[GitHub] [commons-chain] dependabot[bot] closed pull request #27: Bump actions/checkout from 2.3.4 to 3.0.0
dependabot[bot] closed pull request #27: Bump actions/checkout from 2.3.4 to 3.0.0 URL: https://github.com/apache/commons-chain/pull/27 -- This is an automated message from the Apache Git Service. To respond to the message, please log on to GitHub and use the URL above to go to the specific comment. To unsubscribe, e-mail: issues-unsubscr...@commons.apache.org For queries about this service, please contact Infrastructure at: us...@infra.apache.org
[GitHub] [commons-chain] dependabot[bot] commented on pull request #27: Bump actions/checkout from 2.3.4 to 3.0.0
dependabot[bot] commented on PR #27: URL: https://github.com/apache/commons-chain/pull/27#issuecomment-1099853622 Superseded by #30. -- This is an automated message from the Apache Git Service. To respond to the message, please log on to GitHub and use the URL above to go to the specific comment. To unsubscribe, e-mail: issues-unsubscr...@commons.apache.org For queries about this service, please contact Infrastructure at: us...@infra.apache.org
[GitHub] [commons-chain] dependabot[bot] opened a new pull request, #30: Bump actions/checkout from 2.3.4 to 3.0.1
dependabot[bot] opened a new pull request, #30: URL: https://github.com/apache/commons-chain/pull/30 Bumps [actions/checkout](https://github.com/actions/checkout) from 2.3.4 to 3.0.1. Release notes Sourced from https://github.com/actions/checkout/releases;>actions/checkout's releases. v3.0.1 https://github-redirect.dependabot.com/actions/checkout/pull/762;>Fixed an issue where checkout failed to run in container jobs due to the new git setting safe.directory https://github-redirect.dependabot.com/actions/checkout/pull/744;>Bumped various npm package versions v3.0.0 Updated to the node16 runtime by default This requires a minimum https://github.com/actions/runner/releases/tag/v2.285.0;>Actions Runner version of v2.285.0 to run, which is by default available in GHES 3.4 or later. v2.4.1 Fixed an issue where checkout failed to run in container jobs due to the new git setting safe.directory v2.4.0 Convert SSH URLs like org-ORG_ID@github.com: to https://github.com/ - https://github-redirect.dependabot.com/actions/checkout/pull/621;>pr v2.3.5 Update dependencies Changelog Sourced from https://github.com/actions/checkout/blob/main/CHANGELOG.md;>actions/checkout's changelog. v3.0.1 https://github-redirect.dependabot.com/actions/checkout/pull/762;>Fixed an issue where checkout failed to run in container jobs due to the new git setting safe.directory https://github-redirect.dependabot.com/actions/checkout/pull/744;>Bumped various npm package versions v3.0.0 https://github-redirect.dependabot.com/actions/checkout/pull/689;>Update to node 16 v2.3.1 https://github-redirect.dependabot.com/actions/checkout/pull/284;>Fix default branch resolution for .wiki and when using SSH v2.3.0 https://github-redirect.dependabot.com/actions/checkout/pull/278;>Fallback to the default branch v2.2.0 https://github-redirect.dependabot.com/actions/checkout/pull/258;>Fetch all history for all tags and branches when fetch-depth=0 v2.1.1 Changes to support GHES (https://github-redirect.dependabot.com/actions/checkout/pull/236;>here and https://github-redirect.dependabot.com/actions/checkout/pull/248;>here) v2.1.0 https://github-redirect.dependabot.com/actions/checkout/pull/191;>Group output https://github-redirect.dependabot.com/actions/checkout/pull/199;>Changes to support GHES alpha release https://github-redirect.dependabot.com/actions/checkout/pull/184;>Persist core.sshCommand for submodules https://github-redirect.dependabot.com/actions/checkout/pull/163;>Add support ssh https://github-redirect.dependabot.com/actions/checkout/pull/179;>Convert submodule SSH URL to HTTPS, when not using SSH https://github-redirect.dependabot.com/actions/checkout/pull/157;>Add submodule support https://github-redirect.dependabot.com/actions/checkout/pull/144;>Follow proxy settings https://github-redirect.dependabot.com/actions/checkout/pull/141;>Fix ref for pr closed event when a pr is merged https://github-redirect.dependabot.com/actions/checkout/pull/128;>Fix issue checking detached when git less than 2.22 v2.0.0 https://github-redirect.dependabot.com/actions/checkout/pull/108;>Do not pass cred on command line https://github-redirect.dependabot.com/actions/checkout/pull/107;>Add input persist-credentials https://github-redirect.dependabot.com/actions/checkout/pull/104;>Fallback to REST API to download repo v2 (beta) Improved fetch performance The default behavior now fetches only the SHA being checked-out Script authenticated git commands Persists with.token in the local git config Enables your scripts to run authenticated git commands Post-job cleanup removes the token ... (truncated) Commits https://github.com/actions/checkout/commit/dcd71f646680f2efd8db4afa5ad64fdcba30e748;>dcd71f6 Enforce safe directory (https://github-redirect.dependabot.com/actions/checkout/issues/762;>#762) https://github.com/actions/checkout/commit/add3486cc3b55d4a5e11c8045058cef96538edc7;>add3486 Patch to fix the dependbot alert. (https://github-redirect.dependabot.com/actions/checkout/issues/744;>#744) https://github.com/actions/checkout/commit/5126516654c75f76bca1de45dd82a3006d8890f9;>5126516 Bump minimist from 1.2.5 to 1.2.6 (https://github-redirect.dependabot.com/actions/checkout/issues/741;>#741) https://github.com/actions/checkout/commit/d50f8ea76748df49594d9b109b614f3b4db63c71;>d50f8ea Add v3.0 release information to changelog (https://github-redirect.dependabot.com/actions/checkout/issues/740;>#740) https://github.com/actions/checkout/commit/2d1c1198e79c30cca5c3957b1e3b65ce95b5356e;>2d1c119 update test workflows to checkout v3
[GitHub] [commons-compress] dependabot[bot] opened a new pull request, #280: Bump commons-parent from 52 to 53
dependabot[bot] opened a new pull request, #280: URL: https://github.com/apache/commons-compress/pull/280 Bumps commons-parent from 52 to 53. [](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores) Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting `@dependabot rebase`. [//]: # (dependabot-automerge-start) [//]: # (dependabot-automerge-end) --- Dependabot commands and options You can trigger Dependabot actions by commenting on this PR: - `@dependabot rebase` will rebase this PR - `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it - `@dependabot merge` will merge this PR after your CI passes on it - `@dependabot squash and merge` will squash and merge this PR after your CI passes on it - `@dependabot cancel merge` will cancel a previously requested merge and block automerging - `@dependabot reopen` will reopen this PR if it is closed - `@dependabot close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually - `@dependabot ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself) -- This is an automated message from the Apache Git Service. To respond to the message, please log on to GitHub and use the URL above to go to the specific comment. To unsubscribe, e-mail: issues-unsubscr...@commons.apache.org For queries about this service, please contact Infrastructure at: us...@infra.apache.org
[GitHub] [commons-compress] dependabot[bot] opened a new pull request, #279: Bump asm from 9.2 to 9.3
dependabot[bot] opened a new pull request, #279: URL: https://github.com/apache/commons-compress/pull/279 Bumps asm from 9.2 to 9.3. [](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores) Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting `@dependabot rebase`. [//]: # (dependabot-automerge-start) [//]: # (dependabot-automerge-end) --- Dependabot commands and options You can trigger Dependabot actions by commenting on this PR: - `@dependabot rebase` will rebase this PR - `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it - `@dependabot merge` will merge this PR after your CI passes on it - `@dependabot squash and merge` will squash and merge this PR after your CI passes on it - `@dependabot cancel merge` will cancel a previously requested merge and block automerging - `@dependabot reopen` will reopen this PR if it is closed - `@dependabot close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually - `@dependabot ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself) -- This is an automated message from the Apache Git Service. To respond to the message, please log on to GitHub and use the URL above to go to the specific comment. To unsubscribe, e-mail: issues-unsubscr...@commons.apache.org For queries about this service, please contact Infrastructure at: us...@infra.apache.org
[GitHub] [commons-dbcp] dependabot[bot] opened a new pull request, #183: Bump h2 from 2.1.210 to 2.1.212
