[jira] [Created] (MNG-5957) Configuration within lifecycle phase
Mario Krizmanic created MNG-5957: Summary: Configuration within lifecycle phase Key: MNG-5957 URL: https://issues.apache.org/jira/browse/MNG-5957 Project: Maven Issue Type: Improvement Components: core Affects Versions: 3.3.9 Reporter: Mario Krizmanic The lifecycle phase can be configured as a comma-separated list of plugins specified with the following data: {code}:::{code} that are not enough for my plugin. My plugin has to reconfigure the default lifecycle using other plugins with dedicated configuration different from their defaults'. So, I'd suppose to enhance the lifecycle phase parsing to support additional configuration as: {code}:::{code} Finally, the components.xml would support configurations like: {code:xml} org.apache.maven.lifecycle.mapping.LifecycleMapping ... default org.apache.maven.plugins:maven-resources-plugin:resources ... ...{code} -- This message was sent by Atlassian JIRA (v6.3.4#6332)
[jira] [Updated] (MRELEASE-937) Git password is visible if commit fails
[ https://issues.apache.org/jira/browse/MRELEASE-937?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ] Robert Scholte updated MRELEASE-937: Description: Git username and password is being visible during perform section when plugin tries to commit the file using SCM section repository. Here is the log. {noformat} [INFO] Checking in modified POMs... [INFO] Executing: /bin/sh -c cd /home/releasebot/workspace/data-ingestion-dcos_Release_builder_testing && git add -- pom.xml [INFO] Working directory: /home/releasebot/workspace/data-ingestion-dcos_Release_builder_testing [INFO] Executing: /bin/sh -c cd /home/releasebot/workspace/data-ingestion-dcos_Release_builder_testing && git rev-parse --show-toplevel [INFO] Working directory: /home/releasebot/workspace/data-ingestion-dcos_Release_builder_testing [INFO] Executing: /bin/sh -c cd /home/releasebot/workspace/data-ingestion-dcos_Release_builder_testing && git status --porcelain . [INFO] Working directory: /home/releasebot/workspace/data-ingestion-dcos_Release_builder_testing [WARNING] Ignoring unrecognized line: ?? pom.xml.releaseBackup [WARNING] Ignoring unrecognized line: ?? release.properties [WARNING] Ignoring unrecognized line: ?? target/ [INFO] Executing: /bin/sh -c cd /home/releasebot/workspace/data-ingestion-dcos_Release_builder_testing && git commit --verbose -F /tmp/maven-scm-859671901.commit pom.xml [INFO] Working directory: /home/releasebot/workspace/data-ingestion-dcos_Release_builder_testing [INFO] Executing: /bin/sh -c cd /home/releasebot/workspace/data-ingestion-dcos_Release_builder_testing && git symbolic-ref HEAD [INFO] Working directory: /home/releasebot/workspace/data-ingestion-dcos_Release_builder_testing [INFO] Executing: /bin/sh -c cd /home/releasebot/workspace/data-ingestion-dcos_Release_builder_testing && git push https://releasebot:@gitlab.something.com/sandbox/data-ingestion-dco.git refs/heads/master:refs/heads/master [INFO] Working directory: /home/releasebot/workspace/data-ingestion-dcos_Release_builder_testing [INFO] [INFO] BUILD FAILURE [INFO] [INFO] Total time: 8.856 s (Wall Clock) [INFO] Finished at: 2016-01-04T08:15:04+00:00 [INFO] Final Memory: 17M/484M [INFO] [ERROR] Failed to execute goal org.apache.maven.plugins:maven-release-plugin:2.5.3:prepare (default-cli) on project qubole_python: Unable to commit files [ERROR] Provider message: [ERROR] The git-push command failed. [ERROR] Command output: [ERROR] remote: Not Found [ERROR] fatal: repository 'https://releasebot:abc@1...@gitlab.something.com/sandbox/data-ingestion-dco.git/' not found [ERROR] -> [Help 1] [ERROR] [ERROR] To see the full stack trace of the errors, re-run Maven with the -e switch. [ERROR] Re-run Maven using the -X switch to enable full debug logging. [ERROR] [ERROR] For more information about the errors and possible solutions, please read the following articles: {noformat} So, i can see password "abc@123" here. I am using maven Apache Maven 3.3.9 tried with maven release plugin 2.5.3 and 2.5.2 both but no luck. was: Git username and password is being visible during perform section when plugin tries to commit the file using SCM section repository. Here is the log. [INFO] Checking in modified POMs... [INFO] Executing: /bin/sh -c cd /home/releasebot/workspace/data-ingestion-dcos_Release_builder_testing && git add -- pom.xml [INFO] Working directory: /home/releasebot/workspace/data-ingestion-dcos_Release_builder_testing [INFO] Executing: /bin/sh -c cd /home/releasebot/workspace/data-ingestion-dcos_Release_builder_testing && git rev-parse --show-toplevel [INFO] Working directory: /home/releasebot/workspace/data-ingestion-dcos_Release_builder_testing [INFO] Executing: /bin/sh -c cd /home/releasebot/workspace/data-ingestion-dcos_Release_builder_testing && git status --porcelain . [INFO] Working directory: /home/releasebot/workspace/data-ingestion-dcos_Release_builder_testing [WARNING] Ignoring unrecognized line: ?? pom.xml.releaseBackup [WARNING] Ignoring unrecognized line: ?? release.properties [WARNING] Ignoring unrecognized line: ?? target/ [INFO] Executing: /bin/sh -c cd /home/releasebot/workspace/data-ingestion-dcos_Release_builder_testing && git commit --verbose -F /tmp/maven-scm-859671901.commit pom.xml [INFO] Working directory: /home/releasebot/workspace/data-ingestion-dcos_Release_builder_testing [INFO] Executing: /bin/sh -c cd /home/releasebot/workspace/data-ingestion-dcos_Release_builder_testing && git symbolic-ref HEAD [INFO] Working directory: /home/releasebot/workspace/data-ingestion-dcos_Release_builder_testing [INFO] Executing: /bin/sh -c cd
[jira] [Commented] (MRELEASE-937) Git password is visible if commit fails
[ https://issues.apache.org/jira/browse/MRELEASE-937?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel=15081750#comment-15081750 ] Robert Scholte commented on MRELEASE-937: - I'd say duplicate of SCM-811 > Git password is visible if commit fails > --- > > Key: MRELEASE-937 > URL: https://issues.apache.org/jira/browse/MRELEASE-937 > Project: Maven Release Plugin > Issue Type: Bug > Components: Git >Affects Versions: 2.5.2, 2.5.3 >Reporter: vishal sahasrabuddhe >Priority: Critical > Labels: security > > Git username and password is being visible during perform section when plugin > tries to commit the file using SCM section repository. > Here is the log. > {noformat} > [INFO] Checking in modified POMs... > [INFO] Executing: /bin/sh -c cd > /home/releasebot/workspace/data-ingestion-dcos_Release_builder_testing && git > add -- pom.xml > [INFO] Working directory: > /home/releasebot/workspace/data-ingestion-dcos_Release_builder_testing > [INFO] Executing: /bin/sh -c cd > /home/releasebot/workspace/data-ingestion-dcos_Release_builder_testing && git > rev-parse --show-toplevel > [INFO] Working directory: > /home/releasebot/workspace/data-ingestion-dcos_Release_builder_testing > [INFO] Executing: /bin/sh -c cd > /home/releasebot/workspace/data-ingestion-dcos_Release_builder_testing && git > status --porcelain . > [INFO] Working directory: > /home/releasebot/workspace/data-ingestion-dcos_Release_builder_testing > [WARNING] Ignoring unrecognized line: ?? pom.xml.releaseBackup > [WARNING] Ignoring unrecognized line: ?? release.properties > [WARNING] Ignoring unrecognized line: ?? target/ > [INFO] Executing: /bin/sh -c cd > /home/releasebot/workspace/data-ingestion-dcos_Release_builder_testing && git > commit --verbose -F /tmp/maven-scm-859671901.commit pom.xml > [INFO] Working directory: > /home/releasebot/workspace/data-ingestion-dcos_Release_builder_testing > [INFO] Executing: /bin/sh -c cd > /home/releasebot/workspace/data-ingestion-dcos_Release_builder_testing && git > symbolic-ref HEAD > [INFO] Working directory: > /home/releasebot/workspace/data-ingestion-dcos_Release_builder_testing > [INFO] Executing: /bin/sh -c cd > /home/releasebot/workspace/data-ingestion-dcos_Release_builder_testing && git > push > https://releasebot:@gitlab.something.com/sandbox/data-ingestion-dco.git > refs/heads/master:refs/heads/master > [INFO] Working directory: > /home/releasebot/workspace/data-ingestion-dcos_Release_builder_testing > [INFO] > > [INFO] BUILD FAILURE > [INFO] > > [INFO] Total time: 8.856 s (Wall Clock) > [INFO] Finished at: 2016-01-04T08:15:04+00:00 > [INFO] Final Memory: 17M/484M > [INFO] > > [ERROR] Failed to execute goal > org.apache.maven.plugins:maven-release-plugin:2.5.3:prepare (default-cli) on > project qubole_python: Unable to commit files > [ERROR] Provider message: > [ERROR] The git-push command failed. > [ERROR] Command output: > [ERROR] remote: Not Found > [ERROR] fatal: repository > 'https://releasebot:abc@1...@gitlab.something.com/sandbox/data-ingestion-dco.git/' > not found > [ERROR] -> [Help 1] > [ERROR] > [ERROR] To see the full stack trace of the errors, re-run Maven with the -e > switch. > [ERROR] Re-run Maven using the -X switch to enable full debug logging. > [ERROR] > [ERROR] For more information about the errors and possible solutions, please > read the following articles: > {noformat} > So, i can see password "abc@123" here. > I am using maven Apache Maven 3.3.9 > tried with maven release plugin 2.5.3 and 2.5.2 both but no luck. -- This message was sent by Atlassian JIRA (v6.3.4#6332)
[jira] [Commented] (MNG-5957) Configuration within lifecycle phase
[ https://issues.apache.org/jira/browse/MNG-5957?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel=15081558#comment-15081558 ] ASF GitHub Bot commented on MNG-5957: - GitHub user mkrizmanic opened a pull request: https://github.com/apache/maven/pull/76 [MNG-5957] Configuration within lifecycle phase The lifecycle phase can be configured as a comma-separated list of plugins specified with the following data: ``` ::: ``` that are not enough for my plugin. My plugin has to reconfigure the default lifecycle using other plugins with dedicated configuration different from their defaults'. So, I'd suppose to enhance the lifecycle phase parsing to support additional configuration as: ``` :::[] ``` Finally, the components.xml would support configurations like: ```xml org.apache.maven.lifecycle.mapping.LifecycleMapping ... default org.apache.maven.plugins:maven-resources-plugin:resources ... ``` You can merge this pull request into a Git repository by running: $ git pull https://github.com/mkrizmanic/maven mng-5957 Alternatively you can review and apply these changes as the patch at: https://github.com/apache/maven/pull/76.patch To close this pull request, make a commit to your master/trunk branch with (at least) the following in the commit message: This closes #76 commit 7af5f23a8d0266eed15261bfad5c7618fcd50285 Author: Mario KrizmanicDate: 2016-01-04T18:38:27Z [MNG-5957] Configuration within lifecycle phase > Configuration within lifecycle phase > > > Key: MNG-5957 > URL: https://issues.apache.org/jira/browse/MNG-5957 > Project: Maven > Issue Type: Improvement > Components: core >Affects Versions: 3.3.9 >Reporter: Mario Krizmanic > > The lifecycle phase can be configured as a comma-separated list of plugins > specified with the following data: > {code}:::{code} that are not enough for > my plugin. > My plugin has to reconfigure the default lifecycle using other plugins with > dedicated configuration different from their defaults'. > So, I'd suppose to enhance the lifecycle phase parsing to support additional > configuration as: > {code}:::[]{code} > Finally, the components.xml would support configurations like: > {code:xml} > > > org.apache.maven.lifecycle.mapping.LifecycleMapping > ... > > > > default > > > > org.apache.maven.plugins:maven-resources-plugin:resources > > ... > > > > ...{code} -- This message was sent by Atlassian JIRA (v6.3.4#6332)
