Build failed in Jenkins: POI » POI-DSL-1.17 #2

2021-09-23 Thread Apache Jenkins Server 
See 


Changes:

[PJ Fanning] forbidden api

[PJ Fanning] downgrade junit version - due to build issue

[PJ Fanning] slf4j version


--
[...truncated 407.72 KB...]
AUsrc/documentation/resources/images/logoKarmokar1.png
AUsrc/documentation/resources/images/POIFSInitialization.gif
AUsrc/documentation/resources/images/logoKarmokar2.png
AUsrc/documentation/resources/images/logoRaPiGmbH10.png
AUsrc/documentation/resources/images/logoKarmokar3.png
AUsrc/documentation/resources/images/logoRaPiGmbH11.png
AUsrc/documentation/resources/images/logoMichaelMosmann.png
AUsrc/documentation/resources/images/logoKarmokar4.png
AUsrc/documentation/resources/images/logoRaPiGmbH12.png
AUsrc/documentation/resources/images/logoKarmokar5.png
AUsrc/documentation/resources/images/logoKarmokar6.png
AUsrc/documentation/resources/images/ApacheConEu08.jpg
AUsrc/documentation/resources/images/BlockClassDiagram.gif
AUsrc/documentation/resources/images/calculatePayment.jpg
AUsrc/documentation/resources/images/PropertyTableClassDiagram.gif
AUsrc/documentation/resources/images/logoRussellBeattie1.png
AUsrc/documentation/resources/images/logoRussellBeattie2.png
AUsrc/documentation/resources/images/logoRussellBeattie3.png
AUsrc/documentation/skinconf.xml
AUsrc/documentation/release-guide.txt
A src/documentation/sitemap.xmap
A src/documentation/cli.xconf
AUsrc/documentation/RELEASE-NOTES.txt
AUsrc/documentation/README.txt
A src/documentation/classes
A src/documentation/classes/CatalogManager.properties
At revision 1893582

At revision 1893582

No changes for https://svn.apache.org/repos/asf/poi/site/forrest.properties 
since the previous build
No changes for https://svn.apache.org/repos/asf/poi/site/src/documentation 
since the previous build
No JDK named ?? found
[POI-DSL-1.17] $ /bin/sh -xe /tmp/jenkins5877522254251627151.sh
+ rm -rf examples excelant integrationtest main ooxml ooxml-schema scratchpad 
build.javacheck.xml
+ svn status
X   forrest.properties
X   src/documentation

Performing status on external item at 'src/documentation':
+ svn revert poi-examples/src/main/java9/module-info.class 
poi-examples/src/main/java9/module-info.java 
poi-excelant/src/main/java9/module-info.class 
poi-excelant/src/main/java9/module-info.java 
poi-excelant/src/test/java9/module-info.class 
poi-excelant/src/test/java9/module-info.java 
poi-integration/src/test/java9/module-info.class 
poi-integration/src/test/java9/module-info.java 
poi-ooxml-full/src/main/java9/module-info.class 
poi-ooxml-full/src/main/java9/module-info.java 
poi-ooxml-lite-agent/src/main/java9/module-info.class 
poi-ooxml-lite-agent/src/main/java9/module-info.java 
poi-ooxml-lite/src/main/java9/module-info.class 
poi-ooxml-lite/src/main/java9/module-info.java 
poi-ooxml/src/main/java9/module-info.class 
poi-ooxml/src/main/java9/module-info.java 
poi-ooxml/src/test/java9/module-info.class 
poi-ooxml/src/test/java9/module-info.java 
poi-scratchpad/src/main/java9/module-info.class 
poi-scratchpad/src/main/java9/module-info.java 
poi-scratchpad/src/test/java9/module-info.class 
poi-scratchpad/src/test/java9/module-info.java 
poi/src/main/java9/module-info.class poi/src/main/java9/module-info.java 
poi/src/test/java9/module-info.class poi/src/test/java9/module-info.java
+ echo Java-Home:
Java-Home:
+ ls -al /
total 14733
drwxr-xr-x  25 root root 4096 Sep 22 06:30 .
drwxr-xr-x  25 root root 4096 Sep 22 06:30 ..
drwxr-xr-x   2 root root 4096 Sep 15 06:37 bin
drwxr-xr-x   4 root root 1024 Sep 23 06:29 boot
-rw-r--r--   1 root root  530 Aug 26  2019 chboot
drwxr-xr-x  19 root root 4020 Sep 23 14:32 dev
drwxr-xr-x 124 root root12288 Sep 22 09:23 etc
drwxr-xr-x  13 root root 4096 Jul 12 19:45 home
lrwxrwxrwx   1 root root   34 Sep 22 06:30 initrd.img -> 
boot/initrd.img-4.15.0-158-generic
lrwxrwxrwx   1 root root   34 Sep 22 06:30 initrd.img.old -> 
boot/initrd.img-4.15.0-156-generic
drwxr-xr-x  18 root root 4096 Dec 16  2020 lib
drwxr-xr-x   2 root root12288 Dec 16  2020 lib32
drwxr-xr-x   3 root root 4096 Dec 16  2020 lib64
drwxr-xr-x   2 root root12288 Dec 16  2020 libx32
drwx--   2 root root16384 Aug 26  2019 lost+found
drwxr-xr-x   2 root root 4096 Aug 26  2019 media
drwxr-xr-x   2 root root 4096 Aug 26  2019 mnt
drwxr-xr-x  11 root root 4096 Sep 13 10:24 opt
dr-xr-xr-x 351 root root0 Sep  4  2019 proc
-rw-r--r--   1 root root11724 Jun 19  2019 puppet-release-bionic.deb
drwx--   8 root root 4096 Jul 12 20:53 root
drwxr-xr-x  33 root root 1160 Sep 23 11:22 run
drwxr-xr-x   2 root root12288 Sep 15 06:37 sbin
drwxr-xr-x   8 root root 4096 Jun 17

Jenkins build is back to normal : POI » POI-DSL-1.11 #83

2021-09-23 Thread Apache Jenkins Server 
See 



-
To unsubscribe, e-mail: dev-unsubscr...@poi.apache.org
For additional commands, e-mail: dev-h...@poi.apache.org

Jenkins build is back to normal : POI » POI-DSL-Windows-1.16 #187

2021-09-23 Thread Apache Jenkins Server 
See 



-
To unsubscribe, e-mail: dev-unsubscr...@poi.apache.org
For additional commands, e-mail: dev-h...@poi.apache.org

Build failed in Jenkins: POI » POI-DSL-Windows-1.16 #186

2021-09-23 Thread Apache Jenkins Server 
See 


Changes:

[PJ Fanning] downgrade junit version - due to build issue


--
[...truncated 32.38 KB...]
> Task :poi-ooxml-lite-agent:classes
> Task :poi-ooxml-lite-agent:jar

> Task :poi-scratchpad:compileTestJava
F:\jenkins\jenkins-slave\712657a4\workspace\POI\POI-DSL-Windows-1.16\poi-scratchpad\src\test\java\org\apache\poi\hslf\extractor\TestExtractor.java:497:
 warning: [deprecation] getCodepoints(String,Boolean,Boolean) in 
SlideShowExtractor has been deprecated
BitSet l1 = ppt.getCodepoints(font, null, null);
   ^
F:\jenkins\jenkins-slave\712657a4\workspace\POI\POI-DSL-Windows-1.16\poi-scratchpad\src\test\java\org\apache\poi\hwpf\extractor\TestWordExtractor.java:190:
 warning: [deprecation] getHeaderText() in WordExtractor has been deprecated
assertEquals("First header column!\tMid header Right header!\n", 
extractor1.getHeaderText());

   ^
F:\jenkins\jenkins-slave\712657a4\workspace\POI\POI-DSL-Windows-1.16\poi-scratchpad\src\test\java\org\apache\poi\hwpf\extractor\TestWordExtractor.java:200:
 warning: [deprecation] getHeaderText() in WordExtractor has been deprecated
assertEquals("This is a simple header, with a \u20ac euro symbol in 
it.\n\n", extractor2.getHeaderText());

^
F:\jenkins\jenkins-slave\712657a4\workspace\POI\POI-DSL-Windows-1.16\poi-scratchpad\src\test\java\org\apache\poi\hwpf\extractor\TestWordExtractor.java:213:
 warning: [deprecation] getFooterText() in WordExtractor has been deprecated
assertEquals("Footer Left\tFooter Middle Footer Right\n", 
extractor1.getFooterText());
^
F:\jenkins\jenkins-slave\712657a4\workspace\POI\POI-DSL-Windows-1.16\poi-scratchpad\src\test\java\org\apache\poi\hwpf\extractor\TestWordExtractor.java:223:
 warning: [deprecation] getFooterText() in WordExtractor has been deprecated
assertEquals("The footer, with Moli\u00e8re, has Unicode in it.\n", 
extractor2.getFooterText());

