[jira] [Comment Edited] (OFBIZ-4956) "auth" should be true for all the request url used for Application components.
[ https://issues.apache.org/jira/browse/OFBIZ-4956?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel=17058978#comment-17058978 ] Jacques Le Roux edited comment on OFBIZ-4956 at 3/13/20, 6:26 PM: -- It's better to close all possible holes, a request without authentication is an opened door to XSS... Few cases need "false", like login related requests of course... was (Author: jacques.le.roux): It's better to close all holes, a request without authentication is an opened door to XSS... > "auth" should be true for all the request url used for Application components. > -- > > Key: OFBIZ-4956 > URL: https://issues.apache.org/jira/browse/OFBIZ-4956 > Project: OFBiz > Issue Type: Improvement > Components: ALL APPLICATIONS >Affects Versions: Release Branch 11.04, Release Branch 12.04, Release > Branch 13.07, Trunk >Reporter: Amardeep Singh Jhajj >Assignee: Jacques Le Roux >Priority: Major > Attachments: OFBIZ-4956-Release-10.04.patch, > OFBIZ-4956-Release-11.04.patch, OFBIZ-4956.patch > > > Currently there are some url present in application components with > auth="false". So anyone can hit this urls and can access any resources > without authorization. > For Example - > https://demo-trunk.ofbiz.apache.org:8443/content/control/ViewSimpleContent?dataResourceId=GZ-DIG > Currently, the above url does not need authorization (you can access any > resource by changing the dataResourceId). I think all the url should be > secure with auth="true" and https="true" in all the application components. -- This message was sent by Atlassian Jira (v8.3.4#803005)
[jira] [Commented] (OFBIZ-4956) "auth" should be true for all the request url used for Application components.
[ https://issues.apache.org/jira/browse/OFBIZ-4956?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel=17058978#comment-17058978 ] Jacques Le Roux commented on OFBIZ-4956: It's better to close all holes, a request without authentication is an opened door to XSS... > "auth" should be true for all the request url used for Application components. > -- > > Key: OFBIZ-4956 > URL: https://issues.apache.org/jira/browse/OFBIZ-4956 > Project: OFBiz > Issue Type: Improvement > Components: ALL APPLICATIONS >Affects Versions: Release Branch 11.04, Release Branch 12.04, Release > Branch 13.07, Trunk >Reporter: Amardeep Singh Jhajj >Assignee: Jacques Le Roux >Priority: Major > Attachments: OFBIZ-4956-Release-10.04.patch, > OFBIZ-4956-Release-11.04.patch, OFBIZ-4956.patch > > > Currently there are some url present in application components with > auth="false". So anyone can hit this urls and can access any resources > without authorization. > For Example - > https://demo-trunk.ofbiz.apache.org:8443/content/control/ViewSimpleContent?dataResourceId=GZ-DIG > Currently, the above url does not need authorization (you can access any > resource by changing the dataResourceId). I think all the url should be > secure with auth="true" and https="true" in all the application components. -- This message was sent by Atlassian Jira (v8.3.4#803005)
[jira] [Commented] (OFBIZ-4956) "auth" should be true for all the request url used for Application components.
[ https://issues.apache.org/jira/browse/OFBIZ-4956?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel=17058976#comment-17058976 ] Jacques Le Roux commented on OFBIZ-4956: Hello [~amardeepsj] and [~toashishvijay] are you still interested in this? > "auth" should be true for all the request url used for Application components. > -- > > Key: OFBIZ-4956 > URL: https://issues.apache.org/jira/browse/OFBIZ-4956 > Project: OFBiz > Issue Type: Improvement > Components: ALL APPLICATIONS >Affects Versions: Release Branch 11.04, Release Branch 12.04, Release > Branch 13.07, Trunk >Reporter: Amardeep Singh Jhajj >Assignee: Jacques Le Roux >Priority: Major > Attachments: OFBIZ-4956-Release-10.04.patch, > OFBIZ-4956-Release-11.04.patch, OFBIZ-4956.patch > > > Currently there are some url present in application components with > auth="false". So anyone can hit this urls and can access any resources > without authorization. > For Example - > https://demo-trunk.ofbiz.apache.org:8443/content/control/ViewSimpleContent?dataResourceId=GZ-DIG > Currently, the above url does not need authorization (you can access any > resource by changing the dataResourceId). I think all the url should be > secure with auth="true" and https="true" in all the application components. -- This message was sent by Atlassian Jira (v8.3.4#803005)
[jira] [Commented] (OFBIZ-4956) "auth" should be true for all the request url used for Application components.