[jira] [Updated] (MNG-5957) Configuration within lifecycle phase
[ https://issues.apache.org/jira/browse/MNG-5957?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ] Mario Krizmanic updated MNG-5957: - Description: The lifecycle phase can be configured as a comma-separated list of plugins specified with the following data: {code}:::{code} that are not enough for my plugin. My plugin has to reconfigure the default lifecycle using other plugins with dedicated configuration different from their defaults'. So, I'd suppose to enhance the lifecycle phase parsing to support additional configuration as: {code}:::[]{code} Finally, the components.xml would support configurations like: {code:xml} org.apache.maven.lifecycle.mapping.LifecycleMapping ... default org.apache.maven.plugins:maven-resources-plugin:resources ... ...{code} was: The lifecycle phase can be configured as a comma-separated list of plugins specified with the following data: {code}:::{code} that are not enough for my plugin. My plugin has to reconfigure the default lifecycle using other plugins with dedicated configuration different from their defaults'. So, I'd suppose to enhance the lifecycle phase parsing to support additional configuration as: {code}:::{code} Finally, the components.xml would support configurations like: {code:xml} org.apache.maven.lifecycle.mapping.LifecycleMapping ... default org.apache.maven.plugins:maven-resources-plugin:resources ... ...{code} > Configuration within lifecycle phase > > > Key: MNG-5957 > URL: https://issues.apache.org/jira/browse/MNG-5957 > Project: Maven > Issue Type: Improvement > Components: core >Affects Versions: 3.3.9 >Reporter: Mario Krizmanic > > The lifecycle phase can be configured as a comma-separated list of plugins > specified with the following data: > {code}:::{code} that are not enough for > my plugin. > My plugin has to reconfigure the default lifecycle using other plugins with > dedicated configuration different from their defaults'. > So, I'd suppose to enhance the lifecycle phase parsing to support additional > configuration as: > {code}:::[]{code} > Finally, the components.xml would support configurations like: > {code:xml} > > > org.apache.maven.lifecycle.mapping.LifecycleMapping > ... > > > > default > > > > org.apache.maven.plugins:maven-resources-plugin:resources > > ... > > > > ...{code} -- This message was sent by Atlassian JIRA (v6.3.4#6332)
[jira] [Commented] (MRELEASE-928) exposing the password for SCM URL if build failed to commit files to SCM
[ https://issues.apache.org/jira/browse/MRELEASE-928?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel=15081757#comment-15081757 ] Robert Scholte commented on MRELEASE-928: - I'd say duplicate of SCM-811 (also contains the explanation, saying it is a problem of the git-client) > exposing the password for SCM URL if build failed to commit files to SCM > > > Key: MRELEASE-928 > URL: https://issues.apache.org/jira/browse/MRELEASE-928 > Project: Maven Release Plugin > Issue Type: Bug > Components: Git, prepare, scm >Affects Versions: 2.5.2, 2.5.3 >Reporter: vishal sahasrabuddhe >Priority: Critical > Labels: security > > Hi, > When we run the release prepare and perform, if it fails to commit files > due to any reason (tag exist, wrong passwd, wrong URL etc), it exposes the > password along with error, here is the sample log. > [ERROR] Failed to execute goal > org.apache.maven.plugins:maven-release-plugin:2.5.3:prepare (default-cli) on > project device: Unable to commit files > [ERROR] Provider message: > [ERROR] The git-push command failed. > [ERROR] Command output: > [ERROR] remote: Not Found > [ERROR] fatal: repository > 'https://bot:bot123@gitlab..com/sandbox1/device.git/' not found > [ERROR] -> [Help 1] > [ERROR] > [ERROR] To see the full stack trace of the errors, re-run Maven with the -e > switch. > [ERROR] Re-run Maven using the -X switch to enable full debug logging. > [ERROR] > [ERROR] For more information about the errors and possible solutions, please > read the following articles: > [ERROR] [Help 1] > http://cwiki.apache.org/confluence/display/MAVEN/MojoFailureException > I have tested with other types of error to like tag exist, and found similar > error message with exposed password with error. > My SCM is git > maven version is Apache Maven 3.2.5 > -Vishal -- This message was sent by Atlassian JIRA (v6.3.4#6332)
[jira] [Closed] (MRELEASE-937) Git password is visible if commit fails
[ https://issues.apache.org/jira/browse/MRELEASE-937?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ] Robert Scholte closed MRELEASE-937. --- Resolution: Duplicate Assignee: Robert Scholte > Git password is visible if commit fails > --- > > Key: MRELEASE-937 > URL: https://issues.apache.org/jira/browse/MRELEASE-937 > Project: Maven Release Plugin > Issue Type: Bug > Components: Git >Affects Versions: 2.5.2, 2.5.3 >Reporter: vishal sahasrabuddhe >Assignee: Robert Scholte >Priority: Critical > Labels: security > > Git username and password is being visible during perform section when plugin > tries to commit the file using SCM section repository. > Here is the log. > {noformat} > [INFO] Checking in modified POMs... > [INFO] Executing: /bin/sh -c cd > /home/releasebot/workspace/data-ingestion-dcos_Release_builder_testing && git > add -- pom.xml > [INFO] Working directory: > /home/releasebot/workspace/data-ingestion-dcos_Release_builder_testing > [INFO] Executing: /bin/sh -c cd > /home/releasebot/workspace/data-ingestion-dcos_Release_builder_testing && git > rev-parse --show-toplevel > [INFO] Working directory: > /home/releasebot/workspace/data-ingestion-dcos_Release_builder_testing > [INFO] Executing: /bin/sh -c cd > /home/releasebot/workspace/data-ingestion-dcos_Release_builder_testing && git > status --porcelain . > [INFO] Working directory: > /home/releasebot/workspace/data-ingestion-dcos_Release_builder_testing > [WARNING] Ignoring unrecognized line: ?? pom.xml.releaseBackup > [WARNING] Ignoring unrecognized line: ?? release.properties > [WARNING] Ignoring unrecognized line: ?? target/ > [INFO] Executing: /bin/sh -c cd > /home/releasebot/workspace/data-ingestion-dcos_Release_builder_testing && git > commit --verbose -F /tmp/maven-scm-859671901.commit pom.xml > [INFO] Working directory: > /home/releasebot/workspace/data-ingestion-dcos_Release_builder_testing > [INFO] Executing: /bin/sh -c cd > /home/releasebot/workspace/data-ingestion-dcos_Release_builder_testing && git > symbolic-ref HEAD > [INFO] Working directory: > /home/releasebot/workspace/data-ingestion-dcos_Release_builder_testing > [INFO] Executing: /bin/sh -c cd > /home/releasebot/workspace/data-ingestion-dcos_Release_builder_testing && git > push > https://releasebot:@gitlab.something.com/sandbox/data-ingestion-dco.git > refs/heads/master:refs/heads/master > [INFO] Working directory: > /home/releasebot/workspace/data-ingestion-dcos_Release_builder_testing > [INFO] > > [INFO] BUILD FAILURE > [INFO] > > [INFO] Total time: 8.856 s (Wall Clock) > [INFO] Finished at: 2016-01-04T08:15:04+00:00 > [INFO] Final Memory: 17M/484M > [INFO] > > [ERROR] Failed to execute goal > org.apache.maven.plugins:maven-release-plugin:2.5.3:prepare (default-cli) on > project qubole_python: Unable to commit files > [ERROR] Provider message: > [ERROR] The git-push command failed. > [ERROR] Command output: > [ERROR] remote: Not Found > [ERROR] fatal: repository > 'https://releasebot:abc@1...@gitlab.something.com/sandbox/data-ingestion-dco.git/' > not found > [ERROR] -> [Help 1] > [ERROR] > [ERROR] To see the full stack trace of the errors, re-run Maven with the -e > switch. > [ERROR] Re-run Maven using the -X switch to enable full debug logging. > [ERROR] > [ERROR] For more information about the errors and possible solutions, please > read the following articles: > {noformat} > So, i can see password "abc@123" here. > I am using maven Apache Maven 3.3.9 > tried with maven release plugin 2.5.3 and 2.5.2 both but no luck. -- This message was sent by Atlassian JIRA (v6.3.4#6332)
[jira] [Created] (MRELEASE-937) Git password is visible if commit fails
vishal sahasrabuddhe created MRELEASE-937: - Summary: Git password is visible if commit fails Key: MRELEASE-937 URL: https://issues.apache.org/jira/browse/MRELEASE-937 Project: Maven Release Plugin Issue Type: Bug Components: Git Affects Versions: 2.5.3, 2.5.2 Reporter: vishal sahasrabuddhe Priority: Critical Git username and password is being visible during perform section when plugin tries to commit the file using SCM section repository. Here is the log. [INFO] Checking in modified POMs... [INFO] Executing: /bin/sh -c cd /home/releasebot/workspace/data-ingestion-dcos_Release_builder_testing && git add -- pom.xml [INFO] Working directory: /home/releasebot/workspace/data-ingestion-dcos_Release_builder_testing [INFO] Executing: /bin/sh -c cd /home/releasebot/workspace/data-ingestion-dcos_Release_builder_testing && git rev-parse --show-toplevel [INFO] Working directory: /home/releasebot/workspace/data-ingestion-dcos_Release_builder_testing [INFO] Executing: /bin/sh -c cd /home/releasebot/workspace/data-ingestion-dcos_Release_builder_testing && git status --porcelain . [INFO] Working directory: /home/releasebot/workspace/data-ingestion-dcos_Release_builder_testing [WARNING] Ignoring unrecognized line: ?? pom.xml.releaseBackup [WARNING] Ignoring unrecognized line: ?? release.properties [WARNING] Ignoring unrecognized line: ?? target/ [INFO] Executing: /bin/sh -c cd /home/releasebot/workspace/data-ingestion-dcos_Release_builder_testing && git commit --verbose -F /tmp/maven-scm-859671901.commit pom.xml [INFO] Working directory: /home/releasebot/workspace/data-ingestion-dcos_Release_builder_testing [INFO] Executing: /bin/sh -c cd /home/releasebot/workspace/data-ingestion-dcos_Release_builder_testing && git symbolic-ref HEAD [INFO] Working directory: /home/releasebot/workspace/data-ingestion-dcos_Release_builder_testing [INFO] Executing: /bin/sh -c cd /home/releasebot/workspace/data-ingestion-dcos_Release_builder_testing && git push https://releasebot:@gitlab.something.com/sandbox/data-ingestion-dco.git refs/heads/master:refs/heads/master [INFO] Working directory: /home/releasebot/workspace/data-ingestion-dcos_Release_builder_testing [INFO] [INFO] BUILD FAILURE [INFO] [INFO] Total time: 8.856 s (Wall Clock) [INFO] Finished at: 2016-01-04T08:15:04+00:00 [INFO] Final Memory: 17M/484M [INFO] [ERROR] Failed to execute goal org.apache.maven.plugins:maven-release-plugin:2.5.3:prepare (default-cli) on project qubole_python: Unable to commit files [ERROR] Provider message: [ERROR] The git-push command failed. [ERROR] Command output: [ERROR] remote: Not Found [ERROR] fatal: repository 'https://releasebot:abc@1...@gitlab.something.com/sandbox/data-ingestion-dco.git/' not found [ERROR] -> [Help 1] [ERROR] [ERROR] To see the full stack trace of the errors, re-run Maven with the -e switch. [ERROR] Re-run Maven using the -X switch to enable full debug logging. [ERROR] [ERROR] For more information about the errors and possible solutions, please read the following articles: So, i can see password "abc@123" here. I am using maven Apache Maven 3.3.9 tried with maven release plugin 2.5.3 and 2.5.2 both but no luck. -- This message was sent by Atlassian JIRA (v6.3.4#6332)
[jira] [Commented] (MJAVADOC-431) Allow Javadoc Jar to contain Maven descriptor