  ^
F:\jenkins\jenkins-slave\712657a4\workspace\POI\POI-DSL-Windows-1.16\poi-scratchpad\src\test\java\org\apache\poi\hwpf\extractor\TestWordExtractorBugs.java:56:
 warning: [deprecation] getParagraphText() in Word6Extractor has been deprecated
assertNotNull(extractor.getParagraphText());
   ^
F:\jenkins\jenkins-slave\712657a4\workspace\POI\POI-DSL-Windows-1.16\poi-scratchpad\src\test\java\org\apache\poi\hwpf\model\TestCHPBinTable.java:53:
 warning: [deprecation] writeTo(HWPFFileSystem,int,CharIndexTranslator) in 
CHPBinTable has been deprecated
_cHPBinTable.writeTo(fileSys, 0, fakeTPT);
^
F:\jenkins\jenkins-slave\712657a4\workspace\POI\POI-DSL-Windows-1.16\poi-scratchpad\src\test\java\org\apache\poi\hwpf\model\TestFontTable.java:47:
 warning: [deprecation] writeTo(HWPFFileSystem) in FontTable has been deprecated
_fontTable.writeTo(fileSys);
  ^
F:\jenkins\jenkins-slave\712657a4\workspace\POI\POI-DSL-Windows-1.16\poi-scratchpad\src\test\java\org\apache\poi\hwpf\model\TestSectionTable.java:50:
 warning: [deprecation] writeTo(HWPFFileSystem,int) in SectionTable has been 
deprecated
sectionTable.writeTo(fileSys, 0);
^
F:\jenkins\jenkins-slave\712657a4\workspace\POI\POI-DSL-Windows-1.16\poi-scratchpad\src\test\java\org\apache\poi\hwpf\sprm\TestSprms.java:77:
 warning: [deprecation] getParagraphStyle(int) in StyleSheet has been deprecated
assertEquals(1, 
hwpfDocument.getStyleSheet().getParagraphStyle(8).getJustification());
^
F:\jenkins\jenkins-slave\712657a4\workspace\POI\POI-DSL-Windows-1.16\poi-scratchpad\src\test\java\org\apache\poi\hwpf\sprm\TestSprms.java:80:
 warning: [deprecation] getParagraphStyle(int) in StyleSheet has been deprecated
assertEquals(1, 
hwpfDocument2.getStyleSheet().getParagraphStyle(8).getJustification());
 ^
F:\jenkins\jenkins-slave\712657a4\workspace\POI\POI-DSL-Windows-1.16\poi-scratchpad\src\test\java\org\apache\poi\hwpf\usermodel\TestBug49820.java:64:
 warning: [deprecation] getParagraphStyle(int) in StyleSheet has been deprecated
assertEquals(expectedStyleLvl, 
styleSheet.getParagraphStyle(par.getStyleIndex()).getLvl());
 ^
F:\jenkins\jenkins-slave\712657a4\workspace\POI\POI-DSL-Windows-1.16\poi-scratchpad\src\test\java\org\apache\poi\hwpf\usermodel\TestHWPFOldDocument.java:186:
 warning: [deprecation] getParagraphText()

Build failed in Jenkins: POI » POI-DSL-Windows-1.16 #185

2021-09-23 Thread Apache Jenkins Server 
See 


Changes:

[PJ Fanning] slf4j version


--
[...truncated 10.11 KB...]
svn: E155010: The node 
'F:\jenkins\jenkins-home\712657a4\workspace\POI\POI-DSL-Windows-1.16\poi*\src\*'
 was not found.
Java-Home: f:\\jenkins\\tools\\java\\latest16
 Volume in drive F is Data
 Volume Serial Number is 7E6F-D4C9

 Directory of f:\jenkins\tools\java\latest16

08/03/2021  04:32 PM  .
08/03/2021  04:32 PM  ..
08/03/2021  04:32 PM  bin
08/03/2021  04:32 PM  conf
08/03/2021  04:32 PM  include
08/03/2021  04:32 PM  jmods
08/03/2021  04:32 PM  legal
08/03/2021  04:32 PM  lib
11/11/2020  08:41 PM 1,165 release
   1 File(s)  1,165 bytes
   8 Dir(s)  1,058,200,121,344 bytes free
openjdk version "16-ea" 2021-03-16
OpenJDK Runtime Environment (build 16-ea+24-1553)
OpenJDK 64-Bit Server VM (build 16-ea+24-1553, mixed mode, sharing)
[Gradle] - Launching build.
[POI-DSL-Windows-1.16] $ cmd.exe /C 
" 
clean jenkins && exit %%ERRORLEVEL%%"
Starting a Gradle Daemon, 1 incompatible Daemon could not be reused, use 
--status for details

> Configure project :
Trying to override old definition of datatype junit

> Task :clean
> Task :poi:clean
> Task :poi-examples:clean
> Task :poi-excelant:clean
> Task :poi-integration:clean
> Task :poi-ooxml:clean
> Task :poi-ooxml-full:clean
> Task :poi-ooxml-lite:clean
> Task :poi-ooxml-lite-agent:clean
> Task :poi-scratchpad:clean
> Task :poi:generateVersionJava

> Task :poi:compileJava
F:\jenkins\jenkins-home\712657a4\workspace\POI\POI-DSL-Windows-1.16\poi\src\main\java\org\apache\poi\util\GenericRecordUtil.java:131:
 warning: [unchecked] unchecked cast
m.putAll((Map>)baseMap);
  ^
  required: Map>
  found:Object
F:\jenkins\jenkins-home\712657a4\workspace\POI\POI-DSL-Windows-1.16\poi\src\main\java\org\apache\poi\hssf\record\NameRecord.java:466:
 warning: [deprecation] readAllContinuedRemainder() in RecordInputStream has 
been deprecated
byte[] remainder = ris.readAllContinuedRemainder();
  ^
F:\jenkins\jenkins-home\712657a4\workspace\POI\POI-DSL-Windows-1.16\poi\src\main\java\org\apache\poi\hssf\record\AbstractEscherHolderRecord.java:62:
 warning: [deprecation] readAllContinuedRemainder() in RecordInputStream has 
been deprecated
byte[] data = in.readAllContinuedRemainder();
^
F:\jenkins\jenkins-home\712657a4\workspace\POI\POI-DSL-Windows-1.16\poi\src\main\java\org\apache\poi\ss\usermodel\CellBase.java:39:
 warning: [deprecation] setCellType(CellType) in Cell has been deprecated
public final void setCellType(CellType cellType) {
  ^
F:\jenkins\jenkins-home\712657a4\workspace\POI\POI-DSL-Windows-1.16\poi\src\main\java\org\apache\poi\ss\formula\BaseFormulaEvaluator.java:225:
 warning: [deprecation] setCellType(CellType) in Cell has been deprecated
cell.setCellType(cellType);
^
F:\jenkins\jenkins-home\712657a4\workspace\POI\POI-DSL-Windows-1.16\poi\src\main\java\org\apache\poi\hssf\record\RecordFactoryInputStream.java:335:
 warning: [deprecation] processContinueRecord(byte[]) in DrawingRecord has been 
deprecated
_lastDrawingRecord.processContinueRecord(contRec.getData());
  ^
F:\jenkins\jenkins-home\712657a4\workspace\POI\POI-DSL-Windows-1.16\poi\src\main\java\org\apache\poi\ss\format\CellNumberFormatter.java:726:
 warning: [unchecked] Possible heap pollution from parameterized vararg type 
List
private static boolean hasChar(char ch, List... numSpecials) {
^
7 warnings

> Task :poi:compileJava9
> Task :poi:cacheJava9
> Task :poi:processResources
> Task :poi:classes
> Task :poi:jar
> Task :poi-ooxml:fixBatik
> Task :poi-ooxml-full:copy_xsds
> Task :poi-ooxml-full:generate_beans
> Task :poi-ooxml-full:compileJava
> Task :poi-ooxml-full:compileJava9
> Task :poi-ooxml-full:cacheJava9
> Task :poi-ooxml-full:processResources NO-SOURCE
> Task :poi-ooxml-full:classes
> Task :poi-ooxml-full:sourceJar
> Task :poi-ooxml-full:jar

> Task :poi-ooxml:compileJava
F:\jenkins\jenkins-home\712657a4\workspace\POI\POI-DSL-Windows-1.16\poi-ooxml\src\main\java\org\apache\poi\xssf\usermodel\BaseXSSFEvaluationWorkbook.java:171:
 warning: [deprecation] getNameAt(int) in XSSFWorkbook has been deprecated
XSSFName nm = _uBook.getNameAt(i);
^
F:\jenkins\jenkins-home\712657a4\workspace\POI\POI-DSL-Windows-1.16\poi-ooxml\src\main\java\org\apache\poi\xssf\usermodel\BaseXSSFEvaluationWorkbook.java:215:
 warning: [deprecation] getNameIndex(String) in XSSFWorkbook

Build failed in Jenkins: POI » POI-DSL-1.11 #82

2021-09-23 Thread Apache Jenkins Server 
See 


Changes:

[PJ Fanning] upgrade some build dependencies

[PJ Fanning] tabs to spaces


--
[...truncated 12.42 KB...]
+ ant -f build.javacheck.xml -v
Apache Ant(TM) version 1.10.5 compiled on March 28 2019
Buildfile: 

