> We are also working on Maven 4, so today the plugin should be possible to
> > use with the next Maven major version.
> > As I remember nexus-staging-plugin can not be used with Maven 4.
> > Can a new plugin be used with Maven 4?
> >
> >
> > śr., 1 maj 202
Hey all. Thanks Romain for pointing out the thread for me.
One issue is that Central publishers is a much larger set of folks than the
Maven Dev group. Obviously there's lots of overlap, but as Romain said,
creating a plugin is a thing that can be done independently.
As we've been working
x.x.
> > Elliotte gave a good reason for this: There are two camps now (read:
> > ALREADY).
> > There is no reason to not go with either of them.
> >
> > Am Do., 22. Feb. 2024 um 19:56 Uhr schrieb Brian Fox >:
> > >
> > > We dumped 30 days b
>
> > > > Maven UA is created like this:
> > > >
> > > >
> >
> https://github.com/apache/maven/blob/master/maven-core/src/main/java/org/apache/maven/internal/aether/DefaultRepositorySystemSessionFactory.java#L555
> > > >
> > > > I was
Hi everyone. I haven't caught up on this thread but Tamas pinged me to get
some usage data from Central. Attached are the Maven versions and JDK
Version counts as reported by User Agent by distinct IP for the last 30
days:
On Wed, Feb 21, 2024 at 4:15 PM Hunter C Payne
wrote:
> I also want
Hi Sebastian,
The challenge is that CPE as a coordinate system doesn’t have enough
specificity to match artifacts. It has organization/product/version and
therefore doesn’t have the ability to capture sub module. This is what
leads to most of the mismatch issues seen in CVE based tools (but not
Apache Maven may follow repositories that are defined in a
dependency’s Project Object Model (pom) which may be surprising to
some users, resulting in potential risk if a malicious actor takes
over that repository or is able to insert themselves into a position
to pretend to be that repository.
I'm +1. If the worst thing we can find to worry about is the version
number 3.7, 3.8, then it seems like we're close enough.
On Wed, Mar 24, 2021 at 3:11 AM Romain Manni-Bucau
wrote:
>
> +0 cause of the versioning which is unexpected (but you know what? since it
> is a git tag we can drop it and
The CVE is for documentation and the hardening of default behavior,
it's not your typical zero day.
On Mon, Mar 22, 2021 at 10:53 PM Gary Gregory wrote:
>
> You are acknowledging a CVE _before_ a release?
>
> Gary
>
>
> On Mon, Mar 22, 2021, 15:40 Robert Scholte wrote:
>
> > Hi,
> >
> > For the
ss stuff.
> Moreover, I initially thought that OSSRH timeout was not 'just' a Sonatype
> issue even if Sonatype is the operator of central & OSSRH (and I thank you
> for that). I saw it as a community problem and thus I just wanted to have
> some feedback from this community.
>
>
Hi Matthieu, I think continuing the conversation on your existing
ossrh ticket is the right place to resolve this. While it seems like
you're having recurring issues, it's not occurring across the entire
system so we need to figure out what the unique issue is.
--Brian
Cofounder & CTO Sonatype
't be done w/o careful planning. That's clear.
> Who's the right contact at Sonatype? Brian Fox?
>
>
> > On 31-5-2020 16:58:58, Michael Osipov wrote:
> > Folks,
> >
> > I have been recently (indirectly) approached by Mark Thomas for the
> > Tomcat committers that h
Last year, we deprecated old and insecure TLS protocols on Central to
make access more secure. This year, we're moving things forward again
by deprecating and later removing access to insecure by default HTTP
access.
Right now this affects less than 20% of the traffic hitting Central.
To find out
it along and we will include that as well.
https://central.sonatype.org/articles/2018/May/04/discontinue-support-for-tlsv11-and-below/
--Brian Fox
Apache Maven PMC
CTO, Sonatype
-
To unsubscribe, e-mail: dev-unsubscr
On Fri, Dec 1, 2017 at 3:19 AM, Andreas Sewe <
s...@st.informatik.tu-darmstadt.de> wrote:
> Olivier Lamy wrote:
> > probably no issues for sure.
> > I just don't know if we will be able to still download the index from
> > central and use it with this new version
> > TBH I haven't done any
Eyeballing the list, most of the changes seem irrelevant to the central use
case. Is there anything in here that matters for Central (and if so, what
are the backwards compat implications?)