[
https://issues.apache.org/jira/browse/OFBIZ-4956?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel=17058975#comment-17058975
]
Jacques Le Roux commented on OFBIZ-4956:
I was ready to apply in framework and plugins when I checked {{auth="false}} in
all controllers. With the patch applied and amended, there are still 195
matches, in application and plugins, ouch!
I'll still commit, but this needs to be completed... Those in framework sounds
OK as is but should be checked too...
> "auth" should be true for all the request url used for Application components.
> --
>
> Key: OFBIZ-4956
> URL: https://issues.apache.org/jira/browse/OFBIZ-4956
> Project: OFBiz
> Issue Type: Improvement
> Components: ALL APPLICATIONS
>Affects Versions: Release Branch 11.04, Release Branch 12.04, Release
> Branch 13.07, Trunk
>Reporter: Amardeep Singh Jhajj
>Assignee: Jacques Le Roux
>Priority: Major
> Attachments: OFBIZ-4956-Release-10.04.patch,
> OFBIZ-4956-Release-11.04.patch, OFBIZ-4956.patch
>
>
> Currently there are some url present in application components with
> auth="false". So anyone can hit this urls and can access any resources
> without authorization.
> For Example -
> https://demo-trunk.ofbiz.apache.org:8443/content/control/ViewSimpleContent?dataResourceId=GZ-DIG
> Currently, the above url does not need authorization (you can access any
> resource by changing the dataResourceId). I think all the url should be
> secure with auth="true" and https="true" in all the application components.
--
This message was sent by Atlassian Jira
(v8.3.4#803005)
[jira] [Assigned] (OFBIZ-4956) "auth" should be true for all the request url used for Application components.
[ https://issues.apache.org/jira/browse/OFBIZ-4956?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ] Jacques Le Roux reassigned OFBIZ-4956: -- Assignee: Jacques Le Roux (was: Amardeep Singh Jhajj) > "auth" should be true for all the request url used for Application components. > -- > > Key: OFBIZ-4956 > URL: https://issues.apache.org/jira/browse/OFBIZ-4956 > Project: OFBiz > Issue Type: Improvement > Components: ALL APPLICATIONS >Affects Versions: Release Branch 11.04, Release Branch 12.04, Release > Branch 13.07, Trunk >Reporter: Amardeep Singh Jhajj >Assignee: Jacques Le Roux >Priority: Major > Attachments: OFBIZ-4956-Release-10.04.patch, > OFBIZ-4956-Release-11.04.patch, OFBIZ-4956.patch > > > Currently there are some url present in application components with > auth="false". So anyone can hit this urls and can access any resources > without authorization. > For Example - > https://demo-trunk.ofbiz.apache.org:8443/content/control/ViewSimpleContent?dataResourceId=GZ-DIG > Currently, the above url does not need authorization (you can access any > resource by changing the dataResourceId). I think all the url should be > secure with auth="true" and https="true" in all the application components. -- This message was sent by Atlassian Jira (v8.3.4#803005)
[jira] [Comment Edited] (OFBIZ-10390) New documentation for EntitySync