dependabot[bot] opened a new pull request, #183: URL: https://github.com/apache/commons-dbcp/pull/183 Bumps [h2](https://github.com/h2database/h2database) from 2.1.210 to 2.1.212. Release notes Sourced from https://github.com/h2database/h2database/releases;>h2's releases. Version 2.1.212 Numerous bugs and regression fixes discovered after 2.1.210 release: Commits https://github.com/h2database/h2database/commit/8f861862c480204811e96af28e101ae7a7f1ef4f;>8f86186 Merge pull request https://github-redirect.dependabot.com/h2database/h2database/issues/3482;>#3482 from andreitokar/release-prep https://github.com/h2database/h2database/commit/fd7122e9ec815601630134624a830c1c7ee3f528;>fd7122e Pre-release 2.1.212 indeed https://github.com/h2database/h2database/commit/024b2b2298819808f6c12628588be36578bfc46e;>024b2b2 Pre-release 212 indeed https://github.com/h2database/h2database/commit/783421446f79c81ccdf951196463f0fad469b073;>7834214 Pre-release 212 indeed https://github.com/h2database/h2database/commit/dacad17830ae1c7eb6b88195ee5f3c16c3883e13;>dacad17 Pre-release changes for 2.1.212 https://github.com/h2database/h2database/commit/fab058dc5bd1d4ffec95209abf1e100183367360;>fab058d Merge remote-tracking branch 'h2database/master' into release-prep https://github.com/h2database/h2database/commit/e82a9e517c503ca7f6c96ffc175315b367b5713e;>e82a9e5 Merge pull request https://github-redirect.dependabot.com/h2database/h2database/issues/3481;>#3481 from katzyn/interval https://github.com/h2database/h2database/commit/3b8f9f1afb7f962d53921ca74be9b71814692cc8;>3b8f9f1 Update changelog https://github.com/h2database/h2database/commit/dd68bfc52b7d3575a6a0cc836fb9c00957afc698;>dd68bfc Fix INFORMATION_SCHEMA.ROUTINES.EXTERNAL_NAME for aliases with source code https://github.com/h2database/h2database/commit/a71a66e9f240a34173ef26c4221b5aa7cdb6c121;>a71a66e Add support for standard interval literals with precision Additional commits viewable in https://github.com/h2database/h2database/compare/version-2.1.210...version-2.1.212;>compare view [](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores) Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting `@dependabot rebase`. [//]: # (dependabot-automerge-start) [//]: # (dependabot-automerge-end) --- Dependabot commands and options You can trigger Dependabot actions by commenting on this PR: - `@dependabot rebase` will rebase this PR - `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it - `@dependabot merge` will merge this PR after your CI passes on it - `@dependabot squash and merge` will squash and merge this PR after your CI passes on it - `@dependabot cancel merge` will cancel a previously requested merge and block automerging - `@dependabot reopen` will reopen this PR if it is closed - `@dependabot close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually - `@dependabot ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself) -- This is an automated message from the Apache Git Service. To respond to the message, please log on to GitHub and use the URL above to go to the specific comment. To unsubscribe, e-mail: issues-unsubscr...@commons.apache.org For queries about this service, please contact Infrastructure at: us...@infra.apache.org
[GitHub] [commons-digester] dependabot[bot] opened a new pull request, #28: Bump actions/setup-java from 2 to 3
dependabot[bot] opened a new pull request, #28: URL: https://github.com/apache/commons-digester/pull/28 Bumps [actions/setup-java](https://github.com/actions/setup-java) from 2 to 3. Release notes Sourced from https://github.com/actions/setup-java/releases;>actions/setup-java's releases. v3.0.0 In scope of this release we changed version of the runtime Node.js for the setup-java action and updated package-lock.json file to v2. Breaking Changes With the update to Node 16 in https://github-redirect.dependabot.com/actions/setup-java/pull/290;>#290, all scripts will now be run with Node 16 rather than Node 12. v2.5.0 In scope of this pull request we add support for Microsoft Build of OpenJDK (https://github-redirect.dependabot.com/actions/setup-java/pull/252;>actions/setup-java#252). steps: - name: Checkout uses: actions/checkout@v2 - name: Setup-java uses: actions/setup-java@v2 with: distribution: microsoft java-version: 11 Supported distributions Currently, the following distributions are supported: Keyword Distribution Official site License temurin Eclipse Temurin https://adoptium.net/;>Link https://adoptium.net/about.html;>Link zulu Zulu OpenJDK https://www.azul.com/downloads/zulu-community/?package=jdk;>Link https://www.azul.com/products/zulu-and-zulu-enterprise/zulu-terms-of-use/;>Link adopt or adopt-hotspot Adopt OpenJDK Hotspot https://adoptopenjdk.net/;>Link https://adoptopenjdk.net/about.html;>Link adopt-openj9 Adopt OpenJDK OpenJ9 https://adoptopenjdk.net/;>Link https://adoptopenjdk.net/about.html;>Link liberica Liberica JDK https://bell-sw.com/;>Link https://bell-sw.com/liberica_eula/;>Link microsoft Microsoft Build of OpenJDK https://www.microsoft.com/openjdk;>Link https://docs.microsoft.com/java/openjdk/faq;>Link v2.4.0 In scope of this pull request we add support for Liberica JDK (https://github-redirect.dependabot.com/actions/setup-java/pull/225;>actions/setup-java#225). steps: - name: Checkout uses: actions/checkout@v2 - name: Setup-java uses: actions/setup-java@v2 with: distribution: liberica java-version: 11 Supported distributions Currently, the following distributions are supported: Keyword Distribution Official site License zulu Zulu OpenJDK https://www.azul.com/downloads/zulu-community/?package=jdk;>Link https://www.azul.com/products/zulu-and-zulu-enterprise/zulu-terms-of-use/;>Link adopt or adopt-hotspot Adopt OpenJDK Hotspot https://adoptopenjdk.net/;>Link https://adoptopenjdk.net/about.html;>Link adopt-openj9 Adopt OpenJDK OpenJ9 https://adoptopenjdk.net/;>Link https://adoptopenjdk.net/about.html;>Link temurin Eclipse Temurin https://adoptium.net/;>Link https://adoptium.net/about.html;>Link ... (truncated) Commits https://github.com/actions/setup-java/commit/9519cf1382ac8dc61ad461f7f7cb45f033220189;>9519cf1 Merge pull request https://github-redirect.dependabot.com/actions/setup-java/issues/317;>#317 from actions/t-dedah/updateCache https://github.com/actions/setup-java/commit/02c73de3fe82c1eaf0f32c6ccec2cc7072b3124b;>02c73de Updated action version https://github.com/actions/setup-java/commit/fd3f6750a0381aef7e9cf0620c6eea3583991a3f;>fd3f675 Updated package-lock.json https://github.com/actions/setup-java/commit/1aa8bf7608bff99bf8a7ab37bf57a6f8b4702b86;>1aa8bf7 Licensed https://github.com/actions/setup-java/commit/9c8c90e08ce8fdc0958cb0c30bb9347d593c617e;>9c8c90e Updated @actions/cache https://github.com/actions/setup-java/commit/cd3510900760be04f0473489ef80509989c22cf3;>cd35109 Bump actions to v3 (https://github-redirect.dependabot.com/actions/setup-java/issues/314;>#314) https://github.com/actions/setup-java/commit/d2e3f417a9f5c5fbb2e1dc8a90d8ec7104e6f036;>d2e3f41 Set output cache-hit to indicate if cache was hit (https://github-redirect.dependabot.com/actions/setup-java/issues/275;>#275) https://github.com/actions/setup-java/commit/0aa6f2a84f8634ac1a1bd81dfdf6d5aab98c70f1;>0aa6f2a Bump minimist from 1.2.5 to 1.2.6 (https://github-redirect.dependabot.com/actions/setup-java/issues/303;>#303) https://github.com/actions/setup-java/commit/dc1a9f27915005c4867178213f98cc27415de97a;>dc1a9f2 Caching on GHES (https://github-redirect.dependabot.com/actions/setup-java/issues/308;>#308) https://github.com/actions/setup-java/commit/e886040dc21d1d2c3f71482e1b6518445ef5e620;>e886040 Update zulu-installer.test.ts (https://github-redirect.dependabot.com/actions/setup-java/issues/310;>#310) Additional commits viewable in
[GitHub] [commons-compress] dependabot[bot] opened a new pull request, #278: Bump actions/setup-java from 2 to 3
dependabot[bot] opened a new pull request, #278: URL: https://github.com/apache/commons-compress/pull/278 Bumps [actions/setup-java](https://github.com/actions/setup-java) from 2 to 3. Release notes Sourced from https://github.com/actions/setup-java/releases;>actions/setup-java's releases. v3.0.0 In scope of this release we changed version of the runtime Node.js for the setup-java action and updated package-lock.json file to v2. Breaking Changes With the update to Node 16 in https://github-redirect.dependabot.com/actions/setup-java/pull/290;>#290, all scripts will now be run with Node 16 rather than Node 12. v2.5.0 In scope of this pull request we add support for Microsoft Build of OpenJDK (https://github-redirect.dependabot.com/actions/setup-java/pull/252;>actions/setup-java#252). steps: - name: Checkout uses: actions/checkout@v2 - name: Setup-java uses: actions/setup-java@v2 with: distribution: microsoft java-version: 11 Supported distributions Currently, the following distributions are supported: Keyword Distribution Official site License temurin Eclipse Temurin https://adoptium.net/;>Link https://adoptium.net/about.html;>Link zulu Zulu OpenJDK https://www.azul.com/downloads/zulu-community/?package=jdk;>Link https://www.azul.com/products/zulu-and-zulu-enterprise/zulu-terms-of-use/;>Link adopt or adopt-hotspot Adopt OpenJDK Hotspot https://adoptopenjdk.net/;>Link https://adoptopenjdk.net/about.html;>Link adopt-openj9 Adopt OpenJDK OpenJ9 https://adoptopenjdk.net/;>Link https://adoptopenjdk.net/about.html;>Link liberica Liberica JDK https://bell-sw.com/;>Link https://bell-sw.com/liberica_eula/;>Link microsoft Microsoft Build of OpenJDK https://www.microsoft.com/openjdk;>Link https://docs.microsoft.com/java/openjdk/faq;>Link v2.4.0 In scope of this pull request we add support for Liberica JDK (https://github-redirect.dependabot.com/actions/setup-java/pull/225;>actions/setup-java#225). steps: - name: Checkout uses: actions/checkout@v2 - name: Setup-java uses: actions/setup-java@v2 with: distribution: liberica java-version: 11 Supported distributions Currently, the following distributions are supported: Keyword Distribution Official site License zulu Zulu OpenJDK https://www.azul.com/downloads/zulu-community/?package=jdk;>Link https://www.azul.com/products/zulu-and-zulu-enterprise/zulu-terms-of-use/;>Link adopt or adopt-hotspot Adopt OpenJDK Hotspot https://adoptopenjdk.net/;>Link https://adoptopenjdk.net/about.html;>Link adopt-openj9 Adopt OpenJDK OpenJ9 https://adoptopenjdk.net/;>Link https://adoptopenjdk.net/about.html;>Link temurin Eclipse Temurin https://adoptium.net/;>Link https://adoptium.net/about.html;>Link ... (truncated) Commits https://github.com/actions/setup-java/commit/9519cf1382ac8dc61ad461f7f7cb45f033220189;>9519cf1 Merge pull request https://github-redirect.dependabot.com/actions/setup-java/issues/317;>#317 from actions/t-dedah/updateCache https://github.com/actions/setup-java/commit/02c73de3fe82c1eaf0f32c6ccec2cc7072b3124b;>02c73de Updated action version https://github.com/actions/setup-java/commit/fd3f6750a0381aef7e9cf0620c6eea3583991a3f;>fd3f675 Updated package-lock.json https://github.com/actions/setup-java/commit/1aa8bf7608bff99bf8a7ab37bf57a6f8b4702b86;>1aa8bf7 Licensed https://github.com/actions/setup-java/commit/9c8c90e08ce8fdc0958cb0c30bb9347d593c617e;>9c8c90e Updated @actions/cache https://github.com/actions/setup-java/commit/cd3510900760be04f0473489ef80509989c22cf3;>cd35109 Bump actions to v3 (https://github-redirect.dependabot.com/actions/setup-java/issues/314;>#314) https://github.com/actions/setup-java/commit/d2e3f417a9f5c5fbb2e1dc8a90d8ec7104e6f036;>d2e3f41 Set output cache-hit to indicate if cache was hit (https://github-redirect.dependabot.com/actions/setup-java/issues/275;>#275) https://github.com/actions/setup-java/commit/0aa6f2a84f8634ac1a1bd81dfdf6d5aab98c70f1;>0aa6f2a Bump minimist from 1.2.5 to 1.2.6 (https://github-redirect.dependabot.com/actions/setup-java/issues/303;>#303) https://github.com/actions/setup-java/commit/dc1a9f27915005c4867178213f98cc27415de97a;>dc1a9f2 Caching on GHES (https://github-redirect.dependabot.com/actions/setup-java/issues/308;>#308) https://github.com/actions/setup-java/commit/e886040dc21d1d2c3f71482e1b6518445ef5e620;>e886040 Update zulu-installer.test.ts (https://github-redirect.dependabot.com/actions/setup-java/issues/310;>#310) Additional commits viewable in
