after all a nexus server is easy to setup... ________________________________ From: Xeno Amess <xenoam...@gmail.com> Sent: Wednesday, October 2, 2024 1:41:40 AM To: Commons Developers List <dev@commons.apache.org> Subject: Re: [validator] Collections 4
well if you be very hurry you can use a fork for some months... (like what I did for tomcat&maven... ________________________________ From: Josh Fenlason <josh.fenla...@veritas.com.INVALID> Sent: Tuesday, October 1, 2024 11:40:58 PM To: Commons Developers List <dev@commons.apache.org> Subject: RE: [validator] Collections 4 Gary, I appreciate all the work you put into the various Apache Commons projects, so I hope this does not sound ungrateful. I would like to ask what can be done to increase the urgency for releasing Validator 2.0. Due to requirements from our public sector customers, we need be STIG compliant (https://www.stigviewer.com/controls/800-53/SA-22) and the age of the latest Validator release is impeding that. Based on the activity on the mailing list it appears that there are several others that are in a similar situation. I know that you have been doing some work in this regard and already do a lot for other Apache Commons projects as well, so I am not coming and asking you to handle this all on your own. There are several in the community who are offering to help get Validator 2 out the door. I would like to respectfully ask what I can be doing to hasten the new release by the end of October at the latest so I can avoid having to do my own fork of the library. Thanks, Josh. -----Original Message----- From: Gary Gregory <garydgreg...@gmail.com> Sent: Wednesday, September 25, 2024 3:24 PM To: Commons Developers List <dev@commons.apache.org> Subject: Re: [validator] Collections 4 CAUTION: This email originated from outside the organization. Do not click links or open attachments unless you recognize the sender and know the content is safe. If you believe this is a phishing email, use the Report to Cybersecurity icon in Outlook. On Wed, Sep 25, 2024 at 4:06 PM Josh Fenlason <josh.fenla...@veritas.com.invalid> wrote: > > Is the Validator 2.0 release still being planned for the near future? Yes, maybe within a month or so. > > Is that PR for moving the Commons Collections dependency from 3 to 4 still in > active? Or would it help for someone to take another pass at that? No, this will be done as part of 2.0. > > The package structure still needs to be updated from > "org.apache.commons.validator" to "org.apache.commons.validator2", correct? > Would it help if I created a PR to do that? No, because this will touch every single file and will make a PR too hard and tedious to review (all files will be deleted and added). Gary > > Josh. > > -----Original Message----- > From: Josh Fenlason <josh.fenla...@veritas.com.INVALID> > Sent: Wednesday, September 11, 2024 9:46 AM > To: Commons Developers List <dev@commons.apache.org> > Subject: RE: [validator] Collections 4 > > > CAUTION: This email originated from outside the organization. Do not click > links or open attachments unless you recognize the sender and know the > content is safe. If you believe this is a phishing email, use the Report to > Cybersecurity icon in Outlook. > > > > I was looking through the jira items for validator. > > I see one item that looks like it would be necessary for a Validator 2.X > release, VALIDATOR-390, for updating to Commons Collections 4. I see a > relatively recent PR, https://github.com/apache/commons-validator/pull/53, > for that though. I know that breaks binary compatibility an would therefore > require a new Validator 2 release. Since it looks like there is momentum for > that, is the plan to accept that PR? Or is a different solution necessary > for that? > > One other thing is that I believe the convention is for new major releases to > bump the version in the package name, refactoring from > "org.apache.commons.validator" to "org.apache.commons.validator2", correct? > I am not seeing a jira item for that. Did I miss it? Would it be helpful > for me to create a PR with that refactoring? > > Thanks, > Josh. > > -----Original Message----- > From: Gary D. Gregory <ggreg...@apache.org> > Sent: Wednesday, September 4, 2024 8:32 AM > To: dev@commons.apache.org > Subject: RE: [validator] Collections 4 > > > CAUTION: This email originated from outside the organization. Do not click > links or open attachments unless you recognize the sender and know the > content is safe. If you believe this is a phishing email, use the Report to > Cybersecurity icon in Outlook. > > > > On 2024/09/03 19:54:05 Josh Fenlason wrote: > > That is great to hear! Is there anything I can do to assist with that? > > Watch this list and test builds and release candidates when they become > available. > > You can also scan Jira and pull requests on GitHub and see if anything > catches your eye. > > Gary > > > > > -----Original Message----- > > From: Gary Gregory <garydgreg...@gmail.com> > > Sent: Tuesday, September 3, 2024 2:53 PM > > To: Commons Developers List <dev@commons.apache.org> > > Subject: Re: [validator] Collections 4 > > > > > > CAUTION: This email originated from outside the organization. Do not click > > links or open attachments unless you recognize the sender and know the > > content is safe. If you believe this is a phishing email, use the Report to > > Cybersecurity icon in Outlook. > > > > > > > > I am planning on what will likely be a new major version as we cannot break > > binary compatibility. Maybe within the next few weeks. > > > > Gary > > > > On Tue, Sep 3, 2024, 3:10 PM Josh Fenlason > > <josh.fenla...@veritas.com.invalid> wrote: > > > > > I have requirements to eliminate collections3 from my project. > > > The latest Validator released is dependent on collections3 though. > > > What are the chances of a new Validator release that is dependent > > > on collections4? What could I do to assist with making that happen? > > > Thanks, > > > Josh. > > > > > > > --------------------------------------------------------------------- > To unsubscribe, e-mail: dev-unsubscr...@commons.apache.org > For additional commands, e-mail: dev-h...@commons.apache.org > > > --------------------------------------------------------------------- > To unsubscribe, e-mail: dev-unsubscr...@commons.apache.org > For additional commands, e-mail: dev-h...@commons.apache.org --------------------------------------------------------------------- To unsubscribe, e-mail: dev-unsubscr...@commons.apache.org For additional commands, e-mail: dev-h...@commons.apache.org
