Re: [net] Build broken by commit "Prevent serialization"

[Gilles Sadowski]

Hello.

Le sam. 1 janv. 2022 à 03:04, Gary Gregory  a écrit :
>
> Hi All & Sebb,
>
> Git bisect tells me the commit below broke the build and it's been broken
> ever since. Please run a local build before you commit.
>
> 991b775f2052e150c4c16d1c1cd2073021d40c2e is the first bad commit
> commit 991b775f2052e150c4c16d1c1cd2073021d40c2e
> Author: Sebb 
> Date:   Wed Dec 15 00:18:48 2021 +
>
> Prevent serialization
>
> It is not useful and is unlikely to work properly.
>
>  src/changes/changes.xml  |  4 
>  .../apache/commons/net/ProtocolCommandSupport.java   | 18
> +-
>  .../java/org/apache/commons/net/ftp/FTPFile.java | 20
> +++-
>  .../java/org/apache/commons/net/ntp/TimeStamp.java   | 16 
>  .../org/apache/commons/net/util/ListenerList.java| 15 +++
>  5 files changed, 71 insertions(+), 2 deletions(-)
>
> Please revert or fix.
>
> [ERROR] Failures:
> [ERROR]   FTPTimestampParserImplTest.testParseTimestampWithSlop:474
> test.slop.roll.back.year expected:<1> but was:<0>

Here I don't get that error, but another one:
---CUT---
[INFO] Results:
[INFO]
[ERROR] Failures:
[ERROR]   FTPTimestampParserImplTest.testParseTimestampAcrossTimeZones:437
rollback.even.with.time.zones expected:<1> but was:<2>
---CUT---

This one is also reported by Jenkins:
https://builds.apache.org/job/Commons/job/commons-net/205/console

It seems that several Jenkins builds were successful *after*
the "Prevent serialization" commit.

Gilles

>
> TY,
> Gary

-
To unsubscribe, e-mail: dev-unsubscr...@commons.apache.org
For additional commands, e-mail: dev-h...@commons.apache.org

[net] Build broken by commit "Prevent serialization"

[Gary Gregory]

Hi All & Sebb,

Git bisect tells me the commit below broke the build and it's been broken
ever since. Please run a local build before you commit.

991b775f2052e150c4c16d1c1cd2073021d40c2e is the first bad commit
commit 991b775f2052e150c4c16d1c1cd2073021d40c2e
Author: Sebb 
Date:   Wed Dec 15 00:18:48 2021 +

Prevent serialization

It is not useful and is unlikely to work properly.

 src/changes/changes.xml  |  4 
 .../apache/commons/net/ProtocolCommandSupport.java   | 18
+-
 .../java/org/apache/commons/net/ftp/FTPFile.java | 20
+++-
 .../java/org/apache/commons/net/ntp/TimeStamp.java   | 16 
 .../org/apache/commons/net/util/ListenerList.java| 15 +++
 5 files changed, 71 insertions(+), 2 deletions(-)

Please revert or fix.

[ERROR] Failures:
[ERROR]   FTPTimestampParserImplTest.testParseTimestampWithSlop:474
test.slop.roll.back.year expected:<1> but was:<0>

TY,
Gary

Re: [IMPORTANT] - ci.apache.org and CMS Shutdown end of January 2022

[Gary Gregory]

On Fri, Dec 31, 2021 at 8:22 PM Gilles Sadowski 
wrote:

> Le ven. 31 déc. 2021 à 14:17, Gary Gregory  a
> écrit :
> >
> > WRT Commons, CI is handled by GitHub actions
>
> Whatever "handled" means here, is the sentence true for
> *all* components?
>
> I thought that "GH actions" was replacing Travis (for some
> components).
>
> > these days so I am not worried
> > about losing ci.a.o.
>
> If "ci" means "Jenkins", then I'm worried about
>   Commons Math
>   Commons RNG
>   Commons Statistics
>   Commons Numbers
>   Commons Geometry
>

Thank you for correcting my "all". I've not tracked the above 5 components
for a while.

Gary


> If "ci" means web site publishing, I've no idea where we are.
> Last word (IIRC) was that requesting one git repository for
> each component's web site was overkill, and perhaps (?)
> not necessary.  A seeming dissonance with this reminder...
>
> Regards,
> Gilles
>
> >
> > TY
> > Gary
> >
> > On Fri, Dec 31, 2021 at 6:38 AM Gavin McDonald 
> wrote:
> >
> > > Hi All,
> > >
> > > (This email is BCC many (19) lists, please reply to bui...@apache.org
> > > only)
> > >
> > > Infra has set a FINAL date of January 31st 2022 for the turn off of
> > > ci.apache.org. This includes all of its nodes , of which the CMS node
> is
> > > one. Therefore the CMS is also going to be gone on the 31st January
> 2022.
> > >
> > > Any project that still uses the CMS in any way shape or form, MUST
> migrate
> > > to another build and publish method.
> > >
> > > Any project using ci.apache.org for the building and
> testing/publishing of
> > > CI builds MUST also migrate away to another CI - the direct
> replacement is
> > > ci2.apache.org the new Buildbot 3.2 based instance. Publishing of
> Javadocs
> > > and versioned websites etc that normally publish to
> ci.apache.org/projects
> > > will need to migrate their jobs to ci2.apache.org and publish results
> to
> > > nightlies.apache.org instead (via an rsync step).
> > >
> > > Projects have been repeatedly informed of the deprecation of both
> > > ci.apache.org and also the CMS itself, so this notice should not be a
> > > surprise to anybody.
> > >
> > > If you don't  have an INFRA ticket already open, or you don't know if
> there
> > > is an INFRA ticket already open for your project, please open one
> > > immediately so that we can get working on your migration ASAP. One or
> two
> > > projects I know of have a non-standard setup of publishing and so the
> > > earlier we get started the better.
> > >
> > > Below is a list of projects I know to still be using either the CMS (in
> > > whole or in part) and ci.apache.org for CI builds, there may be more.
> > >
> > > Projects fully using the CMS
> > > ==
> > >
> > > Commons
> > > DB (and subprojects)
> > > Hive
> > > Oozie
> > >
> > > Projects partially using the CMS
> > > =
> > >
> > > Lucene
> > > CXF
> > > Tapestry
> > > Santuario
> > > Geronimo
> > > Nutch
> > >
> > > All the above except Nutch I believe are exporting from Confluence and
> > > committing to
> > > svn.apache.org/repos/infra/websites/production/ - I have been working
> on
> > > an
> > > alternate
> > > method that does not involve the CMS agent (or its dependents like
> > > build_external.pl)
> > > CXF and Tapestry at least have INFRA tickets open regarding this.
> > >
> > > Projects using ci.apache.org for CI jobs
> > > 
> > >
> > > The Board - board-site build.
> > > Perl/mod_perl - several test builds.
> > > AsterixDB - docs build
> > > HTTPD - test builds
> > > Juddi - Several test builds
> > > OpenJPA - Several test builds
> > > Creadur - Several test builds
> > > JMeter - test builds
> > > OpenNLP - site build ?
> > > Commons - site build ?
> > > Ponymail - site build ?
> > > TrafficServer - Test Build + site build ?
> > > Tapestry - test build
> > >
> > > All builds that need migrating can be seen on this page:
> > >
> > > https://ci.apache.org/buildslaves
> > >
> > > Ok, those are the details, lets get started please people
> > >
> > > Oh, and Happy New Year!
> > >
> > > Gavin McDonald
> > > Systems Administrator
> > > ASF Infrastructure Team
> > >
>
> -
> To unsubscribe, e-mail: dev-unsubscr...@commons.apache.org
> For additional commands, e-mail: dev-h...@commons.apache.org
>
>

Re: [IMPORTANT] - ci.apache.org and CMS Shutdown end of January 2022

[Gilles Sadowski]

Le ven. 31 déc. 2021 à 14:17, Gary Gregory  a écrit :
>
> WRT Commons, CI is handled by GitHub actions

Whatever "handled" means here, is the sentence true for
*all* components?

I thought that "GH actions" was replacing Travis (for some
components).

> these days so I am not worried
> about losing ci.a.o.

If "ci" means "Jenkins", then I'm worried about
  Commons Math
  Commons RNG
  Commons Statistics
  Commons Numbers
  Commons Geometry

If "ci" means web site publishing, I've no idea where we are.
Last word (IIRC) was that requesting one git repository for
each component's web site was overkill, and perhaps (?)
not necessary.  A seeming dissonance with this reminder...

Regards,
Gilles

>
> TY
> Gary
>
> On Fri, Dec 31, 2021 at 6:38 AM Gavin McDonald  wrote:
>
> > Hi All,
> >
> > (This email is BCC many (19) lists, please reply to bui...@apache.org
> > only)
> >
> > Infra has set a FINAL date of January 31st 2022 for the turn off of
> > ci.apache.org. This includes all of its nodes , of which the CMS node is
> > one. Therefore the CMS is also going to be gone on the 31st January 2022.
> >
> > Any project that still uses the CMS in any way shape or form, MUST migrate
> > to another build and publish method.
> >
> > Any project using ci.apache.org for the building and testing/publishing of
> > CI builds MUST also migrate away to another CI - the direct replacement is
> > ci2.apache.org the new Buildbot 3.2 based instance. Publishing of Javadocs
> > and versioned websites etc that normally publish to ci.apache.org/projects
> > will need to migrate their jobs to ci2.apache.org and publish results to
> > nightlies.apache.org instead (via an rsync step).
> >
> > Projects have been repeatedly informed of the deprecation of both
> > ci.apache.org and also the CMS itself, so this notice should not be a
> > surprise to anybody.
> >
> > If you don't  have an INFRA ticket already open, or you don't know if there
> > is an INFRA ticket already open for your project, please open one
> > immediately so that we can get working on your migration ASAP. One or two
> > projects I know of have a non-standard setup of publishing and so the
> > earlier we get started the better.
> >
> > Below is a list of projects I know to still be using either the CMS (in
> > whole or in part) and ci.apache.org for CI builds, there may be more.
> >
> > Projects fully using the CMS
> > ==
> >
> > Commons
> > DB (and subprojects)
> > Hive
> > Oozie
> >
> > Projects partially using the CMS
> > =
> >
> > Lucene
> > CXF
> > Tapestry
> > Santuario
> > Geronimo
> > Nutch
> >
> > All the above except Nutch I believe are exporting from Confluence and
> > committing to
> > svn.apache.org/repos/infra/websites/production/ - I have been working on
> > an
> > alternate
> > method that does not involve the CMS agent (or its dependents like
> > build_external.pl)
> > CXF and Tapestry at least have INFRA tickets open regarding this.
> >
> > Projects using ci.apache.org for CI jobs
> > 
> >
> > The Board - board-site build.
> > Perl/mod_perl - several test builds.
> > AsterixDB - docs build
> > HTTPD - test builds
> > Juddi - Several test builds
> > OpenJPA - Several test builds
> > Creadur - Several test builds
> > JMeter - test builds
> > OpenNLP - site build ?
> > Commons - site build ?
> > Ponymail - site build ?
> > TrafficServer - Test Build + site build ?
> > Tapestry - test build
> >
> > All builds that need migrating can be seen on this page:
> >
> > https://ci.apache.org/buildslaves
> >
> > Ok, those are the details, lets get started please people
> >
> > Oh, and Happy New Year!
> >
> > Gavin McDonald
> > Systems Administrator
> > ASF Infrastructure Team
> >

-
To unsubscribe, e-mail: dev-unsubscr...@commons.apache.org
For additional commands, e-mail: dev-h...@commons.apache.org

Re: [commons-vfs] Failure in bump ftpserver-core from 1.1.1 to 1.1.2

[Xeno Amess]

ftpserver updated.
pr at https://github.com/apache/commons-vfs/pull/235
details/investigations at https://github.com/apache/commons-vfs/pull/231

Xeno Amess  于2022年1月1日周六 02:12写道：

> migrating sshd to 2.8.0 now.
>
> Gary Gregory  于2022年1月1日周六 02:04写道：
>
>> Hi Xeno,
>>
>> Correct, I don't care about slf4j in this thread. Thank you for helping
>> out
>> :-)
>>
>> Gary
>>
>>
>> On Fri, Dec 31, 2021, 12:52 Xeno Amess  wrote:
>>
>> > >  Help also needed for https://github.com/apache/commons-vfs/pull/225
>> >
>> > I thought you wanna talk about all dependabot failures in vfs in the
>> same
>> > thread.
>> >
>> > So this email thread is only focused on sshd and ftpserver?
>> >
>> > Gary Gregory  于2022年1月1日周六 01:47写道：
>> >
>> > > On Fri, Dec 31, 2021 at 12:16 PM Xeno Amess 
>> wrote:
>> > >
>> > > > @Gary Gregory
>> > > > well at least you can have this from me
>> > > > https://github.com/apache/commons-vfs/pull/233
>> > > > seems it can work, but don't merge until all cis are done.
>> > > >
>> > >
>> > > Let's keep this email thread focused please.
>> > >
>> > > Gary
>> > >
>> > >
>> > > >
>> > > > Rob Spoor  于2022年1月1日周六 01:10写道：
>> > > >
>> > > > > A quick check shows that some more dependencies are needed, for
>> code
>> > > > > split off from sshd-core. I found some:
>> > > > > * https://mvnrepository.com/artifact/org.apache.sshd/sshd-sftp
>> > > > > * https://mvnrepository.com/artifact/org.apache.sshd/sshd-scp
>> > > > >
>> > > > > However, even after adding these two I was still missing classes.
>> > > > > Because it's only used for testing I wouldn't let this block any
>> > > > > potential release. I still use version 1.7.0 for testing a project
>> > > > > because upgrading just wasn't worth the effort. However, changing
>> the
>> > > > > version from 2.8.0 to 1.7.0 didn't solve a lot of issues; I'm
>> > thinking
>> > > > > the upgrade from 0.x to 1.x is bigger than the upgrade from 1.x to
>> > 2.x
>> > > > > (don't get me started on 0.x to 2.x).
>> > > > >
>> > > > > Rob
>> > > > >
>> > > > >
>> > > > > On 31/12/2021 17:39, Gary Gregory wrote:
>> > > > > > Help also needed for
>> > https://github.com/apache/commons-vfs/pull/225
>> > > > > > :-)
>> > > > > > Gary
>> > > > > >
>> > > > > > On Fri, Dec 31, 2021 at 8:28 AM Gary Gregory <
>> > garydgreg...@gmail.com
>> > > >
>> > > > > wrote:
>> > > > > >
>> > > > > >> Does anyone have any free time to look at this failure?
>> > > > > >>
>> > > > > >> I'm still dealing with Log4j fallout...
>> > > > > >>
>> > > > > >> Gary
>> > > > > >>
>> > > > > >> -- Forwarded message -
>> > > > > >> From: GitBox 
>> > > > > >> Date: Fri, Dec 31, 2021 at 6:05 AM
>> > > > > >> Subject: [GitHub] [commons-vfs] dependabot[bot] opened a new
>> pull
>> > > > > request
>> > > > > >> #231: Bump ftpserver-core from 1.1.1 to 1.1.2
>> > > > > >> To: 
>> > > > > >>
>> > > > > >>
>> > > > > >>
>> > > > > >> dependabot[bot] opened a new pull request #231:
>> > > > > >> URL: https://github.com/apache/commons-vfs/pull/231
>> > > > > >>
>> > > > > >>
>> > > > > >> Bumps [ftpserver-core](
>> > https://github.com/apache/mina-ftpserver
>> > > )
>> > > > > from
>> > > > > >> 1.1.1 to 1.1.2.
>> > > > > >> 
>> > > > > >> Commits
>> > > > > >> 
>> > > > > >> https://github.com/apache/mina-ftpserver/commit/a04a44d756e9ae18d0461326c761a851b8346d3d
>> > > > > ">a04a44d
>> > > > > >> [maven-release-plugin] prepare release
>> ftpserver-parent-1.1.2
>> > > > > >> https://github.com/apache/mina-ftpserver/commit/d7fdad2429cf7b2ae433e10fa7df3b7961fe3704
>> > > > > ">d7fdad2
>> > > > > >> Fixed the javadoc failures
>> > > > > >> https://github.com/apache/mina-ftpserver/commit/b4e8d0e39622ce5b121c183f070fe1ad67b41c4f
>> > > > > ">b4e8d0e
>> > > > > >> [maven-release-plugin] rollback the release of
>> > > > > ftpserver-parent-1.1.2
>> > > > > >> https://github.com/apache/mina-ftpserver/commit/59947ea85dc7db2529f619886fd901fd0284bd42
>> > > > > ">59947ea
>> > > > > >> [maven-release-plugin] prepare for next development
>> iteration
>> > > > > >> https://github.com/apache/mina-ftpserver/commit/92c6af05cdf0eddd3d2e613b52def57984d78d33
>> > > > > ">92c6af0
>> > > > > >> [maven-release-plugin] prepare release
>> ftpserver-parent-1.1.2
>> > > > > >> https://github.com/apache/mina-ftpserver/commit/455a4336a4e9b319e1f6b5836b29dc095467c091
>> > > > > ">455a433
>> > > > > >> Fixed the outputStatement to make Javadoc plugin
>> happy
>> > > > > >> https://github.com/apache/mina-ftpserver/commit/94fabe3c1e4776a1754e20403f9c5830231542f7
>> > > > > ">94fabe3
>> > > > > >> [maven-release-plugin] rollback the release of
>> > > > > ftpserver-parent-1.1.2
>> > > > > >> https://github.com/apache/mina-ftpserver/commit/fd1a0d89870c89a7a7c619d1b8f19786e7ce75fb
>> > > > > ">fd1a0d8
>> > > > > >> [maven-release-plugin] prepare for next development
>> iteration
>> > > > > >> https://github.com/apache/mina-ftpserver/commit/990a5cebd692361b41e99d1bdf9cd2a9b1eed38a
>> > 