[ https://issues.apache.org/jira/browse/MJAVADOC-431?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel=15081891#comment-15081891 ] Peter lynch commented on MJAVADOC-431: -- [~michael-o] Thanks for the MSHARED ticket link - I am fully aware what pom.properties contains. A missing classifier in there does not matter for this use case. The pom.properties still contains valuable information. If ever it changes to include classifier, all the better. The use case I have stated in earlier comments is not adding a requirement that the artifact file name must match or that pom.properties contain all parts of the coordinate system ( although would be nice ). Only that the location of the maven generated archiver configuration is in a well known location inside the produced jar and that there is no other way to insert same information into a javadoc jar without changing the sha1 of the produced artifact or heavily modifying a build or introducing a complex change to the javadoc plugin. > Allow Javadoc Jar to contain Maven descriptor > - > > Key: MJAVADOC-431 > URL: https://issues.apache.org/jira/browse/MJAVADOC-431 > Project: Maven Javadoc Plugin > Issue Type: Bug >Affects Versions: 2.10.3 >Reporter: Peter lynch >Assignee: Michael Osipov > Fix For: 2.10.4 > > > The javadoc:jar mojo explicitly prevents the Maven descriptor from being > added to the produced javadoc.jar file. > https://github.com/apache/maven-plugins/blob/trunk/maven-javadoc-plugin/src/main/java/org/apache/maven/plugin/javadoc/JavadocJar.java#L299-299 > I could not find an explanation or technical reason why this is done. > Adding the maven descriptor to the javadoc jar can help expose valuable > information about the build that produced it and should be at the discretion > of the build process. > Expected: > - allow the archiver used to create the javadoc jar to respect the plexus > archiver configuration if it is configured to include the Maven descriptor. > - preserve the default behaviour of not including the Maven descriptor, for > (unknown) backwards compatibility reasons only -- This message was sent by Atlassian JIRA (v6.3.4#6332)
[jira] [Updated] (MNG-5957) Configuration within lifecycle phase
[ https://issues.apache.org/jira/browse/MNG-5957?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ] Mario Krizmanic updated MNG-5957: - Description: The lifecycle phase can be configured as a comma-separated list of plugins specified with the following data: {code}:::{code} that are not enough for my plugin. My plugin has to reconfigure the default lifecycle using other plugins with dedicated configuration different from their defaults'. So, I'd propose to enhance the lifecycle phase parsing to support additional configuration as: {code}:::[]{code} Finally, the components.xml would support configurations like: {code:xml} org.apache.maven.lifecycle.mapping.LifecycleMapping ... default org.apache.maven.plugins:maven-resources-plugin:resources ... ...{code} was: The lifecycle phase can be configured as a comma-separated list of plugins specified with the following data: {code}:::{code} that are not enough for my plugin. My plugin has to reconfigure the default lifecycle using other plugins with dedicated configuration different from their defaults'. So, I'd suppose to enhance the lifecycle phase parsing to support additional configuration as: {code}:::[]{code} Finally, the components.xml would support configurations like: {code:xml} org.apache.maven.lifecycle.mapping.LifecycleMapping ... default org.apache.maven.plugins:maven-resources-plugin:resources ... ...{code} > Configuration within lifecycle phase > > > Key: MNG-5957 > URL: https://issues.apache.org/jira/browse/MNG-5957 > Project: Maven > Issue Type: Improvement > Components: core >Affects Versions: 3.3.9 >Reporter: Mario Krizmanic > > The lifecycle phase can be configured as a comma-separated list of plugins > specified with the following data: > {code}:::{code} that are not enough for > my plugin. > My plugin has to reconfigure the default lifecycle using other plugins with > dedicated configuration different from their defaults'. > So, I'd propose to enhance the lifecycle phase parsing to support additional > configuration as: > {code}:::[]{code} > Finally, the components.xml would support configurations like: > {code:xml} > > > org.apache.maven.lifecycle.mapping.LifecycleMapping > ... > > > > default > > > > org.apache.maven.plugins:maven-resources-plugin:resources > > ... > > > > ...{code} -- This message was sent by Atlassian JIRA (v6.3.4#6332)
[jira] [Commented] (MSHARED-480) use maven-site-plugin's site.xml to use site's skin instead of default when run as mojo
[ https://issues.apache.org/jira/browse/MSHARED-480?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel=15082042#comment-15082042 ] Michael Osipov commented on MSHARED-480: I had the very same idea recently. I am not very pleased about {{SiteContext#templateName}} nor abour the {{default-site.vm}} and its resources in {{DefaultSiteRenderer}}. I do believe that skin-related must be in the default skin and used through decoration model only. Of cource, common stuff like the GIFs are OK to be as default resources in Site Renderer. Shouldn't we create another issue with DOXIASITETOOLS? > use maven-site-plugin's site.xml to use site's skin instead of default when > run as mojo > --- > > Key: MSHARED-480 > URL: https://issues.apache.org/jira/browse/MSHARED-480 > Project: Maven Shared Components > Issue Type: Improvement > Components: maven-reporting-impl >Affects Versions: maven-reporting-impl 2.4 >Reporter: Hervé Boutemy > > currently, maven-site-renderer default skin is always used: would be more > consistent if using site decoration consistently with maven-site-plugin > once done, we can activate skin resources copy, that was commented while > working on MSHARED-120 (and would not give expected result if skin used is > not consistent) -- This message was sent by Atlassian JIRA (v6.3.4#6332)
[jira] [Comment Edited] (MSHARED-480) use maven-site-plugin's site.xml to use site's skin instead of default when run as mojo
[ https://issues.apache.org/jira/browse/MSHARED-480?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel=15082042#comment-15082042 ] Michael Osipov edited comment on MSHARED-480 at 1/4/16 11:54 PM: - I had the very same idea recently. I am not very pleased about {{SiteContext#templateName}} nor about the {{default-site.vm}} and its resources in {{DefaultSiteRenderer}}. I do believe that skin-related must be in the default skin and used through decoration model only. Of course, common stuff like the GIFs are OK to be as default resources in Doxia Site Renderer. Shouldn't we create another issue with DOXIASITETOOLS? was (Author: michael-o): I had the very same idea recently. I am not very pleased about {{SiteContext#templateName}} nor abour the {{default-site.vm}} and its resources in {{DefaultSiteRenderer}}. I do believe that skin-related must be in the default skin and used through decoration model only. Of cource, common stuff like the GIFs are OK to be as default resources in Site Renderer. Shouldn't we create another issue with DOXIASITETOOLS? > use maven-site-plugin's site.xml to use site's skin instead of default when > run as mojo > --- > > Key: MSHARED-480 > URL: https://issues.apache.org/jira/browse/MSHARED-480 > Project: Maven Shared Components > Issue Type: Improvement > Components: maven-reporting-impl >Affects Versions: maven-reporting-impl 2.4 >Reporter: Hervé Boutemy > > currently, maven-site-renderer default skin is always used: would be more > consistent if using site decoration consistently with maven-site-plugin > once done, we can activate skin resources copy, that was commented while > working on MSHARED-120 (and would not give expected result if skin used is > not consistent) -- This message was sent by Atlassian JIRA (v6.3.4#6332)
[jira] [Created] (MSHARED-488) Make input source file encoding default to platform encoding
Michael Osipov created MSHARED-488: -- Summary: Make input source file encoding default to platform encoding Key: MSHARED-488 URL: https://issues.apache.org/jira/browse/MSHARED-488 Project: Maven Shared Components Issue Type: Wish Components: maven-reporting-impl Affects Versions: maven-reporting-impl 2.4 Reporter: Michael Osipov Fix For: maven-reporting-impl 3.0 {{AbstractMavenReport}} presets input encoding with {{ISO-8859-1}} drop that and use standard encoding. Warn about it just like other components do. -- This message was sent by Atlassian JIRA (v6.3.4#6332)
[jira] [Closed] (MSHARED-393) AbstractMavenReportRenderer#linkPatternedText does not use any join string
[ https://issues.apache.org/jira/browse/MSHARED-393?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ] Michael Osipov closed MSHARED-393. -- Resolution: Incomplete Can't remember the case to make up the example. > AbstractMavenReportRenderer#linkPatternedText does not use any join string > -- > > Key: MSHARED-393 > URL: https://issues.apache.org/jira/browse/MSHARED-393 > Project: Maven Shared Components > Issue Type: Bug > Components: maven-reporting-impl >Affects Versions: maven-reporting-impl-2.3 >Reporter: Michael Osipov > > While traversing the linkable segments, the code should check whether there > is a next element and add a join string like {{, }}. Otherwise the output is > unreadable. -- This message was sent by Atlassian JIRA (v6.3.4#6332)
[jira] [Commented] (MSHARED-430) Update JDK requirement to 1.6 / upgrade Maven Core dependencies to 3.0
[ https://issues.apache.org/jira/browse/MSHARED-430?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel=15082052#comment-15082052 ] Michael Osipov commented on MSHARED-430: I think this change should be reverted. Hervé and I are preparing a new Doxia (Sitetools) release still targeted to Maven 2.2.x (last one) and this components needs to comply with it. I would recommend to downgrade to 2.5, etc. > Update JDK requirement to 1.6 / upgrade Maven Core dependencies to 3.0 > -- > > Key: MSHARED-430 > URL: https://issues.apache.org/jira/browse/MSHARED-430 > Project: Maven Shared Components > Issue Type: Improvement > Components: maven-reporting-impl >Reporter: Robert Scholte >Assignee: Robert Scholte > Fix For: maven-reporting-impl 3.0 > > > When using maven-reporting-impl-2.x with Maven 3, it includes some Maven-2 > dependencies, since these artifactIds don't exist in Maven3 anymore, e.g > maven-project (is now part of maven-core). > Plugins are already moving forward, so this shared component should do so too. -- This message was sent by Atlassian JIRA (v6.3.4#6332)
[jira] [Commented] (MRESOURCES-171) ISO8859-1 properties files get changed into UTF-8 when filtered
[ https://issues.apache.org/jira/browse/MRESOURCES-171?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel=15081867#comment-15081867 ] Aaron Digulla commented on MRESOURCES-171: -- [~afloom] Well, he can't use Maven and expect properties files to work, then. It's as simple as that: You have place A where you can't change anything and place B, where you can, so B has to give. That means if you load all your resources via {{ResourceBundles}} and you don't use any libraries, this might work. Or maybe the code above is a workaround for the broken Maven resource plugin - which would give this bug even more priority. [~khmarbaise] Please reopen the bug. As you quoted: *Characters not in Latin1 ... are represented ... using Unicode escapes* That means you can never use anything but Latin 1 in plain properties files and expect them to work. Which is why Java comes with [native2ascii|http://docs.oracle.com/javase/7/docs/technotes/tools/windows/native2ascii.html] > ISO8859-1 properties files get changed into UTF-8 when filtered > --- > > Key: MRESOURCES-171 > URL: https://issues.apache.org/jira/browse/MRESOURCES-171 > Project: Maven Resources Plugin > Issue Type: Bug > Components: filtering >Reporter: Alex Collins >Priority: Minor > Attachments: filtering-bug.zip > > > Create: > src/main/resources/test.properties > And add a ISO8859-1 character that is not ASCII or UTF-8, do not use \u > formatting. > When adding this line: > src/main/resourcestrue > Expected: > ISO8859-1 encoded file in jar. > Actual: > UTF-8 encoded file in jar. > --- > If there are any property files (which can only be ISO8859-1) they appear to > be converted into UTF-8 in the jar. -- This message was sent by Atlassian JIRA (v6.3.4#6332)
