.0 
http://maven.apache.org/maven-v4_0_0.xsd;>
+  4.0.0
+
+  org.apache.maven.plugins
+  mjar-296-suppress-default-excludes
+  mjar-296-suppress-default-excludes
+  Verifies that the resulting jar includes files excluded by 
default
+  jar
+  1.0-SNAPSHOT
+
+  
+UTF-8
+
2023-11-19T13:25:58Z
+  
+
+  
+
+  
+org.apache.maven.plugins
+maven-jar-plugin
+@project.version@
+
+  false

Review Comment:
   we also need a test with true value 





> No way to suppress default excludes in maven-jar-plugin
> ---
>
> Key: MJAR-296
> URL: https://issues.apache.org/jira/browse/MJAR-296
> Project: Maven JAR Plugin
>  Issue Type: Improvement
>Affects Versions: 3.3.0
>Reporter: G.Vaysman
>Priority: Major
> Attachments: jar-default-excludes.zip
>
>
> With the default excludes being expanded further (see 
> org.codehaus.plexus.util.AbstractScanner.{*}_DEFAULTEXCLUDES_{*}), a resource 
> directory **/ChangeSet/** will never be included in the JAR artifact.
> Some plugins (maven-resources-plugin, maven-assembly-plugin) already allow 
> suppressing the exclusion, but not the maven-jar-plugin. Code analysis of the 
> JarMojo -> DirectoryScanner call path confirms that there is no way to affect 
> the FileSet configuration. 
> Again, with ever expanding list of *_DEFAULTEXCLUDES,_* this, on our opinion, 
> is quite detrimental, and due to backward compatibility, changing 
> resource/package path (say, to ChangeSet2) is not an option. 
> I am attaching a very simple project that shows two things:
>  # The jar plugin skips adding the **/ChangeSet/** files
>  # The resources plugin is configured not to skip (addDefaultExcludes) and 
> behaves properly



--
This message was sent by Atlassian Jira
(v8.20.10#820010)

Re: [PR] [MJAR-296] Allow including files excluded by default. [maven-jar-plugin]

[via GitHub]

slawekjaranowski commented on code in PR #67:
URL: https://github.com/apache/maven-jar-plugin/pull/67#discussion_r1556394734


##
src/it/MJAR-296/pom.xml:
##
@@ -0,0 +1,49 @@
+
+
+http://maven.apache.org/POM/4.0.0;
+ xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance;
+ xsi:schemaLocation="http://maven.apache.org/POM/4.0.0 
http://maven.apache.org/maven-v4_0_0.xsd;>
+  4.0.0
+
+  org.apache.maven.plugins
+  mjar-296-suppress-default-excludes
+  mjar-296-suppress-default-excludes
+  Verifies that the resulting jar includes files excluded by 
default
+  jar
+  1.0-SNAPSHOT
+
+  
+UTF-8
+
2023-11-19T13:25:58Z
+  
+
+  
+
+  
+org.apache.maven.plugins
+maven-jar-plugin
+@project.version@
+
+  false

Review Comment:
   we also need a test with true value 



-- 
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.

To unsubscribe, e-mail: issues-unsubscr...@maven.apache.org

For queries about this service, please contact Infrastructure at:
us...@infra.apache.org

Re: [PR] [MJAR-296] Allow including files excluded by default. [maven-jar-plugin]

[via GitHub]

slawekjaranowski commented on code in PR #67:
URL: https://github.com/apache/maven-jar-plugin/pull/67#discussion_r1556394300


##
src/it/MJAR-296/src/main/resources/.gitignore:
##


Review Comment:
   `.gitignore` is not excluded by default: 
https://github.com/codehaus-plexus/plexus-utils/blob/master/src/main/java/org/codehaus/plexus/util/AbstractScanner.java
   
   



-- 
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.

To unsubscribe, e-mail: issues-unsubscr...@maven.apache.org

For queries about this service, please contact Infrastructure at:
us...@infra.apache.org

[jira] [Commented] (MPMD-379) Upgrade to use PMD 7.0.0 by default

[ASF GitHub Bot (Jira)]

[ 
https://issues.apache.org/jira/browse/MPMD-379?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel=17835025#comment-17835025
 ] 

ASF GitHub Bot commented on MPMD-379:
-

michael-o commented on code in PR #144:
URL: https://github.com/apache/maven-pmd-plugin/pull/144#discussion_r1556376942


##
src/it/MPMD-379-JDK21/invoker.properties:
##
@@ -0,0 +1,28 @@
+# Licensed to the Apache Software Foundation (ASF) under one
+# or more contributor license agreements.  See the NOTICE file
+# distributed with this work for additional information
+# regarding copyright ownership.  The ASF licenses this file
+# to you under the Apache License, Version 2.0 (the
+# "License"); you may not use this file except in compliance
+# with the License.  You may obtain a copy of the License at
+#
+#   http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing,
+# software distributed under the License is distributed on an
+# "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
+# KIND, either express or implied.  See the License for the
+# specific language governing permissions and limitations
+# under the License.
+
+invoker.java.version = 1.8+
+
+# available toolchains under linux:
+# 
https://github.com/apache/infrastructure-p6/blob/production/modules/build_nodes/files/toolchains.xml
+
+# the jdk toolchain "21:openjdk" is selected in pom.xml
+invoker.toolchain.jdk.version = 21
+invoker.toolchain.jdk.vendor = openjdk

Review Comment:
   Then there is no need to restrict the vendor if any vendor will do. I guess 
a lot of people will also use Zulu which will not run here.



##
src/main/java/org/apache/maven/plugins/pmd/PmdReport.java:
##
@@ -63,16 +63,19 @@
 @Mojo(name = "pmd", threadSafe = true, requiresDependencyResolution = 
ResolutionScope.TEST)
 public class PmdReport extends AbstractPmdReport {
 /**
- * The target JDK to analyze based on. Should match the source used in the 
compiler plugin. Valid values
- * with the default PMD version are
+ * The target JDK to analyze based on. Should match the source used in the 
compiler plugin.
+ * Valid values depend on the used PMD version. With the default PMD 
version valid values are
  * currently 1.3, 1.4, 1.5, 
1.6, 1.7,
  * 1.8, 9, 10, 11, 
12, 13,
  * 14, 15, 16, 17, 
18, 19,
- * and 20.
+ * 20, 21, and 22.

Review Comment:
   Let's do so.





> Upgrade to use PMD 7.0.0 by default
> ---
>
> Key: MPMD-379
> URL: https://issues.apache.org/jira/browse/MPMD-379
> Project: Maven PMD Plugin
>  Issue Type: Improvement
>  Components: CPD, PMD
>Reporter: Andreas Dangel
>Assignee: Andreas Dangel
>Priority: Major
> Fix For: next-release
>
>
> Add support for the new major version of PMD.
> This gives support for analyzing Java 21 code.
> The upgrade from PMD 6 to PMD 7 is a major upgrade, that might impact 
> end-users, if they use custom rulesets (see 
> [https://maven.apache.org/plugins/maven-pmd-plugin/examples/usingRuleSets.html])
>  or if they override the dependencies to upgrade PMD at runtime and currently 
> use PMD 6.x (see 
> [https://maven.apache.org/plugins/maven-pmd-plugin/examples/upgrading-PMD-at-runtime.html]).
>  
> Most likely, end-users have to review their rulesets and migrate them to PMD 
> 7. Rules might have been renamed or replaced. See 
> [https://docs.pmd-code.org/latest/pmd_release_notes_pmd7.html] and 
> [https://docs.pmd-code.org/latest/pmd_userdocs_migrating_to_pmd7.html] .
>  



--
This message was sent by Atlassian Jira
(v8.20.10#820010)

Re: [PR] [MPMD-379] PMD 7.0.0 support [maven-pmd-plugin]

[via GitHub]

michael-o commented on code in PR #144:
URL: https://github.com/apache/maven-pmd-plugin/pull/144#discussion_r1556376942


##
src/it/MPMD-379-JDK21/invoker.properties:
##
@@ -0,0 +1,28 @@
+# Licensed to the Apache Software Foundation (ASF) under one
+# or more contributor license agreements.  See the NOTICE file
+# distributed with this work for additional information
+# regarding copyright ownership.  The ASF licenses this file
+# to you under the Apache License, Version 2.0 (the
+# "License"); you may not use this file except in compliance
+# with the License.  You may obtain a copy of the License at
+#
+#   http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing,
+# software distributed under the License is distributed on an
+# "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
+# KIND, either express or implied.  See the License for the
+# specific language governing permissions and limitations
+# under the License.
+
+invoker.java.version = 1.8+
+
+# available toolchains under linux:
+# 
https://github.com/apache/infrastructure-p6/blob/production/modules/build_nodes/files/toolchains.xml
+
+# the jdk toolchain "21:openjdk" is selected in pom.xml
+invoker.toolchain.jdk.version = 21
+invoker.toolchain.jdk.vendor = openjdk

Review Comment:
   Then there is no need to restrict the vendor if any vendor will do. I guess 
a lot of people will also use Zulu which will not run here.



##
src/main/java/org/apache/maven/plugins/pmd/PmdReport.java:
##
@@ -63,16 +63,19 @@
 @Mojo(name = "pmd", threadSafe = true, requiresDependencyResolution = 
ResolutionScope.TEST)
 public class PmdReport extends AbstractPmdReport {
 /**
- * The target JDK to analyze based on. Should match the source used in the 
compiler plugin. Valid values
- * with the default PMD version are
+ * The target JDK to analyze based on. Should match the source used in the 
compiler plugin.
+ * Valid values depend on the used PMD version. With the default PMD 
version valid values are
  * currently 1.3, 1.4, 1.5, 
1.6, 1.7,
  * 1.8, 9, 10, 11, 
12, 13,
  * 14, 15, 16, 17, 
18, 19,
- * and 20.
+ * 20, 21, and 22.

Review Comment:
   Let's do so.



-- 
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.

To unsubscribe, e-mail: issues-unsubscr...@maven.apache.org

For queries about this service, please contact Infrastructure at:
us...@infra.apache.org

[PR] Bump commons-io:commons-io from 2.16.0 to 2.16.1 [maven-surefire]

[via GitHub]

dependabot[bot] opened a new pull request, #731:
URL: https://github.com/apache/maven-surefire/pull/731

   Bumps commons-io:commons-io from 2.16.0 to 2.16.1.
   
