Re: I have attribute called X. But X.0 and X.1 also got created. Why?

2017-03-06 Thread Andy LoPresto 
If this was in an ExtractText processor, your regular expression may have 
included groups (segments contained in “()”) — if this is the case, each group 
will be extracted and captured as well.

From the ExtractText documentation:

> The first capture group, if any found, will be placed into that attribute 
> name.But all capture groups, including the matching string sequence itself 
> will also be provided at that attribute name with an index value provided, 
> with the exception of a capturing group that is optional and does not match - 
> for example, given the attribute name "regex" and expression "abc(def)?(g)" 
> we would add an attribute "regex.1" with a value of "def" if the "def" 
> matched. If the "def" did not match, no attribute named "regex.1" would be 
> added but an attribute named "regex.2" with a value of "g" will be added 
> regardless.


Andy LoPresto
alopre...@apache.org
alopresto.apa...@gmail.com
PGP Fingerprint: 70EC B3E5 98A6 5A3F D3C4  BACE 3C6E F65B 2F7D EF69

> On Mar 6, 2017, at 4:26 PM, srini  wrote:
> 
> Why,
> I have a attribute called original_flowfile, but I noticed these two extra
> got created. Why?
> 
> original_flowfile.0
> original_flowfile.1
> 
> thanks
> Srini
> 
> 
> 
> --
> View this message in context: 
> http://apache-nifi-developer-list.39713.n7.nabble.com/I-have-attribute-called-X-But-X-0-and-X-1-also-got-created-Why-tp15062.html
> Sent from the Apache NiFi Developer List mailing list archive at Nabble.com.



signature.asc
Description: Message signed with OpenPGP using GPGMail

I have attribute called X. But X.0 and X.1 also got created. Why?

2017-03-06 Thread srini 
Why,
I have a attribute called original_flowfile, but I noticed these two extra
got created. Why?

original_flowfile.0
original_flowfile.1

thanks
Srini



--
View this message in context: 
http://apache-nifi-developer-list.39713.n7.nabble.com/I-have-attribute-called-X-But-X-0-and-X-1-also-got-created-Why-tp15062.html
Sent from the Apache NiFi Developer List mailing list archive at Nabble.com.

[ANNOUNCE] CVE-2017-5635 and CVE-2017-5636

2017-03-06 Thread Andy LoPresto 
Apache NiFi PMC would like to announce the discovery and resolution of 
CVE-2017-5635 and CVE-2017-5636. These issues have been resolved and new 
versions of the Apache NiFi project were released in accordance with the Apache 
Release Process.

Fixed in Apache NiFi 0.7.2 and 1.1.2

CVE-2107-5635: Apache NiFi Unauthorized Data Access In Cluster Environment

Severity: Important

Versions Affected:

Apache NiFi 0.7.0
Apache NiFi 0.7.1
Apache NiFi 1.1.0
Apache NiFi 1.1.1
Description: In a cluster environment, if an anonymous user request is 
replicated to another node, the originating node identity is used rather than 
the “anonymous” user.

Mitigation: A fix has been provided (removing the negative check for anonymous 
user before building the proxy chain and throwing an exception, and evaluating 
each user in the proxy chain iteration and comparing against a static constant 
anonymous user). This fix was applied in NIFI-3487 and released in Apache NiFi 
0.7.2 and 1.1.2. 1.x users running a clustered environment should upgrade to 
1.1.2. 0.x users running a clustered environment should upgrade to 0.7.2.

Credit: This issue was discovered by Leonardo Dias in conjunction with Matt 
Gilman.

CVE-2107-5636: Apache NiFi User Impersonation In Cluster Environment

Severity: Moderate

Versions Affected:

Apache NiFi 0.7.0
Apache NiFi 0.7.1
Apache NiFi 1.1.0
Apache NiFi 1.1.1
Description: In a cluster environment, the proxy chain 
serialization/deserialization is vulnerable to an injection attack where a 
carefully crafted username could impersonate another user and gain their 
permissions on a replicated request to another node.

Mitigation: A fix has been provided (modification of the tokenization code and 
sanitization of user-provided input). This fix was applied in NIFI-3487 and 
released in Apache NiFi 0.7.2 and 1.1.2. 1.x users running a clustered 
environment should upgrade to 1.1.2. 0.x users running a clustered environment 
should upgrade to 0.7.2.

Credit: This issue was discovered by Andy LoPresto.

Andy LoPresto
alopre...@apache.org
alopresto.apa...@gmail.com
PGP Fingerprint: 70EC B3E5 98A6 5A3F D3C4  BACE 3C6E F65B 2F7D EF69



signature.asc
Description: Message signed with OpenPGP using GPGMail

Extend GetSFTP

2017-03-06 Thread dmanx 
Hi I am new with Nifi and I was trying to extend GetSFTP because of username
and password parameter. My passwords are coming form a custom java class.  I
need to be able to extend getSftp class so I can call the java class to get
the password.

Any help will be appreciated. 



-
dmanx
--
View this message in context: 
http://apache-nifi-developer-list.39713.n7.nabble.com/Extend-GetSFTP-tp15060.html
Sent from the Apache NiFi Developer List mailing list archive at Nabble.com.

Re: [REMINDER] Please signoff when committing other people's changes

2017-03-06 Thread Sean Busbey 
On Thu, Mar 2, 2017 at 6:00 PM, Andre  wrote:
> James,
>
> There's no doubt the Sign-off-by is redundant (as GIT itself holds that
> information, reason why GH is still able to show the information without
> the sign-of-by stamp), however, I agree with your view around positive
> action and easy to refer as Bryan pointed.
>


One important case where the signed-off-by isn't redundant (at least
within git) is when there is more than one reviewer. This has been
useful in some other projects, especially if folks get into the habit
and there are multiple places reviews happen (e.g. both on JIRA and
GitHub PRs). It's also been super helpful when non-committers are
doing reviews.

Another is when we get to the point of maintaining enough release
lines that the person doing a backport commit might not be the person
who did the initial review. The signed-off-by still carries useful
information (albeit something we can kind-of get from JIRA) about who
all did reviews.