Hello, +1
(checked jar cheksums, , compiled java11/mvn3.3.1 on win10, read Reports) With nits, there is a „No client code changes are required to migrate from version 1.3.0 to 1.3.1.“ sentence which could be removed in the release notes and could be replaced by „1.4 removed serialisation for security, might be a change you Need to accomodate for“ or something like this? Should we add a „Fixed in 1.4 section“ in the security report only to document that the serialisation and System property are gone? (we had quite some discussion…) Bernd Good Holidays everyone -- http://bernd.eckenfels.net Von: Rob Tompkins Gesendet: Montag, 24. Dezember 2018 08:23 An: Commons Developers List Betreff: [VOTE] Release Apache Commons FileUpload 1.4 based on RC2 We have fixed quite a few bugs and added some significant enhancements since Apache Commons FileUpload 1.3.3 was released, so I would like to release Apache Commons FileUpload 1.4. Apache Commons FileUpload 1.4 RC2 is available for review here: https://dist.apache.org/repos/dist/dev/commons/fileupload/1.4-RC2 (svn revision 31675) The Git tag commons-fileupload-1.4-RC2 commit for this RC is 047f31576411beee69cf75584ae76531cc9ac753 which you can browse here: https://github.com/apache/commons-fileupload/releases/tag/commons-fileupload-1.4-RC2 Maven artifacts are here: https://repository.apache.org/content/repositories/orgapachecommons-1404/commons-fileupload/commons-fileupload/1.4/ These are the Maven artifacts and their hashes in Nexus: #Nexus SHA-1s commons-fileupload-1.4.jar=f95188e3d372e20e7328706c37ef366e5d7859b0 commons-fileupload-1.4-test-sources.jar=fbccf3978e3a3c3d08df96a8d1b7174b298e35d8 commons-fileupload-1.4.pom=65112009d674333c1acfafb4e198ff250d710764 commons-fileupload-1.4-tests.jar=8c3335b84d252a422546aaf82e716dc73cfc2e48 commons-fileupload-1.4-sources.jar=d50ee98902746c6a351662fa8b728189d1a30e90 commons-fileupload-1.4-javadoc.jar=bd6061c92eaa54a63d35acc4f36182893a679cef #Release SHA-256s #Mon Dec 24 02:07:07 EST 2018 commons-fileupload-1.4-src-tar.gz=4eb7d03ecc48d62d72fde877df321df0f9288b3eb4119f8471417a303a9c0871 commons-fileupload-1.4-bin-tar.gz=7df64e29e8424a44b6741ddaa0d35766b94d8a56df1f7354a6ee5c491fd96eab commons-fileupload-1.4-src-zip=43ea130373f3b827c9322caf62d858e73dc430c55a5ab26a95f0554097c37b2d commons-fileupload-1.4-bin-zip=ff1e8c581b462913f90b95791f58a97d5ffb48dd8ab1ed94229714573d0ceed7 I have tested this with 'mvn clean test package site' using: Apache Maven 3.6.0 (97c98ec64a1fdfee7767ce5ffb20918da4f719f3; 2018-10-24T14:41:47-04:00) Maven home: /usr/local/Cellar/maven/3.6.0/libexec Java version: 1.8.0_191, vendor: Oracle Corporation, runtime: /Library/Java/JavaVirtualMachines/jdk1.8.0_191.jdk/Contents/Home/jre Default locale: en_US, platform encoding: UTF-8 OS name: "mac os x", version: "10.14.1", arch: "x86_64", family: "mac" Details of changes since 1.3.3 are in the release notes: https://dist.apache.org/repos/dist/dev/commons/fileupload/1.4-RC2/RELEASE-NOTES.txt https://dist.apache.org/repos/dist/dev/commons/fileupload/1.4-RC2/site/changes-report.html Site: https://dist.apache.org/repos/dist/dev/commons/fileupload/1.4-RC2/site (note some *relative* links are broken and the 1.4 directories are not yet created - these will be OK once the site is deployed.) CLIRR Report (compared to 1.3.3): We expect there to be 3 failures here. https://dist.apache.org/repos/dist/dev/commons/fileupload/1.4-RC2/site/clirr-report.html RAT Report: https://dist.apache.org/repos/dist/dev/commons/fileupload/1.4-RC2/site/rat-report.html KEYS: https://www.apache.org/dist/commons/KEYS Please review the release candidate and vote. This vote will close no sooner that 72 hours from now. [ ] +1 Release these artifacts [ ] +0 OK, but... [ ] -0 OK, but really should fix... [ ] -1 I oppose this release because... Thank you, Rob Tompkins, Release Manager (using key B6E73D84EA4FCC47166087253FAAD2CD5ECBB314) --------------------------------------------------------------------- To unsubscribe, e-mail: dev-unsubscr...@commons.apache.org For additional commands, e-mail: dev-h...@commons.apache.org