Re: [commons-vfs] Failure in bump ftpserver-core from 1.1.1 to 1.1.2

[Xeno Amess]

migrating sshd to 2.8.0 now.

Gary Gregory  于2022年1月1日周六 02:04写道：

> Hi Xeno,
>
> Correct, I don't care about slf4j in this thread. Thank you for helping out
> :-)
>
> Gary
>
>
> On Fri, Dec 31, 2021, 12:52 Xeno Amess  wrote:
>
> > >  Help also needed for https://github.com/apache/commons-vfs/pull/225
> >
> > I thought you wanna talk about all dependabot failures in vfs in the same
> > thread.
> >
> > So this email thread is only focused on sshd and ftpserver?
> >
> > Gary Gregory  于2022年1月1日周六 01:47写道：
> >
> > > On Fri, Dec 31, 2021 at 12:16 PM Xeno Amess 
> wrote:
> > >
> > > > @Gary Gregory
> > > > well at least you can have this from me
> > > > https://github.com/apache/commons-vfs/pull/233
> > > > seems it can work, but don't merge until all cis are done.
> > > >
> > >
> > > Let's keep this email thread focused please.
> > >
> > > Gary
> > >
> > >
> > > >
> > > > Rob Spoor  于2022年1月1日周六 01:10写道：
> > > >
> > > > > A quick check shows that some more dependencies are needed, for
> code
> > > > > split off from sshd-core. I found some:
> > > > > * https://mvnrepository.com/artifact/org.apache.sshd/sshd-sftp
> > > > > * https://mvnrepository.com/artifact/org.apache.sshd/sshd-scp
> > > > >
> > > > > However, even after adding these two I was still missing classes.
> > > > > Because it's only used for testing I wouldn't let this block any
> > > > > potential release. I still use version 1.7.0 for testing a project
> > > > > because upgrading just wasn't worth the effort. However, changing
> the
> > > > > version from 2.8.0 to 1.7.0 didn't solve a lot of issues; I'm
> > thinking
> > > > > the upgrade from 0.x to 1.x is bigger than the upgrade from 1.x to
> > 2.x
> > > > > (don't get me started on 0.x to 2.x).
> > > > >
> > > > > Rob
> > > > >
> > > > >
> > > > > On 31/12/2021 17:39, Gary Gregory wrote:
> > > > > > Help also needed for
> > https://github.com/apache/commons-vfs/pull/225
> > > > > > :-)
> > > > > > Gary
> > > > > >
> > > > > > On Fri, Dec 31, 2021 at 8:28 AM Gary Gregory <
> > garydgreg...@gmail.com
> > > >
> > > > > wrote:
> > > > > >
> > > > > >> Does anyone have any free time to look at this failure?
> > > > > >>
> > > > > >> I'm still dealing with Log4j fallout...
> > > > > >>
> > > > > >> Gary
> > > > > >>
> > > > > >> -- Forwarded message -
> > > > > >> From: GitBox 
> > > > > >> Date: Fri, Dec 31, 2021 at 6:05 AM
> > > > > >> Subject: [GitHub] [commons-vfs] dependabot[bot] opened a new
> pull
> > > > > request
> > > > > >> #231: Bump ftpserver-core from 1.1.1 to 1.1.2
> > > > > >> To: 
> > > > > >>
> > > > > >>
> > > > > >>
> > > > > >> dependabot[bot] opened a new pull request #231:
> > > > > >> URL: https://github.com/apache/commons-vfs/pull/231
> > > > > >>
> > > > > >>
> > > > > >> Bumps [ftpserver-core](
> > https://github.com/apache/mina-ftpserver
> > > )
> > > > > from
> > > > > >> 1.1.1 to 1.1.2.
> > > > > >> 
> > > > > >> Commits
> > > > > >> 
> > > > > >> https://github.com/apache/mina-ftpserver/commit/a04a44d756e9ae18d0461326c761a851b8346d3d
> > > > > ">a04a44d
> > > > > >> [maven-release-plugin] prepare release
> ftpserver-parent-1.1.2
> > > > > >> https://github.com/apache/mina-ftpserver/commit/d7fdad2429cf7b2ae433e10fa7df3b7961fe3704
> > > > > ">d7fdad2
> > > > > >> Fixed the javadoc failures
> > > > > >> https://github.com/apache/mina-ftpserver/commit/b4e8d0e39622ce5b121c183f070fe1ad67b41c4f
> > > > > ">b4e8d0e
> > > > > >> [maven-release-plugin] rollback the release of
> > > > > ftpserver-parent-1.1.2
> > > > > >> https://github.com/apache/mina-ftpserver/commit/59947ea85dc7db2529f619886fd901fd0284bd42
> > > > > ">59947ea
> > > > > >> [maven-release-plugin] prepare for next development
> iteration
> > > > > >> https://github.com/apache/mina-ftpserver/commit/92c6af05cdf0eddd3d2e613b52def57984d78d33
> > > > > ">92c6af0
> > > > > >> [maven-release-plugin] prepare release
> ftpserver-parent-1.1.2
> > > > > >> https://github.com/apache/mina-ftpserver/commit/455a4336a4e9b319e1f6b5836b29dc095467c091
> > > > > ">455a433
> > > > > >> Fixed the outputStatement to make Javadoc plugin
> happy
> > > > > >> https://github.com/apache/mina-ftpserver/commit/94fabe3c1e4776a1754e20403f9c5830231542f7
> > > > > ">94fabe3
> > > > > >> [maven-release-plugin] rollback the release of
> > > > > ftpserver-parent-1.1.2
> > > > > >> https://github.com/apache/mina-ftpserver/commit/fd1a0d89870c89a7a7c619d1b8f19786e7ce75fb
> > > > > ">fd1a0d8
> > > > > >> [maven-release-plugin] prepare for next development
> iteration
> > > > > >> https://github.com/apache/mina-ftpserver/commit/990a5cebd692361b41e99d1bdf9cd2a9b1eed38a
> > > > > ">990a5ce
> > > > > >> [maven-release-plugin] prepare release
> ftpserver-parent-1.1.2
> > > > > >> https://github.com/apache/mina-ftpserver/commit/402dbb1298aa897ec15ef854d3c2493a0c766141
> > > > > ">402dbb1
> > > > > >> [maven-release-plugin] rollback the release of
> > ftpserver-1.1.3
> > > > > >> 

Re: [commons-vfs] Failure in bump ftpserver-core from 1.1.1 to 1.1.2

[Gary Gregory]

Hi Xeno,

Correct, I don't care about slf4j in this thread. Thank you for helping out
:-)

Gary


On Fri, Dec 31, 2021, 12:52 Xeno Amess  wrote:

> >  Help also needed for https://github.com/apache/commons-vfs/pull/225
>
> I thought you wanna talk about all dependabot failures in vfs in the same
> thread.
>
> So this email thread is only focused on sshd and ftpserver?
>
> Gary Gregory  于2022年1月1日周六 01:47写道：
>
> > On Fri, Dec 31, 2021 at 12:16 PM Xeno Amess  wrote:
> >
> > > @Gary Gregory
> > > well at least you can have this from me
> > > https://github.com/apache/commons-vfs/pull/233
> > > seems it can work, but don't merge until all cis are done.
> > >
> >
> > Let's keep this email thread focused please.
> >
> > Gary
> >
> >
> > >
> > > Rob Spoor  于2022年1月1日周六 01:10写道：
> > >
> > > > A quick check shows that some more dependencies are needed, for code
> > > > split off from sshd-core. I found some:
> > > > * https://mvnrepository.com/artifact/org.apache.sshd/sshd-sftp
> > > > * https://mvnrepository.com/artifact/org.apache.sshd/sshd-scp
> > > >
> > > > However, even after adding these two I was still missing classes.
> > > > Because it's only used for testing I wouldn't let this block any
> > > > potential release. I still use version 1.7.0 for testing a project
> > > > because upgrading just wasn't worth the effort. However, changing the
> > > > version from 2.8.0 to 1.7.0 didn't solve a lot of issues; I'm
> thinking
> > > > the upgrade from 0.x to 1.x is bigger than the upgrade from 1.x to
> 2.x
> > > > (don't get me started on 0.x to 2.x).
> > > >
> > > > Rob
> > > >
> > > >
> > > > On 31/12/2021 17:39, Gary Gregory wrote:
> > > > > Help also needed for
> https://github.com/apache/commons-vfs/pull/225
> > > > > :-)
> > > > > Gary
> > > > >
> > > > > On Fri, Dec 31, 2021 at 8:28 AM Gary Gregory <
> garydgreg...@gmail.com
> > >
> > > > wrote:
> > > > >
> > > > >> Does anyone have any free time to look at this failure?
> > > > >>
> > > > >> I'm still dealing with Log4j fallout...
> > > > >>
> > > > >> Gary
> > > > >>
> > > > >> -- Forwarded message -
> > > > >> From: GitBox 
> > > > >> Date: Fri, Dec 31, 2021 at 6:05 AM
> > > > >> Subject: [GitHub] [commons-vfs] dependabot[bot] opened a new pull
> > > > request
> > > > >> #231: Bump ftpserver-core from 1.1.1 to 1.1.2
> > > > >> To: 
> > > > >>
> > > > >>
> > > > >>
> > > > >> dependabot[bot] opened a new pull request #231:
> > > > >> URL: https://github.com/apache/commons-vfs/pull/231
> > > > >>
> > > > >>
> > > > >> Bumps [ftpserver-core](
> https://github.com/apache/mina-ftpserver
> > )
> > > > from
> > > > >> 1.1.1 to 1.1.2.
> > > > >> 
> > > > >> Commits
> > > > >> 
> > > > >> https://github.com/apache/mina-ftpserver/commit/a04a44d756e9ae18d0461326c761a851b8346d3d
> > > > ">a04a44d
> > > > >> [maven-release-plugin] prepare release ftpserver-parent-1.1.2
> > > > >> https://github.com/apache/mina-ftpserver/commit/d7fdad2429cf7b2ae433e10fa7df3b7961fe3704
> > > > ">d7fdad2
> > > > >> Fixed the javadoc failures
> > > > >> https://github.com/apache/mina-ftpserver/commit/b4e8d0e39622ce5b121c183f070fe1ad67b41c4f
> > > > ">b4e8d0e
> > > > >> [maven-release-plugin] rollback the release of
> > > > ftpserver-parent-1.1.2
> > > > >> https://github.com/apache/mina-ftpserver/commit/59947ea85dc7db2529f619886fd901fd0284bd42
> > > > ">59947ea
> > > > >> [maven-release-plugin] prepare for next development iteration
> > > > >> https://github.com/apache/mina-ftpserver/commit/92c6af05cdf0eddd3d2e613b52def57984d78d33
> > > > ">92c6af0
> > > > >> [maven-release-plugin] prepare release ftpserver-parent-1.1.2
> > > > >> https://github.com/apache/mina-ftpserver/commit/455a4336a4e9b319e1f6b5836b29dc095467c091
> > > > ">455a433
> > > > >> Fixed the outputStatement to make Javadoc plugin happy
> > > > >> https://github.com/apache/mina-ftpserver/commit/94fabe3c1e4776a1754e20403f9c5830231542f7
> > > > ">94fabe3
> > > > >> [maven-release-plugin] rollback the release of
> > > > ftpserver-parent-1.1.2
> > > > >> https://github.com/apache/mina-ftpserver/commit/fd1a0d89870c89a7a7c619d1b8f19786e7ce75fb
> > > > ">fd1a0d8
> > > > >> [maven-release-plugin] prepare for next development iteration
> > > > >> https://github.com/apache/mina-ftpserver/commit/990a5cebd692361b41e99d1bdf9cd2a9b1eed38a
> > > > ">990a5ce
> > > > >> [maven-release-plugin] prepare release ftpserver-parent-1.1.2
> > > > >> https://github.com/apache/mina-ftpserver/commit/402dbb1298aa897ec15ef854d3c2493a0c766141
> > > > ">402dbb1
> > > > >> [maven-release-plugin] rollback the release of
> ftpserver-1.1.3
> > > > >> Additional commits viewable in https://github.com/apache/mina-ftpserver/compare/ftpserver-1.1.1...ftpserver-parent-1.1.2
> > > > ">compare
> > > > >> view
> > > > >> 
> > > > >> 
> > > > >> 
> > > > >>
> > > > >>
> > > > >> [![Dependabot compatibility score](
> > > > >>
> > > >
> > >
> >
> 

Re: [commons-vfs] Failure in bump ftpserver-core from 1.1.1 to 1.1.2

[Xeno Amess]

>  Help also needed for https://github.com/apache/commons-vfs/pull/225

I thought you wanna talk about all dependabot failures in vfs in the same
thread.

