The Apache Syncope team is pleased to announce the release of Syncope 2.1.8
Apache Syncope is an Open Source system for managing digital identities in
enterprise environments, implemented in Java EE technology .
The release will be available within 24h from:
https://syncope.apache.org/downloads
Hi all,
after 72 hours, the vote for Syncope 2.1.8 [1] *passes* with 5 PMC + 1 non-PMC
votes.
+1 (PMC / binding)
* Jean-Baptiste Onofré
* Andrea Patricelli
* Fabio Martelli
* Marco Di Sabatino
* Francesco Chicchiriccò
+1 (non binding)
* Misagh Moayyed
0
-1
Thanks to everyone participating
/syncope/KEYS
Vote will be open for 72 hours.
[ ] +1 approve
[ ] +0 no opinion
[ ] -1 disapprove (and reason why)
Here's my +1
Regards.
--
Francesco Chicchiriccò
Tirasa - Open Source Excellence
http://www.tirasa.net/
Member at The Apache Software Foundation
Syncope, Cocoon, Olingo, CXF, OpenJPA
%20%3D%20done%20AND%20project%20%3D%2012313120%20AND%20fixVersion%20%3D%2012348788%20ORDER%20BY%20priority%20DESC%2C%20key%20ASC
--
Francesco Chicchiriccò
Tirasa - Open Source Excellence
http://www.tirasa.net/
Member at The Apache Software Foundation
Syncope, Cocoon, Olingo, CXF, OpenJPA, PonyMail
gging bugs, or downloading and testing the early-access builds.
>
>
> *__*
> Rgds,Rory
>
> [1]
> https://wiki.openjdk.java.net/display/quality/Quality+Outreach+report+September+2020
>
> --
> Rgds, Rory O'Donnell
> Quality Engineering Manager
> Oracle EMEA, Dublin,
Description:
When the Flowable extension is enabled, an administrator with workflow
entitlements can use Shell Service Tasks to perform malicious operations,
including but not limited to file read, file write, and code execution.
Severity: Low
Vendor: The Apache Software Foundation
Affects:
The Apache Syncope team is pleased to announce the release of Syncope 2.0.16
Apache Syncope is an Open Source system for managing digital identities in
enterprise environments, implemented in Java EE technology .
The release will be available within 24h from:
The Apache Syncope team is pleased to announce the release of Syncope 2.1.7
Apache Syncope is an Open Source system for managing digital identities in
enterprise environments, implemented in Java EE technology .
The release will be available within 24h from:
https://syncope.apache.org/downloads
Hi all,
after 72 hours, the vote for Syncope 2.0.16 [1] *passes* with 6 PMC + 1 non-PMC
votes.
+1 (PMC / binding)
* Fabio Martelli
* Marco Di Sabatino
* Jean-Baptiste Onofré
* Andrea Patricelli
* Matteo Alessandroni
* Francesco Chicchiriccò
+1 (non binding)
* Lorenzo Di Cola
0
-1
Thanks
Hi all,
after 72 hours, the vote for Syncope 2.1.7 [1] *passes* with 6 PMC + 1 non-PMC
votes.
+1 (PMC / binding)
* Fabio Martelli
* Marco Di Sabatino
* Jean-Baptiste Onofré
* Andrea Patricelli
* Matteo Alessandroni
* Francesco Chicchiriccò
+1 (non binding)
* Lorenzo Di Cola
0
-1
Thanks
://syncope.apache.org/2.1.7/index.html
PGP release keys (signed using 273DF287):
http://www.apache.org/dist/syncope/KEYS
Vote will be open for 72 hours.
[ ] +1 approve
[ ] +0 no opinion
[ ] -1 disapprove (and reason why)
Here's my +1
Regards.
--
Francesco Chicchiriccò
Tirasa - Open Source Excellence
release keys (signed using 273DF287):
http://www.apache.org/dist/syncope/KEYS
Vote will be open for 72 hours.
[ ] +1 approve
[ ] +0 no opinion
[ ] -1 disapprove (and reason why)
Here's my +1
Regards.
--
Francesco Chicchiriccò
Tirasa - Open Source Excellence
http://www.tirasa.net/
Member
FYI all seems to be working:
https://ci-builds.apache.org./job/Syncope/
Regards.
On 21/07/20 09:15, Francesco Chicchiriccò wrote:
> Hi all,
> the news stroke me by surprise but according to the mailing list thread [1],
> we have to migrate all our Jenkins jobs to the new ci-builds.a.o
-20567
Regards.