   
   [![Dependabot compatibility 
score](https://dependabot-badges.githubapp.com/badges/compatibility_score?dependency-name=commons-io:commons-io=maven=2.16.0=2.16.1)](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores)
   
   Dependabot will resolve any conflicts with this PR as long as you don't 
alter it yourself. You can also trigger a rebase manually by commenting 
`@dependabot rebase`.
   
   [//]: # (dependabot-automerge-start)
   [//]: # (dependabot-automerge-end)
   
   ---
   
   
   Dependabot commands and options
   
   
   You can trigger Dependabot actions by commenting on this PR:
   - `@dependabot rebase` will rebase this PR
   - `@dependabot recreate` will recreate this PR, overwriting any edits that 
have been made to it
   - `@dependabot merge` will merge this PR after your CI passes on it
   - `@dependabot squash and merge` will squash and merge this PR after your CI 
passes on it
   - `@dependabot cancel merge` will cancel a previously requested merge and 
block automerging
   - `@dependabot reopen` will reopen this PR if it is closed
   - `@dependabot close` will close this PR and stop Dependabot recreating it. 
You can achieve the same result by closing it manually
   - `@dependabot show  ignore conditions` will show all of 
the ignore conditions of the specified dependency
   - `@dependabot ignore this major version` will close this PR and stop 
Dependabot creating any more for this major version (unless you reopen the PR 
or upgrade to it yourself)
   - `@dependabot ignore this minor version` will close this PR and stop 
Dependabot creating any more for this minor version (unless you reopen the PR 
or upgrade to it yourself)
   - `@dependabot ignore this dependency` will close this PR and stop 
Dependabot creating any more for this dependency (unless you reopen the PR or 
upgrade to it yourself)
   
   
   


-- 
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.

To unsubscribe, e-mail: issues-unsubscr...@maven.apache.org

For queries about this service, please contact Infrastructure at:
us...@infra.apache.org

[PR] Bump commons-io:commons-io from 2.16.0 to 2.16.1 [maven-shared-utils]

[via GitHub]

dependabot[bot] opened a new pull request, #176:
URL: https://github.com/apache/maven-shared-utils/pull/176

   Bumps commons-io:commons-io from 2.16.0 to 2.16.1.
   
   
   [![Dependabot compatibility 
score](https://dependabot-badges.githubapp.com/badges/compatibility_score?dependency-name=commons-io:commons-io=maven=2.16.0=2.16.1)](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores)
   
   Dependabot will resolve any conflicts with this PR as long as you don't 
alter it yourself. You can also trigger a rebase manually by commenting 
`@dependabot rebase`.
   
   [//]: # (dependabot-automerge-start)
   [//]: # (dependabot-automerge-end)
   
   ---
   
   
   Dependabot commands and options
   
   
   You can trigger Dependabot actions by commenting on this PR:
   - `@dependabot rebase` will rebase this PR
   - `@dependabot recreate` will recreate this PR, overwriting any edits that 
have been made to it
   - `@dependabot merge` will merge this PR after your CI passes on it
   - `@dependabot squash and merge` will squash and merge this PR after your CI 
passes on it
   - `@dependabot cancel merge` will cancel a previously requested merge and 
block automerging
   - `@dependabot reopen` will reopen this PR if it is closed
   - `@dependabot close` will close this PR and stop Dependabot recreating it. 
You can achieve the same result by closing it manually
   - `@dependabot show  ignore conditions` will show all of 
the ignore conditions of the specified dependency
   - `@dependabot ignore this major version` will close this PR and stop 
Dependabot creating any more for this major version (unless you reopen the PR 
or upgrade to it yourself)
   - `@dependabot ignore this minor version` will close this PR and stop 
Dependabot creating any more for this minor version (unless you reopen the PR 
or upgrade to it yourself)
   - `@dependabot ignore this dependency` will close this PR and stop 
Dependabot creating any more for this dependency (unless you reopen the PR or 
upgrade to it yourself)
   
   
   


-- 
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.

To unsubscribe, e-mail: issues-unsubscr...@maven.apache.org

For queries about this service, please contact Infrastructure at:
us...@infra.apache.org

[jira] [Commented] (MPMD-379) Upgrade to use PMD 7.0.0 by default

[ASF GitHub Bot (Jira)]

[ 
https://issues.apache.org/jira/browse/MPMD-379?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel=17835013#comment-17835013
 ] 

ASF GitHub Bot commented on MPMD-379:
-

adangel commented on code in PR #144:
URL: https://github.com/apache/maven-pmd-plugin/pull/144#discussion_r1556244511


##
src/it/MPMD-379-JDK21/invoker.properties:
##
@@ -0,0 +1,28 @@
+# Licensed to the Apache Software Foundation (ASF) under one
+# or more contributor license agreements.  See the NOTICE file
+# distributed with this work for additional information
+# regarding copyright ownership.  The ASF licenses this file
+# to you under the Apache License, Version 2.0 (the
+# "License"); you may not use this file except in compliance
+# with the License.  You may obtain a copy of the License at
+#
+#   http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing,
+# software distributed under the License is distributed on an
+# "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
+# KIND, either express or implied.  See the License for the
+# specific language governing permissions and limitations
+# under the License.
+
+invoker.java.version = 1.8+
+
+# available toolchains under linux:
+# 
https://github.com/apache/infrastructure-p6/blob/production/modules/build_nodes/files/toolchains.xml
+
+# the jdk toolchain "21:openjdk" is selected in pom.xml
+invoker.toolchain.jdk.version = 21
+invoker.toolchain.jdk.vendor = openjdk

Review Comment:
   This is more like a smoke test (small project for java 21 that is compiled 
and analyzed), so any vendor will do, as long it is java 21. It's not testing 
compatibility with a specific vendor, but just compatibility with java 21. 
OpenJDK seems to be the tool chain, that is available on apache's jenkins 
instance.





> Upgrade to use PMD 7.0.0 by default
> ---
>
> Key: MPMD-379
> URL: https://issues.apache.org/jira/browse/MPMD-379
> Project: Maven PMD Plugin
>  Issue Type: Improvement
>  Components: CPD, PMD
>Reporter: Andreas Dangel
>Assignee: Andreas Dangel
>Priority: Major
> Fix For: next-release
>
>
> Add support for the new major version of PMD.
> This gives support for analyzing Java 21 code.
> The upgrade from PMD 6 to PMD 7 is a major upgrade, that might impact 
> end-users, if they use custom rulesets (see 
> [https://maven.apache.org/plugins/maven-pmd-plugin/examples/usingRuleSets.html])
>  or if they override the dependencies to upgrade PMD at runtime and currently 
> use PMD 6.x (see 
> [https://maven.apache.org/plugins/maven-pmd-plugin/examples/upgrading-PMD-at-runtime.html]).
>  
> Most likely, end-users have to review their rulesets and migrate them to PMD 
> 7. Rules might have been renamed or replaced. See 
> [https://docs.pmd-code.org/latest/pmd_release_notes_pmd7.html] and 
> [https://docs.pmd-code.org/latest/pmd_userdocs_migrating_to_pmd7.html] .
>  



--
This message was sent by Atlassian Jira
(v8.20.10#820010)

Re: [PR] [MPMD-379] PMD 7.0.0 support [maven-pmd-plugin]

[via GitHub]

adangel commented on code in PR #144:
URL: https://github.com/apache/maven-pmd-plugin/pull/144#discussion_r1556244511


##
src/it/MPMD-379-JDK21/invoker.properties:
##
@@ -0,0 +1,28 @@
+# Licensed to the Apache Software Foundation (ASF) under one
+# or more contributor license agreements.  See the NOTICE file
+# distributed with this work for additional information
+# regarding copyright ownership.  The ASF licenses this file
+# to you under the Apache License, Version 2.0 (the
+# "License"); you may not use this file except in compliance
+# with the License.  You may obtain a copy of the License at
+#
+#   http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing,
+# software distributed under the License is distributed on an
+# "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
+# KIND, either express or implied.  See the License for the
+# specific language governing permissions and limitations
+# under the License.
+
+invoker.java.version = 1.8+
+
+# available toolchains under linux:
+# 
https://github.com/apache/infrastructure-p6/blob/production/modules/build_nodes/files/toolchains.xml
+
+# the jdk toolchain "21:openjdk" is selected in pom.xml
+invoker.toolchain.jdk.version = 21
+invoker.toolchain.jdk.vendor = openjdk

Review Comment:
   This is more like a smoke test (small project for java 21 that is compiled 
and analyzed), so any vendor will do, as long it is java 21. It's not testing 
compatibility with a specific vendor, but just compatibility with java 21. 
OpenJDK seems to be the tool chain, that is available on apache's jenkins 
instance.



-- 
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.

To unsubscribe, e-mail: issues-unsubscr...@maven.apache.org

For queries about this service, please contact Infrastructure at:
us...@infra.apache.org

[jira] [Commented] (MPMD-379) Upgrade to use PMD 7.0.0 by default

[ASF GitHub Bot (Jira)]

[ 
https://issues.apache.org/jira/browse/MPMD-379?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel=17835012#comment-17835012
 ] 

ASF GitHub Bot commented on MPMD-379:
-

adangel commented on code in PR #144:
URL: https://github.com/apache/maven-pmd-plugin/pull/144#discussion_r1556242531


##
src/main/java/org/apache/maven/plugins/pmd/PmdReport.java:
##
@@ -63,16 +63,19 @@
 @Mojo(name = "pmd", threadSafe = true, requiresDependencyResolution = 
ResolutionScope.TEST)
 public class PmdReport extends AbstractPmdReport {
 /**
- * The target JDK to analyze based on. Should match the source used in the 
compiler plugin. Valid values
- * with the default PMD version are
+ * The target JDK to analyze based on. Should match the source used in the 
compiler plugin.
+ * Valid values depend on the used PMD version. With the default PMD 
version valid values are
  * currently 1.3, 1.4, 1.5, 
1.6, 1.7,
  * 1.8, 9, 10, 11, 
12, 13,
  * 14, 15, 16, 17, 
18, 19,
- * and 20.
+ * 20, 21, and 22.

