+1
Le ven. 23 juin 2023 à 15:34, Tamás Cservenák a
écrit :
> Howdy,
>
> We solved 22 issues:
>
> https://issues.apache.org/jira/secure/ReleaseNote.jspa?projectId=12316922=12353255
>
> There are still a couple of issues left in JIRA:
>
>
+1
pt., 23 cze 2023 o 15:34 Tamás Cservenák napisał(a):
> Howdy,
>
> We solved 22 issues:
>
> https://issues.apache.org/jira/secure/ReleaseNote.jspa?projectId=12316922=12353255
>
> There are still a couple of issues left in JIRA:
>
>
And just as an afterthought...
This is clear example of "good outcome" of plugin warning, see this issue:
https://github.com/jacoco/jacoco/issues/1435
If these would NOT be shown by default to users, I assume this issue would
never be reported either.
T
On Mon, Jun 26, 2023 at 12:47 PM Tamás
Howdy,
created https://issues.apache.org/jira/browse/MNG-7826
as it seems that:
* jacoco 0.8.10 is "bad" in this respect (FTR is fixed but not yet
released, see JIRA issue),
* validation report by Maven 3.9.2 is correct,
* while Maven 3.9.3 misses to report it
This is not a deal-breaker, but
Hi,
difference between Maven 3.9.2, getting the following output: (mvn clean
verify):
[INFO] BUILD SUCCESS
[INFO]
[INFO] Total time: 2.397 s
[INFO] Finished at: 2023-06-25T11:48:38+02:00
[INFO]
+1
On Fri, 23 Jun 2023 at 15:34, Tamás Cservenák wrote:
> Howdy,
>
> We solved 22 issues:
>
> https://issues.apache.org/jira/secure/ReleaseNote.jspa?projectId=12316922=12353255
>
> There are still a couple of issues left in JIRA:
>
>
Seems to work fine in my pipelines.
+1
The changed behavior for plugin validation should be documented; just
reading the release notes gives no clear indication what changed.
-h
(I can haz wrapper plugin and mvnd as well plz?)
On Fri, Jun 23, 2023 at 6:34 AM Tamás Cservenák wrote:
> Howdy,
+1
Le ven. 23 juin 2023 à 16:08, Tamás Cservenák a
écrit :
> Yup, it would be nice to backport it, agreed.
>
> But this is a release [VOTE] thread, it would be better to spawn different
> threads for proposals like this, and leave this thread for voting :)
>
> Thanka
> T
>
> On Fri, Jun 23,
Yup, it would be nice to backport it, agreed.
But this is a release [VOTE] thread, it would be better to spawn different
threads for proposals like this, and leave this thread for voting :)
Thanka
T
On Fri, Jun 23, 2023 at 4:05 PM Elliotte Rusty Harold
wrote:
> It would also be nice to get
>
It would also be nice to get
https://issues.apache.org/jira/browse/MNG-7714 backported into 3.9.x
assuming I'm correct that it's currently only fixed on the 4.x branch.
On Fri, Jun 23, 2023 at 9:34 AM Tamás Cservenák wrote:
>
> Howdy,
>
> We solved 22 issues:
>
Howdy,
Maven carries (does not use) guava 31.1 as dependency of guice.
No code (including Guice) uses the CVE affected File related classes.
Also, guava is NOT exposed to plugins either.
Hence, I think we are fine.
HTH
Tamas
On Fri, Jun 23, 2023 at 3:55 PM Elliotte Rusty Harold
wrote:
> There
There seems to be a recent security fix in Guava in 32.0.0 which broke
other things, so 32.0.1 is recommended. I'm not sure if any of this
affects Maven, but it's probably good to get this in.
On Fri, Jun 23, 2023 at 9:34 AM Tamás Cservenák wrote:
>
> Howdy,
>
> We solved 22 issues:
>
12 matches
Mail list logo