So this email thread is only focused on sshd and ftpserver?

Gary Gregory  于2022年1月1日周六 01:47写道：

> On Fri, Dec 31, 2021 at 12:16 PM Xeno Amess  wrote:
>
> > @Gary Gregory
> > well at least you can have this from me
> > https://github.com/apache/commons-vfs/pull/233
> > seems it can work, but don't merge until all cis are done.
> >
>
> Let's keep this email thread focused please.
>
> Gary
>
>
> >
> > Rob Spoor  于2022年1月1日周六 01:10写道：
> >
> > > A quick check shows that some more dependencies are needed, for code
> > > split off from sshd-core. I found some:
> > > * https://mvnrepository.com/artifact/org.apache.sshd/sshd-sftp
> > > * https://mvnrepository.com/artifact/org.apache.sshd/sshd-scp
> > >
> > > However, even after adding these two I was still missing classes.
> > > Because it's only used for testing I wouldn't let this block any
> > > potential release. I still use version 1.7.0 for testing a project
> > > because upgrading just wasn't worth the effort. However, changing the
> > > version from 2.8.0 to 1.7.0 didn't solve a lot of issues; I'm thinking
> > > the upgrade from 0.x to 1.x is bigger than the upgrade from 1.x to 2.x
> > > (don't get me started on 0.x to 2.x).
> > >
> > > Rob
> > >
> > >
> > > On 31/12/2021 17:39, Gary Gregory wrote:
> > > > Help also needed for https://github.com/apache/commons-vfs/pull/225
> > > > :-)
> > > > Gary
> > > >
> > > > On Fri, Dec 31, 2021 at 8:28 AM Gary Gregory  >
> > > wrote:
> > > >
> > > >> Does anyone have any free time to look at this failure?
> > > >>
> > > >> I'm still dealing with Log4j fallout...
> > > >>
> > > >> Gary
> > > >>
> > > >> -- Forwarded message -
> > > >> From: GitBox 
> > > >> Date: Fri, Dec 31, 2021 at 6:05 AM
> > > >> Subject: [GitHub] [commons-vfs] dependabot[bot] opened a new pull
> > > request
> > > >> #231: Bump ftpserver-core from 1.1.1 to 1.1.2
> > > >> To: 
> > > >>
> > > >>
> > > >>
> > > >> dependabot[bot] opened a new pull request #231:
> > > >> URL: https://github.com/apache/commons-vfs/pull/231
> > > >>
> > > >>
> > > >> Bumps [ftpserver-core](https://github.com/apache/mina-ftpserver
> )
> > > from
> > > >> 1.1.1 to 1.1.2.
> > > >> 
> > > >> Commits
> > > >> 
> > > >> https://github.com/apache/mina-ftpserver/commit/a04a44d756e9ae18d0461326c761a851b8346d3d
> > > ">a04a44d
> > > >> [maven-release-plugin] prepare release ftpserver-parent-1.1.2
> > > >> https://github.com/apache/mina-ftpserver/commit/d7fdad2429cf7b2ae433e10fa7df3b7961fe3704
> > > ">d7fdad2
> > > >> Fixed the javadoc failures
> > > >> https://github.com/apache/mina-ftpserver/commit/b4e8d0e39622ce5b121c183f070fe1ad67b41c4f
> > > ">b4e8d0e
> > > >> [maven-release-plugin] rollback the release of
> > > ftpserver-parent-1.1.2
> > > >> https://github.com/apache/mina-ftpserver/commit/59947ea85dc7db2529f619886fd901fd0284bd42
> > > ">59947ea
> > > >> [maven-release-plugin] prepare for next development iteration
> > > >> https://github.com/apache/mina-ftpserver/commit/92c6af05cdf0eddd3d2e613b52def57984d78d33
> > > ">92c6af0
> > > >> [maven-release-plugin] prepare release ftpserver-parent-1.1.2
> > > >> https://github.com/apache/mina-ftpserver/commit/455a4336a4e9b319e1f6b5836b29dc095467c091
> > > ">455a433
> > > >> Fixed the outputStatement to make Javadoc plugin happy
> > > >> https://github.com/apache/mina-ftpserver/commit/94fabe3c1e4776a1754e20403f9c5830231542f7
> > > ">94fabe3
> > > >> [maven-release-plugin] rollback the release of
> > > ftpserver-parent-1.1.2
> > > >> https://github.com/apache/mina-ftpserver/commit/fd1a0d89870c89a7a7c619d1b8f19786e7ce75fb
> > > ">fd1a0d8
> > > >> [maven-release-plugin] prepare for next development iteration
> > > >> https://github.com/apache/mina-ftpserver/commit/990a5cebd692361b41e99d1bdf9cd2a9b1eed38a
> > > ">990a5ce
> > > >> [maven-release-plugin] prepare release ftpserver-parent-1.1.2
> > > >> https://github.com/apache/mina-ftpserver/commit/402dbb1298aa897ec15ef854d3c2493a0c766141
> > > ">402dbb1
> > > >> [maven-release-plugin] rollback the release of ftpserver-1.1.3
> > > >> Additional commits viewable in https://github.com/apache/mina-ftpserver/compare/ftpserver-1.1.1...ftpserver-parent-1.1.2
> > > ">compare
> > > >> view
> > > >> 
> > > >> 
> > > >> 
> > > >>
> > > >>
> > > >> [![Dependabot compatibility score](
> > > >>
> > >
> >
> https://dependabot-badges.githubapp.com/badges/compatibility_score?dependency-name=org.apache.ftpserver:ftpserver-core=maven=1.1.1=1.1.2)](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores
> > > >> )
> > > >>
> > > >> Dependabot will resolve any conflicts with this PR as long as
> you
> > > don't
> > > >> alter it yourself. You can also trigger a rebase manually by
> > 

Re: [commons-vfs] Failure in bump ftpserver-core from 1.1.1 to 1.1.2

[Gary Gregory]

On Fri, Dec 31, 2021 at 12:16 PM Xeno Amess  wrote:

> @Gary Gregory
> well at least you can have this from me
> https://github.com/apache/commons-vfs/pull/233
> seems it can work, but don't merge until all cis are done.
>

Let's keep this email thread focused please.

Gary


>
> Rob Spoor  于2022年1月1日周六 01:10写道：
>
> > A quick check shows that some more dependencies are needed, for code
> > split off from sshd-core. I found some:
> > * https://mvnrepository.com/artifact/org.apache.sshd/sshd-sftp
> > * https://mvnrepository.com/artifact/org.apache.sshd/sshd-scp
> >
> > However, even after adding these two I was still missing classes.
> > Because it's only used for testing I wouldn't let this block any
> > potential release. I still use version 1.7.0 for testing a project
> > because upgrading just wasn't worth the effort. However, changing the
> > version from 2.8.0 to 1.7.0 didn't solve a lot of issues; I'm thinking
> > the upgrade from 0.x to 1.x is bigger than the upgrade from 1.x to 2.x
> > (don't get me started on 0.x to 2.x).
> >
> > Rob
> >
> >
> > On 31/12/2021 17:39, Gary Gregory wrote:
> > > Help also needed for https://github.com/apache/commons-vfs/pull/225
> > > :-)
> > > Gary
> > >
> > > On Fri, Dec 31, 2021 at 8:28 AM Gary Gregory 
> > wrote:
> > >
> > >> Does anyone have any free time to look at this failure?
> > >>
> > >> I'm still dealing with Log4j fallout...
> > >>
> > >> Gary
> > >>
> > >> -- Forwarded message -
> > >> From: GitBox 
> > >> Date: Fri, Dec 31, 2021 at 6:05 AM
> > >> Subject: [GitHub] [commons-vfs] dependabot[bot] opened a new pull
> > request
> > >> #231: Bump ftpserver-core from 1.1.1 to 1.1.2
> > >> To: 
> > >>
> > >>
> > >>
> > >> dependabot[bot] opened a new pull request #231:
> > >> URL: https://github.com/apache/commons-vfs/pull/231
> > >>
> > >>
> > >> Bumps [ftpserver-core](https://github.com/apache/mina-ftpserver)
> > from
> > >> 1.1.1 to 1.1.2.
> > >> 
> > >> Commits
> > >> 
> > >> https://github.com/apache/mina-ftpserver/commit/a04a44d756e9ae18d0461326c761a851b8346d3d
> > ">a04a44d
> > >> [maven-release-plugin] prepare release ftpserver-parent-1.1.2
> > >> https://github.com/apache/mina-ftpserver/commit/d7fdad2429cf7b2ae433e10fa7df3b7961fe3704
> > ">d7fdad2
> > >> Fixed the javadoc failures
> > >> https://github.com/apache/mina-ftpserver/commit/b4e8d0e39622ce5b121c183f070fe1ad67b41c4f
> > ">b4e8d0e
> > >> [maven-release-plugin] rollback the release of
> > ftpserver-parent-1.1.2
> > >> https://github.com/apache/mina-ftpserver/commit/59947ea85dc7db2529f619886fd901fd0284bd42
> > ">59947ea
> > >> [maven-release-plugin] prepare for next development iteration
> > >> https://github.com/apache/mina-ftpserver/commit/92c6af05cdf0eddd3d2e613b52def57984d78d33
> > ">92c6af0
> > >> [maven-release-plugin] prepare release ftpserver-parent-1.1.2
> > >> https://github.com/apache/mina-ftpserver/commit/455a4336a4e9b319e1f6b5836b29dc095467c091
> > ">455a433
> > >> Fixed the outputStatement to make Javadoc plugin happy
> > >> https://github.com/apache/mina-ftpserver/commit/94fabe3c1e4776a1754e20403f9c5830231542f7
> > ">94fabe3
> > >> [maven-release-plugin] rollback the release of
> > ftpserver-parent-1.1.2
> > >> https://github.com/apache/mina-ftpserver/commit/fd1a0d89870c89a7a7c619d1b8f19786e7ce75fb
> > ">fd1a0d8
> > >> [maven-release-plugin] prepare for next development iteration
> > >> https://github.com/apache/mina-ftpserver/commit/990a5cebd692361b41e99d1bdf9cd2a9b1eed38a
> > ">990a5ce
> > >> [maven-release-plugin] prepare release ftpserver-parent-1.1.2
> > >> https://github.com/apache/mina-ftpserver/commit/402dbb1298aa897ec15ef854d3c2493a0c766141
> > ">402dbb1
> > >> [maven-release-plugin] rollback the release of ftpserver-1.1.3
> > >> Additional commits viewable in https://github.com/apache/mina-ftpserver/compare/ftpserver-1.1.1...ftpserver-parent-1.1.2
> > ">compare
> > >> view
> > >> 
> > >> 
> > >> 
> > >>
> > >>
> > >> [![Dependabot compatibility score](
> > >>
> >
> https://dependabot-badges.githubapp.com/badges/compatibility_score?dependency-name=org.apache.ftpserver:ftpserver-core=maven=1.1.1=1.1.2)](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores
> > >> )
> > >>
> > >> Dependabot will resolve any conflicts with this PR as long as you
> > don't
> > >> alter it yourself. You can also trigger a rebase manually by
> commenting
> > >> `@dependabot rebase`.
> > >>
> > >> [//]: # (dependabot-automerge-start)
> > >> [//]: # (dependabot-automerge-end)
> > >>
> > >> ---
> > >>
> > >> 
> > >> Dependabot commands and options
> > >> 
> > >>
> > >> You can trigger Dependabot actions by commenting on this PR:
> > >> - `@dependabot rebase` will rebase this PR
> > >> - `@dependabot recreate` will recreate this PR, overwriting any
> > edits
> > >> that have been made to it
> > 

Re: [commons-vfs] Failure in bump ftpserver-core from 1.1.1 to 1.1.2

[Gary Gregory]

On Fri, Dec 31, 2021 at 11:50 AM Xeno Amess  wrote:

> @Gary Gregory
> Alright I woke up.
> Hard to fall asleep when thinking my ex-fiancée should be happing with her
> new boyfriend...
> (sigh.)
> I will help you upgrade slf4j first, as I think it should be easier. then
> one by one..
>

What does slf4j have to do with this issue?

