This is an automated email from the ASF dual-hosted git repository.
vy pushed a commit to branch asf-staging
in repository https://gitbox.apache.org/repos/asf/logging-parent.git
The following commit(s) were added to refs/heads/asf-staging by this push:
new e91c2eb Add `10.3.0` RC2 files
e91c2eb is described below
commit e91c2ebc93104f4f01ad0ade925f39ac15bac4d4
Author: Volkan Yazıcı <[email protected]>
AuthorDate: Mon Nov 6 11:09:11 2023 +0100
Add `10.3.0` RC2 files
---
10.x/index.html | 19 ++++++++++++++++---
1 file changed, 16 insertions(+), 3 deletions(-)
diff --git a/10.x/index.html b/10.x/index.html
index db9bfb8..53a949c 100644
--- a/10.x/index.html
+++ b/10.x/index.html
@@ -615,7 +615,8 @@ table.CodeRay td.code{padding:0 0 0 .75em}
<div class="paragraph">
<p>Logging Parent streamlines the generation of SBOMs using <a
href="https://github.com/CycloneDX/cyclonedx-maven-plugin";>cyclonedx-maven-plugin</a>.
Plugin execution generates SBOM files for each module, including the root one.
-Generated SBOM files are attached as artifacts with <code>cyclonedx</code>
classifier and <code>xml</code>/<code>json</code> extensions, that is,
<code><artifactId>-<version>-cyclonedx.{xml,json}</code>.</p>
+SBOM content is enriched with VDR (Vulnerability Disclosure Report) references
wherever possible.
+Generated SBOM files are attached as artifacts with <code>cyclonedx</code>
classifier and XML extensions, that is,
<code><artifactId>-<version>-cyclonedx.xml</code>.</p>
</div>
</div>
</div>
@@ -793,7 +794,7 @@ See <a
href="https://logging.apache.org/log4j/2.x/security.html";>the Log4j Secur
<dl>
<dt class="hdlist1">Release date</dt>
<dd>
-<p>2023-10-26</p>
+<p>2023-11-06</p>
</dd>
</dl>
</div>
@@ -810,6 +811,9 @@ See <a
href="https://logging.apache.org/log4j/2.x/security.html";>the Log4j Secur
<li>
<p>Add support to replace <code>project.build.outputTimestamp</code> Maven
property in CI (<a
href="https://github.com/apache/logging-parent/issues/50";>50</a>)</p>
</li>
+<li>
+<p>Add XSLT transformation step to add a deterministic
<code>serialNumber</code> and VDR links to the SBOM</p>
+</li>
</ul>
</div>
</div>
@@ -821,11 +825,17 @@ See <a
href="https://logging.apache.org/log4j/2.x/security.html";>the Log4j Secur
<p><code>deploy-release-reusable.yaml</code> is improved to automatically
derive deployed artifacts as attachments. This renders both
<code>distribution-attachment-filepath-pattern</code> and
<code>distribution-attachment-count</code> input arguments redundant for almost
all cases.</p>
</li>
<li>
+<p>Disable the usage of <code><distributionManagement></code> and alpha
releases in the <code>bnd-baseline-maven-plugin</code>.</p>
+</li>
+<li>
<p>Convert <code>bnd-maven-plugin</code> API leakage warnings to errors (<a
href="https://github.com/apache/logging-log4j2/issues/1895";>apache/logging-log4j2#1895</a>)</p>
</li>
<li>
<p>Update <code>com.google.errorprone:error_prone_core</code> to version
<code>2.23.0</code> (<a
href="https://github.com/apache/logging-parent/pull/49";>49</a>)</p>
</li>
+<li>
+<p>Update <code>org.cyclonedx:cyclonedx-maven-plugin</code> to version
<code>2.7.10</code> (<a
href="https://github.com/apache/logging-parent/pull/54";>54</a>)</p>
+</li>
</ul>
</div>
</div>
@@ -839,6 +849,9 @@ See <a
href="https://logging.apache.org/log4j/2.x/security.html";>the Log4j Secur
<li>
<p>Attach <code>flatten:clean</code> to <code>clean</code> phase</p>
</li>
+<li>
+<p>Add missing <code>Implementation-</code> and <code>Specification-</code>
entries in <code>MANIFEST.MF</code> to <code>bnd-maven-plugin</code>
configuration (<a
href="https://github.com/apache/logging-log4j2/issues/1923";>apache/logging-log4j2#1923</a>)</p>
+</li>
</ul>
</div>
</div>
@@ -1524,7 +1537,7 @@ See the License for the specific language governing
permissions and limitations
</div>
<div id="footer">
<div id="footer-text">
-Last updated 2023-10-26 09:50:35 UTC
+Last updated 2023-11-06 09:58:03 UTC
</div>
</div>
</body>