Detected Java version: 11 in: /usr/local/asfpackages/java/oraclejdk-11.0.11
Detected OS: Linux
parsing buildfile 
 
with URI = 

Project base dir set to: 

Build sequence for target(s) `test' is [test]
Complete build sequence is [test, ]

test:
parsing buildfile 
jar:file:/usr/share/ant/lib/ant.jar!/org/apache/tools/ant/antlib.xml with URI = 
jar:file:/usr/share/ant/lib/ant.jar!/org/apache/tools/ant/antlib.xml from a zip 
file
 [echo] Java 11/11.0.11
 [exec] Current OS is Linux
 [exec] Executing 'javac' with arguments:
 [exec] '-version'
 [exec] 
 [exec] The ' characters around the executable and arguments are
 [exec] not part of the command.
 [exec] javac 11.0.11

BUILD SUCCESSFUL
Total time: 1 second
+ exit 0
[POI-DSL-1.11] $ /bin/sh -xe /tmp/jenkins8533090395091349615.sh
+ touch --no-create build/*/build/test-results/TEST-*.xml 
build/*/build/test-results/test/TEST-*.xml
[Gradle] - Launching build.
[POI-DSL-1.11] $ 
 clean jenkins
To honour the JVM settings for this build a single-use Daemon process will be 
forked. See 
https://docs.gradle.org/7.2/userguide/gradle_daemon.html#sec:disabling_the_daemon.
Daemon will be stopped at the end of the build 

> Configure project :
Trying to override old definition of datatype junit

> Task :clean
> Task :poi:clean
> Task :poi-examples:clean
> Task :poi-excelant:clean
> Task :poi-integration:clean
> Task :poi-ooxml:clean
> Task :poi-ooxml-full:clean
> Task :poi-ooxml-lite:clean
> Task :poi-ooxml-lite-agent:clean
> Task :poi-scratchpad:clean
> Task :poi:generateVersionJava

> Task :poi:compileJava
:225:
 warning: [deprecation] setCellType(CellType) in Cell has been deprecated
cell.setCellType(cellType);
^
:131:
 warning: [unchecked] unchecked cast
m.putAll((Map>)baseMap);
  ^
  required: Map>
  found:Object
:39:
 warning: [deprecation] setCellType(CellType) in Cell has been deprecated
public final void setCellType(CellType cellType) {
  ^
:726:
 warning: [unchecked] Possible heap pollution from parameterized vararg type 
List
private static boolean hasChar(char ch, List... numSpecials) {
^
:466:
 warning: [deprecation] readAllContinuedRemainder() in RecordInputStream has 
been deprecated
byte[] remainder = ris.readAllContinuedRemainder();
  ^
:62:
 warning: [deprecation] readAllContinuedRemainder() in RecordInputStream has 
been deprecated
byte[] data = in.readAllContinuedRemainder();
^
:335:
 warning: [deprecation] processContinueRecord(byte[]) in DrawingRecord has been 
deprecated
_lastDrawingRecord.processContinueRecord(contRec.getData());
  ^
7 warnings

> Task :poi:compileJava9
> Task :poi:cacheJava9
> Task :poi:processResources
> Task :poi:classes
> Task :poi:jar
> Task :poi-ooxml:fixBatik
> Task :poi-ooxml-full:copy_xsds
> Task :poi-ooxml-full:generate_beans
> Task :poi-ooxml-full:compileJava
> Task :poi-ooxml-full:compileJava9
> Task :poi-ooxml-full:cacheJava9
> Task :poi-ooxml-full:processResources NO-SOURCE
> Task :poi-ooxml-full:classes
> Task :poi-ooxml-full:sourceJar
> Task :poi-ooxml-full:jar

> Task :poi-ooxml:compileJava

Re: slf4j dependency on an beta version

2021-09-23 Thread Alain FAGOT BÉAREZ 
Hi,

The company where I work currently also uses 1.7.32 with no reason to use any 
beta versions.

+1 for 1.7.32

Cheers,
Alain FAGOT BÉAREZ



⁣Obter o BlueMail para Android ​

Em 23 de set de 2021 21:17, em 21:17, PJ Fanning  
escreveu:
> Thanks Andi - I'll change to 1.7.32.
>
>
>On Thursday 23 September 2021, 20:15:38 IST, Andreas Beeker
> wrote:
>
> Hi PJ,
>
>On 23.09.21 20:54, PJ Fanning wrote:
>> Does anyone know why we don't just rely on slf4j-api 1.7.x?
>>
>I've raised the dependency to the beta version, because I saw the 2.x
>alpha and thought this would be the latest stable and they aren't
>continuing on the 1.x branch.
>
>1.7.x is ok for me, if you ask me in that way ;)
>
>Andi
>
>
>-
>To unsubscribe, e-mail: dev-unsubscr...@poi.apache.org
>For additional commands, e-mail: dev-h...@poi.apache.org
>
>

Build failed in Jenkins: POI » POI-DSL-1.17 #1

2021-09-23 Thread Apache Jenkins Server 
See 

Changes:


--
[...truncated 407.87 KB...]
AUsrc/documentation/resources/images/logoKarmokar3s.png
AUsrc/documentation/resources/images/logoGlenStampoutlzis.png
AUsrc/documentation/resources/images/logoKarmokar1.png
AUsrc/documentation/resources/images/POIFSInitialization.gif
AUsrc/documentation/resources/images/logoKarmokar2.png
AUsrc/documentation/resources/images/logoRaPiGmbH10.png
AUsrc/documentation/resources/images/logoKarmokar3.png
AUsrc/documentation/resources/images/logoRaPiGmbH11.png
AUsrc/documentation/resources/images/logoMichaelMosmann.png
AUsrc/documentation/resources/images/logoKarmokar4.png
AUsrc/documentation/resources/images/logoRaPiGmbH12.png
AUsrc/documentation/resources/images/logoKarmokar5.png
AUsrc/documentation/resources/images/logoKarmokar6.png
AUsrc/documentation/resources/images/ApacheConEu08.jpg
AUsrc/documentation/resources/images/BlockClassDiagram.gif
AUsrc/documentation/resources/images/calculatePayment.jpg
AUsrc/documentation/resources/images/PropertyTableClassDiagram.gif
AUsrc/documentation/resources/images/logoRussellBeattie1.png
AUsrc/documentation/resources/images/logoRussellBeattie2.png
AUsrc/documentation/resources/images/logoRussellBeattie3.png
AUsrc/documentation/skinconf.xml
AUsrc/documentation/release-guide.txt
A src/documentation/sitemap.xmap
A src/documentation/cli.xconf
AUsrc/documentation/RELEASE-NOTES.txt
AUsrc/documentation/README.txt
A src/documentation/classes
A src/documentation/classes/CatalogManager.properties
At revision 1893577

At revision 1893577

No JDK named ?? found
[POI-DSL-1.17] $ /bin/sh -xe /tmp/jenkins3183301675212548896.sh
+ rm -rf examples excelant integrationtest main ooxml ooxml-schema scratchpad 
build.javacheck.xml
+ svn status
X   forrest.properties
X   src/documentation

Performing status on external item at 'src/documentation':
+ svn revert poi-examples/src/main/java9/module-info.class 
poi-examples/src/main/java9/module-info.java 
poi-excelant/src/main/java9/module-info.class 
poi-excelant/src/main/java9/module-info.java 
poi-excelant/src/test/java9/module-info.class 
poi-excelant/src/test/java9/module-info.java 
poi-integration/src/test/java9/module-info.class 
poi-integration/src/test/java9/module-info.java 
poi-ooxml-full/src/main/java9/module-info.class 
poi-ooxml-full/src/main/java9/module-info.java 
poi-ooxml-lite-agent/src/main/java9/module-info.class 
poi-ooxml-lite-agent/src/main/java9/module-info.java 
poi-ooxml-lite/src/main/java9/module-info.class 
poi-ooxml-lite/src/main/java9/module-info.java 
poi-ooxml/src/main/java9/module-info.class 
poi-ooxml/src/main/java9/module-info.java 
poi-ooxml/src/test/java9/module-info.class 
poi-ooxml/src/test/java9/module-info.java 
poi-scratchpad/src/main/java9/module-info.class 
poi-scratchpad/src/main/java9/module-info.java 
poi-scratchpad/src/test/java9/module-info.class 
poi-scratchpad/src/test/java9/module-info.java 
poi/src/main/java9/module-info.class poi/src/main/java9/module-info.java 
poi/src/test/java9/module-info.class poi/src/test/java9/module-info.java
+ echo Java-Home:
Java-Home:
+ ls -al /
total 6277
drwxr-xr-x   25 root root4096 Sep 22 06:22 .
drwxr-xr-x   25 root root4096 Sep 22 06:22 ..
drwxr-xr-x2 root root4096 Sep 15 06:48 bin
drwxr-xr-x4 root root1024 Sep 22 06:23 boot
-rw-r--r--1 root root 530 Feb  1  2020 chboot
drwxr-xr-x   20 root root4100 Jul 28 21:56 dev
drwxr-xr-x  124 root root   12288 Sep 22 09:25 etc
drwxr-xr-x   12 root root4096 Jun 12 19:07 home
lrwxrwxrwx1 root root  34 Sep 22 06:22 initrd.img -> 
boot/initrd.img-4.15.0-158-generic
lrwxrwxrwx1 root root  34 Sep 22 06:22 initrd.img.old -> 
boot/initrd.img-4.15.0-156-generic
drwxr-xr-x   19 root root4096 Dec 16  2020 lib
drwxr-xr-x2 root root   12288 Dec 16  2020 lib32
drwxr-xr-x3 root root4096 Dec 16  2020 lib64
drwxr-xr-x2 root root   12288 Dec 16  2020 libx32
drwx--2 root root   16384 Feb  1  2020 lost+found
drwxr-xr-x2 root root4096 Feb  1  2020 media
drwxr-xr-x2 root root4096 Feb  1  2020 mnt
drwxr-xr-x   11 root root4096 Sep 13 10:26 opt
dr-xr-xr-x  379 root root   0 May 21  2020 proc
-rw-r--r--1 root root   11724 Jun 19  2019 puppet-release-bionic.deb
drwx--7 root root4096 Jun  4 12:58 root
drwxr-xr-x   33 root root1140 Sep 23 14:07 run
drwxr-xr-x2 root root   12288 Sep 15 06:47 sbin
drwxr-xr-x9 root root4096 Jun 17 01:20 snap
drwxr-xr-x2 root root4096 Feb  1  2020 srv
dr-xr-xr-x   13 root root   0 May 21  2020 sys
drwxrwxrwt 3181 root root 6283264 Sep 23 19:24 tmp
drwxr-xr-x   15 root root4096 Feb