Review Comment:
   Yes, they are still supported. But true, it's questionable, how useful these 
are. We could thin out the list and keep only 8, 11, 17, 21 and refer to 
https://docs.pmd-code.org/latest/pmd_languages_java.html for the full list.





> Upgrade to use PMD 7.0.0 by default
> ---
>
> Key: MPMD-379
> URL: https://issues.apache.org/jira/browse/MPMD-379
> Project: Maven PMD Plugin
>  Issue Type: Improvement
>  Components: CPD, PMD
>Reporter: Andreas Dangel
>Assignee: Andreas Dangel
>Priority: Major
> Fix For: next-release
>
>
> Add support for the new major version of PMD.
> This gives support for analyzing Java 21 code.
> The upgrade from PMD 6 to PMD 7 is a major upgrade, that might impact 
> end-users, if they use custom rulesets (see 
> [https://maven.apache.org/plugins/maven-pmd-plugin/examples/usingRuleSets.html])
>  or if they override the dependencies to upgrade PMD at runtime and currently 
> use PMD 6.x (see 
> [https://maven.apache.org/plugins/maven-pmd-plugin/examples/upgrading-PMD-at-runtime.html]).
>  
> Most likely, end-users have to review their rulesets and migrate them to PMD 
> 7. Rules might have been renamed or replaced. See 
> [https://docs.pmd-code.org/latest/pmd_release_notes_pmd7.html] and 
> [https://docs.pmd-code.org/latest/pmd_userdocs_migrating_to_pmd7.html] .
>  



--
This message was sent by Atlassian Jira
(v8.20.10#820010)

Re: [PR] [MPMD-379] PMD 7.0.0 support [maven-pmd-plugin]

[via GitHub]

adangel commented on code in PR #144:
URL: https://github.com/apache/maven-pmd-plugin/pull/144#discussion_r1556242531


##
src/main/java/org/apache/maven/plugins/pmd/PmdReport.java:
##
@@ -63,16 +63,19 @@
 @Mojo(name = "pmd", threadSafe = true, requiresDependencyResolution = 
ResolutionScope.TEST)
 public class PmdReport extends AbstractPmdReport {
 /**
- * The target JDK to analyze based on. Should match the source used in the 
compiler plugin. Valid values
- * with the default PMD version are
+ * The target JDK to analyze based on. Should match the source used in the 
compiler plugin.
+ * Valid values depend on the used PMD version. With the default PMD 
version valid values are
  * currently 1.3, 1.4, 1.5, 
1.6, 1.7,
  * 1.8, 9, 10, 11, 
12, 13,
  * 14, 15, 16, 17, 
18, 19,
- * and 20.
+ * 20, 21, and 22.

Review Comment:
   Yes, they are still supported. But true, it's questionable, how useful these 
are. We could thin out the list and keep only 8, 11, 17, 21 and refer to 
https://docs.pmd-code.org/latest/pmd_languages_java.html for the full list.



-- 
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.

To unsubscribe, e-mail: issues-unsubscr...@maven.apache.org

For queries about this service, please contact Infrastructure at:
us...@infra.apache.org

[PR] Bump commons-io:commons-io from 2.15.1 to 2.16.1 [maven-filtering]

[via GitHub]

dependabot[bot] opened a new pull request, #101:
URL: https://github.com/apache/maven-filtering/pull/101

   Bumps commons-io:commons-io from 2.15.1 to 2.16.1.
   
   
   [![Dependabot compatibility 
score](https://dependabot-badges.githubapp.com/badges/compatibility_score?dependency-name=commons-io:commons-io=maven=2.15.1=2.16.1)](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores)
   
   Dependabot will resolve any conflicts with this PR as long as you don't 
alter it yourself. You can also trigger a rebase manually by commenting 
`@dependabot rebase`.
   
   [//]: # (dependabot-automerge-start)
   [//]: # (dependabot-automerge-end)
   
   ---
   
   
   Dependabot commands and options
   
   
   You can trigger Dependabot actions by commenting on this PR:
   - `@dependabot rebase` will rebase this PR
   - `@dependabot recreate` will recreate this PR, overwriting any edits that 
have been made to it
   - `@dependabot merge` will merge this PR after your CI passes on it
   - `@dependabot squash and merge` will squash and merge this PR after your CI 
passes on it
   - `@dependabot cancel merge` will cancel a previously requested merge and 
block automerging
   - `@dependabot reopen` will reopen this PR if it is closed
   - `@dependabot close` will close this PR and stop Dependabot recreating it. 
You can achieve the same result by closing it manually
   - `@dependabot show  ignore conditions` will show all of 
the ignore conditions of the specified dependency
   - `@dependabot ignore this major version` will close this PR and stop 
Dependabot creating any more for this major version (unless you reopen the PR 
or upgrade to it yourself)
   - `@dependabot ignore this minor version` will close this PR and stop 
Dependabot creating any more for this minor version (unless you reopen the PR 
or upgrade to it yourself)
   - `@dependabot ignore this dependency` will close this PR and stop 
Dependabot creating any more for this dependency (unless you reopen the PR or 
upgrade to it yourself)
   
   
   


-- 
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.

To unsubscribe, e-mail: issues-unsubscr...@maven.apache.org

For queries about this service, please contact Infrastructure at:
us...@infra.apache.org

[jira] [Commented] (SCM-939) Assume SCM is present

[ASF GitHub Bot (Jira)]

[ 
https://issues.apache.org/jira/browse/SCM-939?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel=17834922#comment-17834922
 ] 

ASF GitHub Bot commented on SCM-939:


michael-o commented on PR #150:
URL: https://github.com/apache/maven-scm/pull/150#issuecomment-2042791182

   > > @nielsbasjes I did a few updates...
   > 
   > Yes of course. Please change/copy/do what you think is best with my 
partial contribution. Feel free to take it over completely because I do not 
have enough understanding of several key components to finish it.
   
   For me, this looks decent now, but I want to make a few more checks. @kwin 
Do you want to review?




> Assume SCM is present
> -
>
> Key: SCM-939
> URL: https://issues.apache.org/jira/browse/SCM-939
> Project: Maven SCM
>  Issue Type: Bug
>Reporter: Elliotte Rusty Harold
>Priority: Minor
>
> We have a lot of tests that do something like this:
>  
> if ( !ScmTestCase.isSystemCmd( SvnScmTestUtils.SVN_COMMAND_LINE ) )
>  {
>  ScmTestCase.printSystemCmdUnavail( SvnScmTestUtils.SVN_COMMAND_LINE, 
> getName() );
>  return;
>  }
>  
> We should instead use org.*junit*.*Assume* here so these are marked as 
> skipped rather than passed.
>  



--
This message was sent by Atlassian Jira
(v8.20.10#820010)

[jira] [Commented] (SCM-939) Assume SCM is present

[ASF GitHub Bot (Jira)]

[ 
https://issues.apache.org/jira/browse/SCM-939?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel=17834919#comment-17834919
 ] 

ASF GitHub Bot commented on SCM-939:


nielsbasjes commented on PR #150:
URL: https://github.com/apache/maven-scm/pull/150#issuecomment-2042770331

   > @nielsbasjes I did a few updates...
   
   Yes of course. Please change/copy/do what you think is best with my partial 
contribution.
   Feel free to take it over completely because I do not have enough 
understanding of several key components to finish it.




> Assume SCM is present
> -
>
> Key: SCM-939
> URL: https://issues.apache.org/jira/browse/SCM-939
> Project: Maven SCM
>  Issue Type: Bug
>Reporter: Elliotte Rusty Harold
>Priority: Minor
>
> We have a lot of tests that do something like this:
>  
> if ( !ScmTestCase.isSystemCmd( SvnScmTestUtils.SVN_COMMAND_LINE ) )
>  {
>  ScmTestCase.printSystemCmdUnavail( SvnScmTestUtils.SVN_COMMAND_LINE, 
> getName() );
>  return;
>  }
>  
> We should instead use org.*junit*.*Assume* here so these are marked as 
> skipped rather than passed.
>  



--
This message was sent by Atlassian Jira
(v8.20.10#820010)

Re: [PR] Update artifact-handlers.apt [maven]

[via GitHub]

kwin commented on PR #1466:
URL: https://github.com/apache/maven/pull/1466#issuecomment-2042676447

   Well for me extension is mostly connected to files used outside a repo


-- 
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.

To unsubscribe, e-mail: issues-unsubscr...@maven.apache.org

For queries about this service, please contact Infrastructure at:
us...@infra.apache.org

Re: [PR] [SCM-939] Towards JUnit4 ... DRAFT !! [maven-scm]

[via GitHub]

michael-o commented on PR #150:
URL: https://github.com/apache/maven-scm/pull/150#issuecomment-2042610728

   @nielsbasjes I did a few updates...


-- 
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.

To unsubscribe, e-mail: issues-unsubscr...@maven.apache.org

For queries about this service, please contact Infrastructure at:
us...@infra.apache.org

[jira] [Commented] (SCM-939) Assume SCM is present

[ASF GitHub Bot (Jira)]

[ 
https://issues.apache.org/jira/browse/SCM-939?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel=17834906#comment-17834906
 ] 

ASF GitHub Bot commented on SCM-939:


michael-o commented on PR #150:
URL: https://github.com/apache/maven-scm/pull/150#issuecomment-2042610728

   @nielsbasjes I did a few updates...




> Assume SCM is present
> -
>
> Key: SCM-939
> URL: https://issues.apache.org/jira/browse/SCM-939
> Project: Maven SCM
>  Issue Type: Bug
>Reporter: Elliotte Rusty Harold
>Priority: Minor
>
> We have a lot of tests that do something like this:
>  
> if ( !ScmTestCase.isSystemCmd( SvnScmTestUtils.SVN_COMMAND_LINE ) )
>  {
>  ScmTestCase.printSystemCmdUnavail( SvnScmTestUtils.SVN_COMMAND_LINE, 
> getName() );
>  return;
>  }
>  
> We should instead use org.*junit*.*Assume* here so these are marked as 
> skipped rather than passed.
>  



--
This message was sent by Atlassian Jira
(v8.20.10#820010)

Re: [PR] Update artifact-handlers.apt [maven]

[via GitHub]

cstamas commented on PR #1466:
URL: https://github.com/apache/maven/pull/1466#issuecomment-2042536236

   Am unsure is it meaningful at all to speak about artifacts "outside of 
repository"... 