[GitHub] [commons-dbcp] dependabot[bot] opened a new pull request, #182: Bump actions/setup-java from 2 to 3
dependabot[bot] opened a new pull request, #182: URL: https://github.com/apache/commons-dbcp/pull/182 Bumps [actions/setup-java](https://github.com/actions/setup-java) from 2 to 3. Release notes Sourced from https://github.com/actions/setup-java/releases;>actions/setup-java's releases. v3.0.0 In scope of this release we changed version of the runtime Node.js for the setup-java action and updated package-lock.json file to v2. Breaking Changes With the update to Node 16 in https://github-redirect.dependabot.com/actions/setup-java/pull/290;>#290, all scripts will now be run with Node 16 rather than Node 12. v2.5.0 In scope of this pull request we add support for Microsoft Build of OpenJDK (https://github-redirect.dependabot.com/actions/setup-java/pull/252;>actions/setup-java#252). steps: - name: Checkout uses: actions/checkout@v2 - name: Setup-java uses: actions/setup-java@v2 with: distribution: microsoft java-version: 11 Supported distributions Currently, the following distributions are supported: Keyword Distribution Official site License temurin Eclipse Temurin https://adoptium.net/;>Link https://adoptium.net/about.html;>Link zulu Zulu OpenJDK https://www.azul.com/downloads/zulu-community/?package=jdk;>Link https://www.azul.com/products/zulu-and-zulu-enterprise/zulu-terms-of-use/;>Link adopt or adopt-hotspot Adopt OpenJDK Hotspot https://adoptopenjdk.net/;>Link https://adoptopenjdk.net/about.html;>Link adopt-openj9 Adopt OpenJDK OpenJ9 https://adoptopenjdk.net/;>Link https://adoptopenjdk.net/about.html;>Link liberica Liberica JDK https://bell-sw.com/;>Link https://bell-sw.com/liberica_eula/;>Link microsoft Microsoft Build of OpenJDK https://www.microsoft.com/openjdk;>Link https://docs.microsoft.com/java/openjdk/faq;>Link v2.4.0 In scope of this pull request we add support for Liberica JDK (https://github-redirect.dependabot.com/actions/setup-java/pull/225;>actions/setup-java#225). steps: - name: Checkout uses: actions/checkout@v2 - name: Setup-java uses: actions/setup-java@v2 with: distribution: liberica java-version: 11 Supported distributions Currently, the following distributions are supported: Keyword Distribution Official site License zulu Zulu OpenJDK https://www.azul.com/downloads/zulu-community/?package=jdk;>Link https://www.azul.com/products/zulu-and-zulu-enterprise/zulu-terms-of-use/;>Link adopt or adopt-hotspot Adopt OpenJDK Hotspot https://adoptopenjdk.net/;>Link https://adoptopenjdk.net/about.html;>Link adopt-openj9 Adopt OpenJDK OpenJ9 https://adoptopenjdk.net/;>Link https://adoptopenjdk.net/about.html;>Link temurin Eclipse Temurin https://adoptium.net/;>Link https://adoptium.net/about.html;>Link ... (truncated) Commits https://github.com/actions/setup-java/commit/9519cf1382ac8dc61ad461f7f7cb45f033220189;>9519cf1 Merge pull request https://github-redirect.dependabot.com/actions/setup-java/issues/317;>#317 from actions/t-dedah/updateCache https://github.com/actions/setup-java/commit/02c73de3fe82c1eaf0f32c6ccec2cc7072b3124b;>02c73de Updated action version https://github.com/actions/setup-java/commit/fd3f6750a0381aef7e9cf0620c6eea3583991a3f;>fd3f675 Updated package-lock.json https://github.com/actions/setup-java/commit/1aa8bf7608bff99bf8a7ab37bf57a6f8b4702b86;>1aa8bf7 Licensed https://github.com/actions/setup-java/commit/9c8c90e08ce8fdc0958cb0c30bb9347d593c617e;>9c8c90e Updated @actions/cache https://github.com/actions/setup-java/commit/cd3510900760be04f0473489ef80509989c22cf3;>cd35109 Bump actions to v3 (https://github-redirect.dependabot.com/actions/setup-java/issues/314;>#314) https://github.com/actions/setup-java/commit/d2e3f417a9f5c5fbb2e1dc8a90d8ec7104e6f036;>d2e3f41 Set output cache-hit to indicate if cache was hit (https://github-redirect.dependabot.com/actions/setup-java/issues/275;>#275) https://github.com/actions/setup-java/commit/0aa6f2a84f8634ac1a1bd81dfdf6d5aab98c70f1;>0aa6f2a Bump minimist from 1.2.5 to 1.2.6 (https://github-redirect.dependabot.com/actions/setup-java/issues/303;>#303) https://github.com/actions/setup-java/commit/dc1a9f27915005c4867178213f98cc27415de97a;>dc1a9f2 Caching on GHES (https://github-redirect.dependabot.com/actions/setup-java/issues/308;>#308) https://github.com/actions/setup-java/commit/e886040dc21d1d2c3f71482e1b6518445ef5e620;>e886040 Update zulu-installer.test.ts (https://github-redirect.dependabot.com/actions/setup-java/issues/310;>#310) Additional commits viewable in
[GitHub] [commons-net] dependabot[bot] opened a new pull request, #103: Bump actions/setup-java from 2 to 3
dependabot[bot] opened a new pull request, #103: URL: https://github.com/apache/commons-net/pull/103 Bumps [actions/setup-java](https://github.com/actions/setup-java) from 2 to 3. Release notes Sourced from https://github.com/actions/setup-java/releases;>actions/setup-java's releases. v3.0.0 In scope of this release we changed version of the runtime Node.js for the setup-java action and updated package-lock.json file to v2. Breaking Changes With the update to Node 16 in https://github-redirect.dependabot.com/actions/setup-java/pull/290;>#290, all scripts will now be run with Node 16 rather than Node 12. v2.5.0 In scope of this pull request we add support for Microsoft Build of OpenJDK (https://github-redirect.dependabot.com/actions/setup-java/pull/252;>actions/setup-java#252). steps: - name: Checkout uses: actions/checkout@v2 - name: Setup-java uses: actions/setup-java@v2 with: distribution: microsoft java-version: 11 Supported distributions Currently, the following distributions are supported: Keyword Distribution Official site License temurin Eclipse Temurin https://adoptium.net/;>Link https://adoptium.net/about.html;>Link zulu Zulu OpenJDK https://www.azul.com/downloads/zulu-community/?package=jdk;>Link https://www.azul.com/products/zulu-and-zulu-enterprise/zulu-terms-of-use/;>Link adopt or adopt-hotspot Adopt OpenJDK Hotspot https://adoptopenjdk.net/;>Link https://adoptopenjdk.net/about.html;>Link adopt-openj9 Adopt OpenJDK OpenJ9 https://adoptopenjdk.net/;>Link https://adoptopenjdk.net/about.html;>Link liberica Liberica JDK https://bell-sw.com/;>Link https://bell-sw.com/liberica_eula/;>Link microsoft Microsoft Build of OpenJDK https://www.microsoft.com/openjdk;>Link https://docs.microsoft.com/java/openjdk/faq;>Link v2.4.0 In scope of this pull request we add support for Liberica JDK (https://github-redirect.dependabot.com/actions/setup-java/pull/225;>actions/setup-java#225). steps: - name: Checkout uses: actions/checkout@v2 - name: Setup-java uses: actions/setup-java@v2 with: distribution: liberica java-version: 11 Supported distributions Currently, the following distributions are supported: Keyword Distribution Official site License zulu Zulu OpenJDK https://www.azul.com/downloads/zulu-community/?package=jdk;>Link https://www.azul.com/products/zulu-and-zulu-enterprise/zulu-terms-of-use/;>Link adopt or adopt-hotspot Adopt OpenJDK Hotspot https://adoptopenjdk.net/;>Link https://adoptopenjdk.net/about.html;>Link adopt-openj9 Adopt OpenJDK OpenJ9 https://adoptopenjdk.net/;>Link https://adoptopenjdk.net/about.html;>Link temurin Eclipse Temurin https://adoptium.net/;>Link https://adoptium.net/about.html;>Link ... (truncated) Commits https://github.com/actions/setup-java/commit/9519cf1382ac8dc61ad461f7f7cb45f033220189;>9519cf1 Merge pull request https://github-redirect.dependabot.com/actions/setup-java/issues/317;>#317 from actions/t-dedah/updateCache https://github.com/actions/setup-java/commit/02c73de3fe82c1eaf0f32c6ccec2cc7072b3124b;>02c73de Updated action version https://github.com/actions/setup-java/commit/fd3f6750a0381aef7e9cf0620c6eea3583991a3f;>fd3f675 Updated package-lock.json https://github.com/actions/setup-java/commit/1aa8bf7608bff99bf8a7ab37bf57a6f8b4702b86;>1aa8bf7 Licensed https://github.com/actions/setup-java/commit/9c8c90e08ce8fdc0958cb0c30bb9347d593c617e;>9c8c90e Updated @actions/cache https://github.com/actions/setup-java/commit/cd3510900760be04f0473489ef80509989c22cf3;>cd35109 Bump actions to v3 (https://github-redirect.dependabot.com/actions/setup-java/issues/314;>#314) https://github.com/actions/setup-java/commit/d2e3f417a9f5c5fbb2e1dc8a90d8ec7104e6f036;>d2e3f41 Set output cache-hit to indicate if cache was hit (https://github-redirect.dependabot.com/actions/setup-java/issues/275;>#275) https://github.com/actions/setup-java/commit/0aa6f2a84f8634ac1a1bd81dfdf6d5aab98c70f1;>0aa6f2a Bump minimist from 1.2.5 to 1.2.6 (https://github-redirect.dependabot.com/actions/setup-java/issues/303;>#303) https://github.com/actions/setup-java/commit/dc1a9f27915005c4867178213f98cc27415de97a;>dc1a9f2 Caching on GHES (https://github-redirect.dependabot.com/actions/setup-java/issues/308;>#308) https://github.com/actions/setup-java/commit/e886040dc21d1d2c3f71482e1b6518445ef5e620;>e886040 Update zulu-installer.test.ts (https://github-redirect.dependabot.com/actions/setup-java/issues/310;>#310) Additional commits viewable in
[GitHub] [commons-io] dependabot[bot] opened a new pull request, #346: Bump actions/setup-java from 2 to 3