On Thu, Nov 30, 2017 at 2:07 AM, Olivier Lamy wrote:
> +1
>
> I'm not clear if this new
All set.
On Sat, Oct 28, 2017 at 9:48 AM, Robert Scholte
wrote:
> Hi,
>
> I'd like to prepare an alpha release of the Maven JDeprScan Plugin
> It is a wrapper around the jdeprscan tool[1], available since Java 9.
>
> You use the jdeprscan tool as a static analysis tool
, Benedikt Ritter <brit...@apache.org> wrote:
> Hello Brain,
>
> > Am 26.09.2017 um 23:10 schrieb Brian Fox <bri...@infinity.nu>:
> >
> > On Mon, Sep 25, 2017 at 2:10 PM, Benedikt Ritter <brit...@apache.org>
> wrote:
> >
> >> Hello Bri
On Mon, Sep 25, 2017 at 2:10 PM, Benedikt Ritter <brit...@apache.org> wrote:
> Hello Brian,
>
> > Am 20.09.2017 um 23:16 schrieb Brian Fox <bri...@infinity.nu>:
> >
> > It's been a really long time, but I recall that there were issues getting
> > the depe
It's been a really long time, but I recall that there were issues getting
the dependencies of plugins bound to the lifecycle. This looks to be the
same problem. I think the documentation talked about a way to do this
effectively.
On Wed, Sep 20, 2017 at 4:48 PM, Benedikt Ritter
Cool. I'll be there as well.
On Sat, Jul 29, 2017 at 5:58 AM, Robert Scholte
wrote:
> Hi,
>
> Both my talk and the BOF have been accepted for JavaOne 2017.
> I will host the BOF session together with Manfred Moser.
> All are invited to join.
>
>
> thanks,
> Robert
>
>
I'm getting index out of bounds exceptions with 3.5 that don't occur with
3.3.9. I haven't debugged it yet, but wondering if this is already known?
Fwiw reproducible with the DependencyCheck 2.0-snapshot master.
[ERROR] 13978
java.lang.ArrayIndexOutOfBoundsException: 13978
at
Even more than redefining what Central does, you're effectively describing
a new, unofficial java class packaging and distribution mechanism. This
seems like it will violate signatures etc and make tracking of what you
actually have a nightmare.
On Tue, May 16, 2017 at 5:55 PM, Hervé BOUTEMY
Robert and I wrote a bit previously [1] about the issues with the
automodules in jigsaw (hint: they use only the filename to default a module
which we've demonstrated is a terrible idea). There was a happy medium
which would have allowed library developers to select a name before full
> this in the future. Maybe it would be good if all Apache project and
> others
> > that are going to publish modules start with using the full namespace in
> > the module name. Problem is of course that the examples I saw so far all
> do
> > NOT do that
build up the right practices before jigsaw takes off.
>
> --
> Regards,
> Igor
>
> On Thu, Feb 16, 2017, at 01:11 PM, Brian Fox wrote:
> > I generally agree the concerns were mostly ignored. Specifically the
> > dangers in not carefully approaching and setting best pr
ame modules, automatic and otherwise
> > Date: Thu, 16 Feb 2017 17:48:27 +0100
> >
> > This note is in reply to the concerns about automatic modules raised by
> > Robert Scholte and Brian Fox [1], and by Stephen Colebourne and others
> > [2]. I've collected my con
I looked a little closer, the servers are up and your key 843ddb767188601c
is not there. Make sure you've published your key to the pgp servers and
that you can search it from here: http://pool.sks-keyservers.net:11371/
On Thu, May 26, 2016 at 6:15 PM, Brian Fox <bri...@infinity.nu>
When this happens, it's a failure in the pgp key server ring and despite
the fact that the ring is meant to distribute load, they all seem to go
down at the same time. There isn't actually anything we can do on the rao
side to make this work besides drop the staging rule that checks the key. I
Added simpligility to maven-dev
On Wed, Jun 24, 2015 at 12:38 AM, Barrie Treloar baerr...@gmail.com wrote:
I've pinged Brian to have a look.