-- 
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.

To unsubscribe, e-mail: issues-unsubscr...@maven.apache.org

For queries about this service, please contact Infrastructure at:
us...@infra.apache.org

Re: [PR] Bump jgitVersion from 5.13.2.202306221912-r to 5.13.3.202401111512-r [maven-scm]

[via GitHub]

michael-o commented on PR #201:
URL: https://github.com/apache/maven-scm/pull/201#issuecomment-2042519825

   @dependabot rebase


-- 
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.

To unsubscribe, e-mail: issues-unsubscr...@maven.apache.org

For queries about this service, please contact Infrastructure at:
us...@infra.apache.org

[jira] [Closed] (SCM-1022) jgit push failure is not failing the build

[Michael Osipov (Jira)]

 [ 
https://issues.apache.org/jira/browse/SCM-1022?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel
 ]

Michael Osipov closed SCM-1022.
---
Resolution: Fixed

Fixed with 
[d77b92ef8b3baa0e9ae3c60d25ee526291faa3c6|https://gitbox.apache.org/repos/asf?p=maven-scm.git=commit=d77b92ef8b3baa0e9ae3c60d25ee526291faa3c6].

> jgit push failure is not failing the build
> --
>
> Key: SCM-1022
> URL: https://issues.apache.org/jira/browse/SCM-1022
> Project: Maven SCM
>  Issue Type: Bug
>  Components: maven-scm-provider-jgit
>Affects Versions: 2.0.1
>Reporter: Mattias Andersson
>Assignee: Michael Osipov
>Priority: Major
> Fix For: 2.1.0
>
>
> If the push command fails, the maven build does not fail. This means binaries 
> are deployed, but the remote repo is not updated. The issue seems related to 
> SCM-854. 
> We use Gerrit and have the merge strategy set to "fast forward only". If 
> someone pushes a commit during the release job, only an INFO message is 
> logged, but the maven build is successful. 
> The same use case with the maven-scm-provider-gitexe (the default) fails the 
> build as expected (git push returns a non-zero exit code)
> {code:java}
> 10:28:03  [INFO] commit done: [maven-release-plugin] prepare release 2.15.0
> 10:28:03  [INFO] push changes to remote... refs/heads/master:refs/heads/master
> 10:28:03  [INFO] fetch url: ssh://xxx@xxx
> 10:28:03  [INFO] push url: ssh://xxx@xxx
> 10:28:03  [INFO] getOrCreateProvider(EdDSA) created instance of 
> net.i2p.crypto.eddsa.EdDSASecurityProvider
> 10:28:03  [INFO] No detected/configured IoServiceFactoryFactory using 
> Nio2ServiceFactoryFactory
> 10:28:04  [INFO] REJECTED_NONFASTFORWARD - 
> RemoteRefUpdate[remoteName=refs/heads/master, REJECTED_NONFASTFORWARD, 
> 1eee06203068576ddcaae4eefe0ea15a52fb49ba...3102c82c6b62d4e86c75194569c2574ac722b6dd,
>  srcRef=refs/heads/master, message=null]
> 10:28:04  [INFO] 12/17 prepare:scm-tag
> 10:28:04  [INFO] Tagging release with the label 2.15.0...
> 10:28:04  [INFO] push tag [2.15.0] to remote...
> 10:28:04  [INFO] fetch url: ssh://xxx@xxx
> 10:28:04  [INFO] push url: ssh://xxx@xxx
> 10:28:05  [INFO] OK - RemoteRefUpdate[remoteName=refs/tags/2.15.0, OK, 
> ...968d97de8331ce19d43c719e870890def5ee65d9,
>  fastForward, srcRef=refs/tags/2.15.0, message=null]{code}



--
This message was sent by Atlassian Jira
(v8.20.10#820010)

[jira] [Commented] (SCM-1022) jgit push failure is not failing the build

[ASF GitHub Bot (Jira)]

[ 
https://issues.apache.org/jira/browse/SCM-1022?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel=17834886#comment-17834886
 ] 

ASF GitHub Bot commented on SCM-1022:
-

michael-o closed pull request #203: [SCM-1022] - jgit push failure is not 
failing the build
URL: https://github.com/apache/maven-scm/pull/203




> jgit push failure is not failing the build
> --
>
> Key: SCM-1022
> URL: https://issues.apache.org/jira/browse/SCM-1022
> Project: Maven SCM
>  Issue Type: Bug
>  Components: maven-scm-provider-jgit
>Affects Versions: 2.0.1
>Reporter: Mattias Andersson
>Assignee: Michael Osipov
>Priority: Major
> Fix For: 2.1.0
>
>
> If the push command fails, the maven build does not fail. This means binaries 
> are deployed, but the remote repo is not updated. The issue seems related to 
> SCM-854. 
> We use Gerrit and have the merge strategy set to "fast forward only". If 
> someone pushes a commit during the release job, only an INFO message is 
> logged, but the maven build is successful. 
> The same use case with the maven-scm-provider-gitexe (the default) fails the 
> build as expected (git push returns a non-zero exit code)
> {code:java}
> 10:28:03  [INFO] commit done: [maven-release-plugin] prepare release 2.15.0
> 10:28:03  [INFO] push changes to remote... refs/heads/master:refs/heads/master
> 10:28:03  [INFO] fetch url: ssh://xxx@xxx
> 10:28:03  [INFO] push url: ssh://xxx@xxx
> 10:28:03  [INFO] getOrCreateProvider(EdDSA) created instance of 
> net.i2p.crypto.eddsa.EdDSASecurityProvider
> 10:28:03  [INFO] No detected/configured IoServiceFactoryFactory using 
> Nio2ServiceFactoryFactory
> 10:28:04  [INFO] REJECTED_NONFASTFORWARD - 
> RemoteRefUpdate[remoteName=refs/heads/master, REJECTED_NONFASTFORWARD, 
> 1eee06203068576ddcaae4eefe0ea15a52fb49ba...3102c82c6b62d4e86c75194569c2574ac722b6dd,
>  srcRef=refs/heads/master, message=null]
> 10:28:04  [INFO] 12/17 prepare:scm-tag
> 10:28:04  [INFO] Tagging release with the label 2.15.0...
> 10:28:04  [INFO] push tag [2.15.0] to remote...
> 10:28:04  [INFO] fetch url: ssh://xxx@xxx
> 10:28:04  [INFO] push url: ssh://xxx@xxx
> 10:28:05  [INFO] OK - RemoteRefUpdate[remoteName=refs/tags/2.15.0, OK, 
> ...968d97de8331ce19d43c719e870890def5ee65d9,
>  fastForward, srcRef=refs/tags/2.15.0, message=null]{code}



--
This message was sent by Atlassian Jira
(v8.20.10#820010)

Re: [PR] [SCM-1022] - jgit push failure is not failing the build [maven-scm]

[via GitHub]

michael-o closed pull request #203: [SCM-1022] - jgit push failure is not 
failing the build
URL: https://github.com/apache/maven-scm/pull/203


-- 
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.

To unsubscribe, e-mail: issues-unsubscr...@maven.apache.org

For queries about this service, please contact Infrastructure at:
us...@infra.apache.org

[jira] [Commented] (SCM-1022) jgit push failure is not failing the build

[ASF GitHub Bot (Jira)]

[ 
https://issues.apache.org/jira/browse/SCM-1022?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel=17834878#comment-17834878
 ] 

ASF GitHub Bot commented on SCM-1022:
-

michael-o commented on PR #203:
URL: https://github.com/apache/maven-scm/pull/203#issuecomment-2042404769

   Let me run this again




> jgit push failure is not failing the build
> --
>
> Key: SCM-1022
> URL: https://issues.apache.org/jira/browse/SCM-1022
> Project: Maven SCM
>  Issue Type: Bug
>  Components: maven-scm-provider-jgit
>Affects Versions: 2.0.1
>Reporter: Mattias Andersson
>Assignee: Michael Osipov
>Priority: Major
> Fix For: 2.1.0
>
>
> If the push command fails, the maven build does not fail. This means binaries 
> are deployed, but the remote repo is not updated. The issue seems related to 
> SCM-854. 
> We use Gerrit and have the merge strategy set to "fast forward only". If 
> someone pushes a commit during the release job, only an INFO message is 
> logged, but the maven build is successful. 
> The same use case with the maven-scm-provider-gitexe (the default) fails the 
> build as expected (git push returns a non-zero exit code)
> {code:java}
> 10:28:03  [INFO] commit done: [maven-release-plugin] prepare release 2.15.0
> 10:28:03  [INFO] push changes to remote... refs/heads/master:refs/heads/master
> 10:28:03  [INFO] fetch url: ssh://xxx@xxx
> 10:28:03  [INFO] push url: ssh://xxx@xxx
> 10:28:03  [INFO] getOrCreateProvider(EdDSA) created instance of 
> net.i2p.crypto.eddsa.EdDSASecurityProvider
> 10:28:03  [INFO] No detected/configured IoServiceFactoryFactory using 
> Nio2ServiceFactoryFactory
> 10:28:04  [INFO] REJECTED_NONFASTFORWARD - 
> RemoteRefUpdate[remoteName=refs/heads/master, REJECTED_NONFASTFORWARD, 
> 1eee06203068576ddcaae4eefe0ea15a52fb49ba...3102c82c6b62d4e86c75194569c2574ac722b6dd,
>  srcRef=refs/heads/master, message=null]
> 10:28:04  [INFO] 12/17 prepare:scm-tag
> 10:28:04  [INFO] Tagging release with the label 2.15.0...
> 10:28:04  [INFO] push tag [2.15.0] to remote...
> 10:28:04  [INFO] fetch url: ssh://xxx@xxx
> 10:28:04  [INFO] push url: ssh://xxx@xxx
> 10:28:05  [INFO] OK - RemoteRefUpdate[remoteName=refs/tags/2.15.0, OK, 
> ...968d97de8331ce19d43c719e870890def5ee65d9,
>  fastForward, srcRef=refs/tags/2.15.0, message=null]{code}



--
This message was sent by Atlassian Jira
(v8.20.10#820010)

Re: [PR] [SCM-1022] - jgit push failure is not failing the build [maven-scm]

[via GitHub]

michael-o commented on PR #203:
URL: https://github.com/apache/maven-scm/pull/203#issuecomment-2042404769

   Let me run this again


-- 
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.