dependabot[bot] opened a new pull request, #346: URL: https://github.com/apache/commons-io/pull/346 Bumps [actions/setup-java](https://github.com/actions/setup-java) from 2 to 3. Release notes Sourced from https://github.com/actions/setup-java/releases;>actions/setup-java's releases. v3.0.0 In scope of this release we changed version of the runtime Node.js for the setup-java action and updated package-lock.json file to v2. Breaking Changes With the update to Node 16 in https://github-redirect.dependabot.com/actions/setup-java/pull/290;>#290, all scripts will now be run with Node 16 rather than Node 12. v2.5.0 In scope of this pull request we add support for Microsoft Build of OpenJDK (https://github-redirect.dependabot.com/actions/setup-java/pull/252;>actions/setup-java#252). steps: - name: Checkout uses: actions/checkout@v2 - name: Setup-java uses: actions/setup-java@v2 with: distribution: microsoft java-version: 11 Supported distributions Currently, the following distributions are supported: Keyword Distribution Official site License temurin Eclipse Temurin https://adoptium.net/;>Link https://adoptium.net/about.html;>Link zulu Zulu OpenJDK https://www.azul.com/downloads/zulu-community/?package=jdk;>Link https://www.azul.com/products/zulu-and-zulu-enterprise/zulu-terms-of-use/;>Link adopt or adopt-hotspot Adopt OpenJDK Hotspot https://adoptopenjdk.net/;>Link https://adoptopenjdk.net/about.html;>Link adopt-openj9 Adopt OpenJDK OpenJ9 https://adoptopenjdk.net/;>Link https://adoptopenjdk.net/about.html;>Link liberica Liberica JDK https://bell-sw.com/;>Link https://bell-sw.com/liberica_eula/;>Link microsoft Microsoft Build of OpenJDK https://www.microsoft.com/openjdk;>Link https://docs.microsoft.com/java/openjdk/faq;>Link v2.4.0 In scope of this pull request we add support for Liberica JDK (https://github-redirect.dependabot.com/actions/setup-java/pull/225;>actions/setup-java#225). steps: - name: Checkout uses: actions/checkout@v2 - name: Setup-java uses: actions/setup-java@v2 with: distribution: liberica java-version: 11 Supported distributions Currently, the following distributions are supported: Keyword Distribution Official site License zulu Zulu OpenJDK https://www.azul.com/downloads/zulu-community/?package=jdk;>Link https://www.azul.com/products/zulu-and-zulu-enterprise/zulu-terms-of-use/;>Link adopt or adopt-hotspot Adopt OpenJDK Hotspot https://adoptopenjdk.net/;>Link https://adoptopenjdk.net/about.html;>Link adopt-openj9 Adopt OpenJDK OpenJ9 https://adoptopenjdk.net/;>Link https://adoptopenjdk.net/about.html;>Link temurin Eclipse Temurin https://adoptium.net/;>Link https://adoptium.net/about.html;>Link ... (truncated) Commits https://github.com/actions/setup-java/commit/9519cf1382ac8dc61ad461f7f7cb45f033220189;>9519cf1 Merge pull request https://github-redirect.dependabot.com/actions/setup-java/issues/317;>#317 from actions/t-dedah/updateCache https://github.com/actions/setup-java/commit/02c73de3fe82c1eaf0f32c6ccec2cc7072b3124b;>02c73de Updated action version https://github.com/actions/setup-java/commit/fd3f6750a0381aef7e9cf0620c6eea3583991a3f;>fd3f675 Updated package-lock.json https://github.com/actions/setup-java/commit/1aa8bf7608bff99bf8a7ab37bf57a6f8b4702b86;>1aa8bf7 Licensed https://github.com/actions/setup-java/commit/9c8c90e08ce8fdc0958cb0c30bb9347d593c617e;>9c8c90e Updated @actions/cache https://github.com/actions/setup-java/commit/cd3510900760be04f0473489ef80509989c22cf3;>cd35109 Bump actions to v3 (https://github-redirect.dependabot.com/actions/setup-java/issues/314;>#314) https://github.com/actions/setup-java/commit/d2e3f417a9f5c5fbb2e1dc8a90d8ec7104e6f036;>d2e3f41 Set output cache-hit to indicate if cache was hit (https://github-redirect.dependabot.com/actions/setup-java/issues/275;>#275) https://github.com/actions/setup-java/commit/0aa6f2a84f8634ac1a1bd81dfdf6d5aab98c70f1;>0aa6f2a Bump minimist from 1.2.5 to 1.2.6 (https://github-redirect.dependabot.com/actions/setup-java/issues/303;>#303) https://github.com/actions/setup-java/commit/dc1a9f27915005c4867178213f98cc27415de97a;>dc1a9f2 Caching on GHES (https://github-redirect.dependabot.com/actions/setup-java/issues/308;>#308) https://github.com/actions/setup-java/commit/e886040dc21d1d2c3f71482e1b6518445ef5e620;>e886040 Update zulu-installer.test.ts (https://github-redirect.dependabot.com/actions/setup-java/issues/310;>#310) Additional commits viewable in https://github.com/actions/setup-java/compare/v2...v3;>compare
[jira] [Comment Edited] (MATH-1618) Change in Existing Design
[ https://issues.apache.org/jira/browse/MATH-1618?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel=17522535#comment-17522535 ] Gilles Sadowski edited comment on MATH-1618 at 4/14/22 11:38 PM: - I've just attached a few [^ga.zip]. They are mainly interfaces; for now, they are meant to illustrate an alternative approach with maximal decoupling of the steps that make up a "genetic algorithm" (GA). It's not tested (beyond compilation) and I've probably cut some corners (the devil is in the details), but the question is whether this can form the basis for the refactored GA functionality. was (Author: erans): I've just attached a few [^ga.zip]. They are mainly interfaces; for now, they are meant to illustrate an alternative approach with maximal decoupling of the steps that make up a "genetic algorithm" (GA). It's not tested (beyond compilation) and I've probably cut some corners (the devil is in the details), but the question is whether this can form the basis for the refactored GA functionality. Aside from the still missing implementations (actually the current concrete classes of the various chromosome representations, and their associated genetic operators, could probably be readily adapted). > Change in Existing Design > - > > Key: MATH-1618 > URL: https://issues.apache.org/jira/browse/MATH-1618 > Project: Commons Math > Issue Type: Sub-task >Affects Versions: 3.6.1 >Reporter: AVIJIT BASAK >Priority: Major > Attachments: ga.zip > > > *1) Creation of abstraction for GeneticAlgorithm*: In order to have different > types of implementation for Genetic Algorithm like adaptive GA along with the > existing one, we need to introduce an abstraction and a hierarchy of > algorithm. AbstracttGeneticAlgorithm class needs to be implemented which > would be extended by all other Algorithm class. This would also ease any > future extension. > Removed Components: None > New Components: AbstractGeneticAlgorithm > Affected Components: GeneticAlgorithm > *2) Delegation of fitness calculation*: As per the current design Fitness > interface is implemented by chromosome class, which forces implementation of > fitness() method for any concrete chromosome. However this restricts the use > of same concrete chromosome implementation to be reused for different problem > domain. This inheritance based implementation should be replaced by > composition. A new interface FitnessCalculator would be introduced. An > instance of FitnessCalculator will be provided during creation of every > concrete chromosome. This will enable reuse of concrete chromosome classes in > different problem domain and hence improve extensibility and re-usability. > This will require addition of an argument for each factory method and > constructors. > Removed Components: Fitness > New Components: FitnessFunction > Affected Components: Chromosome, AbstractListChromosome, BinaryChromosome, > RandomKey > *3) Enable finer control for mutation and crossover probability*: Current > design uses the crossover and mutation probability at the chromosome level. > For finer control of mutation and crossover process the probability would be > managed within MutationPolicy and CrossoverPolicy implementations. > Probability would be passed as an argument to the respective operations. This > way the corresponding operations will be responsible for managing probability > and apply in convenient way. I have seen the controlling the mutation > probability at the allele(gene) level improves the exploring capability of > the optimization process and hence improves robustness. > Removed Components: None > New Components: None > Affected Components: MutationPolicy, CrossoverPolicy and all other > implementation classes > *4) Addition of new Simulation Stopping conditions*: New simulation stopping > conditions would be added based on population statistical characteristics. > The simulation can be stopped based on variations of population average > fitness or best fitness. These parameters are much better to represent nature > of convergence. This will improve robustness to a considerable extent. > Removed Components: None > New Components: UnchangedAvgFitness, UnchangedBestFitness, > Affected Components: SimulationStoppingCondition, GeneticAlgorithm, > FixedElapsedTime, FixedGenerationCount > *5) Introduction of Convergence listeners*: New convergence listener > interface and registry would be introduced to enable tracking of convergence. > Removed components: None > New Components: ConvergenceListener, ListenerRegistry, > PopulationStatisticalSummary > Affected Components: AbstractGeneticAlgorithm, GeneticAlgorithm > *6) Restructuring Elitism*: Elitism can be handled by the hierarchy of > Algorithm classes. Use of a separate
[jira] [Comment Edited] (MATH-1618) Change in Existing Design