-
To unsubscribe, e-mail: dev-unsubscr...@maven.apache.org
For additional commands,
+1
--mobile
On May 13, 2015, at 2:55 AM, Hervé BOUTEMY herve.bout...@free.fr wrote:
Hi,
I'd like to introduce Manfred Moser as committer for the Apache Maven
project.
He's working on Android Maven plugin for years, has great discussions both on
users and dev MLs, has a great
The current plan is to continue running nexus.codehaus.org and then
move stuff over to ossrh as needed. The ssl cert was just renewed and
Bob said the DNS isn't going away immediately. We figure projects have
enough other stuff to scurry around changing, Nexus doesn't have to be
part of it at the
.
The POMs for plexus currently points to OSSRH. Can anyone who has done
a release of a plexus component lately shed some light on where they
go? Either nexus.codehaus.org och OSSRH.
On Tue, Mar 10, 2015 at 6:28 PM, Brian Fox bri...@infinity.nu wrote:
The current plan is to continue running
On Sat, Mar 7, 2015 at 10:04 AM, Robert Scholte rfscho...@apache.org wrote:
Mercury? I guess some of it is now part of Aether,
Mercury predates Aether. It was an attempt to update the artifact apis
that was abandoned. (Unless the name is being reused as something new)
+1
On Thu, Mar 5, 2015 at 8:16 AM, Igor Fedorenko i...@ifedorenko.com wrote:
This is chicken-and-egg situation. We won't use java 7 features unless
the code targets java 7.
Try-with-resources and multi-exception catch are the too features I'd
like to start using throughout the code. Although
+1 close em...
On Tue, Nov 25, 2014 at 4:22 PM, Jason van Zyl ja...@takari.io wrote:
I don't agree. This is a project, not a product and if no one looks at
something for 2 years then no one cares. We are not erasing the issues and if
someone does care enough to ask to reopen an issue then
Herve and I discussed moving the repos before splitting them, but it
made sense to just go ahead and split it first because that was easier
and quicker to pull off. If we can get them into an Apache repo, that
makes sense.
On Tue, Sep 2, 2014 at 3:48 AM, Benson Margulies bimargul...@gmail.com
for just switching cold turkey.
On 11 Aug 2014, at 13:28, Brian Fox wrote:
https://repo.maven.apache.org is up now so we can flip to ssl when
ready. Is the consensus to get this into 3.2.3 or to wait for more
time to test?
We may want to consider switching the repository.apache.org url in our
poms
+1
I did a few tests of various cases related to the new url for central
and interactions with repo managers, everything looks ok.
On Mon, Aug 11, 2014 at 5:24 PM, Jason van Zyl ja...@takari.io wrote:
+1
Analyzer...
stagingUrl: https://repository.apache.org/content/repositories/maven-1046
https://repo.maven.apache.org is up now so we can flip to ssl when
ready. Is the consensus to get this into 3.2.3 or to wait for more
time to test?
We may want to consider switching the repository.apache.org url in our
poms as well.
Hi Herve, this is all set. I didn't split any code but the new repos
are available and added to the plexus team in github.
We should have a discussion on where the proper hosting location for
this really is. If we want to move this to the maven project, I would
support that.
On Fri, Aug 1, 2014
We are already in the process of making this open for free to
everyone. Way back in 2012 the CDN situation was different but we just
renewed the contract and and ssl is part of it. Once this is setup, we
should consider changing the superpom to use ssl by default.
Obviously doing something to
Zyl wrote:
Two times during the one hour window that I was trying to release that the
service was not available. It was an Apache page but I assume Nexus wasn't
running behind it or not responding.
On Jun 18, 2014, at 8:57 AM, Brian Fox bri...@infinity.nu wrote:
I haven't received any alerts
I haven't received any alerts that it's been down although there are
sporadic reports of timeouts. Did you receive a timeout, 502 or
something else?
Nexus is on shared vm hosts and shared disks and I suspect that some
other guest is occasionally bursting and screwing up the io
throughput.
On
https://issues.apache.org/jira/browse/INFRA-7915
On Wed, Jun 18, 2014 at 9:01 AM, Arnaud Héritier aherit...@gmail.com wrote:
When I noticed it was down on my side it was 503 errors
On Wed, Jun 18, 2014 at 2:57 PM, Brian Fox bri...@infinity.nu wrote:
I haven't received any alerts that it's
My proposal is strictly to prohibit a plugin from modifying a project's
classpath implicitly. That this become fully explicit such that I can
remove some of the convoluted logic in the core to account for this.
