[GitHub] [tomcat-maven-plugin] dependabot[bot] opened a new pull request, #36: Bump plexus-utils from 3.0.15 to 3.0.16
dependabot[bot] opened a new pull request, #36:
URL: https://github.com/apache/tomcat-maven-plugin/pull/36
Bumps [plexus-utils](https://github.com/sonatype/plexus-utils) from 3.0.15
to 3.0.16.
Commits
https://github.com/sonatype/plexus-utils/commit/cf317f9b4070c3c619e9ee75a3e38bea3ff621c1;>cf317f9
[maven-release-plugin] prepare release plexus-utils-3.0.16
https://github.com/sonatype/plexus-utils/commit/26e3ae87b56a7f389f1a1ce1fa563686b924256a;>26e3ae8
Remove incorrect tag element
https://github.com/sonatype/plexus-utils/commit/99639d6558620da489b7c6d1b0c88491cde75884;>99639d6
Little test to mimic ${project.artifactMap(g:a:c)} usage
https://github.com/sonatype/plexus-utils/commit/5d4697966d4c6161fc4bde1fd3fa27be6440eec0;>5d46979
Needs to build with 1.7 because of some Java7 utils, but source/target needs
...
https://github.com/sonatype/plexus-utils/commit/18bd77d716ff73a707e09af7efc4d5ef5658ac35;>18bd77d
We can't switch to Java7 yet while Maven still needs to run on Java6
https://github.com/sonatype/plexus-utils/commit/3cf855c6403061ae216b0f805debbfda09be9245;>3cf855c
Remove release cruft
https://github.com/sonatype/plexus-utils/commit/3196d4c3c1fa42d11cfeb4e39c418c2f75c5a138;>3196d4c
ignore .java-version
https://github.com/sonatype/plexus-utils/commit/57b636d2c57f3c023a95be3fcb8270fb6ff6780c;>57b636d
changed XmlUtilTest to create test output directory
https://github.com/sonatype/plexus-utils/commit/33091f9b1e5a9abc0927bc51a1670d9d5ba85a1c;>33091f9
Use the same method for finding the basedir as our other code.
https://github.com/sonatype/plexus-utils/commit/a153249c24c32d3ab81850aaf7a263a78ca23f99;>a153249
MNG-5553 reworked dotted expressions interpreter
Additional commits viewable in https://github.com/sonatype/plexus-utils/compare/plexus-utils-3.0.15...plexus-utils-3.0.16;>compare
view
[](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores)
Dependabot will resolve any conflicts with this PR as long as you don't
alter it yourself. You can also trigger a rebase manually by commenting
`@dependabot rebase`.
[//]: # (dependabot-automerge-start)
[//]: # (dependabot-automerge-end)
---
Dependabot commands and options
You can trigger Dependabot actions by commenting on this PR:
- `@dependabot rebase` will rebase this PR
- `@dependabot recreate` will recreate this PR, overwriting any edits that
have been made to it
- `@dependabot merge` will merge this PR after your CI passes on it
- `@dependabot squash and merge` will squash and merge this PR after your CI
passes on it
- `@dependabot cancel merge` will cancel a previously requested merge and
block automerging
- `@dependabot reopen` will reopen this PR if it is closed
- `@dependabot close` will close this PR and stop Dependabot recreating it.
You can achieve the same result by closing it manually
- `@dependabot ignore this major version` will close this PR and stop
Dependabot creating any more for this major version (unless you reopen the PR
or upgrade to it yourself)
- `@dependabot ignore this minor version` will close this PR and stop
Dependabot creating any more for this minor version (unless you reopen the PR
or upgrade to it yourself)
- `@dependabot ignore this dependency` will close this PR and stop
Dependabot creating any more for this dependency (unless you reopen the PR or
upgrade to it yourself)
- `@dependabot use these labels` will set the current labels as the default
for future PRs for this repo and language
- `@dependabot use these reviewers` will set the current reviewers as the
default for future PRs for this repo and language
- `@dependabot use these assignees` will set the current assignees as the
default for future PRs for this repo and language
- `@dependabot use this milestone` will set the current milestone as the
default for future PRs for this repo and language
You can disable automated security fix PRs for this repo from the [Security
Alerts page](https://github.com/apache/tomcat-maven-plugin/network/alerts).
