(I had to cancel the release version 4.1.0 and had another failure with 4.1.2, so it's now 4.1.4 ...)
A candidate for the Jackrabbit FileVault 4.1.4 release is available at: https://dist.apache.org/repos/dist/dev/jackrabbit/filevault/4.1.4/ The release candidate is a zip archive of the sources in: https://github.com/apache/jackrabbit-filevault/tree/jackrabbit-filevault-4.1.4/ The release notes can be found in JIRA at https://issues.apache.org/jira/secure/ReleaseNote.jspa?projectId=12314920&version=12356161 Overview of all changes: ** Improvement * [JCRVLT-816] - Fix Security warnings * [JCRVLT-817] - All properties are checked twice if they are protected * [JCRVLT-818] - Vault CLI contains embedded vulnerable libraries * [JCRVLT-819] - Upgrade JLine 1.0 to 3.x * [JCRVLT-822] - avoid costly check if a property is protected ** Task * [JCRVLT-813] - read node and property definitions lazy * [JCRVLT-814] - Remove redundant calculations in DocViewImporer The command for running automated checks against this release candidate is: $ sh check-release.sh filevault 4.1.4 (leveraging the script from https://dist.apache.org/repos/dist/dev/jackrabbit/check-release.sh) A staged Maven repository is available for review at: https://repository.apache.org/content/repositories/orgapachejackrabbit-1719 Please vote on releasing this package as Apache Jackrabbit FileVault 4.1.4. The vote is open for a minimum of 72 hours during business days and passes if a majority of at least three +1 Jackrabbit PMC votes are cast. The vote fails if not enough votes are cast after 1 week (5 business days). [ ] +1 Release this package as Apache Jackrabbit FileVault 4.1.4 [ ] -1 Do not release this package because.. Jörg -- https://cqdump.joerghoh.de