To unsubscribe, e-mail: issues-unsubscr...@maven.apache.org

For queries about this service, please contact Infrastructure at:
us...@infra.apache.org

Re: [PR] Bump bouncycastleVersion from 1.77 to 1.78 [maven-resolver]

[via GitHub]

dependabot[bot] closed pull request #459: Bump bouncycastleVersion from 1.77 to 
1.78
URL: https://github.com/apache/maven-resolver/pull/459


-- 
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.

To unsubscribe, e-mail: issues-unsubscr...@maven.apache.org

For queries about this service, please contact Infrastructure at:
us...@infra.apache.org

Re: [PR] Bump bouncycastleVersion from 1.77 to 1.78 [maven-resolver]

[via GitHub]

dependabot[bot] commented on PR #459:
URL: https://github.com/apache/maven-resolver/pull/459#issuecomment-2042382718

   Looks like these dependencies are up-to-date now, so this is no longer 
needed.


-- 
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.

To unsubscribe, e-mail: issues-unsubscr...@maven.apache.org

For queries about this service, please contact Infrastructure at:
us...@infra.apache.org

Re: [PR] Bump bouncycastleVersion from 1.77 to 1.78 [maven-resolver]

[via GitHub]

cstamas commented on PR #459:
URL: https://github.com/apache/maven-resolver/pull/459#issuecomment-2042382193

   @dependabot rebase


-- 
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.

To unsubscribe, e-mail: issues-unsubscr...@maven.apache.org

For queries about this service, please contact Infrastructure at:
us...@infra.apache.org

[jira] [Commented] (MRESOLVER-523) Update GPG generator to Bouncycastle 1.78

[ASF GitHub Bot (Jira)]

[ 
https://issues.apache.org/jira/browse/MRESOLVER-523?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel=17834874#comment-17834874
 ] 

ASF GitHub Bot commented on MRESOLVER-523:
--

cstamas merged PR #460:
URL: https://github.com/apache/maven-resolver/pull/460




> Update GPG generator to Bouncycastle 1.78
> -
>
> Key: MRESOLVER-523
> URL: https://issues.apache.org/jira/browse/MRESOLVER-523
> Project: Maven Resolver
>  Issue Type: Dependency upgrade
>  Components: Resolver
>Reporter: Tamas Cservenak
>Assignee: Tamas Cservenak
>Priority: Major
> Fix For: 2.0.0, 2.0.0-alpha-11
>
>




--
This message was sent by Atlassian Jira
(v8.20.10#820010)

[jira] [Closed] (MRESOLVER-523) Update GPG generator to Bouncycastle 1.78

[Tamas Cservenak (Jira)]

 [ 
https://issues.apache.org/jira/browse/MRESOLVER-523?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel
 ]

Tamas Cservenak closed MRESOLVER-523.
-
Resolution: Fixed

> Update GPG generator to Bouncycastle 1.78
> -
>
> Key: MRESOLVER-523
> URL: https://issues.apache.org/jira/browse/MRESOLVER-523
> Project: Maven Resolver
>  Issue Type: Dependency upgrade
>  Components: Resolver
>Reporter: Tamas Cservenak
>Assignee: Tamas Cservenak
>Priority: Major
> Fix For: 2.0.0, 2.0.0-alpha-11
>
>




--
This message was sent by Atlassian Jira
(v8.20.10#820010)

Re: [PR] [MRESOLVER-523] Update GPG generator BC to 1.78 [maven-resolver]

[via GitHub]

cstamas merged PR #460:
URL: https://github.com/apache/maven-resolver/pull/460


-- 
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.

To unsubscribe, e-mail: issues-unsubscr...@maven.apache.org

For queries about this service, please contact Infrastructure at:
us...@infra.apache.org

[jira] [Commented] (MRESOLVER-518) Improvements for version selector

[ASF GitHub Bot (Jira)]

[ 
https://issues.apache.org/jira/browse/MRESOLVER-518?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel=17834869#comment-17834869
 ] 

ASF GitHub Bot commented on MRESOLVER-518:
--

cstamas commented on PR #450:
URL: https://github.com/apache/maven-resolver/pull/450#issuecomment-2042356577

   ping, any other comments to this PR?




> Improvements for version selector
> -
>
> Key: MRESOLVER-518
> URL: https://issues.apache.org/jira/browse/MRESOLVER-518
> Project: Maven Resolver
>  Issue Type: New Feature
>  Components: Resolver
>Reporter: Tamas Cservenak
>Assignee: Tamas Cservenak
>Priority: Major
> Fix For: 2.0.0, 2.0.0-alpha-11
>
>
> Currently Resolver "silently" resolves conflict based on "nearest" strategy, 
> without any assumption about selected version (simply the fact it is "nearer 
> to root" makes it win).
> Extend this logic by ability to fail collection in case of version conflict, 
> version divergence and "version incompatibility" for start. As it may come 
> handy, and user may want to fix the build differently than Maven would.



--
This message was sent by Atlassian Jira
(v8.20.10#820010)

Re: [PR] [MRESOLVER-518] Version selector improvements [maven-resolver]

[via GitHub]

cstamas commented on PR #450:
URL: https://github.com/apache/maven-resolver/pull/450#issuecomment-2042356577

   ping, any other comments to this PR?


-- 
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.

To unsubscribe, e-mail: issues-unsubscr...@maven.apache.org

For queries about this service, please contact Infrastructure at:
us...@infra.apache.org

[jira] [Closed] (MRESOLVER-525) Update test dep testcointainers-redis to 2.2.2

[Tamas Cservenak (Jira)]

 [ 
https://issues.apache.org/jira/browse/MRESOLVER-525?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel
 ]

Tamas Cservenak closed MRESOLVER-525.
-
Resolution: Fixed

> Update test dep testcointainers-redis to 2.2.2
> --
>
> Key: MRESOLVER-525
> URL: https://issues.apache.org/jira/browse/MRESOLVER-525
> Project: Maven Resolver
>  Issue Type: Dependency upgrade
>  Components: Resolver
>Reporter: Tamas Cservenak
>Priority: Major
> Fix For: 2.0.0, 2.0.0-alpha-11
>
>




--
This message was sent by Atlassian Jira
(v8.20.10#820010)

Re: [PR] Bump com.redis:testcontainers-redis from 2.2.1 to 2.2.2 [maven-resolver]

[via GitHub]

cstamas merged PR #451:
URL: https://github.com/apache/maven-resolver/pull/451


-- 
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.

To unsubscribe, e-mail: issues-unsubscr...@maven.apache.org

For queries about this service, please contact Infrastructure at:
us...@infra.apache.org

[jira] [Created] (MRESOLVER-525) Update test dep testcointainers-redis to 2.2.2

[Tamas Cservenak (Jira)]

Tamas Cservenak created MRESOLVER-525:
-

 Summary: Update test dep testcointainers-redis to 2.2.2
 Key: MRESOLVER-525
 URL: https://issues.apache.org/jira/browse/MRESOLVER-525
 Project: Maven Resolver
  Issue Type: Dependency upgrade
  Components: Resolver
Reporter: Tamas Cservenak
 Fix For: 2.0.0, 2.0.0-alpha-11






--
This message was sent by Atlassian Jira
(v8.20.10#820010)

[jira] [Commented] (SCM-1022) jgit push failure is not failing the build

[ASF GitHub Bot (Jira)]

[ 
https://issues.apache.org/jira/browse/SCM-1022?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel=17834866#comment-17834866
 ] 

ASF GitHub Bot commented on SCM-1022:
-

attiand commented on PR #203:
URL: https://github.com/apache/maven-scm/pull/203#issuecomment-2042327072

   Status.UP_TO_DATE is now successful. Added TCK testUpToDatePush.




> jgit push failure is not failing the build
> --
>
> Key: SCM-1022
> URL: https://issues.apache.org/jira/browse/SCM-1022
> Project: Maven SCM
>  Issue Type: Bug
>  Components: maven-scm-provider-jgit
>Affects Versions: 2.0.1
>Reporter: Mattias Andersson
>Assignee: Michael Osipov
>Priority: Major
> Fix For: 2.1.0
>
>
> If the push command fails, the maven build does not fail. This means binaries 
> are deployed, but the remote repo is not updated. The issue seems related to 
> SCM-854. 
> We use Gerrit and have the merge strategy set to "fast forward only". If 
> someone pushes a commit during the release job, only an INFO message is 
> logged, but the maven build is successful. 
> The same use case with the maven-scm-provider-gitexe (the default) fails the 
> build as expected (git push returns a non-zero exit code)
> {code:java}
> 10:28:03  [INFO] commit done: [maven-release-plugin] prepare release 2.15.0
> 10:28:03  [INFO] push changes to remote... refs/heads/master:refs/heads/master
> 10:28:03  [INFO] fetch url: ssh://xxx@xxx
> 10:28:03  [INFO] push url: ssh://xxx@xxx
> 10:28:03  [INFO] getOrCreateProvider(EdDSA) created instance of 
> net.i2p.crypto.eddsa.EdDSASecurityProvider
> 10:28:03  [INFO] No detected/configured IoServiceFactoryFactory using 
> Nio2ServiceFactoryFactory
> 10:28:04  [INFO] REJECTED_NONFASTFORWARD - 
> RemoteRefUpdate[remoteName=refs/heads/master, REJECTED_NONFASTFORWARD, 
> 1eee06203068576ddcaae4eefe0ea15a52fb49ba...3102c82c6b62d4e86c75194569c2574ac722b6dd,
>  srcRef=refs/heads/master, message=null]
> 10:28:04  [INFO] 12/17 prepare:scm-tag
> 10:28:04  [INFO] Tagging release with the label 2.15.0...
> 10:28:04  [INFO] push tag [2.15.0] to remote...
> 10:28:04  [INFO] fetch url: ssh://xxx@xxx
> 10:28:04  [INFO] push url: ssh://xxx@xxx
> 10:28:05  [INFO] OK - RemoteRefUpdate[remoteName=refs/tags/2.15.0, OK, 
> ...968d97de8331ce19d43c719e870890def5ee65d9,
>  fastForward, srcRef=refs/tags/2.15.0, message=null]{code}



--
This message was sent by Atlassian Jira
(v8.20.10#820010)

Re: [PR] [SCM-1022] - jgit push failure is not failing the build [maven-scm]

[via GitHub]

attiand commented on PR #203:
URL: https://github.com/apache/maven-scm/pull/203#issuecomment-2042327072

   Status.UP_TO_DATE is now successful. Added TCK testUpToDatePush.