[jira] [Created] (MSHARED-489) AbstractMavenReportRenderer#linkPatternedText ignores name if href is invalid
Michael Osipov created MSHARED-489: -- Summary: AbstractMavenReportRenderer#linkPatternedText ignores name if href is invalid Key: MSHARED-489 URL: https://issues.apache.org/jira/browse/MSHARED-489 Project: Maven Shared Components Issue Type: Bug Components: maven-reporting-impl Affects Versions: maven-reporting-impl 2.4 Reporter: Michael Osipov Consider this input: {noformat} {My Text, ftp://host/file.txt} or {My Text, http:/host/file.txt} (typo) {noformat} Given the current code: {code:java} for ( Iterator it = segments.iterator(); it.hasNext(); ) { String name = it.next(); String href = it.next(); if ( href == null ) { text( name ); } else { if ( getValidHref( href ) != null ) { link( getValidHref( href ), name ); } else { text( href ); } } } {code} The invalid {{href}} would be printed out instead of {{name}}. I think the code should read: {code:java} for ( Iterator it = segments.iterator(); it.hasNext(); ) { String name = it.next(); String href = it.next(); if ( getValidHref( href ) == null ) { text( name ); } else { link( getValidHref( href ), name ); } } {code} Produce link if href isn't null and is valid otherwise add name (text) only. -- This message was sent by Atlassian JIRA (v6.3.4#6332)
[jira] [Updated] (DOXIASITETOOLS-93) request-scoped default Velocity Tools are not accessible
[ https://issues.apache.org/jira/browse/DOXIASITETOOLS-93?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ] Hervé Boutemy updated DOXIASITETOOLS-93: Fix Version/s: 1.7 > request-scoped default Velocity Tools are not accessible > > > Key: DOXIASITETOOLS-93 > URL: https://issues.apache.org/jira/browse/DOXIASITETOOLS-93 > Project: Maven Doxia Sitetools > Issue Type: Bug > Components: Site renderer >Affects Versions: 1.6 >Reporter: Hervé Boutemy > Fix For: 1.7 > > > only application scoped are available: $esc, ... > nut not $context, for example > see > http://svn.apache.org/viewvc/velocity/tools/tags/2.0/src/main/java/org/apache/velocity/tools/generic/tools.xml?view=markup -- This message was sent by Atlassian JIRA (v6.3.4#6332)
[jira] [Commented] (MRESOURCES-171) ISO8859-1 properties files get changed into UTF-8 when filtered
[ https://issues.apache.org/jira/browse/MRESOURCES-171?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel=15082113#comment-15082113 ] Hervé Boutemy commented on MRESOURCES-171: -- IMHO, we should, yes, find some new solution to this problem: encoding can't be completely uniform in a project what we set currently is default source encoding and we should find a way to configure an association of other encodings to some resources idea: something like {code:xml} default encoding for the mojo ${basedir}/target/extra-resources src/non-packaged-resources true optional encoding for this resource {code} instead of reopening this issue which is seen as a bug, I'd prefer create another issue with title "add ability to define per-resource encoding when filtering" and link to this one as "superceeded by" WDYT? > ISO8859-1 properties files get changed into UTF-8 when filtered > --- > > Key: MRESOURCES-171 > URL: https://issues.apache.org/jira/browse/MRESOURCES-171 > Project: Maven Resources Plugin > Issue Type: Bug > Components: filtering >Reporter: Alex Collins >Priority: Minor > Attachments: filtering-bug.zip > > > Create: > src/main/resources/test.properties > And add a ISO8859-1 character that is not ASCII or UTF-8, do not use \u > formatting. > When adding this line: > src/main/resourcestrue > Expected: > ISO8859-1 encoded file in jar. > Actual: > UTF-8 encoded file in jar. > --- > If there are any property files (which can only be ISO8859-1) they appear to > be converted into UTF-8 in the jar. -- This message was sent by Atlassian JIRA (v6.3.4#6332)
[jira] [Comment Edited] (DOXIA-482) don't translate APT source comments into output comments
[ https://issues.apache.org/jira/browse/DOXIA-482?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel=15082173#comment-15082173 ] Hervé Boutemy edited comment on DOXIA-482 at 1/5/16 1:40 AM: - after thinking more at it, I'd like to improve [Parser API|http://maven.apache.org/doxia/doxia/doxia-core/apidocs/org/apache/maven/doxia/parser/Parser.html] with a new {{setEmitComments(boolean render)}} by default, every parser has to render source comments to Sink API but when a use case doesn't want to render comments in output, it just has to call {{setEmitComments(false)}}: this API could be used by Doxia Sitetools Doxia parsing. And this would not change the general behaviour and intend of general Doxia Notice that an equivalent {{setRenderComment(boolean)}} feature can be added to Sink API, to drop comment even if comment event are emitted to Sink API (for example by a report). But if a report emits comments, I think it expects them to be rendered: that's why I prefer to use the Parse API improvement in the case of Doxia Sitetool was (Author: hboutemy): after thinking more at it, I'd like to improve [Parser API|http://maven.apache.org/doxia/doxia/doxia-core/apidocs/org/apache/maven/doxia/parser/Parser.html] with a new {{setParseComments(boolean render)}} by default, every parser has to render source comments to Sink API but when a use case doesn't want to render comments in output, it just has to call {{setParseComments(false)}}: this API could be used by Doxia Sitetools Doxia parsing. And this would not change the general behaviour and intend of general Doxia Notice that an equivalent feature can be added to Sink API, to drop comment even if comment event are emitted (for example by a report). But if a report emits comments, I think it expects them to be rendered: that's why I prefer to use the Parse API improvement in the case of Doxia Sitetool > don't translate APT source comments into output comments > > > Key: DOXIA-482 > URL: https://issues.apache.org/jira/browse/DOXIA-482 > Project: Maven Doxia > Issue Type: Bug > Components: Module - Apt >Affects Versions: 1.3 >Reporter: Michael Osipov >Assignee: Michael Osipov > Fix For: 1.7 > > Attachments: DOXIA-482.patch > > > I have defined this as the very first lines in my apt file: > {code} > ~~ Copyright 2012 Michael Osipov > ~~ > ~~ Licensed under the Apache License, Version 2.0 (the "License"); > ~~ you may not use this file except in compliance with the License. > ~~ You may obtain a copy of the License at > ~~ > ~~ http://www.apache.org/licenses/LICENSE-2.0 > ~~ > ~~ Unless required by applicable law or agreed to in writing, software > ~~ distributed under the License is distributed on an "AS IS" BASIS, > ~~ WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. > ~~ See the License for the specific language governing permissions and > ~~ limitations under the License. > ~~ $Id$ > {code} > This is unfortunately translated in > {{/html/body/div/div/div#bodyColumn}} to a line-by-line comment > {noformat} > > {noformat} > This, of course, is somewhat useless. I'd rather would have split comments > like in JSP or Velocity. Template comments are left out and HTML comments > remain untouched. > I obviously do not need the ASL somewhere in the middle of by page as comment. -- This message was sent by Atlassian JIRA (v6.3.4#6332)
[jira] [Commented] (MSHARED-489) AbstractMavenReportRenderer#linkPatternedText ignores name if href is invalid
[ https://issues.apache.org/jira/browse/MSHARED-489?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel=15082197#comment-15082197 ] Hervé Boutemy commented on MSHARED-489: --- I think this issue should not be described as code change, but as unit test: what you currently get and what you think would be better to get = please describe the issue, not a solution to a yet to understand issue > AbstractMavenReportRenderer#linkPatternedText ignores name if href is invalid > - > > Key: MSHARED-489 > URL: https://issues.apache.org/jira/browse/MSHARED-489 > Project: Maven Shared Components > Issue Type: Bug > Components: maven-reporting-impl >Affects Versions: maven-reporting-impl 2.4 >Reporter: Michael Osipov > > Consider this input: > {noformat} > {My Text, ftp://host/file.txt} or {My Text, http:/host/file.txt} (typo) > {noformat} > Given the current code: > {code:java} > for ( Iterator it = segments.iterator(); it.hasNext(); ) > { > String name = it.next(); > String href = it.next(); > if ( href == null ) > { > text( name ); > } > else > { > if ( getValidHref( href ) != null ) > { > link( getValidHref( href ), name ); > } > else > { > text( href ); > } > } > } > {code} > The invalid {{href}} would be printed out instead of {{name}}. I think the > code should read: > {code:java} > for ( Iterator it = segments.iterator(); it.hasNext(); ) > { > String name = it.next(); > String href = it.next(); > if ( getValidHref( href ) == null ) > { > text( name ); > } > else > { > link( getValidHref( href ), name ); > } > } > {code} > Produce link if href isn't null and is valid otherwise add name (text) only. -- This message was sent by Atlassian JIRA (v6.3.4#6332)
[jira] [Commented] (MSHARED-480) use maven-site-plugin's site.xml to use site's skin instead of default when run as mojo
[ https://issues.apache.org/jira/browse/MSHARED-480?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel=15082137#comment-15082137 ] Hervé Boutemy commented on MSHARED-480: --- bq. I do believe that skin-related must be in the default skin and used through decoration model only I don't understand this the current issue is currently against {{maven-reporting-impl}} that has to mimic maven-site-plugin's decoration model handling in the context of direct mojo invocation, and that currently was just implemented in a basic way. With the rework done for Doxia Sitetools 1.7 API, I think it's time to improve maven-reporting-impl And once maven-site-plugin's skin is used for the template part, resources are not an issue: it is natural to address resources in the same work > use maven-site-plugin's site.xml to use site's skin instead of default when > run as mojo > --- > > Key: MSHARED-480 > URL: https://issues.apache.org/jira/browse/MSHARED-480 > Project: Maven Shared Components > Issue Type: Improvement > Components: maven-reporting-impl >Affects Versions: maven-reporting-impl 2.4 >Reporter: Hervé Boutemy > > currently, when a reporting mojo is not used as maven-site-plugin's report > but as direct mojo invocation, maven-site-renderer default skin is always > used: would be more consistent if using site decoration consistently with > maven-site-plugin > Or more precisely, I didn't currently find any reporting plugin that did the > effort to mimic maven-site-plugin's decoration model/skin: every reporting > plugin I know of uses features of {{maven-reporting-impl}} for site rendring > (with this known limitation) > implementing the feature in {{maven-reporting-impl}} will make it accessible > to any reporting plugin once it upgrades it dependency version > once done, we can activate skin resources copy, that was commented while > working on MSHARED-120 (and would not give expected result if skin used is > not consistent) -- This message was sent by Atlassian JIRA (v6.3.4#6332)
