[CANCELLED][VOTE] Release Apache Sling Engine 2.13.2
Hi, Unfortunately I will have to cancel this release and start again. The fix for SLING-11722 [0] was too restrictive for Sling, when we think about how server-side rendering components are actually assembled. While in theory we are breaking the RequestDispatcher specification, our scripting model only functions based on runtime composition of the rendering model, where the main script doesn’t necessarily set all the headers or the status code. I will still leave the two properties like they are, for applications that can work in this strict mode, but I will relax the implementation for the content type override [1] that it doesn’t automatically include the behaviour of protecting the header/status code override, but rather augments it. Thanks, Radu [0] - https://issues.apache.org/jira/browse/SLING-11722 [1] - https://github.com/apache/sling-org-apache-sling-engine/commit/5d8df33#diff-b732a751667da27420710cff218f7a66354e9530b2871a480425f9899f157caaR29 > On 9 Dec 2022, at 11:15, Radu Cotescu wrote: > > Hi, > > We solved 1 issue in this release: > https://issues.apache.org/jira/browse/SLING/fixforversion/12352612 > > Staging repository: > https://repository.apache.org/content/repositories/orgapachesling-2705/ > > You can use this UNIX script to download the release and verify the > signatures: > https://gitbox.apache.org/repos/asf?p=sling-tooling-release.git;a=blob;f=check_staged_release.sh;hb=HEAD > > Usage: > sh check_staged_release.sh 2705 /tmp/sling-staging > > Please vote to approve this release: > > [ ] +1 Approve the release > [ ] 0 Don't care > [ ] -1 Don't release, because ... > > This majority vote is open for at least 72 hours. > > Regards, > Radu Cotescu
[jira] [Reopened] (SLING-11722) The SlingRequestDispatcher doesn't correctly implement the RequestDispatcher API
[
https://issues.apache.org/jira/browse/SLING-11722?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel
]
Radu Cotescu reopened SLING-11722:
--
> The SlingRequestDispatcher doesn't correctly implement the RequestDispatcher
> API
>
>
> Key: SLING-11722
> URL: https://issues.apache.org/jira/browse/SLING-11722
> Project: Sling
> Issue Type: Bug
> Components: Engine
>Reporter: Radu Cotescu
>Assignee: Radu Cotescu
>Priority: Major
> Fix For: Engine 2.13.2
>
> Time Spent: 1h 20m
> Remaining Estimate: 0h
>
> The {{include}} method [0] has the following important sentence in its
> documentation:
> {quote}
> The ServletResponse object has its path elements and parameters remain
> unchanged from the caller's. The included servlet cannot change the response
> status code or set headers; any attempt to make a change is ignored.
> {quote}
> However, the {{SlingRequestDispatcher}} [1] doesn't enforce this in any way.
> [0] -
> https://docs.oracle.com/javaee/7/api/javax/servlet/RequestDispatcher.html#include-javax.servlet.ServletRequest-javax.servlet.ServletResponse-
> [1] -
> https://github.com/apache/sling-org-apache-sling-engine/blob/bbc6acca70e7a27386f47fa9733af3740985f375/src/main/java/org/apache/sling/engine/impl/request/SlingRequestDispatcher.java#L177
--
This message was sent by Atlassian Jira
(v8.20.10#820010)
[jira] [Commented] (SLING-11723) Expose more authentication information from ResourceResolver
[
https://issues.apache.org/jira/browse/SLING-11723?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=17646528#comment-17646528
]
Angela Schreiber commented on SLING-11723:
--
for the JCR specific pieces i believe it should be possible to adapt the
resource resolver to a jcr session and use the bound principals attribute that
you have added lately (see
https://github.com/apache/jackrabbit-oak/blob/trunk/oak-jcr/src/main/java/org/apache/jackrabbit/oak/jcr/session/SessionImpl.java#L287-L289).
> Expose more authentication information from ResourceResolver
>
>
> Key: SLING-11723
> URL: https://issues.apache.org/jira/browse/SLING-11723
> Project: Sling
> Issue Type: Improvement
> Components: API
>Reporter: Konrad Windszus
>Priority: Major
>
> Currently ResourceResolver only exposes the {{getUserID()}} for debugging
> authorization related issues. With the addition of SLING-6963 it would be
> helpful to additionally expose:
> - if a resource resolver is a service resource resolver (applies to all
> providers)
> - if it is based on principal names or regular authorizable ids (JCR provider
> specific, although the configuration format is agnostic)
> This information is crucial to figure out why a particular resource cannot be
> resolved (due to missing permissions).