-- 
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.

To unsubscribe, e-mail: issues-unsubscr...@maven.apache.org

For queries about this service, please contact Infrastructure at:
us...@infra.apache.org

[jira] [Closed] (MRESOLVER-524) Update Hazelcast to 5.3.7

[Tamas Cservenak (Jira)]

 [ 
https://issues.apache.org/jira/browse/MRESOLVER-524?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel
 ]

Tamas Cservenak closed MRESOLVER-524.
-
Resolution: Fixed

> Update Hazelcast to 5.3.7
> -
>
> Key: MRESOLVER-524
> URL: https://issues.apache.org/jira/browse/MRESOLVER-524
> Project: Maven Resolver
>  Issue Type: Dependency upgrade
>  Components: Resolver
>Reporter: Tamas Cservenak
>Assignee: Tamas Cservenak
>Priority: Major
> Fix For: 2.0.0, 2.0.0-alpha-11
>
>




--
This message was sent by Atlassian Jira
(v8.20.10#820010)

Re: [PR] Bump com.redis:testcontainers-redis from 2.2.1 to 2.2.2 [maven-resolver]

[via GitHub]

cstamas commented on PR #451:
URL: https://github.com/apache/maven-resolver/pull/451#issuecomment-2042323294

   @dependabot rebase


-- 
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.

To unsubscribe, e-mail: issues-unsubscr...@maven.apache.org

For queries about this service, please contact Infrastructure at:
us...@infra.apache.org

Re: [PR] Bump com.hazelcast:hazelcast from 5.3.6 to 5.3.7 [maven-resolver]

[via GitHub]

cstamas merged PR #458:
URL: https://github.com/apache/maven-resolver/pull/458


-- 
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.

To unsubscribe, e-mail: issues-unsubscr...@maven.apache.org

For queries about this service, please contact Infrastructure at:
us...@infra.apache.org

[jira] [Created] (MRESOLVER-524) Update Hazelcast to 5.3.7

[Tamas Cservenak (Jira)]

Tamas Cservenak created MRESOLVER-524:
-

 Summary: Update Hazelcast to 5.3.7
 Key: MRESOLVER-524
 URL: https://issues.apache.org/jira/browse/MRESOLVER-524
 Project: Maven Resolver
  Issue Type: Dependency upgrade
  Components: Resolver
Reporter: Tamas Cservenak
 Fix For: 2.0.0, 2.0.0-alpha-11






--
This message was sent by Atlassian Jira
(v8.20.10#820010)

[jira] [Assigned] (MRESOLVER-524) Update Hazelcast to 5.3.7

[Tamas Cservenak (Jira)]

 [ 
https://issues.apache.org/jira/browse/MRESOLVER-524?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel
 ]

Tamas Cservenak reassigned MRESOLVER-524:
-

Assignee: Tamas Cservenak

> Update Hazelcast to 5.3.7
> -
>
> Key: MRESOLVER-524
> URL: https://issues.apache.org/jira/browse/MRESOLVER-524
> Project: Maven Resolver
>  Issue Type: Dependency upgrade
>  Components: Resolver
>Reporter: Tamas Cservenak
>Assignee: Tamas Cservenak
>Priority: Major
> Fix For: 2.0.0, 2.0.0-alpha-11
>
>




--
This message was sent by Atlassian Jira
(v8.20.10#820010)

[jira] [Commented] (MRESOLVER-523) Update GPG generator to Bouncycastle 1.78

[ASF GitHub Bot (Jira)]

[ 
https://issues.apache.org/jira/browse/MRESOLVER-523?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel=17834865#comment-17834865
 ] 

ASF GitHub Bot commented on MRESOLVER-523:
--

cstamas opened a new pull request, #460:
URL: https://github.com/apache/maven-resolver/pull/460

   Update BC to 1.78
   
   ---
   
   https://issues.apache.org/jira/browse/MRESOLVER-523




> Update GPG generator to Bouncycastle 1.78
> -
>
> Key: MRESOLVER-523
> URL: https://issues.apache.org/jira/browse/MRESOLVER-523
> Project: Maven Resolver
>  Issue Type: Dependency upgrade
>  Components: Resolver
>Reporter: Tamas Cservenak
>Assignee: Tamas Cservenak
>Priority: Major
> Fix For: 2.0.0, 2.0.0-alpha-11
>
>




--
This message was sent by Atlassian Jira
(v8.20.10#820010)

[jira] [Assigned] (MRESOLVER-523) Update GPG generator to Bouncycastle 1.78

[Tamas Cservenak (Jira)]

 [ 
https://issues.apache.org/jira/browse/MRESOLVER-523?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel
 ]

Tamas Cservenak reassigned MRESOLVER-523:
-

Assignee: Tamas Cservenak

> Update GPG generator to Bouncycastle 1.78
> -
>
> Key: MRESOLVER-523
> URL: https://issues.apache.org/jira/browse/MRESOLVER-523
> Project: Maven Resolver
>  Issue Type: Dependency upgrade
>  Components: Resolver
>Reporter: Tamas Cservenak
>Assignee: Tamas Cservenak
>Priority: Major
> Fix For: 2.0.0, 2.0.0-alpha-11
>
>




--
This message was sent by Atlassian Jira
(v8.20.10#820010)

[jira] [Created] (MRESOLVER-523) Update GPG generator to Bouncycastle 1.78

[Tamas Cservenak (Jira)]

Tamas Cservenak created MRESOLVER-523:
-

 Summary: Update GPG generator to Bouncycastle 1.78
 Key: MRESOLVER-523
 URL: https://issues.apache.org/jira/browse/MRESOLVER-523
 Project: Maven Resolver
  Issue Type: Dependency upgrade
  Components: Resolver
Reporter: Tamas Cservenak
 Fix For: 2.0.0, 2.0.0-alpha-11






--
This message was sent by Atlassian Jira
(v8.20.10#820010)

[jira] [Updated] (MGPG-116) Up the file size limit to 64K

[Tamas Cservenak (Jira)]

 [ 
https://issues.apache.org/jira/browse/MGPG-116?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel
 ]

Tamas Cservenak updated MGPG-116:
-
Issue Type: Improvement  (was: Task)

> Up the file size limit to 64K
> -
>
> Key: MGPG-116
> URL: https://issues.apache.org/jira/browse/MGPG-116
> Project: Maven GPG Plugin
>  Issue Type: Improvement
>Reporter: Tamas Cservenak
>Assignee: Tamas Cservenak
>Priority: Major
> Fix For: 3.2.3
>
>
> The refd document talks about "key size" (that is very rarely 16K), but the 
> file we are loading up is armored: Base64 encoded + formatted  + newlines and 
> may have arbitrary amount of comments added as well.
> In short, the wiki talks about the "key size" as in memory, while this file 
> have much of the overhead, plus, it may be collection of keys...



--
This message was sent by Atlassian Jira
(v8.20.10#820010)

[jira] [Commented] (SCM-1022) jgit push failure is not failing the build

[ASF GitHub Bot (Jira)]

[ 
https://issues.apache.org/jira/browse/SCM-1022?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel=17834834#comment-17834834
 ] 

ASF GitHub Bot commented on SCM-1022:
-

kwin commented on code in PR #203:
URL: https://github.com/apache/maven-scm/pull/203#discussion_r1555400678


##
maven-scm-providers/maven-scm-providers-git/maven-scm-provider-jgit/src/main/java/org/apache/maven/scm/provider/git/jgit/command/checkin/JGitCheckInCommand.java:
##
@@ -139,7 +141,19 @@ protected CheckInScmResult executeCheckInCommand(
 }
 RefSpec refSpec = new RefSpec(Constants.R_HEADS + branch + ":" 
+ Constants.R_HEADS + branch);
 logger.info("push changes to remote... " + refSpec);
-JGitUtils.push(git, (GitScmProviderRepository) repo, refSpec);
+Iterable pushResultList = JGitUtils.push(git, 
(GitScmProviderRepository) repo, refSpec);
+
+for (PushResult pushResult : pushResultList) {
+for (RemoteRefUpdate remoteRefUpdate : 
pushResult.getRemoteUpdates()) {
+if (remoteRefUpdate.getStatus() != 
RemoteRefUpdate.Status.OK) {

Review Comment:
   I think up2date is no error condition either: 
https://archive.eclipse.org/jgit/docs/jgit-2.0.0.201206130900-r/apidocs/org/eclipse/jgit/transport/RemoteRefUpdate.Status.html#UP_TO_DATE