[jira] [Closed] (DOXIA-501) Impossible to use ### header when also using Velocity
[ https://issues.apache.org/jira/browse/DOXIA-501?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ] Hervé Boutemy closed DOXIA-501. --- Resolution: Duplicate Assignee: Hervé Boutemy Fix Version/s: MSITE-756 MSITE-728 I recently explained it in MSITE-728, with a workaround similar to the way Michael proposes it Yes, Markdown and Velocity don't play well together because they give a meaning to the same markup syntax: we can't do anything against it (changing Markdown or Velocity syntax is not an option) notice that I implemented MSITE-756 to help users investigate in case Velocity is used and was previously completely hidden: it makes Velocity result visible before Doxia parsing > Impossible to use ### header when also using Velocity > - > > Key: DOXIA-501 > URL: https://issues.apache.org/jira/browse/DOXIA-501 > Project: Maven Doxia > Issue Type: Bug > Components: Module - Markdown >Affects Versions: 1.4 >Reporter: Hendrik Schreiber >Assignee: Hervé Boutemy > Labels: close-pending > Fix For: MSITE-728, MSITE-756 > > > Markdown and Velocity don't play nicely with each other. > A regular Markdown H3 is usually written like this: > ### My Header > This does not work with Velocity, because ## starts a comment. So, it needs > to be escaped like this: > \#\#\# My Header // DOES NOT WORK > Unfortunately, this does not work, but simply generates "###" in the output, > not a level 3 header. For some reason, Markdown does not interpret the "###". > There is a workaround posted on > http://mail-archives.apache.org/mod_mbox/maven-users/201303.mbox/%3c514afc2f.9070...@apache.org%3e > --- however, that is certainly not satisfying and very awkward. -- This message was sent by Atlassian JIRA (v6.3.4#6332)
[jira] [Commented] (DOXIASITETOOLS-67) Velocity ToolManager doesn't work for skins and custom templates
[ https://issues.apache.org/jira/browse/DOXIASITETOOLS-67?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel=15082187#comment-15082187 ] Hervé Boutemy commented on DOXIASITETOOLS-67: - IIUC from investigations, this issue should be closed as "invalid" (ToolManager mainly works) and we should work on DOXIASITETOOLS-93 which is a better description of the real (more specific) issue, isn't it? > Velocity ToolManager doesn't work for skins and custom templates > > > Key: DOXIASITETOOLS-67 > URL: https://issues.apache.org/jira/browse/DOXIASITETOOLS-67 > Project: Maven Doxia Sitetools > Issue Type: Bug > Components: Site renderer >Reporter: Robert Scholte >Assignee: Robert Scholte > Fix For: 1.7 > > > DOXIASITETOOLS-66 introduces the Velocity ToolManager, but this only works > with the default site rendering settings, because in these cases the > classloader changes to pick up the right skin or template. -- This message was sent by Atlassian JIRA (v6.3.4#6332)
[jira] [Updated] (MSHARED-480) use maven-site-plugin's site.xml to use site's skin instead of default when run as mojo
[ https://issues.apache.org/jira/browse/MSHARED-480?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ] Hervé Boutemy updated MSHARED-480: -- Description: currently, when a reporting mojo is not used as maven-site-plugin's report but as direct mojo invocation, maven-site-renderer default skin is always used: would be more consistent if using site decoration consistently with maven-site-plugin Or more precisely, I didn't currently find any reporting plugin that did the effort to mimic maven-site-plugin's decoration model/skin: every reporting plugin I know of uses features of {{maven-reporting-impl}} for site rendring (with this known limitation) implementing the feature in {{maven-reporting-impl}} will make it accessible to any reporting plugin once it upgrades it dependency version once done, we can activate skin resources copy, that was commented while working on MSHARED-120 (and would not give expected result if skin used is not consistent) was: currently, maven-site-renderer default skin is always used: would be more consistent if using site decoration consistently with maven-site-plugin once done, we can activate skin resources copy, that was commented while working on MSHARED-120 (and would not give expected result if skin used is not consistent) > use maven-site-plugin's site.xml to use site's skin instead of default when > run as mojo > --- > > Key: MSHARED-480 > URL: https://issues.apache.org/jira/browse/MSHARED-480 > Project: Maven Shared Components > Issue Type: Improvement > Components: maven-reporting-impl >Affects Versions: maven-reporting-impl 2.4 >Reporter: Hervé Boutemy > > currently, when a reporting mojo is not used as maven-site-plugin's report > but as direct mojo invocation, maven-site-renderer default skin is always > used: would be more consistent if using site decoration consistently with > maven-site-plugin > Or more precisely, I didn't currently find any reporting plugin that did the > effort to mimic maven-site-plugin's decoration model/skin: every reporting > plugin I know of uses features of {{maven-reporting-impl}} for site rendring > (with this known limitation) > implementing the feature in {{maven-reporting-impl}} will make it accessible > to any reporting plugin once it upgrades it dependency version > once done, we can activate skin resources copy, that was commented while > working on MSHARED-120 (and would not give expected result if skin used is > not consistent) -- This message was sent by Atlassian JIRA (v6.3.4#6332)
[jira] [Commented] (DOXIA-482) don't translate APT source comments into output comments
[ https://issues.apache.org/jira/browse/DOXIA-482?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel=15082173#comment-15082173 ] Hervé Boutemy commented on DOXIA-482: - after thinking more at it, I'd like to improve [Parser API|http://maven.apache.org/doxia/doxia/doxia-core/apidocs/org/apache/maven/doxia/parser/Parser.html] with a new {{setParseComments(boolean render)}} by default, every parser has to render source comments to Sink API but when a use case doesn't want to render comments in output, it just has to call {{setParseComments(false)}}: this API could be used by Doxia Sitetools Doxia parsing. And this would not change the general behaviour and intend of general Doxia Notice that an equivalent feature can be added to Sink API, to drop comment even if comment event are emitted (for example by a report). But if a report emits comments, I think it expects them to be rendered: that's why I prefer to use the Parse API improvement in the case of Doxia Sitetool > don't translate APT source comments into output comments > > > Key: DOXIA-482 > URL: https://issues.apache.org/jira/browse/DOXIA-482 > Project: Maven Doxia > Issue Type: Bug > Components: Module - Apt >Affects Versions: 1.3 >Reporter: Michael Osipov >Assignee: Michael Osipov > Fix For: 1.7 > > Attachments: DOXIA-482.patch > > > I have defined this as the very first lines in my apt file: > {code} > ~~ Copyright 2012 Michael Osipov > ~~ > ~~ Licensed under the Apache License, Version 2.0 (the "License"); > ~~ you may not use this file except in compliance with the License. > ~~ You may obtain a copy of the License at > ~~ > ~~ http://www.apache.org/licenses/LICENSE-2.0 > ~~ > ~~ Unless required by applicable law or agreed to in writing, software > ~~ distributed under the License is distributed on an "AS IS" BASIS, > ~~ WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. > ~~ See the License for the specific language governing permissions and > ~~ limitations under the License. > ~~ $Id$ > {code} > This is unfortunately translated in > {{/html/body/div/div/div#bodyColumn}} to a line-by-line comment > {noformat} > > {noformat} > This, of course, is somewhat useless. I'd rather would have split comments > like in JSP or Velocity. Template comments are left out and HTML comments > remain untouched. > I obviously do not need the ASL somewhere in the middle of by page as comment. -- This message was sent by Atlassian JIRA (v6.3.4#6332)
[jira] [Commented] (MSHARED-430) Update JDK requirement to 1.6 / upgrade Maven Core dependencies to 3.0
[ https://issues.apache.org/jira/browse/MSHARED-430?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel=15082144#comment-15082144 ] Hervé Boutemy commented on MSHARED-430: --- no need to revert: maven-reporting-impl is completely independendant if it were, every reporting plugin would have to be released > Update JDK requirement to 1.6 / upgrade Maven Core dependencies to 3.0 > -- > > Key: MSHARED-430 > URL: https://issues.apache.org/jira/browse/MSHARED-430 > Project: Maven Shared Components > Issue Type: Improvement > Components: maven-reporting-impl >Reporter: Robert Scholte >Assignee: Robert Scholte > Fix For: maven-reporting-impl 3.0 > > > When using maven-reporting-impl-2.x with Maven 3, it includes some Maven-2 > dependencies, since these artifactIds don't exist in Maven3 anymore, e.g > maven-project (is now part of maven-core). > Plugins are already moving forward, so this shared component should do so too. -- This message was sent by Atlassian JIRA (v6.3.4#6332)
[jira] [Commented] (DOXIASITETOOLS-144) split default-site.vm into 2 parts: default-site.vm and default-macros.vm
[ https://issues.apache.org/jira/browse/DOXIASITETOOLS-144?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel=15082178#comment-15082178 ] Hervé Boutemy commented on DOXIASITETOOLS-144: -- yes: this issue is about the default template, but there should be equivalent issue for every skin, since I think that every skin could benefit from such split but I don't have any plans/expectations that a specific skin will use default macros > split default-site.vm into 2 parts: default-site.vm and default-macros.vm > - > > Key: DOXIASITETOOLS-144 > URL: https://issues.apache.org/jira/browse/DOXIASITETOOLS-144 > Project: Maven Doxia Sitetools > Issue Type: Wish > Components: Site renderer >Affects Versions: 1.6 >Reporter: Hervé Boutemy > > {{default-site.vm}} starts with a bunch of macro definitions: this makes the > real HTML template hard to find, at the end of the file > putting these macro definitions into a separate file like > {{default-macros.vm}} and parsing it from {{default-site.vm}} with some > {{#parse( "default-macros.vm" )}} would IMHO improve maintenance -- This message was sent by Atlassian JIRA (v6.3.4#6332)
[jira] [Commented] (DOXIASITETOOLS-144) split default-site.vm into 2 parts: default-site.vm and default-macros.vm
[ https://issues.apache.org/jira/browse/DOXIASITETOOLS-144?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel=15081108#comment-15081108 ] Michael Osipov commented on DOXIASITETOOLS-144: --- I assume you want to improve this on a per-skin basis, right? The macro signatures might be the same but the content produced varies from skin to skin. > split default-site.vm into 2 parts: default-site.vm and default-macros.vm > - > > Key: DOXIASITETOOLS-144 > URL: https://issues.apache.org/jira/browse/DOXIASITETOOLS-144 > Project: Maven Doxia Sitetools > Issue Type: Wish > Components: Site renderer >Affects Versions: 1.6 >Reporter: Hervé Boutemy > > {{default-site.vm}} starts with a bunch of macro definitions: this makes the > real HTML template hard to find, at the end of the file > putting these macro definitions into a separate file like > {{default-macros.vm}} and parsing it from {{default-site.vm}} with some > {{#parse( "default-macros.vm" )}} would IMHO improve maintenance -- This message was sent by Atlassian JIRA (v6.3.4#6332)
[jira] [Commented] (MJARSIGNER-17) The plugin should pass proxy information to the jarsigner command.