Gary


>
> Xeno Amess  于2022年1月1日周六 00:43写道：
>
> > btw, I didn't get what you changed comparing to the original pr...
> > If a re-trigger can work, then it is quite amazing, as several actions
> all
> > died but they all die because of just false failed build?
> > Not very likely IMO...
> >
> > Xeno Amess  于2022年1月1日周六 00:42写道：
> >
> >> > any reason pr's have to be manually approved before the ci jobs
> execute?
> >>
> >> 2 reasons.
> >>
> >> 1. github actions is free but only under some rate liminition.
> >>
> >> So if there is no such rule, some  bad guys can create 100 accounts
> >> and drain every open-source repo's github actions account.
> >>
> >> 2. some repos using github actions with cache, and use it to auto-deploy
> >>
> >> which means there is a chance for some bad guys to inject the repo's
> >> auto-deploy artifact by creating pr and inject something in cache.
> >>
> >> John Patrick  于2022年1月1日周六 00:27写道：
> >>
> >>> so wanted to try and help out but unable to as pr won't build until
> it's
> >>> approved by maintainer.
> >>> from what i can tell it should have worked. tried that branch and
> master
> >>> and both pass locally
> >>> tried to kick off another build to see if just false failed build, so
> >>> created new branch but it linked to previous commit, so added and
> remove
> >>> a
> >>> file to trick github to try and do a new build again.
> >>> any reason pr's have to be manually approved before the ci jobs
> execute?
> >>>
> >>> John
> >>>
> >>>
> >>> On Fri, 31 Dec 2021 at 13:50, Xeno Amess  wrote:
> >>>
> >>> > need sleep now，will have a look 10 hours later
> >>> >
> >>> > XenoAmess
> >>> > 
> >>> > From: Gary Gregory 
> >>> > Sent: Friday, December 31, 2021 9:28:36 PM
> >>> > To: Commons Developers List 
> >>> > Subject: [commons-vfs] Failure in bump ftpserver-core from 1.1.1 to
> >>> 1.1.2
> >>> >
> >>> > Does anyone have any free time to look at this failure?
> >>> >
> >>> > I'm still dealing with Log4j fallout...
> >>> >
> >>> > Gary
> >>> >
> >>> > -- Forwarded message -
> >>> > From: GitBox 
> >>> > Date: Fri, Dec 31, 2021 at 6:05 AM
> >>> > Subject: [GitHub] [commons-vfs] dependabot[bot] opened a new pull
> >>> request
> >>> > #231: Bump ftpserver-core from 1.1.1 to 1.1.2
> >>> > To: 
> >>> >
> >>> >
> >>> >
> >>> > dependabot[bot] opened a new pull request #231:
> >>> > URL: https://github.com/apache/commons-vfs/pull/231
> >>> >
> >>> >
> >>> >Bumps [ftpserver-core](https://github.com/apache/mina-ftpserver)
> >>> from
> >>> > 1.1.1 to 1.1.2.
> >>> >
> >>> >Commits
> >>> >
> >>> >https://github.com/apache/mina-ftpserver/commit/a04a44d756e9ae18d0461326c761a851b8346d3d
> >>> > ">a04a44d
> >>> > [maven-release-plugin] prepare release ftpserver-parent-1.1.2
> >>> >https://github.com/apache/mina-ftpserver/commit/d7fdad2429cf7b2ae433e10fa7df3b7961fe3704
> >>> > ">d7fdad2
> >>> > Fixed the javadoc failures
> >>> >https://github.com/apache/mina-ftpserver/commit/b4e8d0e39622ce5b121c183f070fe1ad67b41c4f
> >>> > ">b4e8d0e
> >>> > [maven-release-plugin] rollback the release of
> >>> ftpserver-parent-1.1.2
> >>> >https://github.com/apache/mina-ftpserver/commit/59947ea85dc7db2529f619886fd901fd0284bd42
> >>> > ">59947ea
> >>> > [maven-release-plugin] prepare for next development iteration
> >>> >https://github.com/apache/mina-ftpserver/commit/92c6af05cdf0eddd3d2e613b52def57984d78d33
> >>> > ">92c6af0
> >>> > [maven-release-plugin] prepare release ftpserver-parent-1.1.2
> >>> >https://github.com/apache/mina-ftpserver/commit/455a4336a4e9b319e1f6b5836b29dc095467c091
> >>> > ">455a433
> >>> > Fixed the outputStatement to make Javadoc plugin happy
> >>> >https://github.com/apache/mina-ftpserver/commit/94fabe3c1e4776a1754e20403f9c5830231542f7
> >>> > ">94fabe3
> >>> > [maven-release-plugin] rollback the release of
> >>> ftpserver-parent-1.1.2
> >>> >https://github.com/apache/mina-ftpserver/commit/fd1a0d89870c89a7a7c619d1b8f19786e7ce75fb
> >>> > ">fd1a0d8
> >>> > [maven-release-plugin] prepare for next development iteration
> >>> >https://github.com/apache/mina-ftpserver/commit/990a5cebd692361b41e99d1bdf9cd2a9b1eed38a
> >>> > ">990a5ce
> >>> > [maven-release-plugin] prepare release ftpserver-parent-1.1.2
> >>> >https://github.com/apache/mina-ftpserver/commit/402dbb1298aa897ec15ef854d3c2493a0c766141
> >>> > ">402dbb1
> >>> > [maven-release-plugin] rollback the release of ftpserver-1.1.3
> >>> >Additional commits viewable in https://github.com/apache/mina-ftpserver/compare/ftpserver-1.1.1...ftpserver-parent-1.1.2
> >>> > ">compare
> >>> > view
> >>> >
> 

Re: [commons-vfs] Failure in bump ftpserver-core from 1.1.1 to 1.1.2

[Xeno Amess]

@Rob Spoor
I will have a try to upgrade it directly to 2.8.0
good luck to me...

Xeno Amess  于2022年1月1日周六 01:15写道：

> @Gary Gregory
> well at least you can have this from me
> https://github.com/apache/commons-vfs/pull/233
> seems it can work, but don't merge until all cis are done.
>
> Rob Spoor  于2022年1月1日周六 01:10写道：
>
>> A quick check shows that some more dependencies are needed, for code
>> split off from sshd-core. I found some:
>> * https://mvnrepository.com/artifact/org.apache.sshd/sshd-sftp
>> * https://mvnrepository.com/artifact/org.apache.sshd/sshd-scp
>>
>> However, even after adding these two I was still missing classes.
>> Because it's only used for testing I wouldn't let this block any
>> potential release. I still use version 1.7.0 for testing a project
>> because upgrading just wasn't worth the effort. However, changing the
>> version from 2.8.0 to 1.7.0 didn't solve a lot of issues; I'm thinking
>> the upgrade from 0.x to 1.x is bigger than the upgrade from 1.x to 2.x
>> (don't get me started on 0.x to 2.x).
>>
>> Rob
>>
>>
>> On 31/12/2021 17:39, Gary Gregory wrote:
>> > Help also needed for https://github.com/apache/commons-vfs/pull/225
>> > :-)
>> > Gary
>> >
>> > On Fri, Dec 31, 2021 at 8:28 AM Gary Gregory 
>> wrote:
>> >
>> >> Does anyone have any free time to look at this failure?
>> >>
>> >> I'm still dealing with Log4j fallout...
>> >>
>> >> Gary
>> >>
>> >> -- Forwarded message -
>> >> From: GitBox 
>> >> Date: Fri, Dec 31, 2021 at 6:05 AM
>> >> Subject: [GitHub] [commons-vfs] dependabot[bot] opened a new pull
>> request
>> >> #231: Bump ftpserver-core from 1.1.1 to 1.1.2
>> >> To: 
>> >>
>> >>
>> >>
>> >> dependabot[bot] opened a new pull request #231:
>> >> URL: https://github.com/apache/commons-vfs/pull/231
>> >>
>> >>
>> >> Bumps [ftpserver-core](https://github.com/apache/mina-ftpserver)
>> from
>> >> 1.1.1 to 1.1.2.
>> >> 
>> >> Commits
>> >> 
>> >> https://github.com/apache/mina-ftpserver/commit/a04a44d756e9ae18d0461326c761a851b8346d3d
>> ">a04a44d
>> >> [maven-release-plugin] prepare release ftpserver-parent-1.1.2
>> >> https://github.com/apache/mina-ftpserver/commit/d7fdad2429cf7b2ae433e10fa7df3b7961fe3704
>> ">d7fdad2
>> >> Fixed the javadoc failures
>> >> https://github.com/apache/mina-ftpserver/commit/b4e8d0e39622ce5b121c183f070fe1ad67b41c4f
>> ">b4e8d0e
>> >> [maven-release-plugin] rollback the release of
>> ftpserver-parent-1.1.2
>> >> https://github.com/apache/mina-ftpserver/commit/59947ea85dc7db2529f619886fd901fd0284bd42
>> ">59947ea
>> >> [maven-release-plugin] prepare for next development iteration
>> >> https://github.com/apache/mina-ftpserver/commit/92c6af05cdf0eddd3d2e613b52def57984d78d33
>> ">92c6af0
>> >> [maven-release-plugin] prepare release ftpserver-parent-1.1.2
>> >> https://github.com/apache/mina-ftpserver/commit/455a4336a4e9b319e1f6b5836b29dc095467c091
>> ">455a433
>> >> Fixed the outputStatement to make Javadoc plugin happy
>> >> https://github.com/apache/mina-ftpserver/commit/94fabe3c1e4776a1754e20403f9c5830231542f7
>> ">94fabe3
>> >> [maven-release-plugin] rollback the release of
>> ftpserver-parent-1.1.2
>> >> https://github.com/apache/mina-ftpserver/commit/fd1a0d89870c89a7a7c619d1b8f19786e7ce75fb
>> ">fd1a0d8
>> >> [maven-release-plugin] prepare for next development iteration
>> >> https://github.com/apache/mina-ftpserver/commit/990a5cebd692361b41e99d1bdf9cd2a9b1eed38a
>> ">990a5ce
>> >> [maven-release-plugin] prepare release ftpserver-parent-1.1.2
>> >> https://github.com/apache/mina-ftpserver/commit/402dbb1298aa897ec15ef854d3c2493a0c766141
>> ">402dbb1
>> >> [maven-release-plugin] rollback the release of ftpserver-1.1.3
>> >> Additional commits viewable in https://github.com/apache/mina-ftpserver/compare/ftpserver-1.1.1...ftpserver-parent-1.1.2
>> ">compare
>> >> view
>> >> 
>> >> 
>> >> 
>> >>
>> >>
>> >> [![Dependabot compatibility score](
>> >>
>> https://dependabot-badges.githubapp.com/badges/compatibility_score?dependency-name=org.apache.ftpserver:ftpserver-core=maven=1.1.1=1.1.2)](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores
>> >> )
>> >>
>> >> Dependabot will resolve any conflicts with this PR as long as you
>> don't
>> >> alter it yourself. You can also trigger a rebase manually by commenting
>> >> `@dependabot rebase`.
>> >>
>> >> [//]: # (dependabot-automerge-start)
>> >> [//]: # (dependabot-automerge-end)
>> >>
>> >> ---
>> >>
>> >> 
>> >> Dependabot commands and options
>> >> 
>> >>
>> >> You can trigger Dependabot actions by commenting on this PR:
>> >> - `@dependabot rebase` will rebase this PR
>> >> - `@dependabot recreate` will recreate this PR, overwriting any
>> edits
>> >> that have been made to it
>> >> - `@dependabot merge` will merge this PR after your CI passes on it
>> >> - `@dependabot squash and 

Re: [commons-vfs] Failure in bump ftpserver-core from 1.1.1 to 1.1.2

[Xeno Amess]

@Gary Gregory
well at least you can have this from me
https://github.com/apache/commons-vfs/pull/233
seems it can work, but don't merge until all cis are done.

Rob Spoor  于2022年1月1日周六 01:10写道：

> A quick check shows that some more dependencies are needed, for code
> split off from sshd-core. I found some:
> * https://mvnrepository.com/artifact/org.apache.sshd/sshd-sftp
> * https://mvnrepository.com/artifact/org.apache.sshd/sshd-scp
>
> However, even after adding these two I was still missing classes.
> Because it's only used for testing I wouldn't let this block any
> potential release. I still use version 1.7.0 for testing a project
> because upgrading just wasn't worth the effort. However, changing the
> version from 2.8.0 to 1.7.0 didn't solve a lot of issues; I'm thinking
> the upgrade from 0.x to 1.x is bigger than the upgrade from 1.x to 2.x
> (don't get me started on 0.x to 2.x).
>
> Rob
>
>
> On 31/12/2021 17:39, Gary Gregory wrote:
> > Help also needed for https://github.com/apache/commons-vfs/pull/225
> > :-)
> > Gary
> >
> > On Fri, Dec 31, 2021 at 8:28 AM Gary Gregory 
> wrote:
> >
> >> Does anyone have any free time to look at this failure?
> >>
> >> I'm still dealing with Log4j fallout...
> >>
> >> Gary
> >>
> >> -- Forwarded message -
> >> From: GitBox 
> >> Date: Fri, Dec 31, 2021 at 6:05 AM
> >> Subject: [GitHub] [commons-vfs] dependabot[bot] opened a new pull
> request
> >> #231: Bump ftpserver-core from 1.1.1 to 1.1.2
> >> To: 
> >>
> >>
> >>
> >> dependabot[bot] opened a new pull request #231:
> >> URL: https://github.com/apache/commons-vfs/pull/231
> >>
> >>
> >> Bumps [ftpserver-core](https://github.com/apache/mina-ftpserver)
> from
> >> 1.1.1 to 1.1.2.
> >> 
> >> Commits
> >> 
> >> https://github.com/apache/mina-ftpserver/commit/a04a44d756e9ae18d0461326c761a851b8346d3d
> ">a04a44d
> >> [maven-release-plugin] prepare release ftpserver-parent-1.1.2
> >> https://github.com/apache/mina-ftpserver/commit/d7fdad2429cf7b2ae433e10fa7df3b7961fe3704
> ">d7fdad2
> >> Fixed the javadoc failures
> >> https://github.com/apache/mina-ftpserver/commit/b4e8d0e39622ce5b121c183f070fe1ad67b41c4f
> ">b4e8d0e
> >> [maven-release-plugin] rollback the release of
> ftpserver-parent-1.1.2
> >> https://github.com/apache/mina-ftpserver/commit/59947ea85dc7db2529f619886fd901fd0284bd42
> ">59947ea
> >> [maven-release-plugin] prepare for next development iteration
> >> https://github.com/apache/mina-ftpserver/commit/92c6af05cdf0eddd3d2e613b52def57984d78d33
> ">92c6af0
> >> [maven-release-plugin] prepare release ftpserver-parent-1.1.2
> >> https://github.com/apache/mina-ftpserver/commit/455a4336a4e9b319e1f6b5836b29dc095467c091
> ">455a433
> >> Fixed the outputStatement to make Javadoc plugin happy
> >> https://github.com/apache/mina-ftpserver/commit/94fabe3c1e4776a1754e20403f9c5830231542f7
> ">94fabe3
> >> [maven-release-plugin] rollback the release of
> ftpserver-parent-1.1.2
> >> https://github.com/apache/mina-ftpserver/commit/fd1a0d89870c89a7a7c619d1b8f19786e7ce75fb
> ">fd1a0d8
> >> [maven-release-plugin] prepare for next development iteration
> >> https://github.com/apache/mina-ftpserver/commit/990a5cebd692361b41e99d1bdf9cd2a9b1eed38a
> ">990a5ce
> >> [maven-release-plugin] prepare release ftpserver-parent-1.1.2
> >> https://github.com/apache/mina-ftpserver/commit/402dbb1298aa897ec15ef854d3c2493a0c766141
> ">402dbb1
> >> [maven-release-plugin] rollback the release of ftpserver-1.1.3
> >> Additional commits viewable in https://github.com/apache/mina-ftpserver/compare/ftpserver-1.1.1...ftpserver-parent-1.1.2
> ">compare
> >> view
> >> 
> >> 
> >> 
> >>
> >>
> >> [![Dependabot compatibility score](
> >>
> https://dependabot-badges.githubapp.com/badges/compatibility_score?dependency-name=org.apache.ftpserver:ftpserver-core=maven=1.1.1=1.1.2)](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores
> >> )
> >>
> >> Dependabot will resolve any conflicts with this PR as long as you
> don't
> >> alter it yourself. You can also trigger a rebase manually by commenting
> >> `@dependabot rebase`.
> >>
> >> [//]: # (dependabot-automerge-start)
> >> [//]: # (dependabot-automerge-end)
> >>
> >> ---
> >>
> >> 
> >> Dependabot commands and options
> >> 
> >>
> >> You can trigger Dependabot actions by commenting on this PR:
> >> - `@dependabot rebase` will rebase this PR
> >> - `@dependabot recreate` will recreate this PR, overwriting any
> edits
> >> that have been made to it
> >> - `@dependabot merge` will merge this PR after your CI passes on it
> >> - `@dependabot squash and merge` will squash and merge this PR after
> >> your CI passes on it
> >> - `@dependabot cancel merge` will cancel a previously requested
> merge
> >> and block automerging
> >> - `@dependabot reopen` will reopen this PR if it is closed
> 

Re: [commons-vfs] Failure in bump ftpserver-core from 1.1.1 to 1.1.2

[Rob Spoor]

A quick check shows that some more dependencies are needed, for code 
split off from sshd-core. I found some:

* https://mvnrepository.com/artifact/org.apache.sshd/sshd-sftp
* https://mvnrepository.com/artifact/org.apache.sshd/sshd-scp

However, even after adding these two I was still missing classes. 
Because it's only used for testing I wouldn't let this block any 
potential release. I still use version 1.7.0 for testing a project 
because upgrading just wasn't worth the effort. However, changing the 
version from 2.8.0 to 1.7.0 didn't solve a lot of issues; I'm thinking 
the upgrade from 0.x to 1.x is bigger than the upgrade from 1.x to 2.x 
(don't get me started on 0.x to 2.x).