> jgit push failure is not failing the build
> --
>
> Key: SCM-1022
> URL: https://issues.apache.org/jira/browse/SCM-1022
> Project: Maven SCM
>  Issue Type: Bug
>  Components: maven-scm-provider-jgit
>Affects Versions: 2.0.1
>Reporter: Mattias Andersson
>Assignee: Michael Osipov
>Priority: Major
> Fix For: 2.1.0
>
>
> If the push command fails, the maven build does not fail. This means binaries 
> are deployed, but the remote repo is not updated. The issue seems related to 
> SCM-854. 
> We use Gerrit and have the merge strategy set to "fast forward only". If 
> someone pushes a commit during the release job, only an INFO message is 
> logged, but the maven build is successful. 
> The same use case with the maven-scm-provider-gitexe (the default) fails the 
> build as expected (git push returns a non-zero exit code)
> {code:java}
> 10:28:03  [INFO] commit done: [maven-release-plugin] prepare release 2.15.0
> 10:28:03  [INFO] push changes to remote... refs/heads/master:refs/heads/master
> 10:28:03  [INFO] fetch url: ssh://xxx@xxx
> 10:28:03  [INFO] push url: ssh://xxx@xxx
> 10:28:03  [INFO] getOrCreateProvider(EdDSA) created instance of 
> net.i2p.crypto.eddsa.EdDSASecurityProvider
> 10:28:03  [INFO] No detected/configured IoServiceFactoryFactory using 
> Nio2ServiceFactoryFactory
> 10:28:04  [INFO] REJECTED_NONFASTFORWARD - 
> RemoteRefUpdate[remoteName=refs/heads/master, REJECTED_NONFASTFORWARD, 
> 1eee06203068576ddcaae4eefe0ea15a52fb49ba...3102c82c6b62d4e86c75194569c2574ac722b6dd,
>  srcRef=refs/heads/master, message=null]
> 10:28:04  [INFO] 12/17 prepare:scm-tag
> 10:28:04  [INFO] Tagging release with the label 2.15.0...
> 10:28:04  [INFO] push tag [2.15.0] to remote...
> 10:28:04  [INFO] fetch url: ssh://xxx@xxx
> 10:28:04  [INFO] push url: ssh://xxx@xxx
> 10:28:05  [INFO] OK - RemoteRefUpdate[remoteName=refs/tags/2.15.0, OK, 
> ...968d97de8331ce19d43c719e870890def5ee65d9,
>  fastForward, srcRef=refs/tags/2.15.0, message=null]{code}



--
This message was sent by Atlassian Jira
(v8.20.10#820010)

Re: [PR] [SCM-1022] - jgit push failure is not failing the build [maven-scm]

[via GitHub]

kwin commented on code in PR #203:
URL: https://github.com/apache/maven-scm/pull/203#discussion_r1555400678


##
maven-scm-providers/maven-scm-providers-git/maven-scm-provider-jgit/src/main/java/org/apache/maven/scm/provider/git/jgit/command/checkin/JGitCheckInCommand.java:
##
@@ -139,7 +141,19 @@ protected CheckInScmResult executeCheckInCommand(
 }
 RefSpec refSpec = new RefSpec(Constants.R_HEADS + branch + ":" 
+ Constants.R_HEADS + branch);
 logger.info("push changes to remote... " + refSpec);
-JGitUtils.push(git, (GitScmProviderRepository) repo, refSpec);
+Iterable pushResultList = JGitUtils.push(git, 
(GitScmProviderRepository) repo, refSpec);
+
+for (PushResult pushResult : pushResultList) {
+for (RemoteRefUpdate remoteRefUpdate : 
pushResult.getRemoteUpdates()) {
+if (remoteRefUpdate.getStatus() != 
RemoteRefUpdate.Status.OK) {

Review Comment:
   I think up2date is no error condition either: 
https://archive.eclipse.org/jgit/docs/jgit-2.0.0.201206130900-r/apidocs/org/eclipse/jgit/transport/RemoteRefUpdate.Status.html#UP_TO_DATE



-- 
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.

To unsubscribe, e-mail: issues-unsubscr...@maven.apache.org

For queries about this service, please contact Infrastructure at:
us...@infra.apache.org

[jira] [Commented] (SCM-1022) jgit push failure is not failing the build

[ASF GitHub Bot (Jira)]

[ 
https://issues.apache.org/jira/browse/SCM-1022?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel=17834833#comment-17834833
 ] 

ASF GitHub Bot commented on SCM-1022:
-

kwin commented on code in PR #203:
URL: https://github.com/apache/maven-scm/pull/203#discussion_r1555398863


##
maven-scm-providers/maven-scm-providers-git/maven-scm-provider-jgit/src/test/java/org/apache/maven/scm/provider/git/jgit/command/checkin/JGitCheckinCommandTest.java:
##
@@ -0,0 +1,104 @@
+/*
+ * Licensed to the Apache Software Foundation (ASF) under one
+ * or more contributor license agreements.  See the NOTICE file
+ * distributed with this work for additional information
+ * regarding copyright ownership.  The ASF licenses this file
+ * to you under the Apache License, Version 2.0 (the
+ * "License"); you may not use this file except in compliance
+ * with the License.  You may obtain a copy of the License at
+ *
+ *   http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing,
+ * software distributed under the License is distributed on an
+ * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
+ * KIND, either express or implied.  See the License for the
+ * specific language governing permissions and limitations
+ * under the License.
+ */
+package org.apache.maven.scm.provider.git.jgit.command.checkin;
+
+import java.io.File;
+import java.io.IOException;
+
+import org.apache.maven.scm.PlexusJUnit4TestSupport;
+import org.apache.maven.scm.ScmFileSet;
+import org.apache.maven.scm.ScmTestCase;
+import org.apache.maven.scm.command.checkin.CheckInScmResult;
+import org.apache.maven.scm.command.checkout.CheckOutScmResult;
+import org.apache.maven.scm.provider.git.GitScmTestUtils;
+import org.apache.maven.scm.repository.ScmRepository;
+import org.codehaus.plexus.util.FileUtils;
+import org.junit.Test;
+
+import static org.junit.Assert.assertFalse;
+
+public class JGitCheckinCommandTest extends ScmTestCase {

Review Comment:
   I think a push which doesn't add any commits should never be an error 
(neither in JGit nor in GitExe). If there is an up2date check being necessary 
in maven-release-plugin that needs to be triggered separately. I would 
therefore appreciate to add the test to the TCK but assert that it is returning 
a success status.





> jgit push failure is not failing the build
> --
>
> Key: SCM-1022
> URL: https://issues.apache.org/jira/browse/SCM-1022
> Project: Maven SCM
>  Issue Type: Bug
>  Components: maven-scm-provider-jgit
>Affects Versions: 2.0.1
>Reporter: Mattias Andersson
>Assignee: Michael Osipov
>Priority: Major
> Fix For: 2.1.0
>
>
> If the push command fails, the maven build does not fail. This means binaries 
> are deployed, but the remote repo is not updated. The issue seems related to 
> SCM-854. 
> We use Gerrit and have the merge strategy set to "fast forward only". If 
> someone pushes a commit during the release job, only an INFO message is 
> logged, but the maven build is successful. 
> The same use case with the maven-scm-provider-gitexe (the default) fails the 
> build as expected (git push returns a non-zero exit code)
> {code:java}
> 10:28:03  [INFO] commit done: [maven-release-plugin] prepare release 2.15.0
> 10:28:03  [INFO] push changes to remote... refs/heads/master:refs/heads/master
> 10:28:03  [INFO] fetch url: ssh://xxx@xxx
> 10:28:03  [INFO] push url: ssh://xxx@xxx
> 10:28:03  [INFO] getOrCreateProvider(EdDSA) created instance of 
> net.i2p.crypto.eddsa.EdDSASecurityProvider
> 10:28:03  [INFO] No detected/configured IoServiceFactoryFactory using 
> Nio2ServiceFactoryFactory
> 10:28:04  [INFO] REJECTED_NONFASTFORWARD - 
> RemoteRefUpdate[remoteName=refs/heads/master, REJECTED_NONFASTFORWARD, 
> 1eee06203068576ddcaae4eefe0ea15a52fb49ba...3102c82c6b62d4e86c75194569c2574ac722b6dd,
>  srcRef=refs/heads/master, message=null]
> 10:28:04  [INFO] 12/17 prepare:scm-tag
> 10:28:04  [INFO] Tagging release with the label 2.15.0...
> 10:28:04  [INFO] push tag [2.15.0] to remote...
> 10:28:04  [INFO] fetch url: ssh://xxx@xxx
> 10:28:04  [INFO] push url: ssh://xxx@xxx
> 10:28:05  [INFO] OK - RemoteRefUpdate[remoteName=refs/tags/2.15.0, OK, 
> ...968d97de8331ce19d43c719e870890def5ee65d9,
>  fastForward, srcRef=refs/tags/2.15.0, message=null]{code}



--
This message was sent by Atlassian Jira
(v8.20.10#820010)

Re: [PR] [SCM-1022] - jgit push failure is not failing the build [maven-scm]

[via GitHub]

kwin commented on code in PR #203:
URL: https://github.com/apache/maven-scm/pull/203#discussion_r1555398863


##
maven-scm-providers/maven-scm-providers-git/maven-scm-provider-jgit/src/test/java/org/apache/maven/scm/provider/git/jgit/command/checkin/JGitCheckinCommandTest.java:
##
@@ -0,0 +1,104 @@
+/*
+ * Licensed to the Apache Software Foundation (ASF) under one
+ * or more contributor license agreements.  See the NOTICE file
+ * distributed with this work for additional information
+ * regarding copyright ownership.  The ASF licenses this file
+ * to you under the Apache License, Version 2.0 (the
+ * "License"); you may not use this file except in compliance
+ * with the License.  You may obtain a copy of the License at
+ *
+ *   http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing,
+ * software distributed under the License is distributed on an
+ * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
+ * KIND, either express or implied.  See the License for the
+ * specific language governing permissions and limitations
+ * under the License.
+ */
+package org.apache.maven.scm.provider.git.jgit.command.checkin;
+
+import java.io.File;
+import java.io.IOException;
+
+import org.apache.maven.scm.PlexusJUnit4TestSupport;
+import org.apache.maven.scm.ScmFileSet;
+import org.apache.maven.scm.ScmTestCase;
+import org.apache.maven.scm.command.checkin.CheckInScmResult;
+import org.apache.maven.scm.command.checkout.CheckOutScmResult;
+import org.apache.maven.scm.provider.git.GitScmTestUtils;
+import org.apache.maven.scm.repository.ScmRepository;
+import org.codehaus.plexus.util.FileUtils;
+import org.junit.Test;
+
+import static org.junit.Assert.assertFalse;
+
+public class JGitCheckinCommandTest extends ScmTestCase {

Review Comment:
   I think a push which doesn't add any commits should never be an error 
(neither in JGit nor in GitExe). If there is an up2date check being necessary 
in maven-release-plugin that needs to be triggered separately. I would 
therefore appreciate to add the test to the TCK but assert that it is returning 
a success status.



-- 
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.