[ https://issues.apache.org/jira/browse/MJARSIGNER-17?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel=15081089#comment-15081089 ] Riccardo commented on MJARSIGNER-17: Hello, sorry for writing here. I really need this patch but I do not understand how to install it. I'm running Ubuntu 14.4, Maven 3.3.9 (https://launchpad.net/~andrei-pozolotin/+archive/ubuntu/maven3) and my pom.xml is {code} org.apache.maven.plugins maven-jar-plugin 2.6 ... org.apache.maven.plugins maven-jarsigner-plugin 1.4 ... ... {code} I also added a post to http://stackoverflow.com/questions/34589961/apache-maven-plugin-upgrade/ Riccardo > The plugin should pass proxy information to the jarsigner command. > -- > > Key: MJARSIGNER-17 > URL: https://issues.apache.org/jira/browse/MJARSIGNER-17 > Project: Maven Jar Signer Plugin > Issue Type: Improvement >Affects Versions: 1.2 >Reporter: Christian Schulte >Assignee: Christian Schulte > Attachments: MJARSIGNER-17.patch > > > Since 'jarsigner' may need to access network resources, the plugin should > pass proxy information to the command. -- This message was sent by Atlassian JIRA (v6.3.4#6332)
[jira] [Issue Comment Deleted] (MJARSIGNER-17) The plugin should pass proxy information to the jarsigner command.
[ https://issues.apache.org/jira/browse/MJARSIGNER-17?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ] Riccardo updated MJARSIGNER-17: --- Comment: was deleted (was: Hello, sorry for writing here. I really need this patch but I do not understand how to install it. I'm running Ubuntu 14.4, Maven 3.3.9 (https://launchpad.net/~andrei-pozolotin/+archive/ubuntu/maven3) and my pom.xml is {code} org.apache.maven.plugins maven-jar-plugin 2.6 ... org.apache.maven.plugins maven-jarsigner-plugin 1.4 ... ... {code} I also added a post to http://stackoverflow.com/questions/34589961/apache-maven-plugin-upgrade/ Exit {code} [INFO] --- maven-jarsigner-plugin:1.4:sign (sign) @ SnooperX --- [INFO] [INFO] BUILD FAILURE [INFO] [INFO] Total time: 21.411 s [INFO] Finished at: 2016-01-04T13:35:25+01:00 [INFO] Final Memory: 18M/216M [INFO] [ERROR] Failed to execute goal org.apache.maven.plugins:maven-jarsigner-plugin:1.4:sign (sign) on project SnooperX: Failed executing '/bin/sh -c cd /var/lib/jenkins/workspace/DEV-Snooper && /usr/lib/jvm/java-7-oracle/jre/../bin/jarsigner -keystore keystore/SnooperX-KeyStore.p12 -storepass '*' -storetype pkcs12 -tsa http://services.globaltrustfinder.com/adss/tsa -keypass '*' /var/lib/jenkins/workspace/DEV-Snooper/target/SnooperX-1.0.jar 1' - exitcode 1 -> [Help 1] {code} Riccardo) > The plugin should pass proxy information to the jarsigner command. > -- > > Key: MJARSIGNER-17 > URL: https://issues.apache.org/jira/browse/MJARSIGNER-17 > Project: Maven Jar Signer Plugin > Issue Type: Improvement >Affects Versions: 1.2 >Reporter: Christian Schulte >Assignee: Christian Schulte > Attachments: MJARSIGNER-17.patch > > > Since 'jarsigner' may need to access network resources, the plugin should > pass proxy information to the command. -- This message was sent by Atlassian JIRA (v6.3.4#6332)
[jira] [Commented] (MRELEASE-937) Git password is visible if commit fails
[ https://issues.apache.org/jira/browse/MRELEASE-937?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel=15081098#comment-15081098 ] Michael Osipov commented on MRELEASE-937: - Where is the bug? > Git password is visible if commit fails > --- > > Key: MRELEASE-937 > URL: https://issues.apache.org/jira/browse/MRELEASE-937 > Project: Maven Release Plugin > Issue Type: Bug > Components: Git >Affects Versions: 2.5.2, 2.5.3 >Reporter: vishal sahasrabuddhe >Priority: Critical > Labels: security > > Git username and password is being visible during perform section when plugin > tries to commit the file using SCM section repository. > Here is the log. > [INFO] Checking in modified POMs... > [INFO] Executing: /bin/sh -c cd > /home/releasebot/workspace/data-ingestion-dcos_Release_builder_testing && git > add -- pom.xml > [INFO] Working directory: > /home/releasebot/workspace/data-ingestion-dcos_Release_builder_testing > [INFO] Executing: /bin/sh -c cd > /home/releasebot/workspace/data-ingestion-dcos_Release_builder_testing && git > rev-parse --show-toplevel > [INFO] Working directory: > /home/releasebot/workspace/data-ingestion-dcos_Release_builder_testing > [INFO] Executing: /bin/sh -c cd > /home/releasebot/workspace/data-ingestion-dcos_Release_builder_testing && git > status --porcelain . > [INFO] Working directory: > /home/releasebot/workspace/data-ingestion-dcos_Release_builder_testing > [WARNING] Ignoring unrecognized line: ?? pom.xml.releaseBackup > [WARNING] Ignoring unrecognized line: ?? release.properties > [WARNING] Ignoring unrecognized line: ?? target/ > [INFO] Executing: /bin/sh -c cd > /home/releasebot/workspace/data-ingestion-dcos_Release_builder_testing && git > commit --verbose -F /tmp/maven-scm-859671901.commit pom.xml > [INFO] Working directory: > /home/releasebot/workspace/data-ingestion-dcos_Release_builder_testing > [INFO] Executing: /bin/sh -c cd > /home/releasebot/workspace/data-ingestion-dcos_Release_builder_testing && git > symbolic-ref HEAD > [INFO] Working directory: > /home/releasebot/workspace/data-ingestion-dcos_Release_builder_testing > [INFO] Executing: /bin/sh -c cd > /home/releasebot/workspace/data-ingestion-dcos_Release_builder_testing && git > push > https://releasebot:@gitlab.something.com/sandbox/data-ingestion-dco.git > refs/heads/master:refs/heads/master > [INFO] Working directory: > /home/releasebot/workspace/data-ingestion-dcos_Release_builder_testing > [INFO] > > [INFO] BUILD FAILURE > [INFO] > > [INFO] Total time: 8.856 s (Wall Clock) > [INFO] Finished at: 2016-01-04T08:15:04+00:00 > [INFO] Final Memory: 17M/484M > [INFO] > > [ERROR] Failed to execute goal > org.apache.maven.plugins:maven-release-plugin:2.5.3:prepare (default-cli) on > project qubole_python: Unable to commit files > [ERROR] Provider message: > [ERROR] The git-push command failed. > [ERROR] Command output: > [ERROR] remote: Not Found > [ERROR] fatal: repository > 'https://releasebot:abc@1...@gitlab.something.com/sandbox/data-ingestion-dco.git/' > not found > [ERROR] -> [Help 1] > [ERROR] > [ERROR] To see the full stack trace of the errors, re-run Maven with the -e > switch. > [ERROR] Re-run Maven using the -X switch to enable full debug logging. > [ERROR] > [ERROR] For more information about the errors and possible solutions, please > read the following articles: > So, i can see password "abc@123" here. > I am using maven Apache Maven 3.3.9 > tried with maven release plugin 2.5.3 and 2.5.2 both but no luck. -- This message was sent by Atlassian JIRA (v6.3.4#6332)
[jira] [Commented] (MRELEASE-928) exposing the password for SCM URL if build failed to commit files to SCM
[ https://issues.apache.org/jira/browse/MRELEASE-928?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel=15081097#comment-15081097 ] Michael Osipov commented on MRELEASE-928: - Where is the bug? > exposing the password for SCM URL if build failed to commit files to SCM > > > Key: MRELEASE-928 > URL: https://issues.apache.org/jira/browse/MRELEASE-928 > Project: Maven Release Plugin > Issue Type: Bug > Components: Git, prepare, scm >Affects Versions: 2.5.2, 2.5.3 >Reporter: vishal sahasrabuddhe >Priority: Critical > Labels: security > > Hi, > When we run the release prepare and perform, if it fails to commit files > due to any reason (tag exist, wrong passwd, wrong URL etc), it exposes the > password along with error, here is the sample log. > [ERROR] Failed to execute goal > org.apache.maven.plugins:maven-release-plugin:2.5.3:prepare (default-cli) on > project device: Unable to commit files > [ERROR] Provider message: > [ERROR] The git-push command failed. > [ERROR] Command output: > [ERROR] remote: Not Found > [ERROR] fatal: repository > 'https://bot:bot123@gitlab..com/sandbox1/device.git/' not found > [ERROR] -> [Help 1] > [ERROR] > [ERROR] To see the full stack trace of the errors, re-run Maven with the -e > switch. > [ERROR] Re-run Maven using the -X switch to enable full debug logging. > [ERROR] > [ERROR] For more information about the errors and possible solutions, please > read the following articles: > [ERROR] [Help 1] > http://cwiki.apache.org/confluence/display/MAVEN/MojoFailureException > I have tested with other types of error to like tag exist, and found similar > error message with exposed password with error. > My SCM is git > maven version is Apache Maven 3.2.5 > -Vishal -- This message was sent by Atlassian JIRA (v6.3.4#6332)
[jira] [Comment Edited] (MJARSIGNER-17) The plugin should pass proxy information to the jarsigner command.