[ https://issues.apache.org/jira/browse/MATH-1618?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel=17522535#comment-17522535 ] Gilles Sadowski edited comment on MATH-1618 at 4/14/22 11:02 PM: - I've just attached a few [^ga.zip]. They are mainly interfaces; for now, they are meant to illustrate an alternative approach with maximal decoupling of the steps that make up a "genetic algorithm" (GA). It's not tested (beyond compilation) and I've probably cut some corners (the devil is in the details), but the question is whether this can form the basis for the refactored GA functionality. Aside from the still missing implementations (actually the current concrete classes of the various chromosome representations, and their associated genetic operators, could probably be readily adapted). was (Author: erans): I've just attached a few [Java source files|https://issues.apache.org/jira/secure/attachment/13042471/ga.zip]. They are mainly interfaces; for now, they are meant to illustrate an alternative approach with maximal decoupling of the steps that make up a "genetic algorithm" (GA). It's not tested (beyond compilation) and I've probably cut some corners (the devil is in the details), but the question is whether this can form the basis for the refactored GA functionality. Aside from the still missing implementations (actually the current concrete classes of the various chromosome representations, and their associated genetic operators, could probably be readily adapted). > Change in Existing Design > - > > Key: MATH-1618 > URL: https://issues.apache.org/jira/browse/MATH-1618 > Project: Commons Math > Issue Type: Sub-task >Affects Versions: 3.6.1 >Reporter: AVIJIT BASAK >Priority: Major > Attachments: ga.zip > > > *1) Creation of abstraction for GeneticAlgorithm*: In order to have different > types of implementation for Genetic Algorithm like adaptive GA along with the > existing one, we need to introduce an abstraction and a hierarchy of > algorithm. AbstracttGeneticAlgorithm class needs to be implemented which > would be extended by all other Algorithm class. This would also ease any > future extension. > Removed Components: None > New Components: AbstractGeneticAlgorithm > Affected Components: GeneticAlgorithm > *2) Delegation of fitness calculation*: As per the current design Fitness > interface is implemented by chromosome class, which forces implementation of > fitness() method for any concrete chromosome. However this restricts the use > of same concrete chromosome implementation to be reused for different problem > domain. This inheritance based implementation should be replaced by > composition. A new interface FitnessCalculator would be introduced. An > instance of FitnessCalculator will be provided during creation of every > concrete chromosome. This will enable reuse of concrete chromosome classes in > different problem domain and hence improve extensibility and re-usability. > This will require addition of an argument for each factory method and > constructors. > Removed Components: Fitness > New Components: FitnessFunction > Affected Components: Chromosome, AbstractListChromosome, BinaryChromosome, > RandomKey > *3) Enable finer control for mutation and crossover probability*: Current > design uses the crossover and mutation probability at the chromosome level. > For finer control of mutation and crossover process the probability would be > managed within MutationPolicy and CrossoverPolicy implementations. > Probability would be passed as an argument to the respective operations. This > way the corresponding operations will be responsible for managing probability > and apply in convenient way. I have seen the controlling the mutation > probability at the allele(gene) level improves the exploring capability of > the optimization process and hence improves robustness. > Removed Components: None > New Components: None > Affected Components: MutationPolicy, CrossoverPolicy and all other > implementation classes > *4) Addition of new Simulation Stopping conditions*: New simulation stopping > conditions would be added based on population statistical characteristics. > The simulation can be stopped based on variations of population average > fitness or best fitness. These parameters are much better to represent nature > of convergence. This will improve robustness to a considerable extent. > Removed Components: None > New Components: UnchangedAvgFitness, UnchangedBestFitness, > Affected Components: SimulationStoppingCondition, GeneticAlgorithm, > FixedElapsedTime, FixedGenerationCount > *5) Introduction of Convergence listeners*: New convergence listener > interface and registry would be introduced to enable tracking of convergence. > Removed components:
[jira] [Commented] (MATH-1618) Change in Existing Design
[ https://issues.apache.org/jira/browse/MATH-1618?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel=17522535#comment-17522535 ] Gilles Sadowski commented on MATH-1618: --- I've just attached a few [Java source files|https://issues.apache.org/jira/secure/attachment/13042471/ga.zip]. They are mainly interfaces; for now, they are meant to illustrate an alternative approach with maximal decoupling of the steps that make up a "genetic algorithm" (GA). It's not tested (beyond compilation) and I've probably cut some corners (the devil is in the details), but the question is whether this can form the basis for the refactored GA functionality. Aside from the still missing implementations (actually the current concrete classes of the various chromosome representations, and their associated genetic operators, could probably be readily adapted). > Change in Existing Design > - > > Key: MATH-1618 > URL: https://issues.apache.org/jira/browse/MATH-1618 > Project: Commons Math > Issue Type: Sub-task >Affects Versions: 3.6.1 >Reporter: AVIJIT BASAK >Priority: Major > Attachments: ga.zip > > > *1) Creation of abstraction for GeneticAlgorithm*: In order to have different > types of implementation for Genetic Algorithm like adaptive GA along with the > existing one, we need to introduce an abstraction and a hierarchy of > algorithm. AbstracttGeneticAlgorithm class needs to be implemented which > would be extended by all other Algorithm class. This would also ease any > future extension. > Removed Components: None > New Components: AbstractGeneticAlgorithm > Affected Components: GeneticAlgorithm > *2) Delegation of fitness calculation*: As per the current design Fitness > interface is implemented by chromosome class, which forces implementation of > fitness() method for any concrete chromosome. However this restricts the use > of same concrete chromosome implementation to be reused for different problem > domain. This inheritance based implementation should be replaced by > composition. A new interface FitnessCalculator would be introduced. An > instance of FitnessCalculator will be provided during creation of every > concrete chromosome. This will enable reuse of concrete chromosome classes in > different problem domain and hence improve extensibility and re-usability. > This will require addition of an argument for each factory method and > constructors. > Removed Components: Fitness > New Components: FitnessFunction > Affected Components: Chromosome, AbstractListChromosome, BinaryChromosome, > RandomKey > *3) Enable finer control for mutation and crossover probability*: Current > design uses the crossover and mutation probability at the chromosome level. > For finer control of mutation and crossover process the probability would be > managed within MutationPolicy and CrossoverPolicy implementations. > Probability would be passed as an argument to the respective operations. This > way the corresponding operations will be responsible for managing probability > and apply in convenient way. I have seen the controlling the mutation > probability at the allele(gene) level improves the exploring capability of > the optimization process and hence improves robustness. > Removed Components: None > New Components: None > Affected Components: MutationPolicy, CrossoverPolicy and all other > implementation classes > *4) Addition of new Simulation Stopping conditions*: New simulation stopping > conditions would be added based on population statistical characteristics. > The simulation can be stopped based on variations of population average > fitness or best fitness. These parameters are much better to represent nature > of convergence. This will improve robustness to a considerable extent. > Removed Components: None > New Components: UnchangedAvgFitness, UnchangedBestFitness, > Affected Components: SimulationStoppingCondition, GeneticAlgorithm, > FixedElapsedTime, FixedGenerationCount > *5) Introduction of Convergence listeners*: New convergence listener > interface and registry would be introduced to enable tracking of convergence. > Removed components: None > New Components: ConvergenceListener, ListenerRegistry, > PopulationStatisticalSummary > Affected Components: AbstractGeneticAlgorithm, GeneticAlgorithm > *6) Restructuring Elitism*: Elitism can be handled by the hierarchy of > Algorithm classes. Use of a separate ElitisticListPopulation class may not be > necessary. The method nextGeneration() in Population would accept the elitism > rate as an argument. Any concrete instance of Population would provide the > necessary implementation. > Removed components: ElitisticListPopulation > New Component: None > Affected Components: AbstractGeneticAlgorithm, GeneticAlgorithm, Population, > ListPopulation > *7)
[jira] [Updated] (MATH-1618) Change in Existing Design
[ https://issues.apache.org/jira/browse/MATH-1618?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ] Gilles Sadowski updated MATH-1618: -- Attachment: ga.zip > Change in Existing Design > - > > Key: MATH-1618 > URL: https://issues.apache.org/jira/browse/MATH-1618 > Project: Commons Math > Issue Type: Sub-task >Affects Versions: 3.6.1 >Reporter: AVIJIT BASAK >Priority: Major > Attachments: ga.zip > > > *1) Creation of abstraction for GeneticAlgorithm*: In order to have different > types of implementation for Genetic Algorithm like adaptive GA along with the > existing one, we need to introduce an abstraction and a hierarchy of > algorithm. AbstracttGeneticAlgorithm class needs to be implemented which > would be extended by all other Algorithm class. This would also ease any > future extension. > Removed Components: None > New Components: AbstractGeneticAlgorithm > Affected Components: GeneticAlgorithm > *2) Delegation of fitness calculation*: As per the current design Fitness > interface is implemented by chromosome class, which forces implementation of > fitness() method for any concrete chromosome. However this restricts the use > of same concrete chromosome implementation to be reused for different problem > domain. This inheritance based implementation should be replaced by > composition. A new interface FitnessCalculator would be introduced. An > instance of FitnessCalculator will be provided during creation of every > concrete chromosome. This will enable reuse of concrete chromosome classes in > different problem domain and hence improve extensibility and re-usability. > This will require addition of an argument for each factory method and > constructors. > Removed Components: Fitness > New Components: FitnessFunction > Affected Components: Chromosome, AbstractListChromosome, BinaryChromosome, > RandomKey > *3) Enable finer control for mutation and crossover probability*: Current > design uses the crossover and mutation probability at the chromosome level. > For finer control of mutation and crossover process the probability would be > managed within MutationPolicy and CrossoverPolicy implementations. > Probability