--
Francesco Chicchiriccò
Tirasa - Open Source Excellence
http://www.tirasa.net/
Member at The Apache Software Foundation
Syncope, Cocoon, Olingo, CXF, OpenJPA, PonyMail
http://home.apache.org/~ilgrosso/
embershipCount":0,"staticAnyObjectMembershipCount":0,"dynamicAnyObjectMembershipCount":0,"adynMembershipConds":{},"dynRealms":[],"auxClasses":[],"plainAttrs":[],"derAttrs":[],"virAttrs":[],"resources":[],"ty
cope+3.0
This will require further clarifications and scope seizing.
WDYT?
If others have more ideas, please bring.
Regards.
--
Francesco Chicchiriccò
Tirasa - Open Source Excellence
http://www.tirasa.net/
Member at The Apache Software Foundation
Syncope, Cocoon, Olingo, CXF, OpenJPA, Pony
On 04/05/20 15:40, Francesco Chicchiriccò wrote:
> On 04/05/20 14:50, Francesco Chicchiriccò wrote:
>> Thanks Misagh for your reply.
>>
>> In my case I've run the command on the same exact platform (e.g. my own
>> laptop) as I did other times including the last one befo
On 04/05/20 14:50, Francesco Chicchiriccò wrote:
> Thanks Misagh for your reply.
>
> In my case I've run the command on the same exact platform (e.g. my own
> laptop) as I did other times including the last one before this one, e.g.
> 2.1.5 / 2.0.14.
>
> To ensure the SCM se
versions of git.
> 4. Weird shell issues.
>
> I could never truly figure out if the issue was windows-specific with maven,
> or some other combination of things.
>
> --Misagh
>
> - Original Message -
>> From: "Francesco Chicchiriccò"
>> To: &q
On 03/05/20 11:20, Jean-Baptiste Onofre wrote:
> Hi Francesco,
>
> Is scm section up to date ?
Yes, it is based on gitbox.apache.org and has not actually changed since 2.1.5
/ 2.0.14, e.g. last time that release:prepare worked as usual.
Regards.
>> Le 3 mai 2020 à 09:50, Frances
se:prepare a chance.
WDYT?
Regards.
[1] http://syncope.apache.org/release-process
[2]
http://maven.apache.org/maven-release/maven-release-plugin/examples/prepare-release.html
[3] https://gist.github.com/ilgrosso/b2abd6674290d6fe144704dffbeda418
--
Francesco Chicchiriccò
Tirasa - Open Source Excel
Description:
Vulnerability to Server-Side Template Injection on Mail templates enabling
attackers to inject arbitrary JEXL expressions, leading to Remote
Code Execution (RCE) was discovered.
Severity: Important
Vendor: The Apache Software Foundation
Affects:
2.0.X releases prior to 2.0.15
Description:
A Server-Side Template Injection was identified in Syncope enabling attackers
to inject arbitrary Java EL expressions, leading to an
unauthenticated Remote Code Execution (RCE) vulnerability.
Apache Syncope uses Java Bean Validation (JSR 380) custom constraint
validators. When
Description:
It was found that the EndUser UI login page reflects the successMessage
parameters.
By this mean, a user accessing the Enduser UI could execute javascript code
from URL query string.
Severity: Medium
Vendor: The Apache Software Foundation
Affects:
2.0.X releases prior to 2.0.15
The Apache Syncope team is pleased to announce the release of Syncope 2.0.15
Apache Syncope is an Open Source system for managing digital identities in
enterprise environments, implemented in Java EE technology .
The release will be available within 24h from:
The Apache Syncope team is pleased to announce the release of Syncope 2.1.6
Apache Syncope is an Open Source system for managing digital identities in
enterprise environments, implemented in Java EE technology .
The release will be available within 24h from:
https://syncope.apache.org/downloads
Hi all,
after 72 hours, the vote for Syncope 2.0.15 [1] *passes* with 6 PMC + 1 non-PMC
votes.
+1 (PMC / binding)
* Fabio Martelli
* Andrea Patricelli
* Matteo Alessandroni
* Marco Di Sabatino
* Colm O hEigeartaigh
* Francesco Chicchiriccò
+1 (non binding)
* Lorenzo Di Cola
0
-1
Thanks
Hi all,
after 72 hours, the vote for Syncope 2.1.6 [1] *passes* with 6 PMC + 1 non-PMC
votes.