[ https://issues.apache.org/jira/browse/OFBIZ-10390?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel=16767102#comment-16767102 ] Jacques Le Roux edited comment on OFBIZ-10390 at 3/13/20, 5:58 PM: --- Copying comments here as well from OFBIZ-10818 Hello [~jacques.le.roux] I have created an [example document|https://cwiki.apache.org/confluence/x/vwglBg] to show the Pull and Push functionality with data sync between OFBiz servers. Currently, it is in WIP. Please have a look whenever you get chance and let me know if it looks good to you in form of basic details. was (Author: arunpati): Copying comments here as well from OFBIZ-10818 Hello [~jacques.le.roux] I have created an [example document|[https://cwiki.apache.org/confluence/x/vwglBg]] to show the Pull and Push functionality with data sync between OFBiz servers. Currently, it is in WIP. Please have a look whenever you get chance and let me know if it looks good to you in form of basic details. > New documentation for EntitySync > > > Key: OFBIZ-10390 > URL: https://issues.apache.org/jira/browse/OFBIZ-10390 > Project: OFBiz > Issue Type: Improvement > Components: framework >Affects Versions: Trunk >Reporter: Jacques Le Roux >Assignee: Jacques Le Roux >Priority: Minor > Fix For: Upcoming Branch > > > The [current EntitySync documentation in > wiki|https://cwiki.apache.org/confluence/display/OFBIZ/Sync+Setup+Notes+and+Example] > is POS oriented so somehow deprecated. > I have recently worked on a project with EntitySync and collected as much > possible information. I also got David E. Jones's agreement to reuse the part > on EntitySync in his 2006 "Apache OFBiz Advanced Framework - Training Video > Transcription" document. > So I'll create an Asciidoc file: > framework/entityext/src/doc/asciidoc/EntitySync-manual.adoc and will fill it > with all the available information I have. -- This message was sent by Atlassian Jira (v8.3.4#803005)
[jira] [Commented] (OFBIZ-10587) _WARNING_MESSAGE_
[ https://issues.apache.org/jira/browse/OFBIZ-10587?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel=17058955#comment-17058955 ] Jacques Le Roux commented on OFBIZ-10587: - +1 to commit > _WARNING_MESSAGE_ > - > > Key: OFBIZ-10587 > URL: https://issues.apache.org/jira/browse/OFBIZ-10587 > Project: OFBiz > Issue Type: Wish > Components: ALL COMPONENTS >Reporter: Niklas Fallik >Assignee: Michael Brohl >Priority: Major > Time Spent: 10m > Remaining Estimate: 0h > > Hi there, > I am looking for a way to display warning messages. We are using > EVENT_MESSAGE and ERROR_MESSAGE which we can pass to the frontend to display > to the user, but it turned out that it would be nice to have a type for > warnings like WARNING_MESSAGE. > I figured out that the java classes ServiceEventHandler and > ScriptEventHandler deal with those message types. > I really would appreciate if anyone already had a solution for this. -- This message was sent by Atlassian Jira (v8.3.4#803005)
[jira] [Commented] (OFBIZ-4956) "auth" should be true for all the request url used for Application components.