Rob


On 31/12/2021 17:39, Gary Gregory wrote:

Help also needed for https://github.com/apache/commons-vfs/pull/225
:-)
Gary

On Fri, Dec 31, 2021 at 8:28 AM Gary Gregory  wrote:


Does anyone have any free time to look at this failure?

I'm still dealing with Log4j fallout...

Gary

-- Forwarded message -
From: GitBox 
Date: Fri, Dec 31, 2021 at 6:05 AM
Subject: [GitHub] [commons-vfs] dependabot[bot] opened a new pull request
#231: Bump ftpserver-core from 1.1.1 to 1.1.2
To: 



dependabot[bot] opened a new pull request #231:
URL: https://github.com/apache/commons-vfs/pull/231


Bumps [ftpserver-core](https://github.com/apache/mina-ftpserver) from
1.1.1 to 1.1.2.

Commits

https://github.com/apache/mina-ftpserver/commit/a04a44d756e9ae18d0461326c761a851b8346d3d;>a04a44d
[maven-release-plugin] prepare release ftpserver-parent-1.1.2
https://github.com/apache/mina-ftpserver/commit/d7fdad2429cf7b2ae433e10fa7df3b7961fe3704;>d7fdad2
Fixed the javadoc failures
https://github.com/apache/mina-ftpserver/commit/b4e8d0e39622ce5b121c183f070fe1ad67b41c4f;>b4e8d0e
[maven-release-plugin] rollback the release of ftpserver-parent-1.1.2
https://github.com/apache/mina-ftpserver/commit/59947ea85dc7db2529f619886fd901fd0284bd42;>59947ea
[maven-release-plugin] prepare for next development iteration
https://github.com/apache/mina-ftpserver/commit/92c6af05cdf0eddd3d2e613b52def57984d78d33;>92c6af0
[maven-release-plugin] prepare release ftpserver-parent-1.1.2
https://github.com/apache/mina-ftpserver/commit/455a4336a4e9b319e1f6b5836b29dc095467c091;>455a433
Fixed the outputStatement to make Javadoc plugin happy
https://github.com/apache/mina-ftpserver/commit/94fabe3c1e4776a1754e20403f9c5830231542f7;>94fabe3
[maven-release-plugin] rollback the release of ftpserver-parent-1.1.2
https://github.com/apache/mina-ftpserver/commit/fd1a0d89870c89a7a7c619d1b8f19786e7ce75fb;>fd1a0d8
[maven-release-plugin] prepare for next development iteration
https://github.com/apache/mina-ftpserver/commit/990a5cebd692361b41e99d1bdf9cd2a9b1eed38a;>990a5ce
[maven-release-plugin] prepare release ftpserver-parent-1.1.2
https://github.com/apache/mina-ftpserver/commit/402dbb1298aa897ec15ef854d3c2493a0c766141;>402dbb1
[maven-release-plugin] rollback the release of ftpserver-1.1.3
Additional commits viewable in https://github.com/apache/mina-ftpserver/compare/ftpserver-1.1.1...ftpserver-parent-1.1.2;>compare
view





[![Dependabot compatibility score](
https://dependabot-badges.githubapp.com/badges/compatibility_score?dependency-name=org.apache.ftpserver:ftpserver-core=maven=1.1.1=1.1.2)](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores
)

Dependabot will resolve any conflicts with this PR as long as you don't
alter it yourself. You can also trigger a rebase manually by commenting
`@dependabot rebase`.

[//]: # (dependabot-automerge-start)
[//]: # (dependabot-automerge-end)

---


Dependabot commands and options


You can trigger Dependabot actions by commenting on this PR:
- `@dependabot rebase` will rebase this PR
- `@dependabot recreate` will recreate this PR, overwriting any edits
that have been made to it
- `@dependabot merge` will merge this PR after your CI passes on it
- `@dependabot squash and merge` will squash and merge this PR after
your CI passes on it
- `@dependabot cancel merge` will cancel a previously requested merge
and block automerging
- `@dependabot reopen` will reopen this PR if it is closed
- `@dependabot close` will close this PR and stop Dependabot recreating
it. You can achieve the same result by closing it manually
- `@dependabot ignore this major version` will close this PR and stop
Dependabot creating any more for this major version (unless you reopen the
PR or upgrade to it yourself)
- `@dependabot ignore this minor version` will close this PR and stop
Dependabot creating any more for this minor version (unless you reopen the
PR or upgrade to it yourself)
- `@dependabot ignore this dependency` will close this PR and stop
Dependabot creating any more for this dependency (unless you reopen the PR
or upgrade to it 

Re: [commons-vfs] Failure in bump ftpserver-core from 1.1.1 to 1.1.2

[John Patrick]

oh, didn't thinking about that resource depletion. probably a useful
feature that github actions should thinking about adding;
- if pro account allow
- if account previously approved for project allow

i added '.tmp', then committed, then removed '.tmp', then committed, the
pushed to my fork, so the diff is exactly the same but the commit hash is
different. i've got a zsh function that does it automatically as i use that
'hack' lots as use to rubbish cicd with random intermittent failures.

John



On Fri, 31 Dec 2021 at 16:50, Xeno Amess  wrote:

> @Gary Gregory
> Alright I woke up.
> Hard to fall asleep when thinking my ex-fiancée should be happing with her
> new boyfriend...
> (sigh.)
> I will help you upgrade slf4j first, as I think it should be easier. then
> one by one..
>
> Xeno Amess  于2022年1月1日周六 00:43写道：
>
> > btw, I didn't get what you changed comparing to the original pr...
> > If a re-trigger can work, then it is quite amazing, as several actions
> all
> > died but they all die because of just false failed build?
> > Not very likely IMO...
> >
> > Xeno Amess  于2022年1月1日周六 00:42写道：
> >
> >> > any reason pr's have to be manually approved before the ci jobs
> execute?
> >>
> >> 2 reasons.
> >>
> >> 1. github actions is free but only under some rate liminition.
> >>
> >> So if there is no such rule, some  bad guys can create 100 accounts
> >> and drain every open-source repo's github actions account.
> >>
> >> 2. some repos using github actions with cache, and use it to auto-deploy
> >>
> >> which means there is a chance for some bad guys to inject the repo's
> >> auto-deploy artifact by creating pr and inject something in cache.
> >>
> >> John Patrick  于2022年1月1日周六 00:27写道：
> >>
> >>> so wanted to try and help out but unable to as pr won't build until
> it's
> >>> approved by maintainer.
> >>> from what i can tell it should have worked. tried that branch and
> master
> >>> and both pass locally
> >>> tried to kick off another build to see if just false failed build, so
> >>> created new branch but it linked to previous commit, so added and
> remove
> >>> a
> >>> file to trick github to try and do a new build again.
> >>> any reason pr's have to be manually approved before the ci jobs
> execute?
> >>>
> >>> John
> >>>
> >>>
> >>> On Fri, 31 Dec 2021 at 13:50, Xeno Amess  wrote:
> >>>
> >>> > need sleep now，will have a look 10 hours later
> >>> >
> >>> > XenoAmess
> >>> > 
> >>> > From: Gary Gregory 
> >>> > Sent: Friday, December 31, 2021 9:28:36 PM
> >>> > To: Commons Developers List 
> >>> > Subject: [commons-vfs] Failure in bump ftpserver-core from 1.1.1 to
> >>> 1.1.2
> >>> >
> >>> > Does anyone have any free time to look at this failure?
> >>> >
> >>> > I'm still dealing with Log4j fallout...
> >>> >
> >>> > Gary
> >>> >
> >>> > -- Forwarded message -
> >>> > From: GitBox 
> >>> > Date: Fri, Dec 31, 2021 at 6:05 AM
> >>> > Subject: [GitHub] [commons-vfs] dependabot[bot] opened a new pull
> >>> request
> >>> > #231: Bump ftpserver-core from 1.1.1 to 1.1.2
> >>> > To: 
> >>> >
> >>> >
> >>> >
> >>> > dependabot[bot] opened a new pull request #231:
> >>> > URL: https://github.com/apache/commons-vfs/pull/231
> >>> >
> >>> >
> >>> >Bumps [ftpserver-core](https://github.com/apache/mina-ftpserver)
> >>> from
> >>> > 1.1.1 to 1.1.2.
> >>> >
> >>> >Commits
> >>> >
> >>> >https://github.com/apache/mina-ftpserver/commit/a04a44d756e9ae18d0461326c761a851b8346d3d
> >>> > ">a04a44d
> >>> > [maven-release-plugin] prepare release ftpserver-parent-1.1.2
> >>> >https://github.com/apache/mina-ftpserver/commit/d7fdad2429cf7b2ae433e10fa7df3b7961fe3704
> >>> > ">d7fdad2
> >>> > Fixed the javadoc failures
> >>> >https://github.com/apache/mina-ftpserver/commit/b4e8d0e39622ce5b121c183f070fe1ad67b41c4f
> >>> > ">b4e8d0e
> >>> > [maven-release-plugin] rollback the release of
> >>> ftpserver-parent-1.1.2
> >>> >https://github.com/apache/mina-ftpserver/commit/59947ea85dc7db2529f619886fd901fd0284bd42
> >>> > ">59947ea
> >>> > [maven-release-plugin] prepare for next development iteration
> >>> >https://github.com/apache/mina-ftpserver/commit/92c6af05cdf0eddd3d2e613b52def57984d78d33
> >>> > ">92c6af0
> >>> > [maven-release-plugin] prepare release ftpserver-parent-1.1.2
> >>> >https://github.com/apache/mina-ftpserver/commit/455a4336a4e9b319e1f6b5836b29dc095467c091
> >>> > ">455a433
> >>> > Fixed the outputStatement to make Javadoc plugin happy
> >>> >https://github.com/apache/mina-ftpserver/commit/94fabe3c1e4776a1754e20403f9c5830231542f7
> >>> > ">94fabe3
> >>> > [maven-release-plugin] rollback the release of
> >>> ftpserver-parent-1.1.2
> >>> >https://github.com/apache/mina-ftpserver/commit/fd1a0d89870c89a7a7c619d1b8f19786e7ce75fb
> >>> > ">fd1a0d8
> >>> > [maven-release-plugin] prepare for next development iteration
> >>> >https://github.com/apache/mina-ftpserver/commit/990a5cebd692361b41e99d1bdf9cd2a9b1eed38a
> >>> > 

Re: [commons-vfs] Failure in bump ftpserver-core from 1.1.1 to 1.1.2

[Xeno Amess]

@Gary Gregory
Alright I woke up.
Hard to fall asleep when thinking my ex-fiancée should be happing with her
new boyfriend...
(sigh.)
I will help you upgrade slf4j first, as I think it should be easier. then
one by one..

Xeno Amess  于2022年1月1日周六 00:43写道：

> btw, I didn't get what you changed comparing to the original pr...
> If a re-trigger can work, then it is quite amazing, as several actions all
> died but they all die because of just false failed build?
> Not very likely IMO...
>
> Xeno Amess  于2022年1月1日周六 00:42写道：
>
>> > any reason pr's have to be manually approved before the ci jobs execute?
>>
>> 2 reasons.
>>
>> 1. github actions is free but only under some rate liminition.
>>
>> So if there is no such rule, some  bad guys can create 100 accounts
>> and drain every open-source repo's github actions account.
>>
>> 2. some repos using github actions with cache, and use it to auto-deploy
>>
>> which means there is a chance for some bad guys to inject the repo's
>> auto-deploy artifact by creating pr and inject something in cache.
>>
>> John Patrick  于2022年1月1日周六 00:27写道：
>>
>>> so wanted to try and help out but unable to as pr won't build until it's
>>> approved by maintainer.
>>> from what i can tell it should have worked. tried that branch and master
>>> and both pass locally
>>> tried to kick off another build to see if just false failed build, so
>>> created new branch but it linked to previous commit, so added and remove
>>> a
>>> file to trick github to try and do a new build again.
>>> any reason pr's have to be manually approved before the ci jobs execute?
>>>
>>> John
>>>
>>>
>>> On Fri, 31 Dec 2021 at 13:50, Xeno Amess  wrote:
>>>
>>> > need sleep now，will have a look 10 hours later
>>> >
>>> > XenoAmess
>>> > 
>>> > From: Gary Gregory 
>>> > Sent: Friday, December 31, 2021 9:28:36 PM
>>> > To: Commons Developers List 
>>> > Subject: [commons-vfs] Failure in bump ftpserver-core from 1.1.1 to
>>> 1.1.2
>>> >
>>> > Does anyone have any free time to look at this failure?
>>> >
>>> > I'm still dealing with Log4j fallout...
>>> >
>>> > Gary
>>> >
>>> > -- Forwarded message -
>>> > From: GitBox 
>>> > Date: Fri, Dec 31, 2021 at 6:05 AM
>>> > Subject: [GitHub] [commons-vfs] dependabot[bot] opened a new pull
>>> request
>>> > #231: Bump ftpserver-core from 1.1.1 to 1.1.2
>>> > To: 
>>> >
>>> >
>>> >
>>> > dependabot[bot] opened a new pull request #231:
>>> > URL: https://github.com/apache/commons-vfs/pull/231
>>> >
>>> >
>>> >Bumps [ftpserver-core](https://github.com/apache/mina-ftpserver)
>>> from
>>> > 1.1.1 to 1.1.2.
>>> >
>>> >Commits
>>> >
>>> >https://github.com/apache/mina-ftpserver/commit/a04a44d756e9ae18d0461326c761a851b8346d3d
>>> > ">a04a44d
>>> > [maven-release-plugin] prepare release ftpserver-parent-1.1.2
>>> >https://github.com/apache/mina-ftpserver/commit/d7fdad2429cf7b2ae433e10fa7df3b7961fe3704
>>> > ">d7fdad2
>>> > Fixed the javadoc failures
>>> >https://github.com/apache/mina-ftpserver/commit/b4e8d0e39622ce5b121c183f070fe1ad67b41c4f
>>> > ">b4e8d0e
>>> > [maven-release-plugin] rollback the release of
>>> ftpserver-parent-1.1.2
>>> >https://github.com/apache/mina-ftpserver/commit/59947ea85dc7db2529f619886fd901fd0284bd42
>>> > ">59947ea
>>> > [maven-release-plugin] prepare for next development iteration
>>> >https://github.com/apache/mina-ftpserver/commit/92c6af05cdf0eddd3d2e613b52def57984d78d33
>>> > ">92c6af0
>>> > [maven-release-plugin] prepare release ftpserver-parent-1.1.2
>>> >https://github.com/apache/mina-ftpserver/commit/455a4336a4e9b319e1f6b5836b29dc095467c091
>>> > ">455a433
>>> > Fixed the outputStatement to make Javadoc plugin happy
>>> >https://github.com/apache/mina-ftpserver/commit/94fabe3c1e4776a1754e20403f9c5830231542f7
>>> > ">94fabe3
>>> > [maven-release-plugin] rollback the release of
>>> ftpserver-parent-1.1.2
>>> >https://github.com/apache/mina-ftpserver/commit/fd1a0d89870c89a7a7c619d1b8f19786e7ce75fb
>>> > ">fd1a0d8
>>> > [maven-release-plugin] prepare for next development iteration
>>> >https://github.com/apache/mina-ftpserver/commit/990a5cebd692361b41e99d1bdf9cd2a9b1eed38a
>>> > ">990a5ce
>>> > [maven-release-plugin] prepare release ftpserver-parent-1.1.2
>>> >https://github.com/apache/mina-ftpserver/commit/402dbb1298aa897ec15ef854d3c2493a0c766141
>>> > ">402dbb1
>>> > [maven-release-plugin] rollback the release of ftpserver-1.1.3
>>> >Additional commits viewable in https://github.com/apache/mina-ftpserver/compare/ftpserver-1.1.1...ftpserver-parent-1.1.2
>>> > ">compare
>>> > view
>>> >
>>> >
>>> >
>>> >
>>> >
>>> >[![Dependabot compatibility score](
>>> >
>>> >
>>> https://dependabot-badges.githubapp.com/badges/compatibility_score?dependency-name=org.apache.ftpserver:ftpserver-core=maven=1.1.1=1.1.2)](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores

Re: [commons-vfs] Failure in bump ftpserver-core from 1.1.1 to 1.1.2

[Xeno Amess]

btw, I didn't get what you changed comparing to the original pr...
If a re-trigger can work, then it is quite amazing, as several actions all
died but they all die because of just false failed build?
Not very likely IMO...