would be passed as an argument to the respective operations. This > way the corresponding operations will be responsible for managing probability > and apply in convenient way. I have seen the controlling the mutation > probability at the allele(gene) level improves the exploring capability of > the optimization process and hence improves robustness. > Removed Components: None > New Components: None > Affected Components: MutationPolicy, CrossoverPolicy and all other > implementation classes > *4) Addition of new Simulation Stopping conditions*: New simulation stopping > conditions would be added based on population statistical characteristics. > The simulation can be stopped based on variations of population average > fitness or best fitness. These parameters are much better to represent nature > of convergence. This will improve robustness to a considerable extent. > Removed Components: None > New Components: UnchangedAvgFitness, UnchangedBestFitness, > Affected Components: SimulationStoppingCondition, GeneticAlgorithm, > FixedElapsedTime, FixedGenerationCount > *5) Introduction of Convergence listeners*: New convergence listener > interface and registry would be introduced to enable tracking of convergence. > Removed components: None > New Components: ConvergenceListener, ListenerRegistry, > PopulationStatisticalSummary > Affected Components: AbstractGeneticAlgorithm, GeneticAlgorithm > *6) Restructuring Elitism*: Elitism can be handled by the hierarchy of > Algorithm classes. Use of a separate ElitisticListPopulation class may not be > necessary. The method nextGeneration() in Population would accept the elitism > rate as an argument. Any concrete instance of Population would provide the > necessary implementation. > Removed components: ElitisticListPopulation > New Component: None > Affected Components: AbstractGeneticAlgorithm, GeneticAlgorithm, Population, > ListPopulation > *7) Introducing Hierarchy in Crossover and Mutation Operator*: Abstract > classes has been introduced for crossover and mutation operators. > Removed components: None > New Component: AbstractChromosomeCrossoverPolicy, > AbstractListChromosomeCrossoverPolicy, AbstractListChromosomeMutationPolicy > Affected Components: All concrete implementation classes for crossover and > mutation. > *8) Rename the method newFixedLengthChromosome() in > AbstractList**Chromosome***: The method newFixedLengthChromosome would be > renamed as newChromosome. As we are not considering any variable length > chromosome and chromosome representation is immutable in > AbstractListChromosome we don't need any explicit
[jira] [Closed] (IO-766) ValidatingObjectInputStream
[ https://issues.apache.org/jira/browse/IO-766?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ] Jonathon Nicholas Sanders closed IO-766. Resolution: Not A Bug > ValidatingObjectInputStream > --- > > Key: IO-766 > URL: https://issues.apache.org/jira/browse/IO-766 > Project: Commons IO > Issue Type: Bug > Environment: Java 8, Ubuntu 16.04 LTS, Eclipse Neon, Apache Commons > IO 2.11.0 >Reporter: Jonathon Nicholas Sanders >Priority: Major > Attachments: .checksum.md5, Unit Test Case_20220413.zip > > > I have been using ValidatingObjectInputStream and found a bug. > > It appears when you have an ArrayList of String it fails to validate the > String.class ( [Ljava.lang.String; ) because somehow some extra data in the > full class name causes an error. Currently I have no work around, I could > edit the source, and see if I can hunt down the bug myself, but I don't think > my project manager would care for that option if it takes me too much time, > the other is also not ideal and that is avoid using ArrayList but > the again, this could be an issue for any ArrayList of Classes. > > I am using Oracle Java 8 on Ubuntu 16.04 LTS, here is my stacktrace. I have > removed references to my classes for the sake of confidentiality. > > Apr 08, 2022 3:07:33 PM gov.jdaccs.views.__ openConfiguration > SEVERE: Class name not accepted: [Ljava.lang.String; > java.io.InvalidClassException: Class name not accepted: [Ljava.lang.String; > at > org.apache.commons.io.serialization.ValidatingObjectInputStream.invalidClassNameFound(ValidatingObjectInputStream.java:95) > at > org.apache.commons.io.serialization.ValidatingObjectInputStream.validateClassName(ValidatingObjectInputStream.java:82) > at > org.apache.commons.io.serialization.ValidatingObjectInputStream.resolveClass(ValidatingObjectInputStream.java:100) > at java.io.ObjectInputStream.readNonProxyDesc(ObjectInputStream.java:1859) > at java.io.ObjectInputStream.readClassDesc(ObjectInputStream.java:1745) > at java.io.ObjectInputStream.readArray(ObjectInputStream.java:1921) > at java.io.ObjectInputStream.readObject0(ObjectInputStream.java:1561) > at java.io.ObjectInputStream.defaultReadFields(ObjectInputStream.java:2278) > at java.io.ObjectInputStream.readSerialData(ObjectInputStream.java:2202) > at java.io.ObjectInputStream.readOrdinaryObject(ObjectInputStream.java:2060) > at java.io.ObjectInputStream.readObject0(ObjectInputStream.java:1567) > at java.io.ObjectInputStream.readObject(ObjectInputStream.java:427) > at java.util.ArrayList.readObject(ArrayList.java:797) > at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method) > at > sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:62) > at > sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:43) > at java.lang.reflect.Method.invoke(Method.java:498) > at java.io.ObjectStreamClass.invokeReadObject(ObjectStreamClass.java:1158) > at java.io.ObjectInputStream.readSerialData(ObjectInputStream.java:2169) > at java.io.ObjectInputStream.readOrdinaryObject(ObjectInputStream.java:2060) > at java.io.ObjectInputStream.readObject0(ObjectInputStream.java:1567) > at java.io.ObjectInputStream.defaultReadFields(ObjectInputStream.java:2278) > at java.io.ObjectInputStream.readSerialData(ObjectInputStream.java:2202) > at java.io.ObjectInputStream.readOrdinaryObject(ObjectInputStream.java:2060) > at java.io.ObjectInputStream.readObject0(ObjectInputStream.java:1567) > at java.io.ObjectInputStream.defaultReadFields(ObjectInputStream.java:2278) > at java.io.ObjectInputStream.readSerialData(ObjectInputStream.java:2202) > at java.io.ObjectInputStream.readOrdinaryObject(ObjectInputStream.java:2060) > at java.io.ObjectInputStream.readObject0(ObjectInputStream.java:1567) > at java.io.ObjectInputStream.readObject(ObjectInputStream.java:427) > at gov.jdaccs.config.__.readConfiguration(__.java:74) > at gov.jdaccs.views.__.openConfiguration(__.java:511) > at gov.jdaccs.views.__.loadDefaults(__.java:757) > at gov.jdaccs.views.__.createNewConfiguration(__.java:2508) > at gov.jdaccs.views.__.(__.java:262) > at gov.jdaccs.views.__.main(_.java:2534) -- This message was sent by Atlassian Jira (v8.20.1#820001)
[jira] [Commented] (IO-766) ValidatingObjectInputStream
[ https://issues.apache.org/jira/browse/IO-766?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel=17522380#comment-17522380 ] Jonathon Nicholas Sanders commented on IO-766: -- [~ggregory] Thanks, I was not aware that arrays could do this. > ValidatingObjectInputStream > --- > > Key: IO-766 > URL: https://issues.apache.org/jira/browse/IO-766 > Project: Commons IO > Issue Type: Bug > Environment: Java 8, Ubuntu 16.04 LTS, Eclipse Neon, Apache Commons > IO 2.11.0 >Reporter: Jonathon Nicholas Sanders >Priority: Major > Attachments: .checksum.md5, Unit Test Case_20220413.zip > > > I have been using ValidatingObjectInputStream and found a bug. > > It appears when you have an ArrayList of String it fails to validate the > String.class ( [Ljava.lang.String; ) because somehow some extra data in the > full class name causes an error. Currently I have no work around, I could > edit the source, and see if I can hunt down the bug myself, but I don't think > my project manager would care for that option if it takes me too much time, > the other is also not ideal and that is avoid using ArrayList but > the again, this could be an issue for any ArrayList of Classes. > > I am using Oracle Java 8 on Ubuntu 16.04 LTS, here is my stacktrace. I have > removed references to my classes for the sake of confidentiality. > > Apr 08, 2022 3:07:33 PM gov.jdaccs.views.__ openConfiguration > SEVERE: Class name not accepted: [Ljava.lang.String; > java.io.InvalidClassException: Class name not accepted: [Ljava.lang.String; > at > org.apache.commons.io.serialization.ValidatingObjectInputStream.invalidClassNameFound(ValidatingObjectInputStream.java:95) > at > org.apache.commons.io.serialization.ValidatingObjectInputStream.validateClassName(ValidatingObjectInputStream.java:82) > at > org.apache.commons.io.serialization.ValidatingObjectInputStream.resolveClass(ValidatingObjectInputStream.java:100) > at java.io.ObjectInputStream.readNonProxyDesc(ObjectInputStream.java:1859) > at java.io.ObjectInputStream.readClassDesc(ObjectInputStream.java:1745) > at java.io.ObjectInputStream.readArray(ObjectInputStream.java:1921) > at java.io.ObjectInputStream.readObject0(ObjectInputStream.java:1561) > at java.io.ObjectInputStream.defaultReadFields(ObjectInputStream.java:2278) > at java.io.ObjectInputStream.readSerialData(ObjectInputStream.java:2202) > at java.io.ObjectInputStream.readOrdinaryObject(ObjectInputStream.java:2060) > at java.io.ObjectInputStream.readObject0(ObjectInputStream.java:1567) > at java.io.ObjectInputStream.readObject(ObjectInputStream.java:427) > at java.util.ArrayList.readObject(ArrayList.java:797) > at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method) > at > sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:62) > at > sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:43) > at java.lang.reflect.Method.invoke(Method.java:498) > at java.io.ObjectStreamClass.invokeReadObject(ObjectStreamClass.java:1158) > at java.io.ObjectInputStream.readSerialData(ObjectInputStream.java:2169) > at java.io.ObjectInputStream.readOrdinaryObject(ObjectInputStream.java:2060) > at java.io.ObjectInputStream.readObject0(ObjectInputStream.java:1567) > at java.io.ObjectInputStream.defaultReadFields(ObjectInputStream.java:2278) > at java.io.ObjectInputStream.readSerialData(ObjectInputStream.java:2202) > at java.io.ObjectInputStream.readOrdinaryObject(ObjectInputStream.java:2060) > at java.io.ObjectInputStream.readObject0(ObjectInputStream.java:1567) > at java.io.ObjectInputStream.defaultReadFields(ObjectInputStream.java:2278) > at java.io.ObjectInputStream.readSerialData(ObjectInputStream.java:2202) > at java.io.ObjectInputStream.readOrdinaryObject(ObjectInputStream.java:2060) > at java.io.ObjectInputStream.readObject0(ObjectInputStream.java:1567) > at java.io.ObjectInputStream.readObject(ObjectInputStream.java:427) > at gov.jdaccs.config.__.readConfiguration(__.java:74) > at gov.jdaccs.views.__.openConfiguration(__.java:511) > at gov.jdaccs.views.__.loadDefaults(__.java:757) > at gov.jdaccs.views.__.createNewConfiguration(__.java:2508) > at gov.jdaccs.views.__.(__.java:262) > at gov.jdaccs.views.__.main(_.java:2534) -- This message was sent by Atlassian Jira (v8.20.1#820001)