[ https://issues.apache.org/jira/browse/MJARSIGNER-17?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel=15081089#comment-15081089 ] Riccardo edited comment on MJARSIGNER-17 at 1/4/16 12:38 PM: - Hello, sorry for writing here. I really need this patch but I do not understand how to install it. I'm running Ubuntu 14.4, Maven 3.3.9 (https://launchpad.net/~andrei-pozolotin/+archive/ubuntu/maven3) and my pom.xml is {code} org.apache.maven.plugins maven-jar-plugin 2.6 ... org.apache.maven.plugins maven-jarsigner-plugin 1.4 ... ... {code} I also added a post to http://stackoverflow.com/questions/34589961/apache-maven-plugin-upgrade/ Exit {code} [INFO] --- maven-jarsigner-plugin:1.4:sign (sign) @ SnooperX --- [INFO] [INFO] BUILD FAILURE [INFO] [INFO] Total time: 21.411 s [INFO] Finished at: 2016-01-04T13:35:25+01:00 [INFO] Final Memory: 18M/216M [INFO] [ERROR] Failed to execute goal org.apache.maven.plugins:maven-jarsigner-plugin:1.4:sign (sign) on project SnooperX: Failed executing '/bin/sh -c cd /var/lib/jenkins/workspace/DEV-Snooper && /usr/lib/jvm/java-7-oracle/jre/../bin/jarsigner -keystore keystore/SnooperX-KeyStore.p12 -storepass '*' -storetype pkcs12 -tsa http://services.globaltrustfinder.com/adss/tsa -keypass '*' /var/lib/jenkins/workspace/DEV-Snooper/target/SnooperX-1.0.jar 1' - exitcode 1 -> [Help 1] {code} Riccardo was (Author: ric79): Hello, sorry for writing here. I really need this patch but I do not understand how to install it. I'm running Ubuntu 14.4, Maven 3.3.9 (https://launchpad.net/~andrei-pozolotin/+archive/ubuntu/maven3) and my pom.xml is {code} org.apache.maven.plugins maven-jar-plugin 2.6 ... org.apache.maven.plugins maven-jarsigner-plugin 1.4 ... ... {code} I also added a post to http://stackoverflow.com/questions/34589961/apache-maven-plugin-upgrade/ Riccardo > The plugin should pass proxy information to the jarsigner command. > -- > > Key: MJARSIGNER-17 > URL: https://issues.apache.org/jira/browse/MJARSIGNER-17 > Project: Maven Jar Signer Plugin > Issue Type: Improvement >Affects Versions: 1.2 >Reporter: Christian Schulte >Assignee: Christian Schulte > Attachments: MJARSIGNER-17.patch > > > Since 'jarsigner' may need to access network resources, the plugin should > pass proxy information to the command. -- This message was sent by Atlassian JIRA (v6.3.4#6332)
[jira] [Commented] (SCM-811) m2 release plugin shows SCM git password if fatal occured during git push
[ https://issues.apache.org/jira/browse/SCM-811?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel=15082404#comment-15082404 ] vishal sahasrabuddhe commented on SCM-811: -- I am using git-client plugin 1.19.1 version. > m2 release plugin shows SCM git password if fatal occured during git push > - > > Key: SCM-811 > URL: https://issues.apache.org/jira/browse/SCM-811 > Project: Maven SCM > Issue Type: Improvement > Components: maven-scm-provider-git >Affects Versions: 1.9.4 > Environment: RHEL6, Windows >Reporter: Vasilii Ruzov > > I'm running > mvn release:prepare -Dusername=myuser -Dpassword=mypassword > and see lines in output: > {quote}[INFO] Executing: cmd.exe /X /C "git push > https://myuser:@myserver.com:8081/scm/project/project.git > refs/heads/master:refs/heads/master" > {quote} > but if for some reason git push failed(e.g. I made a mistake typing password) > then I see in log > {quote} > [ERROR] fatal: unable to access > 'https://myuser:mypassw...@myserver.com:8081/scm/project/project.git/': SSL > certificate problem: self signed certificate in certificate chain > {quote} > So I see *PLAINTEXT* password. As I use this step on Teamcity it causes > security problems when someone else can see my password if build failed. I > tried both on Linux and Windows machines. > I use maven-release-plugin version 2.5.3. > http://stackoverflow.com/questions/33831383/maven-release-plugin-shows-plaintext-password-on-git-push-error -- This message was sent by Atlassian JIRA (v6.3.4#6332)
[jira] [Commented] (SCM-811) m2 release plugin shows SCM git password if fatal occured during git push
[ https://issues.apache.org/jira/browse/SCM-811?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel=15082405#comment-15082405 ] vishal sahasrabuddhe commented on SCM-811: -- I am using git-client plugin 1.19.1 version. > m2 release plugin shows SCM git password if fatal occured during git push > - > > Key: SCM-811 > URL: https://issues.apache.org/jira/browse/SCM-811 > Project: Maven SCM > Issue Type: Improvement > Components: maven-scm-provider-git >Affects Versions: 1.9.4 > Environment: RHEL6, Windows >Reporter: Vasilii Ruzov > > I'm running > mvn release:prepare -Dusername=myuser -Dpassword=mypassword > and see lines in output: > {quote}[INFO] Executing: cmd.exe /X /C "git push > https://myuser:@myserver.com:8081/scm/project/project.git > refs/heads/master:refs/heads/master" > {quote} > but if for some reason git push failed(e.g. I made a mistake typing password) > then I see in log > {quote} > [ERROR] fatal: unable to access > 'https://myuser:mypassw...@myserver.com:8081/scm/project/project.git/': SSL > certificate problem: self signed certificate in certificate chain > {quote} > So I see *PLAINTEXT* password. As I use this step on Teamcity it causes > security problems when someone else can see my password if build failed. I > tried both on Linux and Windows machines. > I use maven-release-plugin version 2.5.3. > http://stackoverflow.com/questions/33831383/maven-release-plugin-shows-plaintext-password-on-git-push-error -- This message was sent by Atlassian JIRA (v6.3.4#6332)
[jira] [Commented] (MSHARED-234) fileset.mdo missing xmlns
[ https://issues.apache.org/jira/browse/MSHARED-234?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel=15082577#comment-15082577 ] Mikolaj Izdebski commented on MSHARED-234: -- This was fixed in file-management version 3.0.0. You can close this issue as resolved. > fileset.mdo missing xmlns > - > > Key: MSHARED-234 > URL: https://issues.apache.org/jira/browse/MSHARED-234 > Project: Maven Shared Components > Issue Type: Bug > Components: file-management >Affects Versions: file-management-1.2.1 > Environment: modello 1.5 >Reporter: tradej > Attachments: 0001-Added-xmlns.patch > > > When building with Maven 3, Modello gives me this error: > [ERROR] /builddir/build/BUILD/file-management-1.2.1/src/main/mdo/fileset.mdo > [1:1]: Error generating: Cannot generate xsd without xmlns specification: > or > org.apache.maven.plugin.MojoExecutionException: Error generating: Cannot > generate xsd without xmlns specification: or > > Please, include a xmlns specification in the file. A patch is attached for > your convenience. -- This message was sent by Atlassian JIRA (v6.3.4#6332)
[jira] [Created] (MSHARED-490) Plexus lookup test fails with Maven 3.1.0 or later
Mikolaj Izdebski created MSHARED-490: Summary: Plexus lookup test fails with Maven 3.1.0 or later Key: MSHARED-490 URL: https://issues.apache.org/jira/browse/MSHARED-490 Project: Maven Shared Components Issue Type: Test Components: maven-shared-io Affects Versions: maven-shared-io-3.0.0 Reporter: Mikolaj Izdebski testShouldLookupInstanceDefaultRoleHint of DefaultDownloadManagerTest fails when running with Maven 3.1.0 or later. Attached patch improves test to work with all Maven 3 versions. Reproducer: {{mvn clean test -DmavenVersion=3.1.0}} Stack trace: {code} Running org.apache.maven.shared.io.download.DefaultDownloadManagerTest Tests run: 14, Failures: 0, Errors: 1, Skipped: 0, Time elapsed: 0.812 sec <<< FAILURE! - in org.apache.maven.shared.io.download.DefaultDownloadManagerTest testShouldLookupInstanceDefaultRoleHint(org.apache.maven.shared.io.download.DefaultDownloadManagerTest) Time elapsed: 0.751 sec <<< ERROR! org.codehaus.plexus.component.repository.exception.ComponentLookupException: com.google.inject.ProvisionException: Guice provision errors: 1) No implementation for java.util.Set was bound. while locating java.util.Set for parameter 0 at org.eclipse.aether.internal.impl.DefaultRepositoryEventDispatcher.(Unknown Source) while locating org.eclipse.aether.internal.impl.DefaultRepositoryEventDispatcher at ClassRealm[plexus.core, parent: null] at ClassRealm[plexus.core, parent: null] while locating org.eclipse.aether.impl.RepositoryEventDispatcher ... {code} -- This message was sent by Atlassian JIRA (v6.3.4#6332)
[jira] [Updated] (MSHARED-490) Plexus lookup test fails with Maven 3.1.0 or later
[ https://issues.apache.org/jira/browse/MSHARED-490?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ] Mikolaj Izdebski updated MSHARED-490: - Attachment: 0001-Configure-Plexus-container-for-running-tests-with-Ma.patch > Plexus lookup test fails with Maven 3.1.0 or later > -- > > Key: MSHARED-490 > URL: https://issues.apache.org/jira/browse/MSHARED-490 > Project: Maven Shared Components > Issue Type: Test > Components: maven-shared-io >Affects Versions: maven-shared-io-3.0.0 >Reporter: Mikolaj Izdebski > Attachments: > 0001-Configure-Plexus-container-for-running-tests-with-Ma.patch > > > testShouldLookupInstanceDefaultRoleHint of DefaultDownloadManagerTest fails > when running with Maven 3.1.0 or later. Attached patch improves test to work > with all Maven 3 versions. > Reproducer: {{mvn clean test -DmavenVersion=3.1.0}} > Stack trace: > {code} > Running org.apache.maven.shared.io.download.DefaultDownloadManagerTest > Tests run: 14, Failures: 0, Errors: 1, Skipped: 0, Time elapsed: 0.812 sec > <<< FAILURE! - in > org.apache.maven.shared.io.download.DefaultDownloadManagerTest > testShouldLookupInstanceDefaultRoleHint(org.apache.maven.shared.io.download.DefaultDownloadManagerTest) > Time elapsed: 0.751 sec <<< ERROR! > org.codehaus.plexus.component.repository.exception.ComponentLookupException: > com.google.inject.ProvisionException: Guice provision errors: > 1) No implementation for java.util.Set > was bound. > while locating java.util.Set > for parameter 0 at > org.eclipse.aether.internal.impl.DefaultRepositoryEventDispatcher.(Unknown > Source) > while locating > org.eclipse.aether.internal.impl.DefaultRepositoryEventDispatcher > at ClassRealm[plexus.core, parent: null] > at ClassRealm[plexus.core, parent: null] > while locating org.eclipse.aether.impl.RepositoryEventDispatcher > ... > {code} -- This message was sent by Atlassian JIRA (v6.3.4#6332)