Xeno Amess  于2022年1月1日周六 00:42写道：

> > any reason pr's have to be manually approved before the ci jobs execute?
>
> 2 reasons.
>
> 1. github actions is free but only under some rate liminition.
>
> So if there is no such rule, some  bad guys can create 100 accounts
> and drain every open-source repo's github actions account.
>
> 2. some repos using github actions with cache, and use it to auto-deploy
>
> which means there is a chance for some bad guys to inject the repo's
> auto-deploy artifact by creating pr and inject something in cache.
>
> John Patrick  于2022年1月1日周六 00:27写道：
>
>> so wanted to try and help out but unable to as pr won't build until it's
>> approved by maintainer.
>> from what i can tell it should have worked. tried that branch and master
>> and both pass locally
>> tried to kick off another build to see if just false failed build, so
>> created new branch but it linked to previous commit, so added and remove a
>> file to trick github to try and do a new build again.
>> any reason pr's have to be manually approved before the ci jobs execute?
>>
>> John
>>
>>
>> On Fri, 31 Dec 2021 at 13:50, Xeno Amess  wrote:
>>
>> > need sleep now，will have a look 10 hours later
>> >
>> > XenoAmess
>> > 
>> > From: Gary Gregory 
>> > Sent: Friday, December 31, 2021 9:28:36 PM
>> > To: Commons Developers List 
>> > Subject: [commons-vfs] Failure in bump ftpserver-core from 1.1.1 to
>> 1.1.2
>> >
>> > Does anyone have any free time to look at this failure?
>> >
>> > I'm still dealing with Log4j fallout...
>> >
>> > Gary
>> >
>> > -- Forwarded message -
>> > From: GitBox 
>> > Date: Fri, Dec 31, 2021 at 6:05 AM
>> > Subject: [GitHub] [commons-vfs] dependabot[bot] opened a new pull
>> request
>> > #231: Bump ftpserver-core from 1.1.1 to 1.1.2
>> > To: 
>> >
>> >
>> >
>> > dependabot[bot] opened a new pull request #231:
>> > URL: https://github.com/apache/commons-vfs/pull/231
>> >
>> >
>> >Bumps [ftpserver-core](https://github.com/apache/mina-ftpserver)
>> from
>> > 1.1.1 to 1.1.2.
>> >
>> >Commits
>> >
>> >https://github.com/apache/mina-ftpserver/commit/a04a44d756e9ae18d0461326c761a851b8346d3d
>> > ">a04a44d
>> > [maven-release-plugin] prepare release ftpserver-parent-1.1.2
>> >https://github.com/apache/mina-ftpserver/commit/d7fdad2429cf7b2ae433e10fa7df3b7961fe3704
>> > ">d7fdad2
>> > Fixed the javadoc failures
>> >https://github.com/apache/mina-ftpserver/commit/b4e8d0e39622ce5b121c183f070fe1ad67b41c4f
>> > ">b4e8d0e
>> > [maven-release-plugin] rollback the release of
>> ftpserver-parent-1.1.2
>> >https://github.com/apache/mina-ftpserver/commit/59947ea85dc7db2529f619886fd901fd0284bd42
>> > ">59947ea
>> > [maven-release-plugin] prepare for next development iteration
>> >https://github.com/apache/mina-ftpserver/commit/92c6af05cdf0eddd3d2e613b52def57984d78d33
>> > ">92c6af0
>> > [maven-release-plugin] prepare release ftpserver-parent-1.1.2
>> >https://github.com/apache/mina-ftpserver/commit/455a4336a4e9b319e1f6b5836b29dc095467c091
>> > ">455a433
>> > Fixed the outputStatement to make Javadoc plugin happy
>> >https://github.com/apache/mina-ftpserver/commit/94fabe3c1e4776a1754e20403f9c5830231542f7
>> > ">94fabe3
>> > [maven-release-plugin] rollback the release of
>> ftpserver-parent-1.1.2
>> >https://github.com/apache/mina-ftpserver/commit/fd1a0d89870c89a7a7c619d1b8f19786e7ce75fb
>> > ">fd1a0d8
>> > [maven-release-plugin] prepare for next development iteration
>> >https://github.com/apache/mina-ftpserver/commit/990a5cebd692361b41e99d1bdf9cd2a9b1eed38a
>> > ">990a5ce
>> > [maven-release-plugin] prepare release ftpserver-parent-1.1.2
>> >https://github.com/apache/mina-ftpserver/commit/402dbb1298aa897ec15ef854d3c2493a0c766141
>> > ">402dbb1
>> > [maven-release-plugin] rollback the release of ftpserver-1.1.3
>> >Additional commits viewable in https://github.com/apache/mina-ftpserver/compare/ftpserver-1.1.1...ftpserver-parent-1.1.2
>> > ">compare
>> > view
>> >
>> >
>> >
>> >
>> >
>> >[![Dependabot compatibility score](
>> >
>> >
>> https://dependabot-badges.githubapp.com/badges/compatibility_score?dependency-name=org.apache.ftpserver:ftpserver-core=maven=1.1.1=1.1.2)](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores
>> > )
>> >
>> >Dependabot will resolve any conflicts with this PR as long as you
>> don't
>> > alter it yourself. You can also trigger a rebase manually by commenting
>> > `@dependabot rebase`.
>> >
>> >[//]: # (dependabot-automerge-start)
>> >[//]: # (dependabot-automerge-end)
>> >
>> >---
>> >
>> >
>> >Dependabot commands and options
>> >
>> >
>> >   

Re: [commons-vfs] Failure in bump ftpserver-core from 1.1.1 to 1.1.2

[Xeno Amess]

> any reason pr's have to be manually approved before the ci jobs execute?

2 reasons.

1. github actions is free but only under some rate liminition.

So if there is no such rule, some  bad guys can create 100 accounts and
drain every open-source repo's github actions account.

2. some repos using github actions with cache, and use it to auto-deploy

which means there is a chance for some bad guys to inject the repo's
auto-deploy artifact by creating pr and inject something in cache.

John Patrick  于2022年1月1日周六 00:27写道：

> so wanted to try and help out but unable to as pr won't build until it's
> approved by maintainer.
> from what i can tell it should have worked. tried that branch and master
> and both pass locally
> tried to kick off another build to see if just false failed build, so
> created new branch but it linked to previous commit, so added and remove a
> file to trick github to try and do a new build again.
> any reason pr's have to be manually approved before the ci jobs execute?
>
> John
>
>
> On Fri, 31 Dec 2021 at 13:50, Xeno Amess  wrote:
>
> > need sleep now，will have a look 10 hours later
> >
> > XenoAmess
> > 
> > From: Gary Gregory 
> > Sent: Friday, December 31, 2021 9:28:36 PM
> > To: Commons Developers List 
> > Subject: [commons-vfs] Failure in bump ftpserver-core from 1.1.1 to 1.1.2
> >
> > Does anyone have any free time to look at this failure?
> >
> > I'm still dealing with Log4j fallout...
> >
> > Gary
> >
> > -- Forwarded message -
> > From: GitBox 
> > Date: Fri, Dec 31, 2021 at 6:05 AM
> > Subject: [GitHub] [commons-vfs] dependabot[bot] opened a new pull request
> > #231: Bump ftpserver-core from 1.1.1 to 1.1.2
> > To: 
> >
> >
> >
> > dependabot[bot] opened a new pull request #231:
> > URL: https://github.com/apache/commons-vfs/pull/231
> >
> >
> >Bumps [ftpserver-core](https://github.com/apache/mina-ftpserver) from
> > 1.1.1 to 1.1.2.
> >
> >Commits
> >
> >https://github.com/apache/mina-ftpserver/commit/a04a44d756e9ae18d0461326c761a851b8346d3d
> > ">a04a44d
> > [maven-release-plugin] prepare release ftpserver-parent-1.1.2
> >https://github.com/apache/mina-ftpserver/commit/d7fdad2429cf7b2ae433e10fa7df3b7961fe3704
> > ">d7fdad2
> > Fixed the javadoc failures
> >https://github.com/apache/mina-ftpserver/commit/b4e8d0e39622ce5b121c183f070fe1ad67b41c4f
> > ">b4e8d0e
> > [maven-release-plugin] rollback the release of
> ftpserver-parent-1.1.2
> >https://github.com/apache/mina-ftpserver/commit/59947ea85dc7db2529f619886fd901fd0284bd42
> > ">59947ea
> > [maven-release-plugin] prepare for next development iteration
> >https://github.com/apache/mina-ftpserver/commit/92c6af05cdf0eddd3d2e613b52def57984d78d33
> > ">92c6af0
> > [maven-release-plugin] prepare release ftpserver-parent-1.1.2
> >https://github.com/apache/mina-ftpserver/commit/455a4336a4e9b319e1f6b5836b29dc095467c091
> > ">455a433
> > Fixed the outputStatement to make Javadoc plugin happy
> >https://github.com/apache/mina-ftpserver/commit/94fabe3c1e4776a1754e20403f9c5830231542f7
> > ">94fabe3
> > [maven-release-plugin] rollback the release of
> ftpserver-parent-1.1.2
> >https://github.com/apache/mina-ftpserver/commit/fd1a0d89870c89a7a7c619d1b8f19786e7ce75fb
> > ">fd1a0d8
> > [maven-release-plugin] prepare for next development iteration
> >https://github.com/apache/mina-ftpserver/commit/990a5cebd692361b41e99d1bdf9cd2a9b1eed38a
> > ">990a5ce
> > [maven-release-plugin] prepare release ftpserver-parent-1.1.2
> >https://github.com/apache/mina-ftpserver/commit/402dbb1298aa897ec15ef854d3c2493a0c766141
> > ">402dbb1
> > [maven-release-plugin] rollback the release of ftpserver-1.1.3
> >Additional commits viewable in https://github.com/apache/mina-ftpserver/compare/ftpserver-1.1.1...ftpserver-parent-1.1.2
> > ">compare
> > view
> >
> >
> >
> >
> >
> >[![Dependabot compatibility score](
> >
> >
> https://dependabot-badges.githubapp.com/badges/compatibility_score?dependency-name=org.apache.ftpserver:ftpserver-core=maven=1.1.1=1.1.2)](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores
> > )
> >
> >Dependabot will resolve any conflicts with this PR as long as you
> don't
> > alter it yourself. You can also trigger a rebase manually by commenting
> > `@dependabot rebase`.
> >
> >[//]: # (dependabot-automerge-start)
> >[//]: # (dependabot-automerge-end)
> >
> >---
> >
> >
> >Dependabot commands and options
> >
> >
> >You can trigger Dependabot actions by commenting on this PR:
> >- `@dependabot rebase` will rebase this PR
> >- `@dependabot recreate` will recreate this PR, overwriting any edits
> > that have been made to it
> >- `@dependabot merge` will merge this PR after your CI passes on it
> >- `@dependabot squash and merge` will squash and merge this PR after
> > your CI passes on it
> >   

Re: [commons-vfs] Failure in bump ftpserver-core from 1.1.1 to 1.1.2

[Gary Gregory]

On Fri, Dec 31, 2021 at 11:27 AM John Patrick 
wrote:

> so wanted to try and help out but unable to as pr won't build until it's
> approved by maintainer.
> from what i can tell it should have worked. tried that branch and master
> and both pass locally
>

What is your config? 'mvn -version'?
GitHub shows all builds failing.


> tried to kick off another build to see if just false failed build, so
> created new branch but it linked to previous commit, so added and remove a
> file to trick github to try and do a new build again.
> any reason pr's have to be manually approved before the ci jobs execute?
>

It's just the way it is set up by default.