+1 (PMC / binding)
* Fabio Martelli
* Jean-Baptiste Onofré
* Andrea Patricelli
* Matteo Alessandroni
* Colm O hEigeartaigh
* Francesco Chicchiriccò
+1 (non binding)
* Lorenzo Di Cola
0
-1
Thanks
On 01/05/20 13:25, Rory O'Donnell wrote:
> Thanks Francesco,
>
> I'll update the wiki, assuming all is green ?
Yes, please: https://travis-ci.org/github/apache/syncope/builds/681905597
Regards.
> On 01/05/2020 12:16, Francesco Chicchiriccò wrote:
>> Hi Rory,
>> thanks
blic License, version 2, with the Classpath
> Exception <http://openjdk.java.net/legal/gplv2+ce.html>.
> * Please send feedback via e-mail to loom-...@openjdk.java.net
> <mailto:loom-...@openjdk.java.net>. To send e-mail to this address
> you must first subscribe to the mailing list
> <http://mail.openjdk.java.net/mailman/listinfo/loom-dev>.
>
>
> Rgds,Rory
>
> [1] http://jdk.java.net/15/release-notes
--
Francesco Chicchiriccò
Tirasa - Open Source Excellence
http://www.tirasa.net/
Member at The Apache Software Foundation
Syncope, Cocoon, Olingo, CXF, OpenJPA, PonyMail
http://home.apache.org/~ilgrosso/
using 273DF287):
http://www.apache.org/dist/syncope/KEYS
Vote will be open for 72 hours.
[ ] +1 approve
[ ] +0 no opinion
[ ] -1 disapprove (and reason why)
Here's my +1
Regards.
--
Francesco Chicchiriccò
Tirasa - Open Source Excellence
http://www.tirasa.net/
Member at The Apache Software
/dist/syncope/KEYS
Vote will be open for 72 hours.
[ ] +1 approve
[ ] +0 no opinion
[ ] -1 disapprove (and reason why)
Here's my +1
Regards.
--
Francesco Chicchiriccò
Tirasa - Open Source Excellence
http://www.tirasa.net/
Member at The Apache Software Foundation
Syncope, Cocoon, Olingo, CXF
"Colm O hEigeartaigh"
>> To: "dev"
>> Sent: Thursday, April 23, 2020 12:10:28 PM
>> Subject: Re: Jquery version on 2.1.x/2.0.x
>> That's great, thanks!
>>
>> Colm.
>>
>> On Thu, Apr 23, 2020 at 8:35 AM Francesco Chicchiriccò
>>
FYI I had to push an additional commit both on 2_0_X and 2_1_X to complete FOP
upgrade, but now tests seem to be fine again.
Regards.
On 23/04/20 12:40, Colm O hEigeartaigh wrote:
> Awesome, thanks :-)
>
> Colm.
>
> On Thu, Apr 23, 2020 at 11:00 AM Francesco Chicchiriccò
> wr
On 23/04/20 11:41, Francesco Chicchiriccò wrote:
> On 23/04/20 11:27, Colm O hEigeartaigh wrote:
>> Hi Francesco,
>>
>> +1, but could we look at updating a few more security vulnerabilities?
>>
>> - CVE-2018-8036 could be fixed by updating XML Graphics 2.3 -> 2
y required by Swagger UI if I am not mistaking).
I'll do the checks and push upgrades.
Regards.
> On Thu, Apr 23, 2020 at 8:47 AM Francesco Chicchiriccò
> wrote:
>
>> Hi all,
>> resuming this thread after one week: shall we proceed with releases?
>>
>> Regards.
or this last improvement
> before the release.
>
> Best regards,
> Andrea
>
> Il 14/04/20 11:58, Francesco Chicchiriccò ha scritto:
>> Hi there,
>> I think it's about time to start preparing Syncope 2.1.6 / 2.0.15 (several
>> fixes and improvement, time passed sin
On 23/04/20 08:58, Francesco Chicchiriccò wrote:
> On 23/04/20 08:51, Colm O hEigeartaigh wrote:
>> Is it possible to update the JQuery version on 2.1.x/2.0.x to the same
>> version as on master? (3.4.1). It seems the existing version is vulnerable
>> to https://nvd.nist.gov
ome local tests to confirm and I'll revert here.
Regards.