Not allowing plugins to randomly inject new dependencies makes sense. I see
some
On Fri, Apr 11, 2014 at 5:50 PM, Benson Margulies bimargul...@gmail.comwrote:
On Fri, Apr 11, 2014 at 5:29 PM, Stephen Connolly
stephen.alan.conno...@gmail.com wrote:
On 11 April 2014 22:10, Benson Margulies bimargul...@gmail.com wrote:
Fwiw, I don't recall the dependency plugin
On Sat, Nov 23, 2013 at 11:47 PM, Igor Fedorenko i...@ifedorenko.comwrote:
The way I see it, what is deployed describes how the artifact needs to
be consumed. This is artifact's public API, if you will, it will be
consumed by wide range of tools that resolve dependencies from Maven
Hi Laurent, this does look like an handy plugin. I could actually
imagine these goals being added to the existing clean plugin and also
think this could be pretty popular. What do others think?
On Wed, Aug 7, 2013 at 2:39 AM, labtech.dev labtech@gmail.com wrote:
Hi there,
Please first
it official
Everyone else,
Time to shout out if you have any issues / suggested improvements on the
content
- Stephen
On Friday, 2 August 2013, Stephen Connolly wrote:
On 2 August 2013 16:07, Brian Fox bri...@infinity.nu javascript:_e({},
'cvml', 'bri...@infinity.nu'); wrote:
I think
I think the bulk of this is pretty good. On the fork section, specifically:
As soon as changes in that
fork are identified which should be brought back to the project those
changes should be introduced into at least a branch hosted on the Apache Maven
source control in order to facilitate the
On Fri, Aug 2, 2013 at 12:10 PM, Stephen Connolly
stephen.alan.conno...@gmail.com wrote:
So anyway, I now have this ultra whizzbang high performance logging API and
I am aware of some deficit in the logging performance of Maven, so I spin
up a private fork (it could be a hidden private fork, or
On Aug 2, 2013, at 12:30 PM, Paul Benedict pbened...@apache.org wrote:
I've stated from the beginning of this thread that it's impossible to
prevent someone from developing outside of Apache. I stand by that still.
That can't be prevented and any attempt will fail since it's not practical.
There is at least one Maven Committer who has been maintaining a fork of
Maven for perhaps the greater part of a year.
Is it really a fork? Or is it a superset? I think people throw around
fork but is that really true?
-
To
Chris, we can add this right to the apache nexus and it will be synced
to Central. No need to do a one-off upload. Do you have a list of the
exact files that are missing?
On Thu, Jul 11, 2013 at 1:57 AM, Chris Graham chrisgw...@gmail.com wrote:
ok, cool. I will go and have a look. Thanks!
You mean releases that don't go to the standard release repo? Yes it's
technically possible but it becomes a dangerous thin line between
official release and one that bypasses the usual asf process.
--mobile
On Jun 22, 2013, at 8:07 PM, sebb seb...@gmail.com wrote:
On 23 June 2013 01:00,
+1
On Sat, Jun 1, 2013 at 9:13 AM, Jason van Zyl ja...@tesla.io wrote:
Here are the release bits for 3.1.0-alpha-1:
Release notes:
https://jira.codehaus.org/secure/ReleaseNote.jspa?projectId=10500version=18967
Staging repository:
Yes that should do it.
On Fri, May 3, 2013 at 3:20 AM, Mirko Friedenhagen
mfriedenha...@gmail.com wrote:
Hello Hervé,
as an enduser, I just define this as a dependency to e.g. the
maven-dependency-plugin, right?
Regards Mirko
--
Sent from my mobile
On May 3, 2013 2:04 AM, Hervé BOUTEMY
+1
On Mon, Mar 11, 2013 at 1:04 PM, Henning Schmiedehausen
henn...@schmiedehausen.org wrote:
+1 to release.
Thanks,
Henning
On Mon, Mar 11, 2013 at 9:44 AM, John Casey jdca...@commonjava.org
wrote:
Bump...