Gary


>
> John
>
>
> On Fri, 31 Dec 2021 at 13:50, Xeno Amess  wrote:
>
> > need sleep now，will have a look 10 hours later
> >
> > XenoAmess
> > 
> > From: Gary Gregory 
> > Sent: Friday, December 31, 2021 9:28:36 PM
> > To: Commons Developers List 
> > Subject: [commons-vfs] Failure in bump ftpserver-core from 1.1.1 to 1.1.2
> >
> > Does anyone have any free time to look at this failure?
> >
> > I'm still dealing with Log4j fallout...
> >
> > Gary
> >
> > -- Forwarded message -
> > From: GitBox 
> > Date: Fri, Dec 31, 2021 at 6:05 AM
> > Subject: [GitHub] [commons-vfs] dependabot[bot] opened a new pull request
> > #231: Bump ftpserver-core from 1.1.1 to 1.1.2
> > To: 
> >
> >
> >
> > dependabot[bot] opened a new pull request #231:
> > URL: https://github.com/apache/commons-vfs/pull/231
> >
> >
> >Bumps [ftpserver-core](https://github.com/apache/mina-ftpserver) from
> > 1.1.1 to 1.1.2.
> >
> >Commits
> >
> >https://github.com/apache/mina-ftpserver/commit/a04a44d756e9ae18d0461326c761a851b8346d3d
> > ">a04a44d
> > [maven-release-plugin] prepare release ftpserver-parent-1.1.2
> >https://github.com/apache/mina-ftpserver/commit/d7fdad2429cf7b2ae433e10fa7df3b7961fe3704
> > ">d7fdad2
> > Fixed the javadoc failures
> >https://github.com/apache/mina-ftpserver/commit/b4e8d0e39622ce5b121c183f070fe1ad67b41c4f
> > ">b4e8d0e
> > [maven-release-plugin] rollback the release of
> ftpserver-parent-1.1.2
> >https://github.com/apache/mina-ftpserver/commit/59947ea85dc7db2529f619886fd901fd0284bd42
> > ">59947ea
> > [maven-release-plugin] prepare for next development iteration
> >https://github.com/apache/mina-ftpserver/commit/92c6af05cdf0eddd3d2e613b52def57984d78d33
> > ">92c6af0
> > [maven-release-plugin] prepare release ftpserver-parent-1.1.2
> >https://github.com/apache/mina-ftpserver/commit/455a4336a4e9b319e1f6b5836b29dc095467c091
> > ">455a433
> > Fixed the outputStatement to make Javadoc plugin happy
> >https://github.com/apache/mina-ftpserver/commit/94fabe3c1e4776a1754e20403f9c5830231542f7
> > ">94fabe3
> > [maven-release-plugin] rollback the release of
> ftpserver-parent-1.1.2
> >https://github.com/apache/mina-ftpserver/commit/fd1a0d89870c89a7a7c619d1b8f19786e7ce75fb
> > ">fd1a0d8
> > [maven-release-plugin] prepare for next development iteration
> >https://github.com/apache/mina-ftpserver/commit/990a5cebd692361b41e99d1bdf9cd2a9b1eed38a
> > ">990a5ce
> > [maven-release-plugin] prepare release ftpserver-parent-1.1.2
> >https://github.com/apache/mina-ftpserver/commit/402dbb1298aa897ec15ef854d3c2493a0c766141
> > ">402dbb1
> > [maven-release-plugin] rollback the release of ftpserver-1.1.3
> >Additional commits viewable in https://github.com/apache/mina-ftpserver/compare/ftpserver-1.1.1...ftpserver-parent-1.1.2
> > ">compare
> > view
> >
> >
> >
> >
> >
> >[![Dependabot compatibility score](
> >
> >
> https://dependabot-badges.githubapp.com/badges/compatibility_score?dependency-name=org.apache.ftpserver:ftpserver-core=maven=1.1.1=1.1.2)](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores
> > )
> >
> >Dependabot will resolve any conflicts with this PR as long as you
> don't
> > alter it yourself. You can also trigger a rebase manually by commenting
> > `@dependabot rebase`.
> >
> >[//]: # (dependabot-automerge-start)
> >[//]: # (dependabot-automerge-end)
> >
> >---
> >
> >
> >Dependabot commands and options
> >
> >
> >You can trigger Dependabot actions by commenting on this PR:
> >- `@dependabot rebase` will rebase this PR
> >- `@dependabot recreate` will recreate this PR, overwriting any edits
> > that have been made to it
> >- `@dependabot merge` will merge this PR after your CI passes on it
> >- `@dependabot squash and merge` will squash and merge this PR after
> > your CI passes on it
> >- `@dependabot cancel merge` will cancel a previously requested merge
> > and block automerging
> >- `@dependabot reopen` will reopen this PR if it is closed
> >- `@dependabot close` will close this PR and stop Dependabot
> recreating
> > it. You can achieve the same result by closing it manually
> >- `@dependabot ignore this major 

Re: [commons-vfs] Failure in bump ftpserver-core from 1.1.1 to 1.1.2

[Gary Gregory]

Help also needed for https://github.com/apache/commons-vfs/pull/225
:-)
Gary

On Fri, Dec 31, 2021 at 8:28 AM Gary Gregory  wrote:

> Does anyone have any free time to look at this failure?
>
> I'm still dealing with Log4j fallout...
>
> Gary
>
> -- Forwarded message -
> From: GitBox 
> Date: Fri, Dec 31, 2021 at 6:05 AM
> Subject: [GitHub] [commons-vfs] dependabot[bot] opened a new pull request
> #231: Bump ftpserver-core from 1.1.1 to 1.1.2
> To: 
>
>
>
> dependabot[bot] opened a new pull request #231:
> URL: https://github.com/apache/commons-vfs/pull/231
>
>
>Bumps [ftpserver-core](https://github.com/apache/mina-ftpserver) from
> 1.1.1 to 1.1.2.
>
>Commits
>
>https://github.com/apache/mina-ftpserver/commit/a04a44d756e9ae18d0461326c761a851b8346d3d;>a04a44d
> [maven-release-plugin] prepare release ftpserver-parent-1.1.2
>https://github.com/apache/mina-ftpserver/commit/d7fdad2429cf7b2ae433e10fa7df3b7961fe3704;>d7fdad2
> Fixed the javadoc failures
>https://github.com/apache/mina-ftpserver/commit/b4e8d0e39622ce5b121c183f070fe1ad67b41c4f;>b4e8d0e
> [maven-release-plugin] rollback the release of ftpserver-parent-1.1.2
>https://github.com/apache/mina-ftpserver/commit/59947ea85dc7db2529f619886fd901fd0284bd42;>59947ea
> [maven-release-plugin] prepare for next development iteration
>https://github.com/apache/mina-ftpserver/commit/92c6af05cdf0eddd3d2e613b52def57984d78d33;>92c6af0
> [maven-release-plugin] prepare release ftpserver-parent-1.1.2
>https://github.com/apache/mina-ftpserver/commit/455a4336a4e9b319e1f6b5836b29dc095467c091;>455a433
> Fixed the outputStatement to make Javadoc plugin happy
>https://github.com/apache/mina-ftpserver/commit/94fabe3c1e4776a1754e20403f9c5830231542f7;>94fabe3
> [maven-release-plugin] rollback the release of ftpserver-parent-1.1.2
>https://github.com/apache/mina-ftpserver/commit/fd1a0d89870c89a7a7c619d1b8f19786e7ce75fb;>fd1a0d8
> [maven-release-plugin] prepare for next development iteration
>https://github.com/apache/mina-ftpserver/commit/990a5cebd692361b41e99d1bdf9cd2a9b1eed38a;>990a5ce
> [maven-release-plugin] prepare release ftpserver-parent-1.1.2
>https://github.com/apache/mina-ftpserver/commit/402dbb1298aa897ec15ef854d3c2493a0c766141;>402dbb1
> [maven-release-plugin] rollback the release of ftpserver-1.1.3
>Additional commits viewable in https://github.com/apache/mina-ftpserver/compare/ftpserver-1.1.1...ftpserver-parent-1.1.2;>compare
> view
>
>
>
>
>
>[![Dependabot compatibility score](
> https://dependabot-badges.githubapp.com/badges/compatibility_score?dependency-name=org.apache.ftpserver:ftpserver-core=maven=1.1.1=1.1.2)](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores
> )
>
>Dependabot will resolve any conflicts with this PR as long as you don't
> alter it yourself. You can also trigger a rebase manually by commenting
> `@dependabot rebase`.
>
>[//]: # (dependabot-automerge-start)
>[//]: # (dependabot-automerge-end)
>
>---
>
>
>Dependabot commands and options
>
>
>You can trigger Dependabot actions by commenting on this PR:
>- `@dependabot rebase` will rebase this PR
>- `@dependabot recreate` will recreate this PR, overwriting any edits
> that have been made to it
>- `@dependabot merge` will merge this PR after your CI passes on it
>- `@dependabot squash and merge` will squash and merge this PR after
> your CI passes on it
>- `@dependabot cancel merge` will cancel a previously requested merge
> and block automerging
>- `@dependabot reopen` will reopen this PR if it is closed
>- `@dependabot close` will close this PR and stop Dependabot recreating
> it. You can achieve the same result by closing it manually
>- `@dependabot ignore this major version` will close this PR and stop
> Dependabot creating any more for this major version (unless you reopen the
> PR or upgrade to it yourself)
>- `@dependabot ignore this minor version` will close this PR and stop
> Dependabot creating any more for this minor version (unless you reopen the
> PR or upgrade to it yourself)
>- `@dependabot ignore this dependency` will close this PR and stop
> Dependabot creating any more for this dependency (unless you reopen the PR
> or upgrade to it yourself)
>
>
>
>
>
> --
> This is an automated message from the Apache Git Service.
> To respond to the message, please log on to GitHub and use the
> URL above to go to the specific comment.
>
> To unsubscribe, e-mail: issues-unsubscr...@commons.apache.org
>
> For queries about this service, please contact Infrastructure at:
> us...@infra.apache.org
>
>
>

Re: [commons-vfs] Failure in bump ftpserver-core from 1.1.1 to 1.1.2

[John Patrick]

so wanted to try and help out but unable to as pr won't build until it's
approved by maintainer.
from what i can tell it should have worked. tried that branch and master
and both pass locally
tried to kick off another build to see if just false failed build, so
created new branch but it linked to previous commit, so added and remove a
file to trick github to try and do a new build again.
any reason pr's have to be manually approved before the ci jobs execute?

John


On Fri, 31 Dec 2021 at 13:50, Xeno Amess  wrote:

> need sleep now，will have a look 10 hours later
>
> XenoAmess
> 
> From: Gary Gregory 
> Sent: Friday, December 31, 2021 9:28:36 PM
> To: Commons Developers List 
> Subject: [commons-vfs] Failure in bump ftpserver-core from 1.1.1 to 1.1.2
>
> Does anyone have any free time to look at this failure?
>
> I'm still dealing with Log4j fallout...
>
> Gary
>
> -- Forwarded message -
> From: GitBox 
> Date: Fri, Dec 31, 2021 at 6:05 AM
> Subject: [GitHub] [commons-vfs] dependabot[bot] opened a new pull request
> #231: Bump ftpserver-core from 1.1.1 to 1.1.2
> To: 
>
>
>
> dependabot[bot] opened a new pull request #231:
> URL: https://github.com/apache/commons-vfs/pull/231
>
>
>Bumps [ftpserver-core](https://github.com/apache/mina-ftpserver) from
> 1.1.1 to 1.1.2.
>
>Commits
>
>https://github.com/apache/mina-ftpserver/commit/a04a44d756e9ae18d0461326c761a851b8346d3d
> ">a04a44d
> [maven-release-plugin] prepare release ftpserver-parent-1.1.2
>https://github.com/apache/mina-ftpserver/commit/d7fdad2429cf7b2ae433e10fa7df3b7961fe3704
> ">d7fdad2
> Fixed the javadoc failures
>https://github.com/apache/mina-ftpserver/commit/b4e8d0e39622ce5b121c183f070fe1ad67b41c4f
> ">b4e8d0e
> [maven-release-plugin] rollback the release of ftpserver-parent-1.1.2
>https://github.com/apache/mina-ftpserver/commit/59947ea85dc7db2529f619886fd901fd0284bd42
> ">59947ea
> [maven-release-plugin] prepare for next development iteration
>https://github.com/apache/mina-ftpserver/commit/92c6af05cdf0eddd3d2e613b52def57984d78d33
> ">92c6af0
> [maven-release-plugin] prepare release ftpserver-parent-1.1.2
>https://github.com/apache/mina-ftpserver/commit/455a4336a4e9b319e1f6b5836b29dc095467c091
> ">455a433
> Fixed the outputStatement to make Javadoc plugin happy
>https://github.com/apache/mina-ftpserver/commit/94fabe3c1e4776a1754e20403f9c5830231542f7
> ">94fabe3
> [maven-release-plugin] rollback the release of ftpserver-parent-1.1.2
>https://github.com/apache/mina-ftpserver/commit/fd1a0d89870c89a7a7c619d1b8f19786e7ce75fb
> ">fd1a0d8
> [maven-release-plugin] prepare for next development iteration
>https://github.com/apache/mina-ftpserver/commit/990a5cebd692361b41e99d1bdf9cd2a9b1eed38a
> ">990a5ce
> [maven-release-plugin] prepare release ftpserver-parent-1.1.2
>https://github.com/apache/mina-ftpserver/commit/402dbb1298aa897ec15ef854d3c2493a0c766141
> ">402dbb1
> [maven-release-plugin] rollback the release of ftpserver-1.1.3
>Additional commits viewable in https://github.com/apache/mina-ftpserver/compare/ftpserver-1.1.1...ftpserver-parent-1.1.2
> ">compare
> view
>
>
>
>
>
>[![Dependabot compatibility score](
>
> https://dependabot-badges.githubapp.com/badges/compatibility_score?dependency-name=org.apache.ftpserver:ftpserver-core=maven=1.1.1=1.1.2)](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores
> )
>
>Dependabot will resolve any conflicts with this PR as long as you don't
> alter it yourself. You can also trigger a rebase manually by commenting
> `@dependabot rebase`.
>
>[//]: # (dependabot-automerge-start)
>[//]: # (dependabot-automerge-end)
>
>---
>
>
>Dependabot commands and options
>
>
>You can trigger Dependabot actions by commenting on this PR:
>- `@dependabot rebase` will rebase this PR
>- `@dependabot recreate` will recreate this PR, overwriting any edits
> that have been made to it
>- `@dependabot merge` will merge this PR after your CI passes on it
>- `@dependabot squash and merge` will squash and merge this PR after
> your CI passes on it
>- `@dependabot cancel merge` will cancel a previously requested merge
> and block automerging
>- `@dependabot reopen` will reopen this PR if it is closed
>- `@dependabot close` will close this PR and stop Dependabot recreating
> it. You can achieve the same result by closing it manually
>- `@dependabot ignore this major version` will close this PR and stop
> Dependabot creating any more for this major version (unless you reopen the
> PR or upgrade to it yourself)
>- `@dependabot ignore this minor version` will close this PR and stop
> Dependabot creating any more for this minor version (unless you reopen the
> PR or upgrade to it yourself)
>- `@dependabot ignore this dependency` will close this PR and stop
> Dependabot 

Re: [commons-vfs] Failure in bump ftpserver-core from 1.1.1 to 1.1.2

[Xeno Amess]

need sleep now，will have a look 10 hours later

XenoAmess

From: Gary Gregory 
Sent: Friday, December 31, 2021 9:28:36 PM
To: Commons Developers List 
Subject: [commons-vfs] Failure in bump ftpserver-core from 1.1.1 to 1.1.2

Does anyone have any free time to look at this failure?

I'm still dealing with Log4j fallout...

Gary

-- Forwarded message -
From: GitBox 
Date: Fri, Dec 31, 2021 at 6:05 AM
Subject: [GitHub] [commons-vfs] dependabot[bot] opened a new pull request
#231: Bump ftpserver-core from 1.1.1 to 1.1.2
To: 



dependabot[bot] opened a new pull request #231:
URL: https://github.com/apache/commons-vfs/pull/231


   Bumps [ftpserver-core](https://github.com/apache/mina-ftpserver) from
1.1.1 to 1.1.2.
   