--
Francesco Chicchiriccò
Tirasa - Open Source Excellence
http://www.tirasa.net/
Member at The Apache Software Foundation
Syncope, Cocoon, Olingo, CXF, OpenJPA, PonyMail
http://home.apache.org/~ilgrosso/
Hi there,
I think it's about time to start preparing Syncope 2.1.6 / 2.0.15 (several
fixes and improvement, time passed since previous releases, ..).
If you have any pending change or fix, please either finalize as soon as
possible or let's postpone.
WDYT?
--
Francesco Chicchiriccò
Tirasa
/7wI/xjgq6br5FBoLegVE8bd3Iy4SVWKUIRURBF7q
> Ft3rVRUJdcmqHvCWpxDJ1VKPRDHf5szVkWXFJI0xiU6KuICWidZ9Hg3WXUsm3SePD7FtokiK
> 0Y9SBzHpd9EZe8KRIHekl5gVS2Xe83GC5GvPHEXE0usYUNRDArOXqIkGUCWHZ7gzueMBcWqW
> x+uxeS7bQfZZO/7ew7lIDf4gYA==
> Message-ID: <200be22b-0b56-194d-83e0-892c1ec68...@apache.o
Hi all,
FYI, on the same topic:
https://issues.apache.org/jira/browse/SYNCOPE-1540
Regards.
On 17/01/20 08:11, Francesco Chicchiriccò wrote:
> On 16/01/20 17:37, Misagh Moayyed wrote:
>> Hey Team,
>>
>> Wanted to share a couple of ideas with you to see if they may be w
igh-level objects (as
"Configuration Parameters") down to actual database tables - in this case it
would be CPlainAttr and its relationships, e.g. SyncopeSchema, PlainSchema,
CPlainAttr, CPlainAttrValue and CPlainAttrUniqueValue.
Such logic can leverage OpenJPA's metadata information
1][2], for
example.
Hope this clarifies.
Regards.
[1]
https://github.com/apache/syncope/blob/2_1_X/common/lib/src/main/java/org/apache/syncope/common/lib/patch/GroupPatch.java#L124-L133
[2]
https://github.com/apache/syncope/blob/2_1_X/common/lib/src/main/java/org/apache/syncope/common
Here we go: https://wiki.openjdk.java.net/display/quality/Quality+Outreach
- On 18-dec-19, at 10:53, Francesco Chicchiriccò ilgro...@apache.org wrote:
> Hi all,
> as I haven't received any negative feedback, I am moving forward with this
> initiative.
>
> Keep you po
Hi all,
as I haven't received any negative feedback, I am moving forward with this
initiative.
Keep you posted.
Regards.
On 16/12/19 13:09, Francesco Chicchiriccò wrote:
> Hi all,
> we have the chance to join the OpenJDK Quality Outreach initiative [1].
>
> They try to encourage
something we can afford.
WDYT?
Regards.
[1] https://wiki.openjdk.java.net/display/quality/Quality+Outreach
--
Francesco Chicchiriccò
Tirasa - Open Source Excellence
http://www.tirasa.net/
Member at The Apache Software Foundation
Syncope, Cocoon, Olingo, CXF, OpenJPA, PonyMail
http://home.apache.org
Hi Misagh,
it seems we have some consensus here, please go ahead and open an issue on
https://issues.apache.org/jira/browse/INFRA
about this topic, thanks.
Regards.
On 11/12/19 15:13, Francesco Chicchiriccò wrote:
> Hi Misagh,
> renovatebot looks interesting and worth at least to e
ses or other rules allow. (At some
> point in the future, I think it will also gain the ability to travel back in
> time and kill Sarah Connor [1], but that has yet to be fully verified.)
>
> --Misagh
>
> [1] https://www.wikiwand.com/en/Sarah_Connor_(Terminator)
--
Francesco Chicchiric
On 15/10/19 10:51, Misagh Moayyed wrote:
> https://aws.amazon.com/blogs/opensource/aws-promotional-credits-open-source-projects
>
> Might this be useful for Syncope?
Not sure; anyway, I think it should be Infra anyway to apply on our behalf.
Regards.
--
Francesco Chicchiriccò
Tira
ly a cool feature!
INFRA-19276 already voted and watched ;-)
--
Francesco Chicchiriccò
Tirasa - Open Source Excellence
http://www.tirasa.net/
Member at The Apache Software Foundation
Syncope, Cocoon, Olingo, CXF, OpenJPA, PonyMail
http://home.apache.org/~ilgrosso/
en-plugin does is
to ensure that each artifact we generate contains both LICENSE and NOTICE
files, in the appropriate places; otherwise, fail the build.