Has this vote failed, then, or are we saying that all the +1's from
I don't think we should move to 4.0 because of this. The primary consumer
of our systems are the end users and this change doesn't represent api
breakage to them. If we make what appears to be such a large version
change, that could scare off or confuse people who are just now warming up
to 3.x. I
the thread discussion following this message was related to a
different issue, unless I'm missing something in the issue details...
What do we need to do to move forward with another vote?
On 3/6/13 3:22 PM, Brian Fox wrote:
-1 based on dain's discovery on permissions.
On Wed, Mar 6, 2013 at 10
and did set permissions, so the new default is a backwards incompatible
change. Also this new property is not documented in the release notes:
http://jira.codehaus.org/secure/ReleaseNote.jspa?version=18926styleName=TextprojectId=11214
-dain
On Thu, Mar 7, 2013 at 11:30 AM, Brian Fox bri
-1 based on dain's discovery on permissions.
On Wed, Mar 6, 2013 at 10:15 AM, Olivier Lamy ol...@apache.org wrote:
+1
2013/3/5 John Casey jdca...@commonjava.org:
Hi,
This vote is for the Maven dependency plugin version 2.7, which also
requires the release of Maven shared dependency
MDEP-391 introduced this problem, just committed a fix for it.
On Wed, Mar 6, 2013 at 4:22 PM, Brian Fox bri...@infinity.nu wrote:
-1 based on dain's discovery on permissions.
On Wed, Mar 6, 2013 at 10:15 AM, Olivier Lamy ol...@apache.org wrote:
+1
2013/3/5 John Casey jdca
I don't know for sure this field fixed the original issue. If it does,
the go ahead and close it
--mobile
On Mar 6, 2013, at 5:37 PM, Olivier Lamy ol...@apache.org wrote:
2013/3/6 Brian Fox bri...@infinity.nu:
MDEP-391 introduced this problem, just committed a fix for it.
why not closing
+1
On Sun, Mar 3, 2013 at 5:34 AM, Hervé BOUTEMY herve.bout...@free.fr wrote:
+1
Regards,
Hervé
Le samedi 2 mars 2013 07:18:51 Benson Margulies a écrit :
Based on the sentiment on the discussion thread, I call a formal vote
to end support for Maven 1.x. This is a vote to:
1:
+1 and take if off the dist site.
On Wed, Feb 27, 2013 at 10:42 AM, Benson Margulies bimargul...@gmail.comwrote:
Are there any readers on this list who are prepared to respond to any
issues on Maven 1.x, especially, for example, security issues? Does
anyone know how to make a release? Unless
On Wed, Feb 27, 2013 at 10:56 AM, Benson Margulies bimargul...@gmail.comwrote:
If someone else
wants to support it, they are welcome to do so elsewhere.
Or here through active participation. But while we don't have active
committers supporting it, we should say so. Nothing stops us from doing
Just wanted to bring this to the users list and ensure that those reading
the release notes see the security alert for 3.0.4:
CVE-2013-0253 Apache Maven
Severity: Medium
Vendor: The Apache Software Foundation
Versions Affected:
- Apache Maven 3.0.4
- Apache Maven Wagon 2.1, 2.2, 2.3
not to
use it.
WDYT?
Robert
Op Tue, 05 Feb 2013 00:02:47 +0100 schreef Hervé BOUTEMY
herve.bout...@free.fr:
good idea
any objection?
Regards,
Hervé
Le lundi 4 février 2013 11:11:32 Brian Fox a écrit :
i'm on the fence about if this is good or not, but I think the option
i'm on the fence about if this is good or not, but I think the option if
provided should be simple-local-repository without the manager part. People
already get confused about what's a local repo vs what's a repository
manager and the mixing of these concepts here will make that worse.
On Sat,
The enforcer plugin uses a static array to hold data between executions.
On Wed, Jan 30, 2013 at 2:15 PM, Aaron Dixon atdi...@gmail.com wrote:
I am developing a plugin with start and stop goals to be executed
typically in pre-integration-test and post-integration-test phases,
respectively.
+1
On Tue, Jan 1, 2013 at 6:42 AM, Anders Hammar and...@hammar.net wrote:
+1
I think we should keep the old left-hand menu, like what we've done over at
Mojo.