[jira] [Commented] (SCM-811) m2 release plugin shows SCM git password if fatal occured during git push
[ https://issues.apache.org/jira/browse/SCM-811?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel=15082399#comment-15082399 ] vishal sahasrabuddhe commented on SCM-811: -- Hi, I am also facing similar issue with mvn release plugin (ticket was raised https://issues.apache.org/jira/browse/MRELEASE-937 ) I have added git authentication part in settings.xml like below. {quote} git releasebot {AEfPhTGymJYHN+NQLTLwRU6SjUwaF6zB+uN/RsR/Qac=} {quote} And i am seeing following message Here is the log. {noformat} [INFO] [INFO] BUILD FAILURE [INFO] [INFO] Total time: 8.856 s (Wall Clock) [INFO] Finished at: 2016-01-04T08:15:04+00:00 [INFO] Final Memory: 17M/484M [INFO] [ERROR] Failed to execute goal org.apache.maven.plugins:maven-release-plugin:2.5.3:prepare (default-cli) on project qubole_python: Unable to commit files [ERROR] Provider message: [ERROR] The git-push command failed. [ERROR] Command output: [ERROR] remote: Not Found [ERROR] fatal: repository 'https://releasebot:abc@1...@gitlab.something.com/sandbox/data-ingestion-dco.git/' not found [ERROR] -> [Help 1] [ERROR] [ERROR] To see the full stack trace of the errors, re-run Maven with the -e switch. [ERROR] Re-run Maven using the -X switch to enable full debug logging. [ERROR] [ERROR] For more information about the errors and possible solutions, please read the following articles: {noformat} So, i can see password "abc@123" here. I am using maven Apache Maven 3.3.9 tried with maven release plugin 2.5.3 and 2.5.2 both but no luck. > m2 release plugin shows SCM git password if fatal occured during git push > - > > Key: SCM-811 > URL: https://issues.apache.org/jira/browse/SCM-811 > Project: Maven SCM > Issue Type: Improvement > Components: maven-scm-provider-git >Affects Versions: 1.9.4 > Environment: RHEL6, Windows >Reporter: Vasilii Ruzov > > I'm running > mvn release:prepare -Dusername=myuser -Dpassword=mypassword > and see lines in output: > {quote}[INFO] Executing: cmd.exe /X /C "git push > https://myuser:@myserver.com:8081/scm/project/project.git > refs/heads/master:refs/heads/master" > {quote} > but if for some reason git push failed(e.g. I made a mistake typing password) > then I see in log > {quote} > [ERROR] fatal: unable to access > 'https://myuser:mypassw...@myserver.com:8081/scm/project/project.git/': SSL > certificate problem: self signed certificate in certificate chain > {quote} > So I see *PLAINTEXT* password. As I use this step on Teamcity it causes > security problems when someone else can see my password if build failed. I > tried both on Linux and Windows machines. > I use maven-release-plugin version 2.5.3. > http://stackoverflow.com/questions/33831383/maven-release-plugin-shows-plaintext-password-on-git-push-error -- This message was sent by Atlassian JIRA (v6.3.4#6332)
[jira] [Commented] (MNG-5728) Switch the default checksum policy from "warn" to "fail"
[ https://issues.apache.org/jira/browse/MNG-5728?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel=15081231#comment-15081231 ] Nicolas Juneau commented on MNG-5728: - Hello Jason, I concur about the issue potentially affecting many users. Inconsistent builds is what pushed me into creating the issue, after all. If the "-c" flag stays, the issue can still be mitigated for the ones who depend on the "warn" behaviour. Since checksum verification is already part of Maven, security might not be increased per-se, but I hope it will increase awareness about the integrity of the artifacts used in builds. If you need me to improve my pull request or just rebase my branch, just ping me here or on the Github pull request. Do not hesitate to point me at anything that could be improved as this would be the first lines of code I submit to Maven. Thanks, Nicolas > Switch the default checksum policy from "warn" to "fail" > > > Key: MNG-5728 > URL: https://issues.apache.org/jira/browse/MNG-5728 > Project: Maven > Issue Type: Improvement > Components: Artifacts and Repositories >Reporter: Nicolas Juneau >Priority: Minor > Fix For: Issues to be reviewed for 4.x > > > The default checksum policy when obtaining artifacts during a build is > currently, by default, "warn". This seems a bit odd for me since a checksum > is usually used to prevent the use of corrupted data. > Since Maven produces a lot of output (and some IDEs sometimes hide it), it is > easy to miss a bad checksum warning. I am aware that there is a > checksumPolicy setting in Maven, but, unless I am mistaken, it cannot be > defined for all repositories at once. It has to be done either on a > per-repository basis or by using the "strict-checksum" flag in the command > line. > After searching around a bit on the Web and with the help of a coworker, we > discovered that the default "warn" setting was mainly there because some > repositories were not handling checksums quite well. Issue MNG-339 contains > some information about this. > My colleague also chatted briefly with "trygvis" on IRC. Apparently, the > default "warn" setting is really there for historical reasons. > I believe that a default value of "fail" would greatly reduce the likelihood > of errors and also slightly increase the security of Maven. Corrupted > artifacts should not, by default, be used for builds. -- This message was sent by Atlassian JIRA (v6.3.4#6332)
[jira] [Commented] (MRELEASE-928) exposing the password for SCM URL if build failed to commit files to SCM
[ https://issues.apache.org/jira/browse/MRELEASE-928?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel=15081918#comment-15081918 ] Michael Osipov commented on MRELEASE-928: - Yes, go ahead and close it. > exposing the password for SCM URL if build failed to commit files to SCM > > > Key: MRELEASE-928 > URL: https://issues.apache.org/jira/browse/MRELEASE-928 > Project: Maven Release Plugin > Issue Type: Bug > Components: Git, prepare, scm >Affects Versions: 2.5.2, 2.5.3 >Reporter: vishal sahasrabuddhe >Priority: Critical > Labels: security > > Hi, > When we run the release prepare and perform, if it fails to commit files > due to any reason (tag exist, wrong passwd, wrong URL etc), it exposes the > password along with error, here is the sample log. > [ERROR] Failed to execute goal > org.apache.maven.plugins:maven-release-plugin:2.5.3:prepare (default-cli) on > project device: Unable to commit files > [ERROR] Provider message: > [ERROR] The git-push command failed. > [ERROR] Command output: > [ERROR] remote: Not Found > [ERROR] fatal: repository > 'https://bot:bot123@gitlab..com/sandbox1/device.git/' not found > [ERROR] -> [Help 1] > [ERROR] > [ERROR] To see the full stack trace of the errors, re-run Maven with the -e > switch. > [ERROR] Re-run Maven using the -X switch to enable full debug logging. > [ERROR] > [ERROR] For more information about the errors and possible solutions, please > read the following articles: > [ERROR] [Help 1] > http://cwiki.apache.org/confluence/display/MAVEN/MojoFailureException > I have tested with other types of error to like tag exist, and found similar > error message with exposed password with error. > My SCM is git > maven version is Apache Maven 3.2.5 > -Vishal -- This message was sent by Atlassian JIRA (v6.3.4#6332)
[jira] [Commented] (MNG-5947) dependencyManagement import section does not resolve dependencies using "nearest" definition
[ https://issues.apache.org/jira/browse/MNG-5947?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel=15081506#comment-15081506 ] ASF GitHub Bot commented on MNG-5947: - Github user akacme commented on the pull request: https://github.com/apache/maven/pull/74#issuecomment-168756278 I've added POM-property-based configuration. Based on my current skill level embedding configuration somewhere else would require change in dependencies section for maven-model-builder, which I'm afraid to do (let alone creating a separate project). I'll implement more elegant solution if you point me in the right direction. > dependencyManagement import section does not resolve dependencies using > "nearest" definition > > > Key: MNG-5947 > URL: https://issues.apache.org/jira/browse/MNG-5947 > Project: Maven > Issue Type: Bug > Components: Dependencies >Affects Versions: 3.3.3 >Reporter: Michał Kowalcze > Attachments: MNG-5947-poms.tgz > > > While resolving dependencies for dependencyManagement version of a particular > dependency is determined using "first match", not "nearest" definition. > Assuming that we have: > * parent:3.2.1:pom with commons-collections:3.2.1 in dependencyManagement > * parent:3.2.2:pom with commons-collections:3.2.2 in dependencyManagement > * imported:1.0:pom with dependencyManagement importing parent:3.21 > * final:1.0:pom with dependencyManagement importing imported:1.0 and > parent:3.2.2 > then dependency version for commons-collections in the final POM is set to > 3.2.1 (as import 1.0 / parent 3.2.1 is first match), not 3.2.2 which is > nearer (one level of import vs. two levels for 3.2.1). -- This message was sent by Atlassian JIRA (v6.3.4#6332)