Thanks! Enrico
Il giorno lun 13 giu 2022 alle ore 11:31 Maxim Solodovnik <[email protected]> ha scritto: > > Thanks for the release! > And congrats :) > > On Mon, 13 Jun 2022 at 05:42, P. Ottlinger <[email protected]> wrote: > > > > The Apache Creadur Rat team is pleased to announce the release of Apache > > Creadur Rat 0.14 > > > > Apache Rat is a release audit tool. It improves accuracy and efficiency > > when checking > > releases. It is heuristic in nature: making guesses about possible > > problems. It > > will produce false positives and cannot find every possible issue with a > > release. > > Its reports require interpretation. > > > > In response to demands from project quality tool developers, Rat is > > available as a > > library suitable for inclusion in tools. This POM describes that library. > > Note that binary compatibility is not guaranteed between 0.x releases. > > > > Apache Rat is developed by the Apache Creadur project, a language and build > > agnostic home for software distribution comprehension and audit tools. > > > > This release contains dependency updates, bugfixes and many improvements > > apart from infrastructure updates at ASF. > > > > Changes in this version include: > > > > New features: > > o RAT-288: Adapt logging output to be more compliant with future Maven > > versions as debug is deprecated and verbose is the recommended way to > > go. Thanks to Michael Osipov. > > o RAT-297: Update maven-reporting-api from 3.0 to 3.1.0 and remove > > usage of deprecated Sink API. Thanks to Michael Osipov. > > o RAT-289: Enable dependabot integration - write access is forbidden, > > but email alerts and pull requests should be ok. > > o RAT-279: Migrate vom Travis CI.org to Travis-ci.com. > > o RAT-271: Move all Creadur projects to new Jenkins infrastructure at > > ASF and migrate from Subversion to Gitbox/Github. Please update your > > repository URLs and use the new default branch master in all projects. > > o RAT-270: Change default behaviour to output erroneous files to > > console. Can be disabled by setting rat.consoleOutput to false. > > o RAT-266: Add .factorypath to Eclipse-default exclusions. Thanks to > > Michael Osipov. > > o RAT-254: Properly finish move to gitbox/github, get rid of SVN > > references and adapt main branch to master and fix all Jenkins build > > jobs for RAT. > > o RAT-244: Update compiler level to 1.7 to allow building with more > > recent JDKs. Update plugins and dependencies to more modern versions to > > fix security issues (CVE-warnings). > > o RAT-212: Add alternative https URLs in Apache License, Version 2.0 to > > allow automatic recognition as valid ASF2.0. Thanks to Niels Basjes. > > o RAT-250: Update to latest available and compatible Apache ANT 1.9.14 > > to get bugfixes. > > o INFRA-17348: SCM repository has been moved from svn.apache.org > > (Subversion) to gitbox.apache.org (Git) > > > > Fixed Bugs: > > o RAT-290: Update maven-jxr-plugin from 2.5 to 3.2.0. Thanks to dependabot. > > o RAT-290: Update maven-antrun-plugin from 3.0.0 to 3.1.1. Thanks to > > dependabot. > > o RAT-290: Update github actions/checkout from 2 to 3. Thanks to > > dependabot. > > o RAT-290: Update github actions/setup-java from 2.5.0 to 3.3.0. Thanks > > to dependabot. > > o RAT-290: Update maven-pmd-plugin from 3.14.0 to 3.16.0. Thanks to > > dependabot. > > o RAT-290: Update maven-javadoc-plugin from 3.3.1 to 3.4.0. Thanks to > > dependabot. > > o RAT-290: Update maven-compiler-plugin from 3.8.1 to 3.10.1. Thanks to > > dependabot. > > o RAT-290: Update wagon-ssh from 3.5.0 to 3.5.1. Thanks to dependabot. > > o RAT-290: Update