/Anders
On Sat, Dec 29, 2012 at 5:09 PM, Jesse Farinacci jie...@gmail.com wrote:
Greetings,
On Fri, Dec 28, 2012 at 11:21
On Sun, Dec 23, 2012 at 10:26 AM, Henk P. Penning penn...@uu.nl wrote:
On Sun, 23 Dec 2012, Benson Margulies wrote:
Date: Sun, 23 Dec 2012 15:26:18 +0100
From: Benson Margulies bimargul...@gmail.com
To: Henk P. Penning penn...@uu.nl
Cc: Maven Developers List dev@maven.apache.org,
The last discussion of this required the production of proper source
bundles for voting, which we created at that time. I don't recall there
being any requirement that everything go onto dist.
On Fri, Dec 21, 2012 at 10:57 AM, Benson Margulies bimargul...@gmail.comwrote:
Dear fellow community
Further to that, no one will ever consume maven plugins from a random dist
folder anyway, so a policy that requires this is a paper policy only and
would have no basis in the reality of how these particular projects are
consumed.
On Fri, Dec 21, 2012 at 1:18 PM, Brian Fox bri...@infinity.nu
Great summary Benson, I agree with your assessments here.
On Sun, Dec 16, 2012 at 12:16 PM, Benson Margulies bimargul...@gmail.comwrote:
Since not much has been heard on the 'pick a logger' question for some
time, I'm going to stick my neck out and try to summarize some
aspects, in the hopes
On Tue, Dec 11, 2012 at 5:07 PM, Benson Margulies bimargul...@gmail.comwrote:
If we ever got that far, I would argue pretty strenuously against a
PMC-level rejection of something just based on being EPL. A class-B
license is a perfectly legitimate dependency.
As would I. If we were talking
Didn't it used to be that way? (separate)
On Tue, Nov 27, 2012 at 4:09 AM, Stephen Connolly
stephen.alan.conno...@gmail.com wrote:
On 27 November 2012 08:41, Olivier Lamy ol...@apache.org wrote:
2012/11/27 Brett Porter br...@apache.org:
On 27/11/2012, at 10:34 AM, Arnaud Héritier
+1
On Tue, Nov 20, 2012 at 2:15 PM, Tamás Cservenák ta...@cservenak.netwrote:
Hi,
we'd like to release Maven Indexer 5.1.0.
We fixed 7 issues:
http://jira.codehaus.org/secure/ReleaseNote.jspa?projectId=12112version=18972
Staging repository:
I'm +1
On Tue, Sep 11, 2012 at 1:39 PM, Robert Scholte rfscho...@apache.orgwrote:
I don't think it's IF we should move to git, but WHEN and now seems to be
the right time.
+1
Robert
Op Tue, 11 Sep 2012 14:49:46 +0200 schreef Paul Gier pg...@redhat.com:
+1, and I'm willing to volunteer
There are lots of tests that are trying to use file based repositories
for certain conditions. This is why in 2.0.9 I had added the
external:* :
external:* matches all repositories except those using localhost or
file based repositories. This is used in conjunction with a repository
manager when
On Tue, Jul 24, 2012 at 7:16 PM, Brett Porter br...@apache.org wrote:
My understanding is that unfortunately Sonatype are not allowing anyone
else to mirror the content directly any more.
Ibiblio disabled the rsync on their own accord because it was thrashing
their disks.
Central is now on
On Wed, Jul 25, 2012 at 4:19 PM, Brett Porter br...@apache.org wrote:
On 26/07/2012, at 3:46 AM, Brian Fox wrote:
On Tue, Jul 24, 2012 at 7:16 PM, Brett Porter br...@apache.org wrote:
My understanding is that unfortunately Sonatype are not allowing anyone
else to mirror the content
Just over a year ago we evolved the Central architecture to be globally
load balanced with 2 servers in the US and 2 more in the UK. This year,
we've gone even futher to increase reliability and delivery performance.
We evaluated several options and ultimately settled with Edgecast as the
Niclas, I'm told it's working now. Can you confirm?
On Tue, Jul 10, 2012 at 1:11 PM, Brian Fox bri...@infinity.nu wrote:
The network team confirmed that this is only Unicom with the issue. They
are looking at alternate routes that would hopefully work.