To unsubscribe, e-mail: issues-unsubscr...@maven.apache.org

For queries about this service, please contact Infrastructure at:
us...@infra.apache.org

[jira] [Commented] (SCM-914) InfoItem.lastChangedDate is leaky abstraction

[Konrad Windszus (Jira)]

[ 
https://issues.apache.org/jira/browse/SCM-914?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel=17834831#comment-17834831
 ] 

Konrad Windszus commented on SCM-914:
-

Fixed in 
https://github.com/apache/maven-scm/commit/a297237e98b405ba4a323247137eaffcf8e20593.

> InfoItem.lastChangedDate is leaky abstraction
> -
>
> Key: SCM-914
> URL: https://issues.apache.org/jira/browse/SCM-914
> Project: Maven SCM
>  Issue Type: Bug
>  Components: maven-scm-api
>Reporter: Tobias Gruetzmacher
>Assignee: Konrad Windszus
>Priority: Minor
> Fix For: 2.1.0
>
>
> I was looking into implementing 
> [https://github.com/mojohaus/buildnumber-maven-plugin/pull/16] in a sane way, 
> but had to conclude that InfoItem.lastChangedDate is unfortunately just a 
> string and not a Data, so will leak the console output of different providers 
> to the user.
> Does anybody see a sane way to fix this API and create a sane abstraction for 
> different SCMs? If yes, I would try to go ahead with the following tasks:
>  # Fix InfoItem, so that lastChangedDate is a Date
>  # Fix the current providers filling this field (svnexe and svnjava AFAICS - 
> aside: why is svnjava not part of the maven-scm repository?)
>  # Implement this feature for at least gitexe (and maybe jgit) so I can use 
> it for my usecase
> Ideas, comments?



--
This message was sent by Atlassian Jira
(v8.20.10#820010)

[jira] [Resolved] (SCM-914) InfoItem.lastChangedDate is leaky abstraction

[Konrad Windszus (Jira)]

 [ 
https://issues.apache.org/jira/browse/SCM-914?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel
 ]

Konrad Windszus resolved SCM-914.
-
Fix Version/s: 2.1.0
   Resolution: Fixed

> InfoItem.lastChangedDate is leaky abstraction
> -
>
> Key: SCM-914
> URL: https://issues.apache.org/jira/browse/SCM-914
> Project: Maven SCM
>  Issue Type: Bug
>  Components: maven-scm-api
>Reporter: Tobias Gruetzmacher
>Assignee: Konrad Windszus
>Priority: Minor
> Fix For: 2.1.0
>
>
> I was looking into implementing 
> [https://github.com/mojohaus/buildnumber-maven-plugin/pull/16] in a sane way, 
> but had to conclude that InfoItem.lastChangedDate is unfortunately just a 
> string and not a Data, so will leak the console output of different providers 
> to the user.
> Does anybody see a sane way to fix this API and create a sane abstraction for 
> different SCMs? If yes, I would try to go ahead with the following tasks:
>  # Fix InfoItem, so that lastChangedDate is a Date
>  # Fix the current providers filling this field (svnexe and svnjava AFAICS - 
> aside: why is svnjava not part of the maven-scm repository?)
>  # Implement this feature for at least gitexe (and maybe jgit) so I can use 
> it for my usecase
> Ideas, comments?



--
This message was sent by Atlassian Jira
(v8.20.10#820010)

[jira] [Commented] (SCM-914) InfoItem.lastChangedDate is leaky abstraction

[ASF GitHub Bot (Jira)]

[ 
https://issues.apache.org/jira/browse/SCM-914?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel=17834829#comment-17834829
 ] 

ASF GitHub Bot commented on SCM-914:


kwin merged PR #193:
URL: https://github.com/apache/maven-scm/pull/193




> InfoItem.lastChangedDate is leaky abstraction
> -
>
> Key: SCM-914
> URL: https://issues.apache.org/jira/browse/SCM-914
> Project: Maven SCM
>  Issue Type: Bug
>  Components: maven-scm-api
>Reporter: Tobias Gruetzmacher
>Assignee: Konrad Windszus
>Priority: Minor
>
> I was looking into implementing 
> [https://github.com/mojohaus/buildnumber-maven-plugin/pull/16] in a sane way, 
> but had to conclude that InfoItem.lastChangedDate is unfortunately just a 
> string and not a Data, so will leak the console output of different providers 
> to the user.
> Does anybody see a sane way to fix this API and create a sane abstraction for 
> different SCMs? If yes, I would try to go ahead with the following tasks:
>  # Fix InfoItem, so that lastChangedDate is a Date
>  # Fix the current providers filling this field (svnexe and svnjava AFAICS - 
> aside: why is svnjava not part of the maven-scm repository?)
>  # Implement this feature for at least gitexe (and maybe jgit) so I can use 
> it for my usecase
> Ideas, comments?



--
This message was sent by Atlassian Jira
(v8.20.10#820010)

Re: [PR] [SCM-914] Introduce properly typed last modified date [maven-scm]

[via GitHub]

kwin merged PR #193:
URL: https://github.com/apache/maven-scm/pull/193


-- 
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.

To unsubscribe, e-mail: issues-unsubscr...@maven.apache.org

For queries about this service, please contact Infrastructure at:
us...@infra.apache.org

[jira] [Commented] (SCM-1022) jgit push failure is not failing the build

[ASF GitHub Bot (Jira)]

[ 
https://issues.apache.org/jira/browse/SCM-1022?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel=17834827#comment-17834827
 ] 

ASF GitHub Bot commented on SCM-1022:
-

michael-o commented on PR #203:
URL: https://github.com/apache/maven-scm/pull/203#issuecomment-2042108540

   @kwin Any objections?




> jgit push failure is not failing the build
> --
>
> Key: SCM-1022
> URL: https://issues.apache.org/jira/browse/SCM-1022
> Project: Maven SCM
>  Issue Type: Bug
>  Components: maven-scm-provider-jgit
>Affects Versions: 2.0.1
>Reporter: Mattias Andersson
>Assignee: Michael Osipov
>Priority: Major
> Fix For: 2.1.0
>
>
> If the push command fails, the maven build does not fail. This means binaries 
> are deployed, but the remote repo is not updated. The issue seems related to 
> SCM-854. 
> We use Gerrit and have the merge strategy set to "fast forward only". If 
> someone pushes a commit during the release job, only an INFO message is 
> logged, but the maven build is successful. 
> The same use case with the maven-scm-provider-gitexe (the default) fails the 
> build as expected (git push returns a non-zero exit code)
> {code:java}
> 10:28:03  [INFO] commit done: [maven-release-plugin] prepare release 2.15.0
> 10:28:03  [INFO] push changes to remote... refs/heads/master:refs/heads/master
> 10:28:03  [INFO] fetch url: ssh://xxx@xxx
> 10:28:03  [INFO] push url: ssh://xxx@xxx
> 10:28:03  [INFO] getOrCreateProvider(EdDSA) created instance of 
> net.i2p.crypto.eddsa.EdDSASecurityProvider
> 10:28:03  [INFO] No detected/configured IoServiceFactoryFactory using 
> Nio2ServiceFactoryFactory
> 10:28:04  [INFO] REJECTED_NONFASTFORWARD - 
> RemoteRefUpdate[remoteName=refs/heads/master, REJECTED_NONFASTFORWARD, 
> 1eee06203068576ddcaae4eefe0ea15a52fb49ba...3102c82c6b62d4e86c75194569c2574ac722b6dd,
>  srcRef=refs/heads/master, message=null]
> 10:28:04  [INFO] 12/17 prepare:scm-tag
> 10:28:04  [INFO] Tagging release with the label 2.15.0...
> 10:28:04  [INFO] push tag [2.15.0] to remote...
> 10:28:04  [INFO] fetch url: ssh://xxx@xxx
> 10:28:04  [INFO] push url: ssh://xxx@xxx
> 10:28:05  [INFO] OK - RemoteRefUpdate[remoteName=refs/tags/2.15.0, OK, 
> ...968d97de8331ce19d43c719e870890def5ee65d9,
>  fastForward, srcRef=refs/tags/2.15.0, message=null]{code}



--
This message was sent by Atlassian Jira
(v8.20.10#820010)

Re: [PR] [SCM-1022] - jgit push failure is not failing the build [maven-scm]

[via GitHub]

michael-o commented on PR #203:
URL: https://github.com/apache/maven-scm/pull/203#issuecomment-2042108540

   @kwin Any objections?


-- 
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.

To unsubscribe, e-mail: issues-unsubscr...@maven.apache.org

For queries about this service, please contact Infrastructure at:
us...@infra.apache.org

Re: [PR] Bump com.kohlschutter.junixsocket:junixsocket-core from 2.9.0 to 2.9.1 [maven-gpg-plugin]

[via GitHub]

dependabot[bot] closed pull request #92: Bump 
com.kohlschutter.junixsocket:junixsocket-core from 2.9.0 to 2.9.1
URL: https://github.com/apache/maven-gpg-plugin/pull/92


-- 
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.

To unsubscribe, e-mail: issues-unsubscr...@maven.apache.org

For queries about this service, please contact Infrastructure at:
us...@infra.apache.org

Re: [PR] Bump com.kohlschutter.junixsocket:junixsocket-core from 2.9.0 to 2.9.1 [maven-gpg-plugin]

[via GitHub]

dependabot[bot] commented on PR #92:
URL: https://github.com/apache/maven-gpg-plugin/pull/92#issuecomment-2042094844

   Looks like com.kohlschutter.junixsocket:junixsocket-core is up-to-date now, 
so this is no longer needed.


-- 
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.

To unsubscribe, e-mail: issues-unsubscr...@maven.apache.org

For queries about this service, please contact Infrastructure at:
us...@infra.apache.org

Re: [PR] Bump bouncycastleVersion from 1.77 to 1.78 [maven-gpg-plugin]

[via GitHub]

dependabot[bot] closed pull request #91: Bump bouncycastleVersion from 1.77 to 
1.78
URL: https://github.com/apache/maven-gpg-plugin/pull/91


-- 
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.

To unsubscribe, e-mail: issues-unsubscr...@maven.apache.org

For queries about this service, please contact Infrastructure at:
us...@infra.apache.org