We are not talking about generate / remove / update license headers.
Regards.
> - Original Message -
>> From: "
and to guide the direction of the project.
>
> Best regards
--
Francesco Chicchiriccò
Tirasa - Open Source Excellence
http://www.tirasa.net/
Member at The Apache Software Foundation
Syncope, Cocoon, Olingo, CXF, OpenJPA, PonyMail
http://home.apache.org/~ilgrosso/
the latter does more
or less the same job that Apache RAT does.
--
Francesco Chicchiriccò
Tirasa - Open Source Excellence
http://www.tirasa.net/
Member at The Apache Software Foundation
Syncope, Cocoon, Olingo, CXF, OpenJPA, PonyMail
http://home.apache.org/~ilgrosso/
files, in the appropriate places; otherwise, fail the
build.
Any idea about how to obtain the same feature with other plugin(s)?
Regards.
--
Francesco Chicchiriccò
Tirasa - Open Source Excellence
http://www.tirasa.net/
Member at The Apache Software Foundation
Syncope, Cocoon, Olingo, CXF
On 26/09/19 09:30, Misagh Moayyed wrote:
> Thanks very much. This was quite helpful.
You are welcome glad it was it.
> - Original Message -
>> From: "Francesco Chicchiriccò"
>> To: "dev"
>> Sent: Sunday, September 22, 2019 8:40:30 AM
>>
e amount of troubles it brings (especially for
>> releases), as I see the trade-off with benefits extremely low.
>>
>> Regards.
>>
>>> [1] https://github.com/apache/syncope/pull/122
>> [2] https://github.com/apache/syncope/blob/master/pom.xml#L2123-L2145
>> [3] https://travis-ci.org/apache/syncope/jobs/588979502
>> [4]
>> https://github.com/apache/syncope/pull/122/files#diff-59a310fc0b8358d0c91a717f18f7cfedR1-R15
>> [5]
>> https://github.com/apache/syncope/pull/122/files#diff-de2bfeb3d4c0f4a0b3af8d261a26a21aR1
>> [6]
>> https://github.com/apache/syncope/pull/122/files#diff-2e0bce82bce59a26bc532fbc92db892e
--
Francesco Chicchiriccò
Tirasa - Open Source Excellence
http://www.tirasa.net/
Member at The Apache Software Foundation
Syncope, Cocoon, Olingo, CXF, OpenJPA, PonyMail
http://home.apache.org/~ilgrosso/
iff-59a310fc0b8358d0c91a717f18f7cfedR1-R15
[5]
https://github.com/apache/syncope/pull/122/files#diff-de2bfeb3d4c0f4a0b3af8d261a26a21aR1
[6]
https://github.com/apache/syncope/pull/122/files#diff-2e0bce82bce59a26bc532fbc92db892e
--
Francesco Chicchiriccò
Tirasa - Open Source Excellence
http://www.tirasa.net/
Member at
p for
running integration tests which does that, we have also added the debug /
hotswap profiles with exact purpose to "bring up the Web UI for relevant
components and step into running code" - mainly in order to spot and squash
bugs.
Regards.
--
Francesco Chicchiriccò
Tirasa - Open Source Excellence
http://www.tirasa.net/
Member at The Apache Software Foundation
Syncope, Cocoon, Olingo, CXF, OpenJPA, PonyMail
http://home.apache.org/~ilgrosso/
on data (e.g. name: foo -> bar) and who
>>> did the change and when.
>>> * User should be able to query by changed data like users who are
>>> subject to "name" change in a certain period (not so useful, maybe).
>>>
>>> There are some
The Apache Syncope team is pleased to announce the release of Syncope 2.0.14
Apache Syncope is an Open Source system for managing digital identities
in enterprise environments, implemented in Java EE technology .
The release will be available within 24h from:
https://syncope.apache.org/downloads
FYI: https://issues.apache.org/jira/browse/SYNCOPE-1495
On 14/09/19 07:01, Francesco Chicchiriccò wrote:
> Hi all,
> I would like to propose to remove the deb packages from master branch / 3.0,
> for some reasons:
>
> 1. it's difficult to produce packages compatible a
Hi all,
after 72 hours, the vote for Syncope 2.0.14 [1] *passes* with 6 PMC + 1 non-PMC
votes.