Build failed in Jenkins: POI » POI-DSL-Windows-1.16 #184

2021-09-23 Thread Apache Jenkins Server 
See 


Changes:

[PJ Fanning] upgrade some build dependencies

[PJ Fanning] tabs to spaces


--
[...truncated 9.17 KB...]
svn: E155010: The node 
'F:\jenkins\jenkins-slave\712657a4\workspace\POI\POI-DSL-Windows-1.16\poi*\src\*'
 was not found.
Java-Home: f:\\jenkins\\tools\\java\\latest16
 Volume in drive F is data
 Volume Serial Number is 86B6-2F62

 Directory of f:\jenkins\tools\java\latest16

11/14/2020  07:14 AM  .
11/14/2020  07:14 AM  ..
11/14/2020  07:14 AM  bin
11/14/2020  07:14 AM  conf
11/14/2020  07:14 AM  include
11/14/2020  07:14 AM  jmods
11/14/2020  07:14 AM  legal
11/14/2020  07:14 AM  lib
11/11/2020  09:41 PM 1,165 release
   1 File(s)  1,165 bytes
   8 Dir(s)  1,820,545,437,696 bytes free
openjdk version "16-ea" 2021-03-16
OpenJDK Runtime Environment (build 16-ea+24-1553)
OpenJDK 64-Bit Server VM (build 16-ea+24-1553, mixed mode, sharing)
[Gradle] - Launching build.
[POI-DSL-Windows-1.16] $ cmd.exe /C 
" 
clean jenkins && exit %%ERRORLEVEL%%"
Starting a Gradle Daemon, 1 incompatible and 1 stopped Daemons could not be 
reused, use --status for details

> Configure project :
Trying to override old definition of datatype junit

> Task :clean
> Task :poi:clean
> Task :poi-examples:clean
> Task :poi-excelant:clean
> Task :poi-integration:clean
> Task :poi-ooxml:clean
> Task :poi-ooxml-full:clean
> Task :poi-ooxml-lite:clean
> Task :poi-ooxml-lite-agent:clean
> Task :poi-scratchpad:clean
> Task :poi:generateVersionJava

> Task :poi:compileJava
F:\jenkins\jenkins-slave\712657a4\workspace\POI\POI-DSL-Windows-1.16\poi\src\main\java\org\apache\poi\util\GenericRecordUtil.java:131:
 warning: [unchecked] unchecked cast
m.putAll((Map>)baseMap);
  ^
  required: Map>
  found:Object
F:\jenkins\jenkins-slave\712657a4\workspace\POI\POI-DSL-Windows-1.16\poi\src\main\java\org\apache\poi\hssf\record\NameRecord.java:466:
 warning: [deprecation] readAllContinuedRemainder() in RecordInputStream has 
been deprecated
byte[] remainder = ris.readAllContinuedRemainder();
  ^
F:\jenkins\jenkins-slave\712657a4\workspace\POI\POI-DSL-Windows-1.16\poi\src\main\java\org\apache\poi\hssf\record\AbstractEscherHolderRecord.java:62:
 warning: [deprecation] readAllContinuedRemainder() in RecordInputStream has 
been deprecated
byte[] data = in.readAllContinuedRemainder();
^
F:\jenkins\jenkins-slave\712657a4\workspace\POI\POI-DSL-Windows-1.16\poi\src\main\java\org\apache\poi\ss\usermodel\CellBase.java:39:
 warning: [deprecation] setCellType(CellType) in Cell has been deprecated
public final void setCellType(CellType cellType) {
  ^
F:\jenkins\jenkins-slave\712657a4\workspace\POI\POI-DSL-Windows-1.16\poi\src\main\java\org\apache\poi\ss\formula\BaseFormulaEvaluator.java:225:
 warning: [deprecation] setCellType(CellType) in Cell has been deprecated
cell.setCellType(cellType);
^
F:\jenkins\jenkins-slave\712657a4\workspace\POI\POI-DSL-Windows-1.16\poi\src\main\java\org\apache\poi\hssf\record\RecordFactoryInputStream.java:335:
 warning: [deprecation] processContinueRecord(byte[]) in DrawingRecord has been 
deprecated
_lastDrawingRecord.processContinueRecord(contRec.getData());
  ^
F:\jenkins\jenkins-slave\712657a4\workspace\POI\POI-DSL-Windows-1.16\poi\src\main\java\org\apache\poi\ss\format\CellNumberFormatter.java:726:
 warning: [unchecked] Possible heap pollution from parameterized vararg type 
List
private static boolean hasChar(char ch, List... numSpecials) {
^
7 warnings

> Task :poi:compileJava9
> Task :poi:cacheJava9 UP-TO-DATE
> Task :poi:processResources
> Task :poi:classes
> Task :poi:jar
> Task :poi-ooxml:fixBatik
> Task :poi-ooxml-full:copy_xsds
> Task :poi-ooxml-full:generate_beans
> Task :poi-ooxml-full:compileJava
> Task :poi-ooxml-full:compileJava9
> Task :poi-ooxml-full:cacheJava9 UP-TO-DATE
> Task :poi-ooxml-full:processResources NO-SOURCE
> Task :poi-ooxml-full:classes
> Task :poi-ooxml-full:sourceJar
> Task :poi-ooxml-full:jar

> Task :poi-ooxml:compileJava
F:\jenkins\jenkins-slave\712657a4\workspace\POI\POI-DSL-Windows-1.16\poi-ooxml\src\main\java\org\apache\poi\xssf\usermodel\BaseXSSFEvaluationWorkbook.java:171:
 warning: [deprecation] getNameAt(int) in XSSFWorkbook has been deprecated
XSSFName nm = _uBook.getNameAt(i);
^

Re: slf4j dependency on an beta version

2021-09-23 Thread PJ Fanning 
 Thanks Andi - I'll change to 1.7.32.


On Thursday 23 September 2021, 20:15:38 IST, Andreas Beeker 
 wrote:  
 
 Hi PJ,

On 23.09.21 20:54, PJ Fanning wrote:
> Does anyone know why we don't just rely on slf4j-api 1.7.x?
>
I've raised the dependency to the beta version, because I saw the 2.x alpha and 
thought this would be the latest stable and they aren't continuing on the 1.x 
branch.

1.7.x is ok for me, if you ask me in that way ;)

Andi


-
To unsubscribe, e-mail: dev-unsubscr...@poi.apache.org
For additional commands, e-mail: dev-h...@poi.apache.org

Re: slf4j dependency on an beta version

2021-09-23 Thread Andreas Beeker 

Hi PJ,

On 23.09.21 20:54, PJ Fanning wrote:

Does anyone know why we don't just rely on slf4j-api 1.7.x?


I've raised the dependency to the beta version, because I saw the 2.x alpha and 
thought this would be the latest stable and they aren't continuing on the 1.x 
branch.

1.7.x is ok for me, if you ask me in that way ;)

Andi


-
To unsubscribe, e-mail: dev-unsubscr...@poi.apache.org
For additional commands, e-mail: dev-h...@poi.apache.org

[GitHub] [poi] dependabot[bot] commented on pull request #248: Bump spotbugs-gradle-plugin from 4.7.3 to 4.7.5

2021-09-23 Thread GitBox 


dependabot[bot] commented on pull request #248:
URL: https://github.com/apache/poi/pull/248#issuecomment-926076612


   OK, I won't notify you again about this release, but will get in touch when 
a new version is available. If you'd rather skip all updates until the next 
major or minor version, let me know by commenting `@dependabot ignore this 
major version` or `@dependabot ignore this minor version`. You can also ignore 
all major, minor, or patch releases for a dependency by adding an [`ignore` 
condition](https://docs.github.com/en/code-security/supply-chain-security/configuration-options-for-dependency-updates#ignore)
 with the desired `update_types` to your config file.
   