[ https://issues.apache.org/jira/browse/OFBIZ-4956?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel=17058954#comment-17058954 ] Jacques Le Roux commented on OFBIZ-4956: The patch still applies to trunk (but a hunk that can be done by hand). So I'l apply and commit. > "auth" should be true for all the request url used for Application components. > -- > > Key: OFBIZ-4956 > URL: https://issues.apache.org/jira/browse/OFBIZ-4956 > Project: OFBiz > Issue Type: Improvement > Components: ALL APPLICATIONS >Affects Versions: Release Branch 11.04, Release Branch 12.04, Release > Branch 13.07, Trunk >Reporter: Amardeep Singh Jhajj >Assignee: Amardeep Singh Jhajj >Priority: Major > Attachments: OFBIZ-4956-Release-10.04.patch, > OFBIZ-4956-Release-11.04.patch, OFBIZ-4956.patch > > > Currently there are some url present in application components with > auth="false". So anyone can hit this urls and can access any resources > without authorization. > For Example - > https://demo-trunk.ofbiz.apache.org:8443/content/control/ViewSimpleContent?dataResourceId=GZ-DIG > Currently, the above url does not need authorization (you can access any > resource by changing the dataResourceId). I think all the url should be > secure with auth="true" and https="true" in all the application components. -- This message was sent by Atlassian Jira (v8.3.4#803005)
[jira] [Closed] (OFBIZ-10318) Developer Manual: propose initial structure and contents
[ https://issues.apache.org/jira/browse/OFBIZ-10318?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ] Michael Brohl closed OFBIZ-10318. - Resolution: Done This is long done. > Developer Manual: propose initial structure and contents > > > Key: OFBIZ-10318 > URL: https://issues.apache.org/jira/browse/OFBIZ-10318 > Project: OFBiz > Issue Type: Improvement >Affects Versions: Trunk >Reporter: Michael Brohl >Assignee: Michael Brohl >Priority: Minor > Labels: asciidoc, documentation > > The developer manual should be given an initial overall structure to make it > easier for contributors to add their content. There are also many resources > in the wiki which could be mapped to the structure to move them step-by-step > to the document. -- This message was sent by Atlassian Jira (v8.3.4#803005)
[jira] [Commented] (OFBIZ-10390) New documentation for EntitySync
[ https://issues.apache.org/jira/browse/OFBIZ-10390?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel=17058938#comment-17058938 ] Michael Brohl commented on OFBIZ-10390: --- I'd suggest to move the mentioned wiki contents to the asciidoc file and let this be reviewed, [~arunpati] . > New documentation for EntitySync > > > Key: OFBIZ-10390 > URL: https://issues.apache.org/jira/browse/OFBIZ-10390 > Project: OFBiz > Issue Type: Improvement > Components: framework >Affects Versions: Trunk >Reporter: Jacques Le Roux >Assignee: Jacques Le Roux >Priority: Minor > Fix For: Upcoming Branch > > > The [current EntitySync documentation in > wiki|https://cwiki.apache.org/confluence/display/OFBIZ/Sync+Setup+Notes+and+Example] > is POS oriented so somehow deprecated. > I have recently worked on a project with EntitySync and collected as much > possible information. I also got David E. Jones's agreement to reuse the part > on EntitySync in his 2006 "Apache OFBiz Advanced Framework - Training Video > Transcription" document. > So I'll create an Asciidoc file: > framework/entityext/src/doc/asciidoc/EntitySync-manual.adoc and will fill it > with all the available information I have. -- This message was sent by Atlassian Jira (v8.3.4#803005)
[jira] [Commented] (OFBIZ-10407) create a docker image from the ofbiz system