--
This message was sent by Atlassian Jira
(v8.20.10#820010)
[jira] [Commented] (SLING-11723) Expose more authentication information from ResourceResolver
[
https://issues.apache.org/jira/browse/SLING-11723?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=17646561#comment-17646561
]
Konrad Windszus commented on SLING-11723:
-
Right, but this is not exactly Sling API level. I was suggesting to rather
introduce some provider agnostic capabilities.
> Expose more authentication information from ResourceResolver
>
>
> Key: SLING-11723
> URL: https://issues.apache.org/jira/browse/SLING-11723
> Project: Sling
> Issue Type: Improvement
> Components: API
>Reporter: Konrad Windszus
>Priority: Major
>
> Currently ResourceResolver only exposes the {{getUserID()}} for debugging
> authorization related issues. With the addition of SLING-6963 it would be
> helpful to additionally expose:
> - if a resource resolver is a service resource resolver (applies to all
> providers)
> - if it is based on principal names or regular authorizable ids (JCR provider
> specific, although the configuration format is agnostic)
> This information is crucial to figure out why a particular resource cannot be
> resolved (due to missing permissions).
--
This message was sent by Atlassian Jira
(v8.20.10#820010)
[GitHub] [sling-org-apache-sling-engine] raducotescu opened a new pull request, #31: SLING-11722 - The SlingRequestDispatcher doesn't correctly implement the RequestDispatcher API
raducotescu opened a new pull request, #31: URL: https://github.com/apache/sling-org-apache-sling-engine/pull/31 * the IncludeNoContentTypeOverrideResponseWrapper will only report on Content-Type overrides, but will not prevent included servlets from setting other headers or the status code -- This is an automated message from the Apache Git Service. To respond to the message, please log on to GitHub and use the URL above to go to the specific comment. To unsubscribe, e-mail: dev-unsubscr...@sling.apache.org For queries about this service, please contact Infrastructure at: us...@infra.apache.org
[jira] [Assigned] (SLING-10110) Sling Dynamic Include: ignoreUrlParams with Wildcards do not work
[
https://issues.apache.org/jira/browse/SLING-10110?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel
]
Angela Schreiber reassigned SLING-10110:
Assignee: Andreas Bannasch
> Sling Dynamic Include: ignoreUrlParams with Wildcards do not work
> -
>
> Key: SLING-10110
> URL: https://issues.apache.org/jira/browse/SLING-10110
> Project: Sling
> Issue Type: Bug
>Affects Versions: Dynamic Include 3.2.0
> Environment: AEM 6.3 - AEM 6.5
>Reporter: Andreas Bannasch
>Assignee: Andreas Bannasch
>Priority: Major
> Fix For: Dynamic Include 3.3.2
>
> Time Spent: 3.5h
> Remaining Estimate: 0h
>
> Hello
> i have the following problem in my AEM instance but i think it might be a
> general problem.
> The issue i am facing is that in my dispatcher configuration there are
> several parameters defined with a * as wildcard.
> This is configured for our tracking engine where users might get a link to a
> page with one of these parameters.
> For example:
> {code:html}
> https//www.mypage.com/latest-news?testengine-usergroup=10
> {code}
> In this case my dispatcher is configured to ignore the paramers that match
> the following:
> {code:html}
> testengine-*
> {code}
> When i configured this in my SlingDynamicInclude config on the server under
> the ignoreUrlParams it does not see the above parameter from the url as
> matching for ignoreUrlParams.
>
> {code:config}
> include-filter.config.extension=""
> include-filter.config.enabled=B"true"
> include-filter.config.path="/content"
> include-filter.config.required_header="Server-Agent\=Communique-Dispatcher"
> include-filter.config.include-type="SSI"
> include-filter.config.selector="nocache"
> include-filter.config.add_comment=B"true"
> include-filter.config.appendSuffix=B"true"
> include-filter.config.rewrite=B"false"
> include-filter.config.ttl=""
> # These are the urlParams from the dispatcher that are ignored by as such and
> will load from cache (for tracking etc.)
> # If you do not ignore them then a page with rendered SDI will be cached if
> the call contains these parameters
> include-filter.config.ignoreUrlParams=[
> "gclid",
> "testengine-*"
> ]
> include-filter.config.resource-types=[
> "mypage/components/slingdynamic/dynamicbanner"
> ]
> {code}
> Instead the SDI component will completely render and since my dispatcher was
> configured to ignore this parameter, the response will be cached with an
> already rendered SDI-Component instead of the SDI-Tag.
> I hope this information is enough to understand what my problem is.