--
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.
To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org
For queries about this service, please contact Infrastructure at:
us...@infra.apache.org
-
To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org
For additional commands, e-mail: dev-h...@tomcat.apache.org
[tomcat-maven-plugin] branch dependabot/maven/org.codehaus.plexus-plexus-utils-3.0.16 created (now 004ab81)
This is an automated email from the ASF dual-hosted git repository. github-bot pushed a change to branch dependabot/maven/org.codehaus.plexus-plexus-utils-3.0.16 in repository https://gitbox.apache.org/repos/asf/tomcat-maven-plugin.git at 004ab81 Bump plexus-utils from 3.0.15 to 3.0.16 No new revisions were added by this update. - To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org For additional commands, e-mail: dev-h...@tomcat.apache.org
[tomcat-maven-plugin] branch dependabot/maven/org.apache.tomcat-tomcat-catalina-7.0.81 created (now 28cdafe)
This is an automated email from the ASF dual-hosted git repository. github-bot pushed a change to branch dependabot/maven/org.apache.tomcat-tomcat-catalina-7.0.81 in repository https://gitbox.apache.org/repos/asf/tomcat-maven-plugin.git at 28cdafe Bump tomcat-catalina from 7.0.59 to 7.0.81 No new revisions were added by this update. - To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org For additional commands, e-mail: dev-h...@tomcat.apache.org
[GitHub] [tomcat-maven-plugin] dependabot[bot] opened a new pull request, #35: Bump tomcat-catalina from 7.0.59 to 7.0.81
dependabot[bot] opened a new pull request, #35: URL: https://github.com/apache/tomcat-maven-plugin/pull/35 Bumps tomcat-catalina from 7.0.59 to 7.0.81. [](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores) Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting `@dependabot rebase`. [//]: # (dependabot-automerge-start) [//]: # (dependabot-automerge-end) --- Dependabot commands and options You can trigger Dependabot actions by commenting on this PR: - `@dependabot rebase` will rebase this PR - `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it - `@dependabot merge` will merge this PR after your CI passes on it - `@dependabot squash and merge` will squash and merge this PR after your CI passes on it - `@dependabot cancel merge` will cancel a previously requested merge and block automerging - `@dependabot reopen` will reopen this PR if it is closed - `@dependabot close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually - `@dependabot ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself) - `@dependabot use these labels` will set the current labels as the default for future PRs for this repo and language - `@dependabot use these reviewers` will set the current reviewers as the default for future PRs for this repo and language - `@dependabot use these assignees` will set the current assignees as the default for future PRs for this repo and language - `@dependabot use this milestone` will set the current milestone as the default for future PRs for this repo and language You can disable automated security fix PRs for this repo from the [Security Alerts page](https://github.com/apache/tomcat-maven-plugin/network/alerts). -- This is an automated message from the Apache Git Service. To respond to the message, please log on to GitHub and use the URL above to go to the specific comment. To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org For queries about this service, please contact Infrastructure at: us...@infra.apache.org - To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org For additional commands, e-mail: dev-h...@tomcat.apache.org
[GitHub] [tomcat] markt-asf closed pull request #528: easymock version change from 4.2 to 4.3
markt-asf closed pull request #528: easymock version change from 4.2 to 4.3 URL: https://github.com/apache/tomcat/pull/528 -- This is an automated message from the Apache Git Service. To respond to the message, please log on to GitHub and use the URL above to go to the specific comment. To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org For queries about this service, please contact Infrastructure at: us...@infra.apache.org - To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org For additional commands, e-mail: dev-h...@tomcat.apache.org
