Re: Welcome to Devanshu Vyas as new committer!

Thank you all for your support and wishes. Thanks & Regards, Devanshu Vyas. On Sat, Aug 22, 2020 at 11:22 AM Chandan Khandelwal < chandan.khandel...@hotwaxsystems.com> wrote: > Many congratulations Devanshu! > > Kind Regards, > Chandan Khandelwal > > > > On Fri, Aug 21, 2020 at 2:49 PM Ankit

RE: Welcome Aditya Sharma as new PMC member

I was unaware of "brainstorming sessions" what platform are they on and when are they? From: Rishi Solanki [rishisolan...@gmail.com] Sent: Monday, August 24, 2020 6:22 AM To: dev@ofbiz.apache.org Subject: Re: Welcome Aditya Sharma as new PMC member Thank

RE: varchar(255) in fieldtypepostgres.xml

Thanks for the reply. The link essentially says "to make postgres consistent with the other databases". I researched it out, and found that *every single* supported database has a text type that goes over 255 char! (and gets used for type "very-long") I know I do, and I would imagine people

Re: Behavior of Groovy vs JUnit tests with test data

Hi all, I did find and try the following from google search: - wrap all the tests in a class - tag the class with @RunWith(SpringRunner.class) - tag every method that manipulates the entity data with @DirtiesContext(classMode = DirtiesContext.ClassMode.AFTER_EACH_TEST_METHOD) This has NOT

Behavior of Groovy vs JUnit tests with test data

Hi everyone, Recently, I did find that test cases actually are much easier to write in Groovy and hence I started doing that, but now I stumble across the fact that some of the Groovy tests seem to find changes applied to entities from previous tests. The behavior is the following: - I load

Re: OFBiz site and [ CVE-2017-16011] Cross-Site Scripting in jQuery

Great! Le 03/09/2020 à 11:37, Aditya Sharma a écrit : Indeed that makes sense Jacques. I checked we no longer use bootstrap-select plugin so removed it as an initial step. https://github.com/apache/ofbiz-site/commit/eec3090d837d6e931271596a48dca6e6c4a9aedb ofbiz-site passes the checks now

Re: OFBiz site and [ CVE-2017-16011] Cross-Site Scripting in jQuery

Indeed that makes sense Jacques. I checked we no longer use bootstrap-select plugin so removed it as an initial step. https://github.com/apache/ofbiz-site/commit/eec3090d837d6e931271596a48dca6e6c4a9aedb ofbiz-site passes the checks now https://github.com/apache/ofbiz-site/network/alerts

Re: OFBiz site and [ CVE-2017-16011] Cross-Site Scripting in jQuery

Thanks Aditya, We could think that it's not a big deal since it's only a static site. But if we were defaced that would not look great ;) Jacques Le 03/09/2020 à 08:24, Aditya Sharma a écrit : Hi Jacques, I think the dependency is related to bootstrap-select plugin.

Re: OFBiz site and [ CVE-2017-16011] Cross-Site Scripting in jQuery

HI Pierre, We have it already: https://github.com/apache/ofbiz-site I subscribed to receive alerts by email Jacques Le 03/09/2020 à 08:03, Pierre Smits a écrit : Hi Jacques, Why don't we use CI and sonarcloud analysis to test these ante- and post-upgrade scenarios? Best regards Pierre Op

Re: OFBiz site and [ CVE-2017-16011] Cross-Site Scripting in jQuery

Hi Jacques, I think the dependency is related to bootstrap-select plugin. https://github.com/apache/ofbiz-site/network/alert/js/plugins/bootstrap-select/package.json/jquery/open We might not be affected, though I will have a deeper look into it soon. Thanks and regards, Aditya Sharma On Wed,

Re: OFBiz site and [ CVE-2017-16011] Cross-Site Scripting in jQuery

Hi Jacques, Why don't we use CI and sonarcloud analysis to test these ante- and post-upgrade scenarios? Best regards Pierre Op wo 2 sep. 2020 19:23 schreef Jacques Le Roux < jacques.le.r...@les7arts.com>: > Hi, > > I received an alert from GitHub Advisory >