[jira] [Commented] (IO-766) ValidatingObjectInputStream
[ https://issues.apache.org/jira/browse/IO-766?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel=17522377#comment-17522377 ] Bernd Eckenfels commented on IO-766: BTW The `[L` is the prefix for Arrays of reference types, it is followed by the member classname and a ;. That’s pretty normal for Java you see it all over the place when dumping for example method signatures. Other `[` variants are for the primitive arrays. > ValidatingObjectInputStream > --- > > Key: IO-766 > URL: https://issues.apache.org/jira/browse/IO-766 > Project: Commons IO > Issue Type: Bug > Environment: Java 8, Ubuntu 16.04 LTS, Eclipse Neon, Apache Commons > IO 2.11.0 >Reporter: Jonathon Nicholas Sanders >Priority: Major > Attachments: .checksum.md5, Unit Test Case_20220413.zip > > > I have been using ValidatingObjectInputStream and found a bug. > > It appears when you have an ArrayList of String it fails to validate the > String.class ( [Ljava.lang.String; ) because somehow some extra data in the > full class name causes an error. Currently I have no work around, I could > edit the source, and see if I can hunt down the bug myself, but I don't think > my project manager would care for that option if it takes me too much time, > the other is also not ideal and that is avoid using ArrayList but > the again, this could be an issue for any ArrayList of Classes. > > I am using Oracle Java 8 on Ubuntu 16.04 LTS, here is my stacktrace. I have > removed references to my classes for the sake of confidentiality. > > Apr 08, 2022 3:07:33 PM gov.jdaccs.views.__ openConfiguration > SEVERE: Class name not accepted: [Ljava.lang.String; > java.io.InvalidClassException: Class name not accepted: [Ljava.lang.String; > at > org.apache.commons.io.serialization.ValidatingObjectInputStream.invalidClassNameFound(ValidatingObjectInputStream.java:95) > at > org.apache.commons.io.serialization.ValidatingObjectInputStream.validateClassName(ValidatingObjectInputStream.java:82) > at > org.apache.commons.io.serialization.ValidatingObjectInputStream.resolveClass(ValidatingObjectInputStream.java:100) > at java.io.ObjectInputStream.readNonProxyDesc(ObjectInputStream.java:1859) > at java.io.ObjectInputStream.readClassDesc(ObjectInputStream.java:1745) > at java.io.ObjectInputStream.readArray(ObjectInputStream.java:1921) > at java.io.ObjectInputStream.readObject0(ObjectInputStream.java:1561) > at java.io.ObjectInputStream.defaultReadFields(ObjectInputStream.java:2278) > at java.io.ObjectInputStream.readSerialData(ObjectInputStream.java:2202) > at java.io.ObjectInputStream.readOrdinaryObject(ObjectInputStream.java:2060) > at java.io.ObjectInputStream.readObject0(ObjectInputStream.java:1567) > at java.io.ObjectInputStream.readObject(ObjectInputStream.java:427) > at java.util.ArrayList.readObject(ArrayList.java:797) > at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method) > at > sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:62) > at > sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:43) > at java.lang.reflect.Method.invoke(Method.java:498) > at java.io.ObjectStreamClass.invokeReadObject(ObjectStreamClass.java:1158) > at java.io.ObjectInputStream.readSerialData(ObjectInputStream.java:2169) > at java.io.ObjectInputStream.readOrdinaryObject(ObjectInputStream.java:2060) > at java.io.ObjectInputStream.readObject0(ObjectInputStream.java:1567) > at java.io.ObjectInputStream.defaultReadFields(ObjectInputStream.java:2278) > at java.io.ObjectInputStream.readSerialData(ObjectInputStream.java:2202) > at java.io.ObjectInputStream.readOrdinaryObject(ObjectInputStream.java:2060) > at java.io.ObjectInputStream.readObject0(ObjectInputStream.java:1567) > at java.io.ObjectInputStream.defaultReadFields(ObjectInputStream.java:2278) > at java.io.ObjectInputStream.readSerialData(ObjectInputStream.java:2202) > at java.io.ObjectInputStream.readOrdinaryObject(ObjectInputStream.java:2060) > at java.io.ObjectInputStream.readObject0(ObjectInputStream.java:1567) > at java.io.ObjectInputStream.readObject(ObjectInputStream.java:427) > at gov.jdaccs.config.__.readConfiguration(__.java:74) > at gov.jdaccs.views.__.openConfiguration(__.java:511) > at gov.jdaccs.views.__.loadDefaults(__.java:757) > at gov.jdaccs.views.__.createNewConfiguration(__.java:2508) > at gov.jdaccs.views.__.(__.java:262) > at gov.jdaccs.views.__.main(_.java:2534) -- This message was sent by Atlassian Jira (v8.20.1#820001)
[jira] [Commented] (IO-766) ValidatingObjectInputStream
[ https://issues.apache.org/jira/browse/IO-766?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel=17522368#comment-17522368 ] Gilles Sadowski commented on IO-766: bq. where is the documentation on this? https://docs.oracle.com/javase/tutorial/reflect/class/classNew.html > ValidatingObjectInputStream > --- > > Key: IO-766 > URL: https://issues.apache.org/jira/browse/IO-766 > Project: Commons IO > Issue Type: Bug > Environment: Java 8, Ubuntu 16.04 LTS, Eclipse Neon, Apache Commons > IO 2.11.0 >Reporter: Jonathon Nicholas Sanders >Priority: Major > Attachments: .checksum.md5, Unit Test Case_20220413.zip > > > I have been using ValidatingObjectInputStream and found a bug. > > It appears when you have an ArrayList of String it fails to validate the > String.class ( [Ljava.lang.String; ) because somehow some extra data in the > full class name causes an error. Currently I have no work around, I could > edit the source, and see if I can hunt down the bug myself, but I don't think > my project manager would care for that option if it takes me too much time, > the other is also not ideal and that is avoid using ArrayList but > the again, this could be an issue for any ArrayList of Classes. > > I am using Oracle Java 8 on Ubuntu 16.04 LTS, here is my stacktrace. I have > removed references to my classes for the sake of confidentiality. > > Apr 08, 2022 3:07:33 PM gov.jdaccs.views.__ openConfiguration > SEVERE: Class name not accepted: [Ljava.lang.String; > java.io.InvalidClassException: Class name not accepted: [Ljava.lang.String; > at > org.apache.commons.io.serialization.ValidatingObjectInputStream.invalidClassNameFound(ValidatingObjectInputStream.java:95) > at > org.apache.commons.io.serialization.ValidatingObjectInputStream.validateClassName(ValidatingObjectInputStream.java:82) > at > org.apache.commons.io.serialization.ValidatingObjectInputStream.resolveClass(ValidatingObjectInputStream.java:100) > at java.io.ObjectInputStream.readNonProxyDesc(ObjectInputStream.java:1859) > at java.io.ObjectInputStream.readClassDesc(ObjectInputStream.java:1745) > at java.io.ObjectInputStream.readArray(ObjectInputStream.java:1921) > at java.io.ObjectInputStream.readObject0(ObjectInputStream.java:1561) > at java.io.ObjectInputStream.defaultReadFields(ObjectInputStream.java:2278) > at java.io.ObjectInputStream.readSerialData(ObjectInputStream.java:2202) > at java.io.ObjectInputStream.readOrdinaryObject(ObjectInputStream.java:2060) > at java.io.ObjectInputStream.readObject0(ObjectInputStream.java:1567) > at java.io.ObjectInputStream.readObject(ObjectInputStream.java:427) > at java.util.ArrayList.readObject(ArrayList.java:797) > at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method) > at > sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:62) > at > sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:43) > at java.lang.reflect.Method.invoke(Method.java:498) > at java.io.ObjectStreamClass.invokeReadObject(ObjectStreamClass.java:1158) > at java.io.ObjectInputStream.readSerialData(ObjectInputStream.java:2169) > at java.io.ObjectInputStream.readOrdinaryObject(ObjectInputStream.java:2060) > at java.io.ObjectInputStream.readObject0(ObjectInputStream.java:1567) > at java.io.ObjectInputStream.defaultReadFields(ObjectInputStream.java:2278) > at java.io.ObjectInputStream.readSerialData(ObjectInputStream.java:2202) > at java.io.ObjectInputStream.readOrdinaryObject(ObjectInputStream.java:2060) > at java.io.ObjectInputStream.readObject0(ObjectInputStream.java:1567) > at java.io.ObjectInputStream.defaultReadFields(ObjectInputStream.java:2278) > at java.io.ObjectInputStream.readSerialData(ObjectInputStream.java:2202) > at java.io.ObjectInputStream.readOrdinaryObject(ObjectInputStream.java:2060) > at java.io.ObjectInputStream.readObject0(ObjectInputStream.java:1567) > at java.io.ObjectInputStream.readObject(ObjectInputStream.java:427) > at gov.jdaccs.config.__.readConfiguration(__.java:74) > at gov.jdaccs.views.__.openConfiguration(__.java:511) > at gov.jdaccs.views.__.loadDefaults(__.java:757) > at gov.jdaccs.views.__.createNewConfiguration(__.java:2508) > at gov.jdaccs.views.__.(__.java:262) > at gov.jdaccs.views.__.main(_.java:2534) -- This message was sent by Atlassian Jira (v8.20.1#820001)
[jira] [Commented] (IO-766) ValidatingObjectInputStream