On Mon, Jul 9, 2012 at 5:31 PM, Niclas
Niclas,
We are seeing a lot of traffic to Central from China, so this certainly
isn't a case of the Great Firewall blocking everything, rather it seems a
little more localized. Can you send more more info about your source ip and
geo location that we could use to see what's up? Possibly we can get
On Wed, Mar 21, 2012 at 4:35 AM, Sascha Scholz sascha.sch...@gmail.com wrote:
Hi,
On Tue, Mar 20, 2012 at 11:28 PM, Olivier Lamy ol...@apache.org wrote:
BTW do we consider adding a warning in 3.0.5 if id != host and fail in 3.0.6
or fail directly in 3.0.5
Why not deprecate the id entry then
Has anyone considered making an rpm/deb bundle that essentially
contains a script which can fetch the associated tar.gz from the
apache site and unpack it?
It seems like this would be the best of both worlds. Hardly anything
ever changes in the package, people get easy access to sudo apt get
On Tue, Mar 20, 2012 at 12:58 PM, Olivier Lamy ol...@apache.org wrote:
Hello Folks,
The default preemptive on for GET is probably a bad idea.
Imagine the following case, in your settings you have:
server
usernameolamy/username
passwordreallycomplicatedpassword/password
On Tue, Mar 20, 2012 at 5:07 PM, Olivier Lamy ol...@apache.org wrote:
2012/3/20 Brian Fox bri...@infinity.nu:
On Tue, Mar 20, 2012 at 12:58 PM, Olivier Lamy ol...@apache.org wrote:
Hello Folks,
The default preemptive on for GET is probably a bad idea.
Imagine the following case, in your
On Tue, Mar 20, 2012 at 6:28 PM, Olivier Lamy ol...@apache.org wrote:
2012/3/20 Brian Fox bri...@infinity.nu:
On Tue, Mar 20, 2012 at 5:07 PM, Olivier Lamy ol...@apache.org wrote:
2012/3/20 Brian Fox bri...@infinity.nu:
On Tue, Mar 20, 2012 at 12:58 PM, Olivier Lamy ol...@apache.org wrote
The second one looks right to me, this is what I've always used as reference[1]
[1]
http://www.sonatype.com/people/2008/05/maven-code-how-to-detect-if-you-have-a-snapshot-version/
On Mon, Feb 27, 2012 at 6:41 PM, Robert Scholte
apa...@sourcegrounds.com wrote:
A couple of issues of the
If Ant is their primary build tool, then I would suggest helping them
set up Ant to use Maven Ant Tasks as a starting point. That is a great
way of enabling an Ant build to deploy the artifacts into a Maven-style
repository.
I would second that. In fact Ant/Ivy both already deploy to Nexus
30 minutes is a high enough value that I think we'll be ok. Thanks Olivier.
On Tue, Dec 13, 2011 at 8:53 AM, Olivier Lamy ol...@apache.org wrote:
2011/12/13 Brett Porter br...@apache.org:
On 13/12/2011, at 7:38 PM, Olivier Lamy wrote:
Le 13 décembre 2011 09:35, Arnaud Héritier
Agree.
I will add it in release and complete documentation here:
http://maven.apache.org/guides/mini/guide-http-settings.html
This seems like a pretty big change and not enough people will read
that and start to freak out. If maven worked all this time with no
read timeout, why change it now?
On Sun, Dec 4, 2011 at 3:37 AM, Olivier Lamy ol...@apache.org wrote:
Hello,
The vote is cancelled due to the issue found by Dan.
I will restart a vote when a fix will be available.
An RC candidate I hope...
2011/12/1 Olivier Lamy ol...@apache.org:
Hello,
I'd like to release Apache
Again I start a release process and produce a candidate for release
build with a naming 3.0.4 for 5 days vote.
Something failed, so it has been fixed and I restarted a vote with a
second candidate for release called 3.0.4 for 5 days vote.
(retagging etc )
What is the difference with
The RCs were started for a very specific reason, to improve the
quality of our releases. Just breezing through this thread, there are
clearly issues with memory and some other stuff here that may be
bigger than we understand in this small testing surface. An RC build
will get more eyes and either
Anyone who is actually going to do the work can make a branch when
they need to. I see no point in making a branch just for fun.
On Tue, Sep 13, 2011 at 10:01 AM, Benson Margulies
bimargul...@gmail.com wrote:
As for the solution of creating a 2.x branch, that's fine. I don't
really see much
1 - 100 of 663 matches
Mail list logo