> If there are some more informations that you need or if something is not
> clear enough please tell me and i will try to update everything that is needed
--
This message was sent by Atlassian Jira
(v8.20.10#820010)
[jira] [Commented] (SLING-10110) Sling Dynamic Include: ignoreUrlParams with Wildcards do not work
[
https://issues.apache.org/jira/browse/SLING-10110?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=17646580#comment-17646580
]
Angela Schreiber commented on SLING-10110:
--
[~SonglessHill], should be ok now.
> Sling Dynamic Include: ignoreUrlParams with Wildcards do not work
> -
>
> Key: SLING-10110
> URL: https://issues.apache.org/jira/browse/SLING-10110
> Project: Sling
> Issue Type: Bug
>Affects Versions: Dynamic Include 3.2.0
> Environment: AEM 6.3 - AEM 6.5
>Reporter: Andreas Bannasch
>Assignee: Andreas Bannasch
>Priority: Major
> Fix For: Dynamic Include 3.3.2
>
> Time Spent: 3.5h
> Remaining Estimate: 0h
>
> Hello
> i have the following problem in my AEM instance but i think it might be a
> general problem.
> The issue i am facing is that in my dispatcher configuration there are
> several parameters defined with a * as wildcard.
> This is configured for our tracking engine where users might get a link to a
> page with one of these parameters.
> For example:
> {code:html}
> https//www.mypage.com/latest-news?testengine-usergroup=10
> {code}
> In this case my dispatcher is configured to ignore the paramers that match
> the following:
> {code:html}
> testengine-*
> {code}
> When i configured this in my SlingDynamicInclude config on the server under
> the ignoreUrlParams it does not see the above parameter from the url as
> matching for ignoreUrlParams.
>
> {code:config}
> include-filter.config.extension=""
> include-filter.config.enabled=B"true"
> include-filter.config.path="/content"
> include-filter.config.required_header="Server-Agent\=Communique-Dispatcher"
> include-filter.config.include-type="SSI"
> include-filter.config.selector="nocache"
> include-filter.config.add_comment=B"true"
> include-filter.config.appendSuffix=B"true"
> include-filter.config.rewrite=B"false"
> include-filter.config.ttl=""
> # These are the urlParams from the dispatcher that are ignored by as such and
> will load from cache (for tracking etc.)
> # If you do not ignore them then a page with rendered SDI will be cached if
> the call contains these parameters
> include-filter.config.ignoreUrlParams=[
> "gclid",
> "testengine-*"
> ]
> include-filter.config.resource-types=[
> "mypage/components/slingdynamic/dynamicbanner"
> ]
> {code}
> Instead the SDI component will completely render and since my dispatcher was
> configured to ignore this parameter, the response will be cached with an
> already rendered SDI-Component instead of the SDI-Tag.
> I hope this information is enough to understand what my problem is.
> If there are some more informations that you need or if something is not
> clear enough please tell me and i will try to update everything that is needed
--
This message was sent by Atlassian Jira
(v8.20.10#820010)
[GitHub] [sling-org-apache-sling-engine] sonarcloud[bot] commented on pull request #31: SLING-11722 - The SlingRequestDispatcher doesn't correctly implement the RequestDispatcher API
sonarcloud[bot] commented on PR #31: URL: https://github.com/apache/sling-org-apache-sling-engine/pull/31#issuecomment-1348324844 Kudos, SonarCloud Quality Gate passed! [](https://sonarcloud.io/dashboard?id=apache_sling-org-apache-sling-engine&pullRequest=31) [](https://sonarcloud.io/project/issues?id=apache_sling-org-apache-sling-engine&pullRequest=31&resolved=false&types=BUG) [](https://sonarcloud.io/project/issues?id=apache_sling-org-apache-sling-engine&pullRequest=31&resolved=false&types=BUG) [0 Bugs](https://sonarcloud.io/project/issues?id=apache_sling-org-apache-sling-engine&pullRequest=31&resolved=false&types=BUG) [](https://sonarcloud.io/project/issues?id=apache_sling-org-apache-sling-engine&pullRequest=31&resolved=false&types=VULNERABILITY) [](https://sonarcloud.io/project/issues?id=apache_sling-org-apache-sling-engine&pullRequest=31&resolved=false&types=VULNERABILITY) [0 Vulnerabilities](https://sonarcloud.io/project/issues?id=apache_sling-org-apache-sling-engine&pullRequest=31&resolved=false&types=VULNERABILITY) [](https://sonarcloud.io/project/security_hotspots?id=apache_sling-org-apache-sling-engine&pullRequest=31&resolved=false&types=SECURITY_HOTSPOT) [](https://sonarcloud.io/project/security_hotspots?id=apache_sling-org-apache-sling-engine&pullRequest=31&resolved=false&types=SECURITY_HOTSPOT) [0 Security