   If you change your mind, just re-open this PR and I'll resolve any conflicts 
on it.


-- 
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.

To unsubscribe, e-mail: dev-unsubscr...@poi.apache.org

For queries about this service, please contact Infrastructure at:
us...@infra.apache.org



-
To unsubscribe, e-mail: dev-unsubscr...@poi.apache.org
For additional commands, e-mail: dev-h...@poi.apache.org

[GitHub] [poi] dependabot[bot] commented on pull request #249: Bump junitVersion from 5.7.2 to 5.8.1

2021-09-23 Thread GitBox 


dependabot[bot] commented on pull request #249:
URL: https://github.com/apache/poi/pull/249#issuecomment-926076624


   OK, I won't notify you again about this release, but will get in touch when 
a new version is available. You can also ignore all major, minor, or patch 
releases for a dependency by adding an [`ignore` 
condition](https://docs.github.com/en/code-security/supply-chain-security/configuration-options-for-dependency-updates#ignore)
 with the desired `update_types` to your config file.
   
   If you change your mind, just re-open this PR and I'll resolve any conflicts 
on it.


-- 
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.

To unsubscribe, e-mail: dev-unsubscr...@poi.apache.org

For queries about this service, please contact Infrastructure at:
us...@infra.apache.org



-
To unsubscribe, e-mail: dev-unsubscr...@poi.apache.org
For additional commands, e-mail: dev-h...@poi.apache.org

[GitHub] [poi] asfgit closed pull request #248: Bump spotbugs-gradle-plugin from 4.7.3 to 4.7.5

2021-09-23 Thread GitBox 


asfgit closed pull request #248:
URL: https://github.com/apache/poi/pull/248


   


-- 
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.

To unsubscribe, e-mail: dev-unsubscr...@poi.apache.org

For queries about this service, please contact Infrastructure at:
us...@infra.apache.org



-
To unsubscribe, e-mail: dev-unsubscr...@poi.apache.org
For additional commands, e-mail: dev-h...@poi.apache.org

[GitHub] [poi] asfgit closed pull request #249: Bump junitVersion from 5.7.2 to 5.8.1

2021-09-23 Thread GitBox 


asfgit closed pull request #249:
URL: https://github.com/apache/poi/pull/249


   


-- 
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.

To unsubscribe, e-mail: dev-unsubscr...@poi.apache.org

For queries about this service, please contact Infrastructure at:
us...@infra.apache.org



-
To unsubscribe, e-mail: dev-unsubscr...@poi.apache.org
For additional commands, e-mail: dev-h...@poi.apache.org

slf4j dependency on an beta version

2021-09-23 Thread PJ Fanning 
Hi,
Does anyone know why we don't just rely on slf4j-api 1.7.x?
https://mvnrepository.com/artifact/org.apache.logging.log4j/log4j-core/2.14.1 
shows that log4j has a slf4j-api 1.7.x dependency.
I know a lot of projects have dependencies on slf4j-api 1.8.x-beta versions or 
2.0.x alpha versions - these pre-releases have been around a while with little 
indication when the stable releases will happen. I think we should stick to 
slf4j-api 1.7.32 unless there is a good reason.
https://github.com/apache/poi/blob/trunk/build.gradle#L138 is where the 
dependency is defined

 

Jenkins build is back to normal : POI » POI-DSL-Windows-1.16 #182

2021-09-23 Thread Apache Jenkins Server 
See 



-
To unsubscribe, e-mail: dev-unsubscr...@poi.apache.org
For additional commands, e-mail: dev-h...@poi.apache.org

[GitHub] [poi] dependabot[bot] opened a new pull request #248: Bump spotbugs-gradle-plugin from 4.7.3 to 4.7.5

2021-09-23 Thread GitBox 


dependabot[bot] opened a new pull request #248:
URL: https://github.com/apache/poi/pull/248


   Bumps spotbugs-gradle-plugin from 4.7.3 to 4.7.5.
   
   
   [![Dependabot compatibility 
score](https://dependabot-badges.githubapp.com/badges/compatibility_score?dependency-name=gradle.plugin.com.github.spotbugs.snom:spotbugs-gradle-plugin=gradle=4.7.3=4.7.5)](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores)
   
   Dependabot will resolve any conflicts with this PR as long as you don't 
alter it yourself. You can also trigger a rebase manually by commenting 
`@dependabot rebase`.
   
   [//]: # (dependabot-automerge-start)
   [//]: # (dependabot-automerge-end)
   
   ---
   
   
   Dependabot commands and options
   
   
   You can trigger Dependabot actions by commenting on this PR:
   - `@dependabot rebase` will rebase this PR
   - `@dependabot recreate` will recreate this PR, overwriting any edits that 
have been made to it
   - `@dependabot merge` will merge this PR after your CI passes on it
   - `@dependabot squash and merge` will squash and merge this PR after your CI 
passes on it
   - `@dependabot cancel merge` will cancel a previously requested merge and 
block automerging
   - `@dependabot reopen` will reopen this PR if it is closed
   - `@dependabot close` will close this PR and stop Dependabot recreating it. 
You can achieve the same result by closing it manually
   - `@dependabot ignore this major version` will close this PR and stop 
Dependabot creating any more for this major version (unless you reopen the PR 
or upgrade to it yourself)
   - `@dependabot ignore this minor version` will close this PR and stop 
Dependabot creating any more for this minor version (unless you reopen the PR 
or upgrade to it yourself)
   - `@dependabot ignore this dependency` will close this PR and stop 
Dependabot creating any more for this dependency (unless you reopen the PR or 
upgrade to it yourself)
   
   
   


-- 
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.

To unsubscribe, e-mail: dev-unsubscr...@poi.apache.org

For queries about this service, please contact Infrastructure at:
us...@infra.apache.org



-
To unsubscribe, e-mail: dev-unsubscr...@poi.apache.org
For additional commands, e-mail: dev-h...@poi.apache.org

[GitHub] [poi] dependabot[bot] commented on pull request #245: Bump slf4j-api from 1.8.0-beta4 to 2.0.0-alpha5

2021-09-23 Thread GitBox 


dependabot[bot] commented on pull request #245:
URL: https://github.com/apache/poi/pull/245#issuecomment-92599


   OK, I won't notify you again about this release, but will get in touch when 
a new version is available. If you'd rather skip all updates until the next 
major or minor version, let me know by commenting `@dependabot ignore this 
major version` or `@dependabot ignore this minor version`. You can also ignore 
all major, minor, or patch releases for a dependency by adding an [`ignore` 
condition](https://docs.github.com/en/code-security/supply-chain-security/configuration-options-for-dependency-updates#ignore)
 with the desired `update_types` to your config file.
   
   If you change your mind, just re-open this PR and I'll resolve any conflicts 
on it.


-- 
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.

To unsubscribe, e-mail: dev-unsubscr...@poi.apache.org

For queries about this service, please contact Infrastructure at:
us...@infra.apache.org



-
To unsubscribe, e-mail: dev-unsubscr...@poi.apache.org
For additional commands, e-mail: dev-h...@poi.apache.org

[GitHub] [poi] asfgit closed pull request #246: Bump jmh-generator-annprocess from 1.32 to 1.33

2021-09-23 Thread GitBox 


asfgit closed pull request #246:
URL: https://github.com/apache/poi/pull/246


   


-- 
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.

To unsubscribe, e-mail: dev-unsubscr...@poi.apache.org

For queries about this service, please contact Infrastructure at:
us...@infra.apache.org



-
To unsubscribe, e-mail: dev-unsubscr...@poi.apache.org
For additional commands, e-mail: dev-h...@poi.apache.org

[GitHub] [poi] asfgit closed pull request #247: Bump forbiddenapis from 3.1 to 3.2

2021-09-23 Thread GitBox 


asfgit closed pull request #247:
URL: https://github.com/apache/poi/pull/247


   


-- 
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.

To unsubscribe, e-mail: dev-unsubscr...@poi.apache.org

For queries about this service, please contact Infrastructure at:
us...@infra.apache.org



-
To unsubscribe, e-mail: dev-unsubscr...@poi.apache.org
For additional commands, e-mail: dev-h...@poi.apache.org

[GitHub] [poi] dependabot[bot] commented on pull request #247: Bump forbiddenapis from 3.1 to 3.2

2021-09-23 Thread GitBox 


dependabot[bot] commented on pull request #247:
URL: https://github.com/apache/poi/pull/247#issuecomment-925995539


   OK, I won't notify you again about this release, but will get in touch when 
a new version is available. If you'd rather skip all updates until the next 
major or minor version, let me know by commenting `@dependabot ignore this 
major version` or `@dependabot ignore this minor version`. You can also ignore 
all major, minor, or patch releases for a dependency by adding an [`ignore` 
condition](https://docs.github.com/en/code-security/supply-chain-security/configuration-options-for-dependency-updates#ignore)
 with the desired `update_types` to your config file.
   