[ https://issues.apache.org/jira/browse/IO-766?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel=17522356#comment-17522356 ] Jonathon Nicholas Sanders commented on IO-766: -- [~ggregory] OK, that does work. So where is the documentation on this? I have looked at the API. I am not a novice to Java. I have been programing it in for over 10 years. I haven't seen usage of String[].class or anything similar to it before. > ValidatingObjectInputStream > --- > > Key: IO-766 > URL: https://issues.apache.org/jira/browse/IO-766 > Project: Commons IO > Issue Type: Bug > Environment: Java 8, Ubuntu 16.04 LTS, Eclipse Neon, Apache Commons > IO 2.11.0 >Reporter: Jonathon Nicholas Sanders >Priority: Major > Attachments: .checksum.md5, Unit Test Case_20220413.zip > > > I have been using ValidatingObjectInputStream and found a bug. > > It appears when you have an ArrayList of String it fails to validate the > String.class ( [Ljava.lang.String; ) because somehow some extra data in the > full class name causes an error. Currently I have no work around, I could > edit the source, and see if I can hunt down the bug myself, but I don't think > my project manager would care for that option if it takes me too much time, > the other is also not ideal and that is avoid using ArrayList but > the again, this could be an issue for any ArrayList of Classes. > > I am using Oracle Java 8 on Ubuntu 16.04 LTS, here is my stacktrace. I have > removed references to my classes for the sake of confidentiality. > > Apr 08, 2022 3:07:33 PM gov.jdaccs.views.__ openConfiguration > SEVERE: Class name not accepted: [Ljava.lang.String; > java.io.InvalidClassException: Class name not accepted: [Ljava.lang.String; > at > org.apache.commons.io.serialization.ValidatingObjectInputStream.invalidClassNameFound(ValidatingObjectInputStream.java:95) > at > org.apache.commons.io.serialization.ValidatingObjectInputStream.validateClassName(ValidatingObjectInputStream.java:82) > at > org.apache.commons.io.serialization.ValidatingObjectInputStream.resolveClass(ValidatingObjectInputStream.java:100) > at java.io.ObjectInputStream.readNonProxyDesc(ObjectInputStream.java:1859) > at java.io.ObjectInputStream.readClassDesc(ObjectInputStream.java:1745) > at java.io.ObjectInputStream.readArray(ObjectInputStream.java:1921) > at java.io.ObjectInputStream.readObject0(ObjectInputStream.java:1561) > at java.io.ObjectInputStream.defaultReadFields(ObjectInputStream.java:2278) > at java.io.ObjectInputStream.readSerialData(ObjectInputStream.java:2202) > at java.io.ObjectInputStream.readOrdinaryObject(ObjectInputStream.java:2060) > at java.io.ObjectInputStream.readObject0(ObjectInputStream.java:1567) > at java.io.ObjectInputStream.readObject(ObjectInputStream.java:427) > at java.util.ArrayList.readObject(ArrayList.java:797) > at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method) > at > sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:62) > at > sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:43) > at java.lang.reflect.Method.invoke(Method.java:498) > at java.io.ObjectStreamClass.invokeReadObject(ObjectStreamClass.java:1158) > at java.io.ObjectInputStream.readSerialData(ObjectInputStream.java:2169) > at java.io.ObjectInputStream.readOrdinaryObject(ObjectInputStream.java:2060) > at java.io.ObjectInputStream.readObject0(ObjectInputStream.java:1567) > at java.io.ObjectInputStream.defaultReadFields(ObjectInputStream.java:2278) > at java.io.ObjectInputStream.readSerialData(ObjectInputStream.java:2202) > at java.io.ObjectInputStream.readOrdinaryObject(ObjectInputStream.java:2060) > at java.io.ObjectInputStream.readObject0(ObjectInputStream.java:1567) > at java.io.ObjectInputStream.defaultReadFields(ObjectInputStream.java:2278) > at java.io.ObjectInputStream.readSerialData(ObjectInputStream.java:2202) > at java.io.ObjectInputStream.readOrdinaryObject(ObjectInputStream.java:2060) > at java.io.ObjectInputStream.readObject0(ObjectInputStream.java:1567) > at java.io.ObjectInputStream.readObject(ObjectInputStream.java:427) > at gov.jdaccs.config.__.readConfiguration(__.java:74) > at gov.jdaccs.views.__.openConfiguration(__.java:511) > at gov.jdaccs.views.__.loadDefaults(__.java:757) > at gov.jdaccs.views.__.createNewConfiguration(__.java:2508) > at gov.jdaccs.views.__.(__.java:262) > at gov.jdaccs.views.__.main(_.java:2534) -- This message was sent by Atlassian Jira (v8.20.1#820001)
[jira] [Commented] (DBCP-585) Connection level JMX queries result in concurrent access to connection objects, causing errors
[
https://issues.apache.org/jira/browse/DBCP-585?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel=17522336#comment-17522336
]
Gary D. Gregory commented on DBCP-585:
--
Hi [~psteitz]
Are you ok with merging this PR as it stands? Or are you saying that more work
is needed?
> Connection level JMX queries result in concurrent access to connection
> objects, causing errors
> --
>
> Key: DBCP-585
> URL: https://issues.apache.org/jira/browse/DBCP-585
> Project: Commons DBCP
> Issue Type: Bug
>Affects Versions: 2.9.0
>Reporter: Kurtcebe Eroglu
>Priority: Major
> Attachments: 0001-DBCP-585-idea-clarification-1.patch,
> conn_instance_attrs.png, connections_attrs.png, ds_attrs.png, final.png
>
> Time Spent: 20m
> Remaining Estimate: 0h
>
> As we expose Connection objects over JMX, they may be accessed by multiple
> threads concurrently;
> a) an application thread that borrows the Connection and uses it business as
> usual,
> b) another thread simultaneously performing a JMX query, which in turn calls
> getters on the same connection object via the MBean interface.
> Also, calls to Connection object getters are mostly delegated to the
> underlying vendor-specific connection provided by the JDBC driver. For
> example, when we make the JMX query to get the "schema" attribute of the JMX
> connection object, this is translated into a
> "java.sql.Connection.getSchema()", and passed to the vendor-specific
> Connection object by DBCP. In the case of Postgres, for example, this is
> further translated to a query "select current_schema()" and sent to the
> server.
> Hence, querying connections over JMX result in concurrent access by multiple
> threads to the underlying Connection provided by the vendors, to the point
> that these two threads may be running queries simultaneously on the same
> connection.
> However, this is not supported by any of the major database vendors. Vendor
> links on Connection objects not being threadsafe:
> - [Postgres|https://jdbc.postgresql.org/documentation/head/thread.html]
> {quote}The PostgreSQL™ JDBC driver is not thread safe. The PostgreSQL server
> is not threaded. Each connection creates a new process on the server; as such
> any concurrent requests to the process would have to be serialized. The
> driver makes no guarantees that methods on connections are synchronized. It
> will be up to the caller to synchronize calls to the driver.
> {quote}
> -
> [Oracle|https://docs.oracle.com/en/database/oracle/oracle-database/19/jjdbc/JDBC-coding-tips.html#GUID-EE479007-D105-4F82-8D51-000CBBD4BC77]
>
> {quote}Oracle strongly discourages sharing a database connection among
> multiple threads. Avoid allowing multiple threads to access a connection
> simultaneously.
> {quote}
> - [Microsoft SQL
> Server|https://www.javadoc.io/doc/com.microsoft.sqlserver/mssql-jdbc/latest/com.microsoft.sqlserver.jdbc/com/microsoft/sqlserver/jdbc/SQLServerConnection.html]
> {quote}SQLServerConnection is not thread safe, however multiple statements
> created from a single connection can be processing simultaneously in
> concurrent threads.
> {quote}
> Another interesting point to note, also to do justice to previous committers
> who have put this feature in place, is that this was not always the case. In
> the following links, you may see the same links to the older versions of the
> same pages. In the past, all vendors indicated that Connection is fully
> thread-safe; [Postgres|https://www.postgresql.org/docs/7.1/jdbc-thread.html],
> [Oracle|https://docs.oracle.com/cd/A97335_02/apps.102/a83724/tips1.htm],
> [MSSQL
> Server|https://www.javadoc.io/doc/com.microsoft.sqlserver/mssql-jdbc/6.1.0.jre7/com/microsoft/sqlserver/jdbc/SQLServerConnection.html].
>
> Hence, it was once safe to expose Connection objects via JMX given the
> thread-safety guarantees for the underlying vendor connection were in place.
> But as Vendors dropped the thread-safety guarantee one by one, it is not safe
> anymore, and may actually cause convoluted errors that pop up intermittently
> due to thread races in the JDBC driver code (see an example in the comments
> section below). Accordingly, exposing Connections via JMX shall be retired
> along with dropped support from most vendors.
> Note: the Datasource MBeans, which provide a vital set of metrics have no
> such problems as they don't depend on the underlying JDBC provider.
--
This message was sent by Atlassian Jira
(v8.20.1#820001)
[jira] [Created] (JXPATH-199) OSS-Fuzz Integration of JXPath
Roman Wagner created JXPATH-199: --- Summary: OSS-Fuzz Integration of JXPath Key: JXPATH-199 URL: https://issues.apache.org/jira/browse/JXPATH-199 Project: Commons JXPath Issue Type: Improvement Reporter: Roman Wagner Hi all, I have prepared the initial integration [https://github.com/CodeIntelligenceTesting/oss-fuzz/commit/77378631c5593c7538193ecbff4f6edf8338ffe8] of JXPath into [google oss-fuzz|https://github.com/google/oss-fuzz]. This will enable continuous fuzzing of this project, which will be conducted by Google. Bugs that will be found by fuzzing will be reported to you. After the initial integration of this project into oss-fuzz, I will continue to add additional fuzz tests to improve the code coverage over time. The integration requires a primary contact, someone to deal with the bug reports submitted by oss-fuzz. The email address needs to belong to an established project committer and be associated with a Google account as per [here|https://google.github.io/oss-fuzz/getting-started/accepting-new-projects/]. When a bug is found, you will receive an email that will provide you with access to ClusterFuzz, crash reports, and fuzzer statistics. More than 1 person can be included. Please let me know who I should include, if anyone. [Jazzer|https://github.com/CodeIntelligenceTesting/jazzer] is used for fuzzing Java applications. Jazzer is a coverage-guided, in-process fuzzer for the JVM platform developed by Code Intelligence. It is based on libFuzzer and brings many of its instrumentation-powered mutation features to the JVM. Jazzer has already found several bugs in JVM applications: [Jazzer Findings|https://github.com/CodeIntelligenceTesting/jazzer#findings] Please let me know if you have any questions regarding fuzzing or the oss-fuzz integration. -- This message was sent by Atlassian Jira (v8.20.1#820001)