Hotspots](https://sonarcloud.io/project/security_hotspots?id=apache_sling-org-apache-sling-engine&pullRequest=31&resolved=false&types=SECURITY_HOTSPOT) [](https://sonarcloud.io/project/issues?id=apache_sling-org-apache-sling-engine&pullRequest=31&resolved=false&types=CODE_SMELL) [](https://sonarcloud.io/project/issues?id=apache_sling-org-apache-sling-engine&pullRequest=31&resolved=false&types=CODE_SMELL) [0 Code Smells](https://sonarcloud.io/project/issues?id=apache_sling-org-apache-sling-engine&pullRequest=31&resolved=false&types=CODE_SMELL) [](https://sonarcloud.io/component_measures?id=apache_sling-org-apache-sling-engine&pullRequest=31&metric=new_coverage&view=list) [90.0% Coverage](https://sonarcloud.io/component_measures?id=apache_sling-org-apache-sling-engine&pullRequest=31&metric=new_coverage&view=list) [](https://sonarcloud.io/component_measures?id=apache_sling-org-apache-sling-engine&pullRequest=31&metric=new_duplicated_lines_density&view=list) [0.0% Duplication](https://sonarcloud.io/component_measures?id=apache_sling-org-apache-sling-engine&pullRequest=31&metric=new_duplicated_lines_density&view=list) -- This is an automated message from the Apache Git Service. To respond to the message, please log on to GitHub and use the URL above to go to the specific comment. To unsubscribe, e-mail: dev-unsubscr...@sling.apache.org For queries about this service, please contact Infrastructure at: us...@infra.apache.org
[jira] [Created] (SLING-11730) sling database connection exhausted
Prasad Shembekar created SLING-11730: Summary: sling database connection exhausted Key: SLING-11730 URL: https://issues.apache.org/jira/browse/SLING-11730 Project: Sling Issue Type: Bug Components: App CMS Affects Versions: JCR Jackrabbit Client 2.0.2 Reporter: Prasad Shembekar Attachments: error-1.txt We are using apache sling with following dependencies in our project. org.apache.jackrabbit : jackrabbit-core:2.1.1 org.apache.sling: org.apache.sling.launchpad.base:2.3.0:war We are seeing database connection exhaust issue while running on wildfly 20 and oracle 12c. Please see the attached error.txt for more details. We tried using connection pooling but still the issue persists. Attached the repository xmls for your references. repository-org.xml ---> Existing one. Tried with JNDI repository-jndi.xml standalone.xml Tried with Datasource repository-datasource.xml. -- This message was sent by Atlassian Jira (v8.20.10#820010)
[jira] [Updated] (SLING-11730) sling database connection exhausted
[ https://issues.apache.org/jira/browse/SLING-11730?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ] Prasad Shembekar updated SLING-11730: - Attachment: repository-datasource.xml repository-jndi.xml repository-org.xml standalone.xml > sling database connection exhausted > --- > > Key: SLING-11730 > URL: https://issues.apache.org/jira/browse/SLING-11730 > Project: Sling > Issue Type: Bug > Components: App CMS >Affects Versions: JCR Jackrabbit Client 2.0.2 >Reporter: Prasad Shembekar >Priority: Major > Attachments: error-1.txt, repository-datasource.xml, > repository-jndi.xml, repository-org.xml, standalone.xml > > > We are using apache sling with following dependencies in our project. > org.apache.jackrabbit : jackrabbit-core:2.1.1 > org.apache.sling: org.apache.sling.launchpad.base:2.3.0:war > We are seeing database connection exhaust issue while running on wildfly 20 > and oracle 12c. > Please see the attached error.txt for more details. > We tried using connection pooling but still the issue persists. > Attached the repository xmls for your references. > repository-org.xml ---> Existing one. > Tried with JNDI > repository-jndi.xml > standalone.xml > > Tried with Datasource > repository-datasource.xml. -- This message was sent by Atlassian Jira (v8.20.10#820010)
[GitHub] [sling-org-apache-sling-engine] raducotescu merged pull request #31: SLING-11722 - The SlingRequestDispatcher doesn't correctly implement the RequestDispatcher API
raducotescu merged PR #31: URL: https://github.com/apache/sling-org-apache-sling-engine/pull/31 -- This is an automated message from the Apache Git Service. To respond to the message, please log on to GitHub and use the URL above to go to the specific comment. To unsubscribe, e-mail: dev-unsubscr...@sling.apache.org For queries about this service, please contact Infrastructure at: us...@infra.apache.org
[jira] [Resolved] (SLING-11730) sling database connection exhausted