[ https://issues.apache.org/jira/browse/OFBIZ-10407?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel=17058933#comment-17058933 ] Pierre Smits commented on OFBIZ-10407: -- That appears to be bidirectional. > create a docker image from the ofbiz system > --- > > Key: OFBIZ-10407 > URL: https://issues.apache.org/jira/browse/OFBIZ-10407 > Project: OFBiz > Issue Type: Improvement >Affects Versions: Trunk >Reporter: Hans Bakker >Assignee: Michael Brohl >Priority: Major > Labels: DevOps > Attachments: OFBIZ-10407_dockerfile.patch, docker.patch > > Time Spent: 10m > Remaining Estimate: 0h > > Attached an initial docker version from OFBiz copied from our GrowERP > production system translated to svn repositories. > I propose to create a docker directory in the ofbiz framework root of which a > patch is attached. > The image result is stored in hub.docker.com under the name ofbiz/full-trunk. > It can be started in a docker environment with the following command: > docker run -p 80:8080 -p 443:8443 ofbiz/full-trunk > and after about 30 seconds it can be show in the browser under: > [https://0.0.0.0/catalog/control/main] > the image can be created by executing this command in the ofbiz root when > the patch is applied: > docker build -t ofbiz/full-trunk docker > the password to the ofbiz account at hub.docker.com will be supplied upon > request. > > see the discussion in the mailinglist at > https://markmail.org/message/n7wcgroslj7v3gfe?q=docker+ofbiz > -- This message was sent by Atlassian Jira (v8.3.4#803005)
[jira] [Commented] (OFBIZ-10407) create a docker image from the ofbiz system
[ https://issues.apache.org/jira/browse/OFBIZ-10407?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel=17058931#comment-17058931 ] Michael Brohl commented on OFBIZ-10407: --- Always a pleasure to work with you Pierre. > create a docker image from the ofbiz system > --- > > Key: OFBIZ-10407 > URL: https://issues.apache.org/jira/browse/OFBIZ-10407 > Project: OFBiz > Issue Type: Improvement >Affects Versions: Trunk >Reporter: Hans Bakker >Assignee: Michael Brohl >Priority: Major > Labels: DevOps > Attachments: OFBIZ-10407_dockerfile.patch, docker.patch > > Time Spent: 10m > Remaining Estimate: 0h > > Attached an initial docker version from OFBiz copied from our GrowERP > production system translated to svn repositories. > I propose to create a docker directory in the ofbiz framework root of which a > patch is attached. > The image result is stored in hub.docker.com under the name ofbiz/full-trunk. > It can be started in a docker environment with the following command: > docker run -p 80:8080 -p 443:8443 ofbiz/full-trunk > and after about 30 seconds it can be show in the browser under: > [https://0.0.0.0/catalog/control/main] > the image can be created by executing this command in the ofbiz root when > the patch is applied: > docker build -t ofbiz/full-trunk docker > the password to the ofbiz account at hub.docker.com will be supplied upon > request. > > see the discussion in the mailinglist at > https://markmail.org/message/n7wcgroslj7v3gfe?q=docker+ofbiz > -- This message was sent by Atlassian Jira (v8.3.4#803005)
[jira] [Commented] (OFBIZ-11030) Convert FactServices.xml minilang to groovy
[ https://issues.apache.org/jira/browse/OFBIZ-11030?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel=17058927#comment-17058927 ] Pierre Smits commented on OFBIZ-11030: -- And thank you, [~pierresmits], for your review and testing! > Convert FactServices.xml minilang to groovy > --- > > Key: OFBIZ-11030 > URL: https://issues.apache.org/jira/browse/OFBIZ-11030 > Project: OFBiz > Issue Type: Sub-task > Components: bi >Affects Versions: Trunk >Reporter: Pierre Smits >Assignee: Michael Brohl >Priority: Major > Labels: Fact, dwh, services > Fix For: Upcoming Branch > > Attachments: OFBIZ-11030-FactServices.xml-minilang-to-groovy.patch, > OFBIZ-11030-FactServices.xml-minilang-to-groovy.patch, > OFBIZ-11030-FactServices.xml-minilang-to-groovy.patch, > OFBIZ-11030-FactServices.xml-minilang-to-groovy.patch, > OFBIZ-11030-FactServices.xml-minilang-to-groovy.patch, > OFBIZ-11030-FactServices.xml-minilang-to-groovy.patch, > OFBIZ-11030-InventoryItemFact-DemoTrunk.png, > OFBIZ-11030-InventoryItemFact-test.png, > OFBIZ-11030-Order-SalesOrder-overview.png, > OFBIZ-11030-SalesInvoiceItemFact-test.png, > OFBIZ-11030-SalesOrderItemFact-test.png, OFBIZ-11030-applyPatch-error.png > > > With the purpose to deprecate mini-lang OFBIZ-9350, convert FactServices.xml -- This message was sent by Atlassian Jira (v8.3.4#803005)