maven-site-plugin from 3.9.1 to 3.12.0. Thanks to > > dependabot. > > o RAT-290: Update maven-project-info-reports-plugin from 3.1.1 to > > 3.3.0. Thanks to dependabot. > > o RAT-290: Update mockito-core from 3.11.2 to 4.6.0. Thanks to dependabot. > > o RAT-290: Update ASF parent from 23 to 26. Thanks to dependabot. > > o RAT-273: Some tests were based on the assumption, that the value of > > file.encoding > > can be changed on runtime. (Won't work nowadays, beginning > > with Java 16.) > > Removed this assumption in favour of a proper surefire > > configuration. > > o RAT-273: Workaround for an incompatibility in the > > java.io.LineNumberReader, which is > > being replaced by the org.apache.rat.header.LineNumberReader. > > o RAT-290: Update animal-sniffer-maven-plugin from 1.20 to 1.21. Thanks > > to Jin Xu/Xeno Amess. > > o RAT-296: Use Github Actions for matrix builds on Windows and ubuntu > > with JDK 8,11,12,13,14,15. Simplify Travis integration to avoid > > dockerhub-related build failures. > > o RAT-274: Update to latest Apache Ant 1.10.12. > > o RAT-291: Fix links to Travis builds for all creadur projects. > > o RAT-290: Update maven-dependency-plugin from 3.1.1 to 3.2.0. Thanks > > to dependabot. > > o RAT-290: Update plexus-utils from 3.0.21 to 3.4.1. Thanks to dependabot. > > o RAT-290: Update commons-cli from 1.4 to 1.5.0. Thanks to dependabot. > > o RAT-290: Update maven-plugin-annotation and maven-plugin-plugin from > > 3.6.1 to 3.6.2. Thanks to dependabot. > > o RAT-275: Update to doxia 1.11.1 in order to get > > CVE-2020-13956-httpclient problem fixes in doxia. > > o RAT-283: Update plugin versions and dependencies in order to run > > properly with Java8 as minimal compiler level. > > o RAT-286: Update to maven-plugin-plugin v3.6.1 in order to circumvent > > error during maven site builds. > > o RAT-285: Update to latest Apache Ant 1.10.11 in order to fix issues > > related to dependency commons-compress in Ant itself. > > o RAT-207: Properly report thread-safeness to Maven. Thanks to Xavier Dury. > > o RAT-281: Update to latest Commons IO to fix CVE-2021-29425 (Moderate > > severity). > > o RAT-274: Update to latest Apache Ant 1.10.10. > > o RAT-277: Update to junit 4.13.1 to fix CVE-2020-15250. > > o RAT-158: Update to new ASF parent 23 in order to get rid of doxia > > version management that generated warnings. > > o RAT-274: Update to latest Apache Ant 1.10.9 to fix CVE-2020-11979. > > Update to JDK8 as minimal version/compiler version. > > o RAT-269: Update to latest Apache Ant to fix CVE-2020-1945. > > o RAT-268: Allow handling of pom-file-only projects by not assuming > > that all modules are in directories. Thanks to Robert Scholte. > > o RAT-267: Report ignored lines from exclusion file to stderr instead > > of std to not generate erroneous JSON. Thanks to Fabio Utzig. > > o RAT-262: Treat JSON data as binary to avoid reports of missing licenses. > > o RAT-260: Change to docker image when building on Travis to avoid JDK > > version mixup in traditional build setup. Thanks to Kamil Breguła. > > o RAT-258: Update to latest commons-compress to fix CVE-2019-12402. > > o RAT-257: Adapt help text for CLI usage of RAT. > > > > > > Historical list of changes: > > https://creadur.apache.org/rat/changes-report.html > > > > For complete information on Apache Creadur Rat, including instructions > > on how to submit bug reports, > > patches, or suggestions for improvement, see the Apache Apache Creadur > > Rat website: > > > > https://creadur.apache.org/rat/ > > > > Enjoy and thanks for your patience :) > > > > -The Apache Creadur team > > > > -- > Best regards, > Maxim