[ https://issues.apache.org/jira/browse/SLING-11730?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ] Robert Munteanu resolved SLING-11730. - Resolution: Invalid Thanks for the report [~prasad907109]. This does not look like a problem in Sling, but rather a problem with the interactions between the Jackrabbit JCR repository and your database. I suggest that you ask the [Apache Jackrabbit Project](https://jackrabbit.apache.org/jcr/index.html) for assistance, probably on the users' list. > sling database connection exhausted > --- > > Key: SLING-11730 > URL: https://issues.apache.org/jira/browse/SLING-11730 > Project: Sling > Issue Type: Bug > Components: App CMS >Affects Versions: JCR Jackrabbit Client 2.0.2 >Reporter: Prasad Shembekar >Priority: Major > Attachments: error-1.txt, repository-datasource.xml, > repository-jndi.xml, repository-org.xml, standalone.xml > > > We are using apache sling with following dependencies in our project. > org.apache.jackrabbit : jackrabbit-core:2.1.1 > org.apache.sling: org.apache.sling.launchpad.base:2.3.0:war > We are seeing database connection exhaust issue while running on wildfly 20 > and oracle 12c. > Please see the attached error.txt for more details. > We tried using connection pooling but still the issue persists. > Attached the repository xmls for your references. > repository-org.xml ---> Existing one. > Tried with JNDI > repository-jndi.xml > standalone.xml > > Tried with Datasource > repository-datasource.xml. -- This message was sent by Atlassian Jira (v8.20.10#820010)
[jira] [Comment Edited] (SLING-11730) sling database connection exhausted
[ https://issues.apache.org/jira/browse/SLING-11730?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=17646707#comment-17646707 ] Robert Munteanu edited comment on SLING-11730 at 12/13/22 3:52 PM: --- Thanks for the report [~prasad907109]. This does not look like a problem in Sling, but rather a problem with the interactions between the Jackrabbit JCR repository and your database. I suggest that you ask the [Apache Jackrabbit Project|https://jackrabbit.apache.org/jcr/index.html] for assistance, probably on the users' list. was (Author: rombert): Thanks for the report [~prasad907109]. This does not look like a problem in Sling, but rather a problem with the interactions between the Jackrabbit JCR repository and your database. I suggest that you ask the [Apache Jackrabbit Project](https://jackrabbit.apache.org/jcr/index.html) for assistance, probably on the users' list. > sling database connection exhausted > --- > > Key: SLING-11730 > URL: https://issues.apache.org/jira/browse/SLING-11730 > Project: Sling > Issue Type: Bug > Components: App CMS >Affects Versions: JCR Jackrabbit Client 2.0.2 >Reporter: Prasad Shembekar >Priority: Major > Attachments: error-1.txt, repository-datasource.xml, > repository-jndi.xml, repository-org.xml, standalone.xml > > > We are using apache sling with following dependencies in our project. > org.apache.jackrabbit : jackrabbit-core:2.1.1 > org.apache.sling: org.apache.sling.launchpad.base:2.3.0:war > We are seeing database connection exhaust issue while running on wildfly 20 > and oracle 12c. > Please see the attached error.txt for more details. > We tried using connection pooling but still the issue persists. > Attached the repository xmls for your references. > repository-org.xml ---> Existing one. > Tried with JNDI > repository-jndi.xml > standalone.xml > > Tried with Datasource > repository-datasource.xml. -- This message was sent by Atlassian Jira (v8.20.10#820010)
[jira] [Commented] (SLING-11729) Add FileVault validator for repoinit files contained in serialized OSGi configs
[ https://issues.apache.org/jira/browse/SLING-11729?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=17646718#comment-17646718 ] Konrad Windszus commented on SLING-11729: - I added a proposal in https://github.com/apache/sling-whiteboard/tree/master/org.apache.sling.repoinit.filevault.validator. [~bdelacretaz] and [~dklco]: Can you have a look? > Add FileVault validator for repoinit files contained in serialized OSGi > configs > --- > > Key: SLING-11729 > URL: https://issues.apache.org/jira/browse/SLING-11729 > Project: Sling > Issue Type: Improvement > Components: Repoinit >Reporter: Konrad Windszus >Priority: Major > > The SPI from https://jackrabbit.apache.org/filevault/validation.html provides > some means to implement a repoinit validator which can be automatically > executed when building a content package (containing those serialized OSGi > configs). > Internally it should work similar to > https://github.com/apache/sling-whiteboard/blob/master/jbang/RepoinitValidator.java. > All OSGi serialization formats outlined at > https://sling.apache.org/documentation/bundles/configuration-installer-factory.html#configuration-serialization-formats > need to be supported. -- This message was sent by Atlassian Jira (v8.20.10#820010)