   If you change your mind, just re-open this PR and I'll resolve any conflicts 
on it.


-- 
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.

To unsubscribe, e-mail: dev-unsubscr...@poi.apache.org

For queries about this service, please contact Infrastructure at:
us...@infra.apache.org



-
To unsubscribe, e-mail: dev-unsubscr...@poi.apache.org
For additional commands, e-mail: dev-h...@poi.apache.org

[GitHub] [poi] asfgit closed pull request #245: Bump slf4j-api from 1.8.0-beta4 to 2.0.0-alpha5

2021-09-23 Thread GitBox 


asfgit closed pull request #245:
URL: https://github.com/apache/poi/pull/245


   


-- 
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.

To unsubscribe, e-mail: dev-unsubscr...@poi.apache.org

For queries about this service, please contact Infrastructure at:
us...@infra.apache.org



-
To unsubscribe, e-mail: dev-unsubscr...@poi.apache.org
For additional commands, e-mail: dev-h...@poi.apache.org

[GitHub] [poi] dependabot[bot] commented on pull request #246: Bump jmh-generator-annprocess from 1.32 to 1.33

2021-09-23 Thread GitBox 


dependabot[bot] commented on pull request #246:
URL: https://github.com/apache/poi/pull/246#issuecomment-925995548


   OK, I won't notify you again about this release, but will get in touch when 
a new version is available. If you'd rather skip all updates until the next 
major or minor version, let me know by commenting `@dependabot ignore this 
major version` or `@dependabot ignore this minor version`. You can also ignore 
all major, minor, or patch releases for a dependency by adding an [`ignore` 
condition](https://docs.github.com/en/code-security/supply-chain-security/configuration-options-for-dependency-updates#ignore)
 with the desired `update_types` to your config file.
   
   If you change your mind, just re-open this PR and I'll resolve any conflicts 
on it.


-- 
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.

To unsubscribe, e-mail: dev-unsubscr...@poi.apache.org

For queries about this service, please contact Infrastructure at:
us...@infra.apache.org



-
To unsubscribe, e-mail: dev-unsubscr...@poi.apache.org
For additional commands, e-mail: dev-h...@poi.apache.org

[GitHub] [poi] dependabot[bot] opened a new pull request #247: Bump forbiddenapis from 3.1 to 3.2

2021-09-23 Thread GitBox 


dependabot[bot] opened a new pull request #247:
URL: https://github.com/apache/poi/pull/247


   Bumps forbiddenapis from 3.1 to 3.2.
   
   
   [![Dependabot compatibility 
score](https://dependabot-badges.githubapp.com/badges/compatibility_score?dependency-name=de.thetaphi:forbiddenapis=gradle=3.1=3.2)](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores)
   
   Dependabot will resolve any conflicts with this PR as long as you don't 
alter it yourself. You can also trigger a rebase manually by commenting 
`@dependabot rebase`.
   
   [//]: # (dependabot-automerge-start)
   [//]: # (dependabot-automerge-end)
   
   ---
   
   
   Dependabot commands and options
   
   
   You can trigger Dependabot actions by commenting on this PR:
   - `@dependabot rebase` will rebase this PR
   - `@dependabot recreate` will recreate this PR, overwriting any edits that 
have been made to it
   - `@dependabot merge` will merge this PR after your CI passes on it
   - `@dependabot squash and merge` will squash and merge this PR after your CI 
passes on it
   - `@dependabot cancel merge` will cancel a previously requested merge and 
block automerging
   - `@dependabot reopen` will reopen this PR if it is closed
   - `@dependabot close` will close this PR and stop Dependabot recreating it. 
You can achieve the same result by closing it manually
   - `@dependabot ignore this major version` will close this PR and stop 
Dependabot creating any more for this major version (unless you reopen the PR 
or upgrade to it yourself)
   - `@dependabot ignore this minor version` will close this PR and stop 
Dependabot creating any more for this minor version (unless you reopen the PR 
or upgrade to it yourself)
   - `@dependabot ignore this dependency` will close this PR and stop 
Dependabot creating any more for this dependency (unless you reopen the PR or 
upgrade to it yourself)
   
   
   


-- 
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.

To unsubscribe, e-mail: dev-unsubscr...@poi.apache.org

For queries about this service, please contact Infrastructure at:
us...@infra.apache.org



-
To unsubscribe, e-mail: dev-unsubscr...@poi.apache.org
For additional commands, e-mail: dev-h...@poi.apache.org

[GitHub] [poi] dependabot[bot] opened a new pull request #246: Bump jmh-generator-annprocess from 1.32 to 1.33

2021-09-23 Thread GitBox 


dependabot[bot] opened a new pull request #246:
URL: https://github.com/apache/poi/pull/246


   Bumps jmh-generator-annprocess from 1.32 to 1.33.
   
   
   [![Dependabot compatibility 
score](https://dependabot-badges.githubapp.com/badges/compatibility_score?dependency-name=org.openjdk.jmh:jmh-generator-annprocess=gradle=1.32=1.33)](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores)
   
   Dependabot will resolve any conflicts with this PR as long as you don't 
alter it yourself. You can also trigger a rebase manually by commenting 
`@dependabot rebase`.
   
   [//]: # (dependabot-automerge-start)
   [//]: # (dependabot-automerge-end)
   
   ---
   
   
   Dependabot commands and options
   
   
   You can trigger Dependabot actions by commenting on this PR:
   - `@dependabot rebase` will rebase this PR
   - `@dependabot recreate` will recreate this PR, overwriting any edits that 
have been made to it
   - `@dependabot merge` will merge this PR after your CI passes on it
   - `@dependabot squash and merge` will squash and merge this PR after your CI 
passes on it
   - `@dependabot cancel merge` will cancel a previously requested merge and 
block automerging
   - `@dependabot reopen` will reopen this PR if it is closed
   - `@dependabot close` will close this PR and stop Dependabot recreating it. 
You can achieve the same result by closing it manually
   - `@dependabot ignore this major version` will close this PR and stop 
Dependabot creating any more for this major version (unless you reopen the PR 
or upgrade to it yourself)
   - `@dependabot ignore this minor version` will close this PR and stop 
Dependabot creating any more for this minor version (unless you reopen the PR 
or upgrade to it yourself)
   - `@dependabot ignore this dependency` will close this PR and stop 
Dependabot creating any more for this dependency (unless you reopen the PR or 
upgrade to it yourself)
   
   
   


-- 
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.

To unsubscribe, e-mail: dev-unsubscr...@poi.apache.org

For queries about this service, please contact Infrastructure at:
us...@infra.apache.org



-
To unsubscribe, e-mail: dev-unsubscr...@poi.apache.org
For additional commands, e-mail: dev-h...@poi.apache.org

[GitHub] [poi] dependabot[bot] opened a new pull request #245: Bump slf4j-api from 1.8.0-beta4 to 2.0.0-alpha5

2021-09-23 Thread GitBox 


dependabot[bot] opened a new pull request #245:
URL: https://github.com/apache/poi/pull/245


   Bumps [slf4j-api](https://github.com/qos-ch/slf4j) from 1.8.0-beta4 to 
2.0.0-alpha5.
   
   Commits
   
   https://github.com/qos-ch/slf4j/commit/0a34a87495b39f0d70204ee0d07129e9c22dfb98;>0a34a87
 preparing release of 2.0.0-alpha5
   https://github.com/qos-ch/slf4j/commit/252593b9340f51d9548fced3a13d303eca9c3f34;>252593b
 news update in relation with 2.0.0-alpha5
   https://github.com/qos-ch/slf4j/commit/43bcc961a28dda90140d3cdae5324dfddf46cec9;>43bcc96
 Merge pull request https://github-redirect.dependabot.com/qos-ch/slf4j/issues/266;>#266 
from dfa1/master
   https://github.com/qos-ch/slf4j/commit/f8bb0da47b6a4dadfef7c79a8202bee6c4e99f4f;>f8bb0da
 Merge branch 'master' into master
   https://github.com/qos-ch/slf4j/commit/1d4535ad23dc8809a42fd91dc655774657d8a7f4;>1d4535a
 rename SLF4JPlarformLogger as SLF4JPlatformLogger
   https://github.com/qos-ch/slf4j/commit/baadb616813a690caed1bdc6fc576281d69990e9;>baadb61
 attempting to check for incorrect info META-INF/services/
   https://github.com/qos-ch/slf4j/commit/41b612d1504f74bfc01949c6a4dc681e67698df7;>41b612d
 updates to faq
   https://github.com/qos-ch/slf4j/commit/6e784e4ca3a5ae9c5dc421fcd01a417af5bf5ace;>6e784e4
 minor code cleanups
   https://github.com/qos-ch/slf4j/commit/b977791f50483a4a7072c6e208bb1f95d3688471;>b977791
 Merge pull request https://github-redirect.dependabot.com/qos-ch/slf4j/issues/265;>#265 
from nipafx/patch-1
   https://github.com/qos-ch/slf4j/commit/4672a6fd52eeb0f8c5ee4ed356408235db661d15;>4672a6f
 Fix platform logging service registration
   Additional commits viewable in https://github.com/qos-ch/slf4j/compare/v_1.8.0-beta4...v_2.0.0-alpha5;>compare
 view
   
   
   
   
   
   [![Dependabot compatibility 
score](https://dependabot-badges.githubapp.com/badges/compatibility_score?dependency-name=org.slf4j:slf4j-api=gradle=1.8.0-beta4=2.0.0-alpha5)](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores)
   
   Dependabot will resolve any conflicts with this PR as long as you don't 
alter it yourself. You can also trigger a rebase manually by commenting 
`@dependabot rebase`.
   