+1 (PMC / binding)
* Jean-Baptiste Onofré
* Marco Di Sabatino
* Fabio Martelli
* Andrea Patricelli
* Matteo Alessandroni
* Francesco Chicchiriccò
+1 (non binding)
* Lorenzo Di Cola
0
-1
Thanks
Hi all,
after 72 hours, the vote for Syncope 2.1.5 [1] *passes* with 6 PMC + 1 non-PMC
votes.
+1 (PMC / binding)
* Jean-Baptiste Onofré
* Marco Di Sabatino
* Fabio Martelli
* Andrea Patricelli
* Matteo Alessandroni
* Francesco Chicchiriccò
+1 (non binding)
* Lorenzo Di Cola
0
-1
Thanks
such purpose, on more platforms
If there are no objections, I'll proceed with removal next week.
Regards.
[1]
https://cwiki.apache.org/confluence/display/SYNCOPE/%5BDISCUSS%5D+Syncope+3.0
--
Francesco Chicchiriccò
Tirasa - Open Source Excellence
http://www.tirasa.net/
Member at The Apache Software
using 273DF287):
http://www.apache.org/dist/syncope/KEYS
Vote will be open for 72 hours.
[ ] +1 approve
[ ] +0 no opinion
[ ] -1 disapprove (and reason why)
Here's my +1
Regards.
--
Francesco Chicchiriccò
Tirasa - Open Source Excellence
http://www.tirasa.net/
Member at The Apache Software
/dist/syncope/KEYS
Vote will be open for 72 hours.
[ ] +1 approve
[ ] +0 no opinion
[ ] -1 disapprove (and reason why)
Here's my +1
Regards.
--
Francesco Chicchiriccò
Tirasa - Open Source Excellence
http://www.tirasa.net/
Member at The Apache Software Foundation
Syncope, Cocoon, Olingo, CXF
Philip W. Dalrymple III
> MDT Software - Automation Management Company
> +1 678 297 1001
> Fax +1 678 297 1003
>
>
> From: Francesco Chicchiriccò
> Sent: Wednesday, September 11, 2019 3:54
> To: dev@syncope.apache.org
> Subject: Re: I am having troubl
/versions/12345389
[2] https://issues.apache.org/jira/projects/SYNCOPE/versions/12345390
[3] http://syncope.apache.org/release-process
--
Francesco Chicchiriccò
Tirasa - Open Source Excellence
http://www.tirasa.net/
Member at The Apache Software Foundation
Syncope, Cocoon, Olingo, CXF, OpenJPA
s I wanted without error. (I have been making small changes to
> the code and testing).
>
> I am not sure what might be wrong with my build setup, how can I trouble
> shoot this?
>
> Second. Once I have a good source build what is the best way to deploy it to
> a tomcat
> ru
what do you think of experimenting with Travis CI on your own
fork? You'd only have to change the notification address as throw-away
change.
WDYT?
--
Francesco Chicchiriccò
Tirasa - Open Source Excellence
http://www.tirasa.net/
Member at The Apache Software Foundation
Syncope, Cocoon, Olingo, CXF, OpenJPA, PonyMail
http://home.apache.org/~ilgrosso/
to separate
> jobs, of course.
> [4] http://syncope.apache.org/building#All_integration_tests
> [5] http://syncope.apache.org/building#Other_Content-Type_values
> [6] http://syncope.apache.org/building#Java_EE_containers
> [7] http://syncope.apache.org/building#DBMSes
--
Francesc
://cwiki.apache.org/confluence/display/SYNCOPE/Authentication+features
which should be the right place where to put your thoughts about the
authentication features to implement in Syncope 3.0.
Thanks!
Regards.
--
Francesco Chicchiriccò
Tirasa - Open Source Excellence
http://www.tirasa.net/
!
On Fri, 9 Aug 2019 at 08:42, Francesco Chicchiriccò wrote:
On 09/08/19 00:00, sebb wrote:
It looks like the Travis-CI reports are not making it to the dev@ list.
This is perhaps because each one has to be moderated, which is a pain.
If so, and the project would like to receive the reports, I am
to moderate each
one.
See: https://issues.apache.org/jira/browse/INFRA-18843
If you would like Syncope to be included in the test, please let me know.
Thanks!
Hi Sebb,
this would be great, thanks.
Regards.