[jira] [Assigned] (SLING-11729) Add FileVault validator for repoinit files contained in serialized OSGi configs
[ https://issues.apache.org/jira/browse/SLING-11729?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ] Konrad Windszus reassigned SLING-11729: --- Assignee: Konrad Windszus > Add FileVault validator for repoinit files contained in serialized OSGi > configs > --- > > Key: SLING-11729 > URL: https://issues.apache.org/jira/browse/SLING-11729 > Project: Sling > Issue Type: Improvement > Components: Repoinit >Reporter: Konrad Windszus >Assignee: Konrad Windszus >Priority: Major > > The SPI from https://jackrabbit.apache.org/filevault/validation.html provides > some means to implement a repoinit validator which can be automatically > executed when building a content package (containing those serialized OSGi > configs). > Internally it should work similar to > https://github.com/apache/sling-whiteboard/blob/master/jbang/RepoinitValidator.java. > All OSGi serialization formats outlined at > https://sling.apache.org/documentation/bundles/configuration-installer-factory.html#configuration-serialization-formats > need to be supported. -- This message was sent by Atlassian Jira (v8.20.10#820010)
[GitHub] [sling-whiteboard] dependabot[bot] opened a new pull request, #96: Bump jackson-databind from 2.13.0 to 2.13.4.1 in /json-store
dependabot[bot] opened a new pull request, #96: URL: https://github.com/apache/sling-whiteboard/pull/96 Bumps [jackson-databind](https://github.com/FasterXML/jackson) from 2.13.0 to 2.13.4.1. Commits See full diff in https://github.com/FasterXML/jackson/commits";>compare view [](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores) Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting `@dependabot rebase`. [//]: # (dependabot-automerge-start) [//]: # (dependabot-automerge-end) --- Dependabot commands and options You can trigger Dependabot actions by commenting on this PR: - `@dependabot rebase` will rebase this PR - `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it - `@dependabot merge` will merge this PR after your CI passes on it - `@dependabot squash and merge` will squash and merge this PR after your CI passes on it - `@dependabot cancel merge` will cancel a previously requested merge and block automerging - `@dependabot reopen` will reopen this PR if it is closed - `@dependabot close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually - `@dependabot ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself) - `@dependabot use these labels` will set the current labels as the default for future PRs for this repo and language - `@dependabot use these reviewers` will set the current reviewers as the default for future PRs for this repo and language - `@dependabot use these assignees` will set the current assignees as the default for future PRs for this repo and language - `@dependabot use this milestone` will set the current milestone as the default for future PRs for this repo and language You can disable automated security fix PRs for this repo from the [Security Alerts page](https://github.com/apache/sling-whiteboard/network/alerts). -- This is an automated message from the Apache Git Service. To respond to the message, please log on to GitHub and use the URL above to go to the specific comment. To unsubscribe, e-mail: dev-unsubscr...@sling.apache.org For queries about this service, please contact Infrastructure at: us...@infra.apache.org
[GitHub] [sling-whiteboard] dependabot[bot] opened a new pull request, #97: Bump qs from 6.5.2 to 6.5.3 in /remote-content-api/openwhisk-rendering
dependabot[bot] opened a new pull request, #97: URL: https://github.com/apache/sling-whiteboard/pull/97 Bumps [qs](https://github.com/ljharb/qs) from 6.5.2 to 6.5.3. Changelog Sourced from https://github.com/ljharb/qs/blob/main/CHANGELOG.md";>qs's changelog. 