[GitHub] [tomcat] markt-asf commented on pull request #528: easymock version change from 4.2 to 4.3
markt-asf commented on PR #528: URL: https://github.com/apache/tomcat/pull/528#issuecomment-1172689085 This change has already been back-ported. You can ignore Travis CI. It is unreliable and will be going away soon. -- This is an automated message from the Apache Git Service. To respond to the message, please log on to GitHub and use the URL above to go to the specific comment. To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org For queries about this service, please contact Infrastructure at: us...@infra.apache.org - To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org For additional commands, e-mail: dev-h...@tomcat.apache.org
[GitHub] [tomcat] aooohan commented on a diff in pull request #531: Bugfix for 63080 - Support rfc7239 Forwarded header
aooohan commented on code in PR #531: URL: https://github.com/apache/tomcat/pull/531#discussion_r912055494 ## java/org/apache/catalina/valves/RemoteIpValve.java: ## @@ -19,9 +19,7 @@ import java.io.IOException; import java.net.InetAddress; import java.net.UnknownHostException; -import java.util.Deque; -import java.util.Enumeration; -import java.util.LinkedList; +import java.util.*; Review Comment: Thank you for reviewing,i have fixed it. -- This is an automated message from the Apache Git Service. To respond to the message, please log on to GitHub and use the URL above to go to the specific comment. To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org For queries about this service, please contact Infrastructure at: us...@infra.apache.org - To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org For additional commands, e-mail: dev-h...@tomcat.apache.org
[GitHub] [tomcat] ChristopherSchultz commented on a diff in pull request #531: Bugfix for 63080 - Support rfc7239 Forwarded header
ChristopherSchultz commented on code in PR #531: URL: https://github.com/apache/tomcat/pull/531#discussion_r912048816 ## java/org/apache/catalina/valves/RemoteIpValve.java: ## @@ -19,9 +19,7 @@ import java.io.IOException; import java.net.InetAddress; import java.net.UnknownHostException; -import java.util.Deque; -import java.util.Enumeration; -import java.util.LinkedList; +import java.util.*; Review Comment: Sorry, no. `import [something].*` is never a good idea. Please return the imports and add any explicit ones you need. -- This is an automated message from the Apache Git Service. To respond to the message, please log on to GitHub and use the URL above to go to the specific comment. To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org For queries about this service, please contact Infrastructure at: us...@infra.apache.org - To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org For additional commands, e-mail: dev-h...@tomcat.apache.org
[GitHub] [tomcat] lakeoffaith commented on pull request #528: easymock version change from 4.2 to 4.3
lakeoffaith commented on PR #528: URL: https://github.com/apache/tomcat/pull/528#issuecomment-1172158405 i don't know why the Travis ci check fail, is there anyone help me. -- This is an automated message from the Apache Git Service. To respond to the message, please log on to GitHub and use the URL above to go to the specific comment. To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org For queries about this service, please contact Infrastructure at: us...@infra.apache.org - To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org For additional commands, e-mail: dev-h...@tomcat.apache.org
[GitHub] [tomcat] aooohan commented on pull request #531: Bugfix for 63080 - Support rfc7239 Forwarded header
aooohan commented on PR #531: URL: https://github.com/apache/tomcat/pull/531#issuecomment-1172146451 I was writing the pr and realised that tomcat8 supports jdk7, so I didn't use some of the jd8+ features in this pr, so it made the code a bit long. -- This is an automated message from the Apache Git Service. To respond to the message, please log on to GitHub and use the URL above to go to the specific comment. To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org For queries about this service, please contact Infrastructure at: us...@infra.apache.org - To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org For additional commands, e-mail: dev-h...@tomcat.apache.org