--
Francesco Chicchiriccò
Tirasa - Open Source Excellence
http://www.tirasa.net/
Member
Hi all,
I just wanted to follow-up some upgrade activities performed by infra,
which resulted in updating our demo URLs, now based at
https://syncope-vm.apache.org/
See http://syncope.apache.org/demo for full reference.
Regards.
--
Francesco Chicchiriccò
Tirasa - Open Source Excellence
o a single pdf file, and attach the pdf
file to an email to secret...@apache.org.
HTH
Regards.
On Thu, May 2, 2019 at 10:44 PM Atul More wrote:
Hi,
Sure, I will start look into it.
On Thu, May 2, 2019 at 3:32 PM Francesco Chicchiriccò
wrote:
On 01/05/19 17:52, Atul More wrote:
Hi,
I am
://issues.apache.org/jira/projects/SYNCOPE/issues/
--
Francesco Chicchiriccò
Tirasa - Open Source Excellence
http://www.tirasa.net/
Member at The Apache Software Foundation
Syncope, Cocoon, Olingo, CXF, OpenJPA, PonyMail
http://home.apache.org/~ilgrosso/
The Apache Syncope team is pleased to announce the release of Syncope 2.0.13
Apache Syncope is an Open Source system for managing digital identities
in enterprise environments, implemented in Java EE technology .
The release will be available within 24h from:
The Apache Syncope team is pleased to announce the release of Syncope 2.1.4
Apache Syncope is an Open Source system for managing digital identities
in enterprise environments, implemented in Java EE technology .
The release will be available within 24h from:
Hi all,
after 72 hours, the vote for Syncope 2.0.13 [1] *passes* with 6 PMC + 1
non-PMC votes.
+1 (PMC / binding)
* Fabio Martelli
* Andrea Patricelli
* Matteo Alessandroni
* Jean-Baptiste Onofré
* Marco Di Sabatino
* Francesco Chicchiriccò
+1 (non binding)
* Lorenzo Di Cola
0
-1
Thanks
Hi all,
after 72 hours, the vote for Syncope 2.1.4 [1] *passes* with 6 PMC + 2
non-PMC votes.
+1 (PMC / binding)
* Fabio Martelli
* Marco Di Sabatino
* Andrea Patricelli
* Matteo Alessandroni
* Jean-Baptiste Onofré
* Francesco Chicchiriccò
+1 (non binding)
* Dima Ayash
* Lorenzo Di Cola
0
using 273DF287):
http://www.apache.org/dist/syncope/KEYS
Vote will be open for 72 hours.
[ ] +1 approve
[ ] +0 no opinion
[ ] -1 disapprove (and reason why)
Here's my +1
Regards.
--
Francesco Chicchiriccò
Tirasa - Open Source Excellence
http://www.tirasa.net/
Member at The Apache Software
/dist/syncope/KEYS
Vote will be open for 72 hours.
[ ] +1 approve
[ ] +0 no opinion
[ ] -1 disapprove (and reason why)
Here's my +1
Regards.
--
Francesco Chicchiriccò
Tirasa - Open Source Excellence
http://www.tirasa.net/
Member at The Apache Software Foundation
Syncope, Cocoon, Olingo, CXF
Here we go again: new vote for OpenJPA 3.1.0 is in progress [5].
Regards.
On 10/04/19 08:27, Francesco Chicchiriccò wrote:
FYI the vote for OpenJPA 3.1.0 was canceled [4] - a nasty issue was
found: the plan is to fix it ASAP and start a new vote; fingers crossed.
Regards.
On 08/04/19 09:41
FYI the vote for OpenJPA 3.1.0 was canceled [4] - a nasty issue was
found: the plan is to fix it ASAP and start a new vote; fingers crossed.
Regards.
On 08/04/19 09:41, Francesco Chicchiriccò wrote:
Hi all,
later this week, once OpenJPA 3.1.0 - whose VOTE is in progress [1] -
is released, I
%2C%20key%20ASC
[3]
https://issues.apache.org/jira/issues/?jql=statusCategory%20%3D%20done%20AND%20project%20%3D%2012313120%20AND%20fixVersion%20%3D%2012344849%20ORDER%20BY%20priority%20DESC%2C%20key%20ASC
--
Francesco Chicchiriccò
Tirasa - Open Source Excellence
http://www.tirasa.net/
Member
va/src/main/java/org/apache/syncope/core/provisioning/java/job/notification/DefaultNotificationJobDelegate.java#L166
--
Francesco Chicchiriccò
Tirasa - Open Source Excellence
http://www.tirasa.net/
Member at The Apache Software Foundation
Syncope, Cocoon, Olingo, CXF, OpenJPA, PonyMail
http://home.apache.org/~ilgrosso/
The Apache Syncope team is pleased to announce the release of Syncope 2.1.3
Apache Syncope is an Open Source system for managing digital identities
in enterprise environments, implemented in Java EE technology .