   Commits
   
   https://github.com/apache/mina-ftpserver/commit/a04a44d756e9ae18d0461326c761a851b8346d3d;>a04a44d
[maven-release-plugin] prepare release ftpserver-parent-1.1.2
   https://github.com/apache/mina-ftpserver/commit/d7fdad2429cf7b2ae433e10fa7df3b7961fe3704;>d7fdad2
Fixed the javadoc failures
   https://github.com/apache/mina-ftpserver/commit/b4e8d0e39622ce5b121c183f070fe1ad67b41c4f;>b4e8d0e
[maven-release-plugin] rollback the release of ftpserver-parent-1.1.2
   https://github.com/apache/mina-ftpserver/commit/59947ea85dc7db2529f619886fd901fd0284bd42;>59947ea
[maven-release-plugin] prepare for next development iteration
   https://github.com/apache/mina-ftpserver/commit/92c6af05cdf0eddd3d2e613b52def57984d78d33;>92c6af0
[maven-release-plugin] prepare release ftpserver-parent-1.1.2
   https://github.com/apache/mina-ftpserver/commit/455a4336a4e9b319e1f6b5836b29dc095467c091;>455a433
Fixed the outputStatement to make Javadoc plugin happy
   https://github.com/apache/mina-ftpserver/commit/94fabe3c1e4776a1754e20403f9c5830231542f7;>94fabe3
[maven-release-plugin] rollback the release of ftpserver-parent-1.1.2
   https://github.com/apache/mina-ftpserver/commit/fd1a0d89870c89a7a7c619d1b8f19786e7ce75fb;>fd1a0d8
[maven-release-plugin] prepare for next development iteration
   https://github.com/apache/mina-ftpserver/commit/990a5cebd692361b41e99d1bdf9cd2a9b1eed38a;>990a5ce
[maven-release-plugin] prepare release ftpserver-parent-1.1.2
   https://github.com/apache/mina-ftpserver/commit/402dbb1298aa897ec15ef854d3c2493a0c766141;>402dbb1
[maven-release-plugin] rollback the release of ftpserver-1.1.3
   Additional commits viewable in https://github.com/apache/mina-ftpserver/compare/ftpserver-1.1.1...ftpserver-parent-1.1.2;>compare
view
   
   
   


   [![Dependabot compatibility score](
https://dependabot-badges.githubapp.com/badges/compatibility_score?dependency-name=org.apache.ftpserver:ftpserver-core=maven=1.1.1=1.1.2)](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores
)

   Dependabot will resolve any conflicts with this PR as long as you don't
alter it yourself. You can also trigger a rebase manually by commenting
`@dependabot rebase`.

   [//]: # (dependabot-automerge-start)
   [//]: # (dependabot-automerge-end)

   ---

   
   Dependabot commands and options
   

   You can trigger Dependabot actions by commenting on this PR:
   - `@dependabot rebase` will rebase this PR
   - `@dependabot recreate` will recreate this PR, overwriting any edits
that have been made to it
   - `@dependabot merge` will merge this PR after your CI passes on it
   - `@dependabot squash and merge` will squash and merge this PR after
your CI passes on it
   - `@dependabot cancel merge` will cancel a previously requested merge
and block automerging
   - `@dependabot reopen` will reopen this PR if it is closed
   - `@dependabot close` will close this PR and stop Dependabot recreating
it. You can achieve the same result by closing it manually
   - `@dependabot ignore this major version` will close this PR and stop
Dependabot creating any more for this major version (unless you reopen the
PR or upgrade to it yourself)
   - `@dependabot ignore this minor version` will close this PR and stop
Dependabot creating any more for this minor version (unless you reopen the
PR or upgrade to it yourself)
   - `@dependabot ignore this dependency` will close this PR and stop
Dependabot creating any more for this dependency (unless you reopen the PR
or upgrade to it yourself)


   


--
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.

To unsubscribe, e-mail: issues-unsubscr...@commons.apache.org

For queries about this service, please contact Infrastructure at:
us...@infra.apache.org

[commons-vfs] Failure in bump ftpserver-core from 1.1.1 to 1.1.2

[Gary Gregory]

Does anyone have any free time to look at this failure?

I'm still dealing with Log4j fallout...

Gary

-- Forwarded message -
From: GitBox 
Date: Fri, Dec 31, 2021 at 6:05 AM
Subject: [GitHub] [commons-vfs] dependabot[bot] opened a new pull request
#231: Bump ftpserver-core from 1.1.1 to 1.1.2
To: 



dependabot[bot] opened a new pull request #231:
URL: https://github.com/apache/commons-vfs/pull/231


   Bumps [ftpserver-core](https://github.com/apache/mina-ftpserver) from
1.1.1 to 1.1.2.
   
   Commits
   
   https://github.com/apache/mina-ftpserver/commit/a04a44d756e9ae18d0461326c761a851b8346d3d;>a04a44d
[maven-release-plugin] prepare release ftpserver-parent-1.1.2
   https://github.com/apache/mina-ftpserver/commit/d7fdad2429cf7b2ae433e10fa7df3b7961fe3704;>d7fdad2
Fixed the javadoc failures
   https://github.com/apache/mina-ftpserver/commit/b4e8d0e39622ce5b121c183f070fe1ad67b41c4f;>b4e8d0e
[maven-release-plugin] rollback the release of ftpserver-parent-1.1.2
   https://github.com/apache/mina-ftpserver/commit/59947ea85dc7db2529f619886fd901fd0284bd42;>59947ea
[maven-release-plugin] prepare for next development iteration
   https://github.com/apache/mina-ftpserver/commit/92c6af05cdf0eddd3d2e613b52def57984d78d33;>92c6af0
[maven-release-plugin] prepare release ftpserver-parent-1.1.2
   https://github.com/apache/mina-ftpserver/commit/455a4336a4e9b319e1f6b5836b29dc095467c091;>455a433
Fixed the outputStatement to make Javadoc plugin happy
   https://github.com/apache/mina-ftpserver/commit/94fabe3c1e4776a1754e20403f9c5830231542f7;>94fabe3
[maven-release-plugin] rollback the release of ftpserver-parent-1.1.2
   https://github.com/apache/mina-ftpserver/commit/fd1a0d89870c89a7a7c619d1b8f19786e7ce75fb;>fd1a0d8
[maven-release-plugin] prepare for next development iteration
   https://github.com/apache/mina-ftpserver/commit/990a5cebd692361b41e99d1bdf9cd2a9b1eed38a;>990a5ce
[maven-release-plugin] prepare release ftpserver-parent-1.1.2
   https://github.com/apache/mina-ftpserver/commit/402dbb1298aa897ec15ef854d3c2493a0c766141;>402dbb1
[maven-release-plugin] rollback the release of ftpserver-1.1.3
   Additional commits viewable in https://github.com/apache/mina-ftpserver/compare/ftpserver-1.1.1...ftpserver-parent-1.1.2;>compare
view
   
   
   


   [![Dependabot compatibility score](
https://dependabot-badges.githubapp.com/badges/compatibility_score?dependency-name=org.apache.ftpserver:ftpserver-core=maven=1.1.1=1.1.2)](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores
)

   Dependabot will resolve any conflicts with this PR as long as you don't
alter it yourself. You can also trigger a rebase manually by commenting
`@dependabot rebase`.

   [//]: # (dependabot-automerge-start)
   [//]: # (dependabot-automerge-end)

   ---

   
   Dependabot commands and options
   

   You can trigger Dependabot actions by commenting on this PR:
   - `@dependabot rebase` will rebase this PR
   - `@dependabot recreate` will recreate this PR, overwriting any edits
that have been made to it
   - `@dependabot merge` will merge this PR after your CI passes on it
   - `@dependabot squash and merge` will squash and merge this PR after
your CI passes on it
   - `@dependabot cancel merge` will cancel a previously requested merge
and block automerging
   - `@dependabot reopen` will reopen this PR if it is closed
   - `@dependabot close` will close this PR and stop Dependabot recreating
it. You can achieve the same result by closing it manually
   - `@dependabot ignore this major version` will close this PR and stop
Dependabot creating any more for this major version (unless you reopen the
PR or upgrade to it yourself)
   - `@dependabot ignore this minor version` will close this PR and stop
Dependabot creating any more for this minor version (unless you reopen the
PR or upgrade to it yourself)
   - `@dependabot ignore this dependency` will close this PR and stop
Dependabot creating any more for this dependency (unless you reopen the PR
or upgrade to it yourself)


   


-- 
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.

To unsubscribe, e-mail: issues-unsubscr...@commons.apache.org

For queries about this service, please contact Infrastructure at:
us...@infra.apache.org

Re: [IMPORTANT] - ci.apache.org and CMS Shutdown end of January 2022

[Gary Gregory]

WRT Commons, CI is handled by GitHub actions these days so I am not worried
about losing ci.a.o.

TY
Gary

On Fri, Dec 31, 2021 at 6:38 AM Gavin McDonald  wrote:

> Hi All,
>
> (This email is BCC many (19) lists, please reply to bui...@apache.org
> only)
>
> Infra has set a FINAL date of January 31st 2022 for the turn off of
> ci.apache.org. This includes all of its nodes , of which the CMS node is
> one. Therefore the CMS is also going to be gone on the 31st January 2022.
>
> Any project that still uses the CMS in any way shape or form, MUST migrate
> to another build and publish method.
>
> Any project using ci.apache.org for the building and testing/publishing of
> CI builds MUST also migrate away to another CI - the direct replacement is
> ci2.apache.org the new Buildbot 3.2 based instance. Publishing of Javadocs
> and versioned websites etc that normally publish to ci.apache.org/projects
> will need to migrate their jobs to ci2.apache.org and publish results to
> nightlies.apache.org instead (via an rsync step).
>
> Projects have been repeatedly informed of the deprecation of both
> ci.apache.org and also the CMS itself, so this notice should not be a
> surprise to anybody.
>
> If you don't  have an INFRA ticket already open, or you don't know if there
> is an INFRA ticket already open for your project, please open one
> immediately so that we can get working on your migration ASAP. One or two
> projects I know of have a non-standard setup of publishing and so the
> earlier we get started the better.
>
> Below is a list of projects I know to still be using either the CMS (in
> whole or in part) and ci.apache.org for CI builds, there may be more.
>
> Projects fully using the CMS
> ==
>
> Commons
> DB (and subprojects)
> Hive
> Oozie
>
> Projects partially using the CMS
> =
>
> Lucene
> CXF
> Tapestry
> Santuario
> Geronimo
> Nutch
>
> All the above except Nutch I believe are exporting from Confluence and
> committing to
> svn.apache.org/repos/infra/websites/production/ - I have been working on
> an
> alternate
> method that does not involve the CMS agent (or its dependents like
> build_external.pl)
> CXF and Tapestry at least have INFRA tickets open regarding this.
>
> Projects using ci.apache.org for CI jobs
> 
>
> The Board - board-site build.
> Perl/mod_perl - several test builds.
> AsterixDB - docs build
> HTTPD - test builds
> Juddi - Several test builds
> OpenJPA - Several test builds
> Creadur - Several test builds
> JMeter - test builds
> OpenNLP - site build ?
> Commons - site build ?
> Ponymail - site build ?
> TrafficServer - Test Build + site build ?
> Tapestry - test build
>
> All builds that need migrating can be seen on this page:
>
> https://ci.apache.org/buildslaves
>
> Ok, those are the details, lets get started please people
>
> Oh, and Happy New Year!
>
> Gavin McDonald
> Systems Administrator
> ASF Infrastructure Team
>

Re: [CANCEL][VOTE] Release Apache Commons JCS 3.1 based on RC1

[Gary Gregory]

On Fri, Dec 31, 2021 at 4:25 AM Thomas Vandahl  wrote:

> > Am 23.12.2021 um 19:20 schrieb Thomas Vandahl :
> >
> > Hi folks,
> >
> > We have fixed quite a few bugs and added some significant enhancements
> since Apache Commons JCS 3.0 was released, so I would like to release
> Apache Commons JCS 3.1.
>
> Thanks to Bruno we were able to find an issue that could cause serious
> performance degradation in EncryptingSerializer. I will fix this and cut an
> RC2 rsn.
>

Great news! See you at RC2 time :-)

Gary

>
> Bye, Thomas
> -
> To unsubscribe, e-mail: dev-unsubscr...@commons.apache.org
> For additional commands, e-mail: dev-h...@commons.apache.org
>
>

[IMPORTANT] - ci.apache.org and CMS Shutdown end of January 2022

[Gavin McDonald]

Hi All,

(This email is BCC many (19) lists, please reply to bui...@apache.org only)

Infra has set a FINAL date of January 31st 2022 for the turn off of
ci.apache.org. This includes all of its nodes , of which the CMS node is
one. Therefore the CMS is also going to be gone on the 31st January 2022.

Any project that still uses the CMS in any way shape or form, MUST migrate
to another build and publish method.

Any project using ci.apache.org for the building and testing/publishing of
CI builds MUST also migrate away to another CI - the direct replacement is
ci2.apache.org the new Buildbot 3.2 based instance. Publishing of Javadocs
and versioned websites etc that normally publish to ci.apache.org/projects
will need to migrate their jobs to ci2.apache.org and publish results to
nightlies.apache.org instead (via an rsync step).

Projects have been repeatedly informed of the deprecation of both
ci.apache.org and also the CMS itself, so this notice should not be a
surprise to anybody.

If you don't  have an INFRA ticket already open, or you don't know if there
is an INFRA ticket already open for your project, please open one
immediately so that we can get working on your migration ASAP. One or two
projects I know of have a non-standard setup of publishing and so the
earlier we get started the better.

Below is a list of projects I know to still be using either the CMS (in
whole or in part) and ci.apache.org for CI builds, there may be more.

Projects fully using the CMS
==

Commons
DB (and subprojects)
Hive
Oozie

Projects partially using the CMS
=

Lucene
CXF
Tapestry
Santuario
Geronimo
Nutch

All the above except Nutch I believe are exporting from Confluence and
committing to
svn.apache.org/repos/infra/websites/production/ - I have been working on an
alternate
method that does not involve the CMS agent (or its dependents like
build_external.pl)
CXF and Tapestry at least have INFRA tickets open regarding this.

Projects using ci.apache.org for CI jobs


The Board - board-site build.
Perl/mod_perl - several test builds.
AsterixDB - docs build
HTTPD - test builds
Juddi - Several test builds
OpenJPA - Several test builds
Creadur - Several test builds
JMeter - test builds
OpenNLP - site build ?
Commons - site build ?
Ponymail - site build ?
TrafficServer - Test Build + site build ?
Tapestry - test build

All builds that need migrating can be seen on this page:

https://ci.apache.org/buildslaves

Ok, those are the details, lets get started please people

Oh, and Happy New Year!

Gavin McDonald
Systems Administrator
ASF Infrastructure Team

[CANCEL][VOTE] Release Apache Commons JCS 3.1 based on RC1

[Thomas Vandahl]

> Am 23.12.2021 um 19:20 schrieb Thomas Vandahl :
> 
> Hi folks,
> 
> We have fixed quite a few bugs and added some significant enhancements since 
> Apache Commons JCS 3.0 was released, so I would like to release Apache 
> Commons JCS 3.1.

Thanks to Bruno we were able to find an issue that could cause serious 
performance degradation in EncryptingSerializer. I will fix this and cut an RC2 
rsn.

Bye, Thomas 
-
To unsubscribe, e-mail: dev-unsubscr...@commons.apache.org
For additional commands, e-mail: dev-h...@commons.apache.org