6.5.3 [Fix] parse: ignore __proto__ keys (https://github-redirect.dependabot.com/ljharb/qs/issues/428";>#428) [Fix] utils.merge: avoid a crash with a null target and a truthy non-array source [Fix] correctly parse nested arrays [Fix] stringify: fix a crash with strictNullHandling and a custom filter/serializeDate (https://github-redirect.dependabot.com/ljharb/qs/issues/279";>#279) [Fix] utils: merge: fix crash when source is a truthy primitive & no options are provided [Fix] when parseArrays is false, properly handle keys ending in [] [Fix] fix for an impossible situation: when the formatter is called with a non-string value [Fix] utils.merge: avoid a crash with a null target and an array source [Refactor] utils: reduce observable [[Get]]s [Refactor] use cached Array.isArray [Refactor] stringify: Avoid arr = arr.concat(...), push to the existing instance (https://github-redirect.dependabot.com/ljharb/qs/issues/269";>#269) [Refactor] parse: only need to reassign the var once [Robustness] stringify: avoid relying on a global undefined (https://github-redirect.dependabot.com/ljharb/qs/issues/427";>#427) [readme] remove travis badge; add github actions/codecov badges; update URLs [Docs] Clean up license text so it’s properly detected as BSD-3-Clause [Docs] Clarify the need for "arrayLimit" option [meta] fix README.md (https://github-redirect.dependabot.com/ljharb/qs/issues/399";>#399) [meta] add FUNDING.yml [actions] backport actions from main [Tests] always use String(x) over x.toString() [Tests] remove nonexistent tape option [Dev Deps] backport from main Commits https://github.com/ljharb/qs/commit/298bfa55d6db00ddea78dd0333509aadf9bb3077";>298bfa5 v6.5.3 https://github.com/ljharb/qs/commit/ed0f5dcbef4b168a8ae299d78b1e4a2e9b1baf1f";>ed0f5dc [Fix] parse: ignore __proto__ keys (https://github-redirect.dependabot.com/ljharb/qs/issues/428";>#428) https://github.com/ljharb/qs/commit/691e739cfa40cd42604dc05a54e6154371a429ab";>691e739 [Robustness] stringify: avoid relying on a global undefined (https://github-redirect.dependabot.com/ljharb/qs/issues/427";>#427) https://github.com/ljharb/qs/commit/1072d57d38a690e1ad7616dced44390bffedcbb2";>1072d57 [readme] remove travis badge; add github actions/codecov badges; update URLs https://github.com/ljharb/qs/commit/12ac1c403aaa04d1a34844f514ed9f9abfb76e64";>12ac1c4 [meta] fix README.md (https://github-redirect.dependabot.com/ljharb/qs/issues/399";>#399) https://github.com/ljharb/qs/commit/0338716b09fdbd4711823eeb0a14e556a2498e7a";>0338716 [actions] backport actions from main https://github.com/ljharb/qs/commit/5639c20ce0a7c1332200a3181339331483e5a3a1";>5639c20 Clean up license text so it’s properly detected as BSD-3-Clause https://github.com/ljharb/qs/commit/51b8a0b1b213596dd1702b837f5e7dec2229793d";>51b8a0b add FUNDING.yml https://github.com/ljharb/qs/commit/45f675936e742d92fac8d4dae5cfc385c576a977";>45f6759 [Fix] fix for an impossible situation: when the formatter is called with a no... https://github.com/ljharb/qs/commit/f814a7f8f2af059f8158f7e4b2bf8b46aeb62cd3";>f814a7f [Dev Deps] backport from main Additional commits viewable in https://github.com/ljharb/qs/compare/v6.5.2...v6.5.3";>compare view [](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores) Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting `@dependabot rebase`. [//]: # (dependabot-automerge-start) [//]: # (dependabot-automerge-end) --- Dependabot commands and options You can trigger Dependabot actions by commenting on this PR: - `@dependabot rebase` will rebase this PR - `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it - `@dependabot merge` will merge this PR after your CI passes on it - `@dependabot squash and merge` will squash and merge this PR after your CI passes on it - `@dependabot cancel merge` will cancel a previously requested merge and block automerging - `@dependabot reopen` will reopen this PR if it is closed - `@dependabot close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually - `@dependabot ignore this major ve
[GitHub] [sling-org-apache-sling-engine] oliverlietz commented on pull request #30: SLING-11728 Remove bi-directional dependencies between Engine and Ser…
oliverlietz commented on PR #30: URL: https://github.com/apache/sling-org-apache-sling-engine/pull/30#issuecomment-1349003143 @cziegeler, Do you see any chance to proceed with option 2 from [SLING-11728](https://issues.apache.org/jira/browse/SLING-11728)? -- This is an automated message from the Apache Git Service. To respond to the message, please log on to GitHub and use the URL above to go to the specific comment. To unsubscribe, e-mail: dev-unsubscr...@sling.apache.org For queries about this service, please contact Infrastructure at: us...@infra.apache.org
[GitHub] [sling-org-apache-sling-servlets-get] sonarcloud[bot] commented on pull request #9: SLING-11727 Fixed Flaky Tests