The release will be available within 24h from:
The Apache Syncope team is pleased to announce the release of Syncope
2.0.12.
Apache Syncope is an Open Source system for managing digital identities
in enterprise environments, implemented in Java EE technology .
The release will be available within 24h from:
[Re-sending with corrected subject]
Hi all,
after 72 hours, the vote for Syncope 2.1.3 [1] *passes* with 6 PMC + 2
non-PMC votes.
+1 (PMC / binding)
* Fabio Martelli
* Andrea Patricelli
* Jean-Baptiste Onofré
* Marco Di Sabatino
* Matteo Alessandroni
* Francesco Chicchiriccò
+1 (non binding
Hi all,
after 72 hours, the vote for Syncope 2.0.12 [1] *passes* with 6 PMC + 2
non-PMC votes.
+1 (PMC / binding)
* Fabio Martelli
* Andrea Patricelli
* Jean-Baptiste Onofré
* Marco Di Sabatino
* Matteo Alessandroni
* Francesco Chicchiriccò
+1 (non binding)
* Lorenzo Di Cola
* Dima Ayash
0
Hi all,
after 72 hours, the vote for Syncope 2.1.3 [1] *passes* with 6 PMC + 2
non-PMC votes.
+1 (PMC / binding)
* Fabio Martelli
* Andrea Patricelli
* Jean-Baptiste Onofré
* Marco Di Sabatino
* Matteo Alessandroni
* Francesco Chicchiriccò
+1 (non binding)
* Lorenzo Di Cola
* Dima Ayash
0
using 273DF287):
http://www.apache.org/dist/syncope/KEYS
Vote will be open for 72 hours.
[ ] +1 approve
[ ] +0 no opinion
[ ] -1 disapprove (and reason why)
Here's my +1
Regards.
--
Francesco Chicchiriccò
Tirasa - Open Source Excellence
http://www.tirasa.net/
Member at The Apache Software
/dist/syncope/KEYS
Vote will be open for 72 hours.
[ ] +1 approve
[ ] +0 no opinion
[ ] -1 disapprove (and reason why)
Here's my +1
Regards.
--
Francesco Chicchiriccò
Tirasa - Open Source Excellence
http://www.tirasa.net/
Member at The Apache Software Foundation
Syncope, Cocoon, Olingo, CXF
+Syncope+3.0+Architecture
[2]
https://cwiki.apache.org/confluence/display/SYNCOPE/%5BDISCUSS%5D+Access+Management+features
--
Francesco Chicchiriccò
Tirasa - Open Source Excellence
http://www.tirasa.net/
Member at The Apache Software Foundation
Syncope, Cocoon, Olingo, CXF, OpenJPA, PonyMail
http
On 26/11/18 08:29, Francesco Chicchiriccò wrote:
On 07/11/18 13:48, Francesco Chicchiriccò wrote:
On 29/10/18 11:27, Francesco Chicchiriccò wrote:
[...]
I am currently in the middle of a spike which leverages PostgreSQL's
JSONB data type to replace *PlainAttr / * PlainAttrValue, and I am
On 07/11/18 13:48, Francesco Chicchiriccò wrote:
On 29/10/18 11:27, Francesco Chicchiriccò wrote:
[...]
I am currently in the middle of a spike which leverages PostgreSQL's
JSONB data type to replace *PlainAttr / * PlainAttrValue, and I am
around 90% feature-wise.
https://issues.apache.org
On 29/10/18 11:27, Francesco Chicchiriccò wrote:
[...]
I am currently in the middle of a spike which leverages PostgreSQL's
JSONB data type to replace *PlainAttr / * PlainAttrValue, and I am
around 90% feature-wise.
https://issues.apache.org/jira/browse/SYNCOPE-1395
After that, I would
CVE-2018-17186: XXE on BPMN definitions
Description:
An administrator with workflow definition entitlements can use DTD to
perform malicious operations, including but not limited to file read,
file write, and code execution.
Severity: Medium
Vendor: The Apache Software Foundation
Affects:
101 - 200 of 1033 matches
Mail list logo