[jira] [Commented] (OFBIZ-10407) create a docker image from the ofbiz system
[ https://issues.apache.org/jira/browse/OFBIZ-10407?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel=17058922#comment-17058922 ] Pierre Smits commented on OFBIZ-10407: -- Since you made this into something bigger than a simple contribution because of your complaints and dictats, bring it to the dev ml. In the meanwhile, I have been working on a solution that will enable users (developers/adopters/etc.) to generate containers, that either will be based: * on a branch (trunk or whatever) without plugins and git-aware * on a branch with plugins git-aware * on a release without plugins * on a release with plugins And for the latter two I am looking at how to have it production-ready. > create a docker image from the ofbiz system > --- > > Key: OFBIZ-10407 > URL: https://issues.apache.org/jira/browse/OFBIZ-10407 > Project: OFBiz > Issue Type: Improvement >Affects Versions: Trunk >Reporter: Hans Bakker >Assignee: Michael Brohl >Priority: Major > Labels: DevOps > Attachments: OFBIZ-10407_dockerfile.patch, docker.patch > > Time Spent: 10m > Remaining Estimate: 0h > > Attached an initial docker version from OFBiz copied from our GrowERP > production system translated to svn repositories. > I propose to create a docker directory in the ofbiz framework root of which a > patch is attached. > The image result is stored in hub.docker.com under the name ofbiz/full-trunk. > It can be started in a docker environment with the following command: > docker run -p 80:8080 -p 443:8443 ofbiz/full-trunk > and after about 30 seconds it can be show in the browser under: > [https://0.0.0.0/catalog/control/main] > the image can be created by executing this command in the ofbiz root when > the patch is applied: > docker build -t ofbiz/full-trunk docker > the password to the ofbiz account at hub.docker.com will be supplied upon > request. > > see the discussion in the mailinglist at > https://markmail.org/message/n7wcgroslj7v3gfe?q=docker+ofbiz > -- This message was sent by Atlassian Jira (v8.3.4#803005)
[jira] [Commented] (OFBIZ-10587) _WARNING_MESSAGE_
[ https://issues.apache.org/jira/browse/OFBIZ-10587?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel=17058924#comment-17058924 ] Michael Brohl commented on OFBIZ-10587: --- This looks good to me, any objections to commit this? > _WARNING_MESSAGE_ > - > > Key: OFBIZ-10587 > URL: https://issues.apache.org/jira/browse/OFBIZ-10587 > Project: OFBiz > Issue Type: Wish > Components: ALL COMPONENTS >Reporter: Niklas Fallik >Assignee: Michael Brohl >Priority: Major > Time Spent: 10m > Remaining Estimate: 0h > > Hi there, > I am looking for a way to display warning messages. We are using > EVENT_MESSAGE and ERROR_MESSAGE which we can pass to the frontend to display > to the user, but it turned out that it would be nice to have a type for > warnings like WARNING_MESSAGE. > I figured out that the java classes ServiceEventHandler and > ScriptEventHandler deal with those message types. > I really would appreciate if anyone already had a solution for this. -- This message was sent by Atlassian Jira (v8.3.4#803005)
[jira] [Closed] (OFBIZ-11030) Convert FactServices.xml minilang to groovy