sonarcloud[bot] commented on PR #9: URL: https://github.com/apache/sling-org-apache-sling-servlets-get/pull/9#issuecomment-1350380604 Kudos, SonarCloud Quality Gate passed! [](https://sonarcloud.io/dashboard?id=apache_sling-org-apache-sling-servlets-get&pullRequest=9) [](https://sonarcloud.io/project/issues?id=apache_sling-org-apache-sling-servlets-get&pullRequest=9&resolved=false&types=BUG) [](https://sonarcloud.io/project/issues?id=apache_sling-org-apache-sling-servlets-get&pullRequest=9&resolved=false&types=BUG) [0 Bugs](https://sonarcloud.io/project/issues?id=apache_sling-org-apache-sling-servlets-get&pullRequest=9&resolved=false&types=BUG) [](https://sonarcloud.io/project/issues?id=apache_sling-org-apache-sling-servlets-get&pullRequest=9&resolved=false&types=VULNERABILITY) [](https://sonarcloud.io/project/issues?id=apache_sling-org-apache-sling-servlets-get&pullRequest=9&resolved=false&types=VULNERABILITY) [0 Vulnerabilities](https://sonarcloud.io/project/issues?id=apache_sling-org-apache-sling-servlets-get&pullRequest=9&resolved=false&types=VULNERABILITY) [](https://sonarcloud.io/project/security_hotspots?id=apache_sling-org-apache-sling-servlets-get&pullRequest=9&resolved=false&types=SECURITY_HOTSPOT) [](https://sonarcloud.io/project/security_hotspots?id=apache_sling-org-apache-sling-servlets-get&pullRequest=9&resolved=false&types=SECURITY_HOTSPOT) [0 Security Hotspots](https://sonarcloud.io/project/security_hotspots?id=apache_sling-org-apache-sling-servlets-get&pullRequest=9&resolved=false&types=SECURITY_HOTSPOT) [](https://sonarcloud.io/project/issues?id=apache_sling-org-apache-sling-servlets-get&pullRequest=9&resolved=false&types=CODE_SMELL) [](https://sonarcloud.io/project/issues?id=apache_sling-org-apache-sling-servlets-get&pullRequest=9&resolved=false&types=CODE_SMELL) [0 Code Smells](https://sonarcloud.io/project/issues?id=apache_sling-org-apache-sling-servlets-get&pullRequest=9&resolved=false&types=CODE_SMELL) [](https://sonarcloud.io/component_measures?id=apache_sling-org-apache-sling-servlets-get&pullRequest=9&metric=coverage&view=list) No Coverage information [](https://sonarcloud.io/component_measures?id=apache_sling-org-apache-sling-servlets-get&pullRequest=9&metric=new_duplicated_lines_density&view=list) [0.0% Duplication](https://sonarcloud.io/component_measures?id=apache_sling-org-apache-sling-servlets-get&pullRequest=9&metric=new_duplicated_lines_density&view=list) -- This is an automated message from the Apache Git Service. To respond to the message, please log on to GitHub and use the URL above to go to the specific comment. To unsubscribe, e-mail: dev-unsubscr...@sling.apache.org For queries about this service, please contact Infrastructure at: us...@infra.apache.org
[GitHub] [sling-org-apache-sling-servlets-get] priyanka-28 commented on pull request #9: SLING-11727 Fixed Flaky Tests
priyanka-28 commented on PR #9: URL: https://github.com/apache/sling-org-apache-sling-servlets-get/pull/9#issuecomment-1350381404 > https://cassiomolin.com/2019/08/08/comparing-json-documents-in-java-with-jsonp/ seems like a good option Thank you so much! I have updated the PR with these changes -- This is an automated message from the Apache Git Service. To respond to the message, please log on to GitHub and use the URL above to go to the specific comment. To unsubscribe, e-mail: dev-unsubscr...@sling.apache.org For queries about this service, please contact Infrastructure at: us...@infra.apache.org
[jira] [Commented] (SLING-11730) sling database connection exhausted
[ https://issues.apache.org/jira/browse/SLING-11730?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=17646915#comment-17646915 ] Prasad Shembekar commented on SLING-11730: -- Thanks [~rombert] for the response. Please can you confirm, if this is the email ID [us...@jackrabbit.apache.org|mailto:us...@jackrabbit.apache.org], I need to send the issue details? > sling database connection exhausted > --- > > Key: SLING-11730 > URL: https://issues.apache.org/jira/browse/SLING-11730 > Project: Sling > Issue Type: Bug > Components: App CMS >Affects Versions: JCR Jackrabbit Client 2.0.2 >Reporter: Prasad Shembekar >Priority: Major > Attachments: error-1.txt, repository-datasource.xml, > repository-jndi.xml, repository-org.xml, standalone.xml > > > We are using apache sling with following dependencies in our project. > org.apache.jackrabbit : jackrabbit-core:2.1.1 > org.apache.sling: org.apache.sling.launchpad.base:2.3.0:war > We are seeing database connection exhaust issue while running on wildfly 20 > and oracle 12c. > Please see the attached error.txt for more details. > We tried using connection pooling but still the issue persists. > Attached the repository xmls for your references. > repository-org.xml ---> Existing one. > Tried with JNDI > repository-jndi.xml > standalone.xml > > Tried with Datasource > repository-datasource.xml. -- This message was sent by Atlassian Jira (v8.20.10#820010)