   [//]: # (dependabot-automerge-start)
   [//]: # (dependabot-automerge-end)
   
   ---
   
   
   Dependabot commands and options
   
   
   You can trigger Dependabot actions by commenting on this PR:
   - `@dependabot rebase` will rebase this PR
   - `@dependabot recreate` will recreate this PR, overwriting any edits that 
have been made to it
   - `@dependabot merge` will merge this PR after your CI passes on it
   - `@dependabot squash and merge` will squash and merge this PR after your CI 
passes on it
   - `@dependabot cancel merge` will cancel a previously requested merge and 
block automerging
   - `@dependabot reopen` will reopen this PR if it is closed
   - `@dependabot close` will close this PR and stop Dependabot recreating it. 
You can achieve the same result by closing it manually
   - `@dependabot ignore this major version` will close this PR and stop 
Dependabot creating any more for this major version (unless you reopen the PR 
or upgrade to it yourself)
   - `@dependabot ignore this minor version` will close this PR and stop 
Dependabot creating any more for this minor version (unless you reopen the PR 
or upgrade to it yourself)
   - `@dependabot ignore this dependency` will close this PR and stop 
Dependabot creating any more for this dependency (unless you reopen the PR or 
upgrade to it yourself)
   
   
   


-- 
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.

To unsubscribe, e-mail: dev-unsubscr...@poi.apache.org

For queries about this service, please contact Infrastructure at:
us...@infra.apache.org



-
To unsubscribe, e-mail: dev-unsubscr...@poi.apache.org
For additional commands, e-mail: dev-h...@poi.apache.org

Re: Vulnerabilities with poi-ooxml dependencies

2021-09-23 Thread PJ Fanning 
Hi Mark,
I'm just repeating the response I just sent to another user on this email list 
- just in case you missed that thread.

These CVEs are not POI issues. We will release POI 5.1.0 when it is ready which 
should be soon.
But the real fix on your side is to upgrade the Batik, commons-compress and 
other dependencies that you have in your build. You don't need to rely on POI 
changing its transitive dependencies. We expect POI 5.0.0 to work with latest 
Batik and commons-compress releases (as we had no issues upgrading the 5.1.0 
build).


You can also exclude Batik explicitly in your build if you don't need SVG 
rendering support.






On Thursday 23 September 2021, 11:45:29 IST, Marc Caparros 
 wrote: 





Hi,

I am using your library org.apache.poi with name: 'poi-ooxml' and version: 
'5.0.0' for my project and after creating my jars, I have gone to pass a 
vulnerability scan with the trivy command.

The scan has given me HIGH vulnerabilities in two dependencies of the library.

org.apache.xmlgraphics:batik-svgbrowser | CVE-2020-11987  | HIGH    |           
   1.13 |                          1.14 | batik: SSRF due to improper input    |
|                                        |                  |          |        
          |                                | validation by the NodePickerPanel  
  |
|                                        |                  |          |        
          |                                | 
-->avd.aquasec.com/nvd/cve-2020-11987

The first one on the library org.apache.xmlgraphics » batik-all that it's 
included on your dependencies. 

org.apache.commons:commons-compress    | CVE-2021-35515  | HIGH    |            
  1.20 |                          1.21 | apache-commons-compress:              |

And the second one on the library org.apache.commons » commons-compress that 
also it's included on your dependencies.

I am writing to ask you if it would be possible to update the versions of these 
two libraries (Batik need the 1.14 and commons-compress need the 1.21) and post 
a patch of version 5.0.0 of the 'poi-ooxml'.

In closing, I inform you that I am using the mavenrepository to include the 
library in my project 
(https://mvnrepository.com/artifact/org.apache.poi/poi-ooxml) let me know if I 
can find a version of the poi with the vulnerabilities fixed elsewhere.

Thank you so much!
Marc.

-
To unsubscribe, e-mail: dev-unsubscr...@poi.apache.org
For additional commands, e-mail: dev-h...@poi.apache.org


-
To unsubscribe, e-mail: dev-unsubscr...@poi.apache.org
For additional commands, e-mail: dev-h...@poi.apache.org

Re: [VOTE] Apache POI 5.1.0 release (RC1)

2021-09-23 Thread PJ Fanning 
Hi Andreas,
These CVEs are not POI issues. We will release POI 5.1.0 when it is ready which 
should be soon.
But the real fix on your side is to upgrade the Batik, commons-compress and 
other dependencies that you have in your build. You don't need to rely on POI 
changing its transitive dependencies. We expect POI 5.0.0 to work with latest 
Batik and commons-compress releases (as we had no issues upgrading the 5.1.0 
build).

You can also exclude Batik explicitly in your build if you don't need SVG 
rendering support.






On Thursday 23 September 2021, 11:46:57 IST, Andreas Dornhof 
 wrote: 





Hi,
I wait for the release because vulnerability issues (CVE-2021-35515, 
CVE-2021-35516, CVE-2021-35517 and CVE-2021-36090)  in common-compress.
When do you think you can release?
Thanks... Andreas

On 2021/09/05 15:43:23, PJ Fanning  wrote:
> I put in a change to poi-ooxml/build.gradle to post process the generated pom 
> file and change the automatically included poi-ooxml-full dependency to 
> poi-ooxml-lite.>

>
>
>
>
> On Saturday 4 September 2021, 22:48:04 IST, Andreas Beeker  
> wrote: >
>
>
>
>
>
> Hi Devs,>
>
> first of all, thank you for getting the gradle teething problems 
> identified/solved. This should get better over time.>

>
> @RC1: -1, I'll provide a new one, after the mass regression tests>
>
> @poi-ooxml-lite -> poi-ooxml-full (runtime) and poi-integration (runtime): 
> this should be fixed - either you or I have a look>

>
> @Javac 14: this is of course my fault. I had used Java8 until I've fixed the 
> other ooxml-lite issue, then I forgot to switch back. I thought the --release 
> javac switch would take care about this. We probably should add a "release" 
> task similar to the ant release task, which checks for Java 8.>

>
> @poi-5.1.0.pom.sha*: I forgot to add those, but that could be still signed. 
> The pom files will be automatically signed by Nexus for the maven dist and 
> I've added also the gpg signatures there.>

>
> @License/Notice: yes, need to be added>
>
> @MANIFEST.MF "Specification-*" and"Implementation-*": not sure if this is 
> needed, but we should include those too.>
>
> @poi-integration: that's test stuff, I've omit it on-purpose>
>
> @XmlBeans *Factory classes: that's on purpose - I've changed the XmlBeans 
> generation>
>
> @org.apache.poi.Version: again, needs to be added>
>
>  Andi>
>
>
>
> On 04.09.21 18:22, PJ Fanning wrote:>
> > I think there is an issue in the poi-ooxml-lite pom - it has a dependency 
> > on poi-ooxml-full.>
> >>
> > https://dist.apache.org/repos/dist/dev/poi/5.1.0-RC1/maven/org/apache/poi/poi-ooxml-lite/5.1.0/poi-ooxml-lite-5.1.0.pom>

> >>
> >>
> >>
> >>
> >>
> >>
> > On Saturday 4 September 2021, 15:10:03 IST, PJ Fanning 
> >  wrote:>
> >>
> >>
> >>
> >>
> >>
> > The java jars on 
> > https://dist.apache.org/repos/dist/dev/poi/5.1.0-RC1/maven/>
> > seem to have been built with Java 14 and do not work with Java 8.>
> >>
> > I'm getting this when trying to use poi-ooxml jar:>
> >>
> > Caused by: java.lang.UnsupportedClassVersionError: 
> > org/apache/poi/openxml4j/opc/OPCPackage has been compiled by a more recent 
> > version of the Java Runtime (class file version 58.0), this version of the 
> > Java Runtime only recognizes class file versions up to 52.0>

> >>
> > One other thing: I've added 
> > https://dist.apache.org/repos/dist/dev/poi/5.1.0-RC1/maven/org/apache/poi/ 
> > to allow this to be more easily used as a maven repo. I left the jars in 
> > the original locations too.>