[ https://issues.apache.org/jira/browse/OFBIZ-11030?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ] Michael Brohl closed OFBIZ-11030. - Fix Version/s: Upcoming Branch Assignee: Michael Brohl (was: Sebastian Berg) Resolution: Implemented Thanks [~sberg] , your changes are committed in commit b50d949376e7d04195dda1be5f72d68f8249a770 > Convert FactServices.xml minilang to groovy > --- > > Key: OFBIZ-11030 > URL: https://issues.apache.org/jira/browse/OFBIZ-11030 > Project: OFBiz > Issue Type: Sub-task > Components: bi >Affects Versions: Trunk >Reporter: Pierre Smits >Assignee: Michael Brohl >Priority: Major > Labels: Fact, dwh, services > Fix For: Upcoming Branch > > Attachments: OFBIZ-11030-FactServices.xml-minilang-to-groovy.patch, > OFBIZ-11030-FactServices.xml-minilang-to-groovy.patch, > OFBIZ-11030-FactServices.xml-minilang-to-groovy.patch, > OFBIZ-11030-FactServices.xml-minilang-to-groovy.patch, > OFBIZ-11030-FactServices.xml-minilang-to-groovy.patch, > OFBIZ-11030-FactServices.xml-minilang-to-groovy.patch, > OFBIZ-11030-InventoryItemFact-DemoTrunk.png, > OFBIZ-11030-InventoryItemFact-test.png, > OFBIZ-11030-Order-SalesOrder-overview.png, > OFBIZ-11030-SalesInvoiceItemFact-test.png, > OFBIZ-11030-SalesOrderItemFact-test.png, OFBIZ-11030-applyPatch-error.png > > > With the purpose to deprecate mini-lang OFBIZ-9350, convert FactServices.xml -- This message was sent by Atlassian Jira (v8.3.4#803005)
[jira] [Closed] (OFBIZ-11244) Remove the user login security question
[ https://issues.apache.org/jira/browse/OFBIZ-11244?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ] Michael Brohl closed OFBIZ-11244. - Fix Version/s: Upcoming Branch Resolution: Implemented Thanks [~wpaetzold] , this is commited now. > Remove the user login security question > --- > > Key: OFBIZ-11244 > URL: https://issues.apache.org/jira/browse/OFBIZ-11244 > Project: OFBiz > Issue Type: Improvement > Components: ecommerce, framework, party >Affects Versions: Trunk >Reporter: Jacques Le Roux >Assignee: Michael Brohl >Priority: Major > Fix For: Upcoming Branch > > Attachments: OFBIZ-11244-framework.patch, OFBIZ-11244-plugins.patch > > > After our discussion in dev ML at > https://markmail.org/message/2dhc4al4adwgvl7z we will remove this feature. > This [~paulfoxworthy]'s remark is notably important: > bq. Security is only as good as its weakest link ( > https://www.schneier.com/essays/archives/2005/02/the_curse_of_the_sec.html) , > and security questions can be a real weakness. Any organisation using OFBiz > that really hates passwords could look at security keys from Yubico or the > like. -- This message was sent by Atlassian Jira (v8.3.4#803005)
[jira] [Created] (OFBIZ-11455) Blog-Content shows in profiles filemanager section
Benjamin Jugl created OFBIZ-11455: - Summary: Blog-Content shows in profiles filemanager section Key: OFBIZ-11455 URL: https://issues.apache.org/jira/browse/OFBIZ-11455 Project: OFBiz Issue Type: Bug Components: ecommerce Affects Versions: Trunk Reporter: Benjamin Jugl Do as follows: # Open Url: [https://demo-trunk.ofbiz.apache.org/ecomseo/] (or stable) # Click on a Blog to navigate there. # Create New Blog Post # Fill the fields with text and image and submit as "publish". # Go to profile ERROR: Filemanager shows all blog-content-items as Files. EXPECTED: Only uploaded files should be displayed. Text and publishPoints should be excluded. -- This message was sent by Atlassian Jira (v8.3.4#803005)
[jira] [Created] (OFBIZ-11454) Content for Blogs is not properly saved