[Bug 63080] Support rfc7239 Forwarded header
https://bz.apache.org/bugzilla/show_bug.cgi?id=63080 --- Comment #3 from HanLi --- (In reply to Christopher Schultz from comment #1) > I would recommend adding a new configuration option which specifies which > strategy to use: legacy, rfc7239, or "both" where both types of headers are > accepted. The default should be the old behavior. > > Care to provide a patch? Hi Christopher, I think we only need to implement two modes, legacy and rfc7239, and a third mode that implements both is something I personally don't feel is necessary. If both modes of header are received, why do we need to differentiate between legacy and rfc7239 separately? The third model only adds to the complexity. Han Li -- You are receiving this mail because: You are the assignee for the bug. - To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org For additional commands, e-mail: dev-h...@tomcat.apache.org
[GitHub] [tomcat] aooohan opened a new pull request, #531: Bugfix for 63080 - Support rfc7239 Forwarded header
aooohan opened a new pull request, #531: URL: https://github.com/apache/tomcat/pull/531 fix:https://bz.apache.org/bugzilla/show_bug.cgi?id=63080 Hi all, I have implemented RFC7239 as I understand it, but as this is my first time implementing RFC functionality, I may not have a good understanding of RFC and may not have taken some things into account. I would like to get some suggestions and I will continue to improve this pr. I have only implemented support for RFC7239 on RemoteIpValve and will migrate it to RemoteIpFilter if there are no more problems with this pr. All unit tests for RemoteIpValve have passed. -- This is an automated message from the Apache Git Service. To respond to the message, please log on to GitHub and use the URL above to go to the specific comment. To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org For queries about this service, please contact Infrastructure at: us...@infra.apache.org - To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org For additional commands, e-mail: dev-h...@tomcat.apache.org
[Bug 63080] Support rfc7239 Forwarded header
https://bz.apache.org/bugzilla/show_bug.cgi?id=63080 --- Comment #2 from HanLi --- Hi all, I have implemented RFC7239 as I understand it, but as this is my first time implementing RFC functionality, I may not have a good understanding of RFC and may not have taken some things into account. I would like to get some suggestions and I will continue to improve this pr. I have only implemented support for RFC7239 on RemoteIpValve and will migrate it to RemoteIpFilter if there are no more problems with this pr. All unit tests for RemoteIpValve have passed. the PR:https://github.com/apache/tomcat/pull/531 Han Li -- You are receiving this mail because: You are the assignee for the bug. - To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org For additional commands, e-mail: dev-h...@tomcat.apache.org
Re: [VOTE] Release Apache Tomcat Native 2.0.0
On Thu, Jun 30, 2022 at 3:58 PM Mark Thomas wrote: > > This is the first release of the Tomcat Native 2.0.x branch. The major > differences compared to the 1.2.x branch are: > > - JNI API has been reduced to just that required to support the use of >OpenSSL rather than JSSE for TLS connections. The APR/native connector >is not supported. > > - The minimum supported versions have been increased to OpenSSL 3.0.x, >Apache APR 1.7.x, Java 11, Windows 7 / Server 2008 R2 > > The 2.0.x branch is primarily intended for use with Tomcat 10.1.x but > can be used with earlier versions as long as the APR/native connector is > not used. > > The proposed release artefacts can be found at [1], > and the build was done using tag [2]. > > The Apache Tomcat Native 2.0.0 release is > [X] Stable, go ahead and release > [ ] Broken because of ... Works for me with Tomcat 10.1. Rémy > Thanks, > > Mark > > > [1] > https://dist.apache.org/repos/dist/dev/tomcat/tomcat-connectors/native/2.0.0 > [2] > https://gitbox.apache.org/repos/asf?p=tomcat-native.git;a=commit;h=39c19afe4a3df7ea4fda778d82dc25bd494a110c > > - > To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org > For additional commands, e-mail: dev-h...@tomcat.apache.org > - To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org For additional commands, e-mail: dev-h...@tomcat.apache.org