> >>
> > I can now use this in my maven pom when testing in another project:>
> >>
> > >
> >    >
> >      my-repo1>
> >      your custom repo>
> >      https://dist.apache.org/repos/dist/dev/poi/5.1.0-RC1/maven>
> >    >
> > >
> >>
> >>
> >>
> >>
> >>
> >>
> > On Saturday 4 September 2021, 14:20:09 IST, Dominik Stadler  
> > wrote:>
> >>
> >>
> >>
> >>
> >>
> > Hi,>
> >>
> > When comparing the release files with 5.0.0, I saw the following, not sure>
> > which one are on-purpose and which one should be changed:>
> >>
> > * Files poi-5.1.0.pom.sha256 and poi-5.1.0.pom.sha512 are not included>
> > * The jar-files under maven/* do not contain "LICENSE" and "NOTICE" any>
> > more under "META-INF">
> > * Jar-file "poi.jar" does not contain class "org.apache.poi.Version" any>
> > more>
> > * The MANIFEST.MF file previously had fields for "Specification-*" and>
> > "Implementation-*" which are now missing>
> > * jars for "poi-integration" are not included any more. These are mostly>
> > used for mass-regression-testing, which usually works off of locally built>
> > binaries anyway, so likely not needed.>
> > * the poi-ooxml-lite and poi-ooxml-full packages do not include all the>
> > *Factory classes any more>
> >>
> > Thanks... Dominik.>
> >>
> >>
> >>
> > On Sat, Sep 4, 2021 at 12:40 AM Andreas Beeker  wrote:>
> >>
> >> Hi *,>
> >>>
> >> I've prepared artifacts for the release of Apache POI 5.1.0 (RC1).>
> >>>
> >> The most notable changes in this release are:>
>

Re: [VOTE] Apache POI 5.1.0 release (RC1)

2021-09-23 Thread Andreas Dornhof 
Hi,
I wait for the release because vulnerability issues (CVE-2021-35515, 
CVE-2021-35516, CVE-2021-35517 and CVE-2021-36090)  in common-compress.
When do you think you can release?
Thanks... Andreas

On 2021/09/05 15:43:23, PJ Fanning  wrote:
> I put in a change to poi-ooxml/build.gradle to post process the generated pom 
> file and change the automatically included poi-ooxml-full dependency to 
> poi-ooxml-lite.>

>
>
>
>
> On Saturday 4 September 2021, 22:48:04 IST, Andreas Beeker  
> wrote: >
>
>
>
>
>
> Hi Devs,>
>
> first of all, thank you for getting the gradle teething problems 
> identified/solved. This should get better over time.>

>
> @RC1: -1, I'll provide a new one, after the mass regression tests>
>
> @poi-ooxml-lite -> poi-ooxml-full (runtime) and poi-integration (runtime): 
> this should be fixed - either you or I have a look>

>
> @Javac 14: this is of course my fault. I had used Java8 until I've fixed the 
> other ooxml-lite issue, then I forgot to switch back. I thought the --release 
> javac switch would take care about this. We probably should add a "release" 
> task similar to the ant release task, which checks for Java 8.>

>
> @poi-5.1.0.pom.sha*: I forgot to add those, but that could be still signed. 
> The pom files will be automatically signed by Nexus for the maven dist and 
> I've added also the gpg signatures there.>

>
> @License/Notice: yes, need to be added>
>
> @MANIFEST.MF "Specification-*" and"Implementation-*": not sure if this is 
> needed, but we should include those too.>
>
> @poi-integration: that's test stuff, I've omit it on-purpose>
>
> @XmlBeans *Factory classes: that's on purpose - I've changed the XmlBeans 
> generation>
>
> @org.apache.poi.Version: again, needs to be added>
>
>  Andi>
>
>
>
> On 04.09.21 18:22, PJ Fanning wrote:>
> > I think there is an issue in the poi-ooxml-lite pom - it has a dependency 
> > on poi-ooxml-full.>
> >>
> > https://dist.apache.org/repos/dist/dev/poi/5.1.0-RC1/maven/org/apache/poi/poi-ooxml-lite/5.1.0/poi-ooxml-lite-5.1.0.pom>

> >>
> >>
> >>
> >>
> >>
> >>
> > On Saturday 4 September 2021, 15:10:03 IST, PJ Fanning 
> >  wrote:>
> >>
> >>
> >>
> >>
> >>
> > The java jars on 
> > https://dist.apache.org/repos/dist/dev/poi/5.1.0-RC1/maven/>
> > seem to have been built with Java 14 and do not work with Java 8.>
> >>
> > I'm getting this when trying to use poi-ooxml jar:>
> >>
> > Caused by: java.lang.UnsupportedClassVersionError: 
> > org/apache/poi/openxml4j/opc/OPCPackage has been compiled by a more recent 
> > version of the Java Runtime (class file version 58.0), this version of the 
> > Java Runtime only recognizes class file versions up to 52.0>

> >>
> > One other thing: I've added 
> > https://dist.apache.org/repos/dist/dev/poi/5.1.0-RC1/maven/org/apache/poi/ 
> > to allow this to be more easily used as a maven repo. I left the jars in 
> > the original locations too.>

> >>
> > I can now use this in my maven pom when testing in another project:>
> >>
> > >
> >>
> >  my-repo1>
> >  your custom repo>
> >  https://dist.apache.org/repos/dist/dev/poi/5.1.0-RC1/maven>
> >>
> > >
> >>
> >>
> >>
> >>
> >>
> >>
> > On Saturday 4 September 2021, 14:20:09 IST, Dominik Stadler  
> > wrote:>
> >>
> >>
> >>
> >>
> >>
> > Hi,>
> >>
> > When comparing the release files with 5.0.0, I saw the following, not sure>
> > which one are on-purpose and which one should be changed:>
> >>
> > * Files poi-5.1.0.pom.sha256 and poi-5.1.0.pom.sha512 are not included>
> > * The jar-files under maven/* do not contain "LICENSE" and "NOTICE" any>
> > more under "META-INF">
> > * Jar-file "poi.jar" does not contain class "org.apache.poi.Version" any>
> > more>
> > * The MANIFEST.MF file previously had fields for "Specification-*" and>
> > "Implementation-*" which are now missing>
> > * jars for "poi-integration" are not included any more. These are mostly>
> > used for mass-regression-testing, which usually works off of locally built>
> > binaries anyway, so likely not needed.>
> > * the poi-ooxml-lite and poi-ooxml-full packages do not include all the>
> > *Factory classes any more>
> >>
> > Thanks... Dominik.>
> >>
> >>
> >>
> > On Sat, Sep 4, 2021 at 12:40 AM Andreas Beeker  wrote:>
> >>
> >> Hi *,>
> >>>
> >> I've prepared artifacts for the release of Apache POI 5.1.0 (RC1).>
> >>>
> >> The most notable changes in this release are:>
> >>>
> >> * upgrade dependencies: XmlBeans 5.0.1, Batik 1.14, BouncyCastle 1.69,>
> >> Commons-Compress 1.21, ...>
> >> * switching build to Gradle - Ant build is not supported anymore [#65206]>
> >> * XSLFTable::addRow functionality reverted to pre-5.0.0 [github-221]>
> >> * XSSFDrawing - import chart from other drawing [#63901]>
> >> * Support for Excel functions IFS, SWITCH, TEXTJOIN, IFNA, MAXIFS, MINIFS,>
> >> AVERAGEIFS>
> >> * Fix SVG-related image rendering>
> >>>
> >> https://dist.apache.org/repos/dist/dev/poi/5.1.0-RC1/>
> >>>
> >> Things to check:>
> >> According to Stackoverflow there were

Vulnerabilities with poi-ooxml dependencies

2021-09-23 Thread Marc Caparros 
Hi,

I am using your library org.apache.poi with name: 'poi-ooxml' and version: 
'5.0.0' for my project and after creating my jars, I have gone to pass a 
vulnerability scan with the trivy command.

The scan has given me HIGH vulnerabilities in two dependencies of the library.

org.apache.xmlgraphics:batik-svgbrowser | CVE-2020-11987   | HIGH | 
 1.13 |   1.14 | batik: SSRF due to improper input  
   |
| |  |  |   
|| validation by the 
NodePickerPanel |
| |  |  |   
|| 
-->avd.aquasec.com/nvd/cve-2020-11987

The first one on the library org.apache.xmlgraphics » batik-all that it's 
included on your dependencies. 

org.apache.commons:commons-compress | CVE-2021-35515   | HIGH | 
 1.20 |   1.21 | apache-commons-compress:   
   |

And the second one on the library org.apache.commons » commons-compress that 
also it's included on your dependencies.

I am writing to ask you if it would be possible to update the versions of these 
two libraries (Batik need the 1.14 and commons-compress need the 1.21) and post 
a patch of version 5.0.0 of the 'poi-ooxml'.

In closing, I inform you that I am using the mavenrepository to include the 
library in my project 
(https://mvnrepository.com/artifact/org.apache.poi/poi-ooxml) let me know if I 
can find a version of the poi with the vulnerabilities fixed elsewhere.

Thank you so much!
Marc.

-
To unsubscribe, e-mail: dev-unsubscr...@poi.apache.org
For additional commands, e-mail: dev-h...@poi.apache.org