Benjamin Jugl created OFBIZ-11454: - Summary: Content for Blogs is not properly saved Key: OFBIZ-11454 URL: https://issues.apache.org/jira/browse/OFBIZ-11454 Project: OFBiz Issue Type: Bug Components: ecommerce Affects Versions: Trunk Reporter: Benjamin Jugl Do as follows: # Open Url: [https://demo-trunk.ofbiz.apache.org/ecomseo/] (or stable) # Click on a Blog to navigate there. # Create New Blog Post # Fill the fields with text and image and submit as "publish". ERROR: The content will not be available and replaced by placeholders EXPECTED: Blogarticle should be displayed showing all text and images -- This message was sent by Atlassian Jira (v8.3.4#803005)
[jira] [Commented] (OFBIZ-10407) create a docker image from the ofbiz system
[ https://issues.apache.org/jira/browse/OFBIZ-10407?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel=17058902#comment-17058902 ] Michael Brohl commented on OFBIZ-10407: --- Hi everyone, any thoughts about the provided Docker files and the question if we want to have them in the codebase? > create a docker image from the ofbiz system > --- > > Key: OFBIZ-10407 > URL: https://issues.apache.org/jira/browse/OFBIZ-10407 > Project: OFBiz > Issue Type: Improvement >Affects Versions: Trunk >Reporter: Hans Bakker >Assignee: Michael Brohl >Priority: Major > Labels: DevOps > Attachments: OFBIZ-10407_dockerfile.patch, docker.patch > > Time Spent: 10m > Remaining Estimate: 0h > > Attached an initial docker version from OFBiz copied from our GrowERP > production system translated to svn repositories. > I propose to create a docker directory in the ofbiz framework root of which a > patch is attached. > The image result is stored in hub.docker.com under the name ofbiz/full-trunk. > It can be started in a docker environment with the following command: > docker run -p 80:8080 -p 443:8443 ofbiz/full-trunk > and after about 30 seconds it can be show in the browser under: > [https://0.0.0.0/catalog/control/main] > the image can be created by executing this command in the ofbiz root when > the patch is applied: > docker build -t ofbiz/full-trunk docker > the password to the ofbiz account at hub.docker.com will be supplied upon > request. > > see the discussion in the mailinglist at > https://markmail.org/message/n7wcgroslj7v3gfe?q=docker+ofbiz > -- This message was sent by Atlassian Jira (v8.3.4#803005)
[jira] [Assigned] (OFBIZ-11327) Unable to upload content at view profile screen
[ https://issues.apache.org/jira/browse/OFBIZ-11327?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ] Benjamin Jugl reassigned OFBIZ-11327: - Assignee: Benjamin Jugl (was: Michael Brohl) > Unable to upload content at view profile screen > --- > > Key: OFBIZ-11327 > URL: https://issues.apache.org/jira/browse/OFBIZ-11327 > Project: OFBiz > Issue Type: Bug > Components: ecommerce >Affects Versions: Trunk >Reporter: Mohammed Rehan Khan >Assignee: Benjamin Jugl >Priority: Minor > Attachments: FileManager-Ecommerce-New.png, FileManager-Ecommerce.png > > > Steps to regenerate - > # Open URL > [https://demo-trunk.ofbiz.apache.org/ecommerce/control/main|http://example.com] > # Click on the profile tab > # Go to file manager section > # Upload any type of content > Error - No uploaded content found in the context > Expected - User should be able to upload content > Please refer attachment -- This message was sent by Atlassian Jira (v8.3.4#803005)
[jira] [Commented] (OFBIZ-11451) ofbiz-plugins repo does not have our license
[ https://issues.apache.org/jira/browse/OFBIZ-11451?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel=17058822#comment-17058822 ] Jacques Le Roux commented on OFBIZ-11451: - I just wondered why we don't use a NOTICE file as in framework... > ofbiz-plugins repo does not have our license > > > Key: OFBIZ-11451 > URL: https://issues.apache.org/jira/browse/OFBIZ-11451 > Project: OFBiz > Issue Type: Bug > Components: git >Reporter: Pierre Smits >Assignee: Pierre Smits >Priority: Major > Labels: license > Fix For: 18.12.01, 17.12.02 > > > Our base repository has the license, but our plugins repo doesn't. -- This message was sent by Atlassian Jira (v8.3.4#803005)
[jira] [Closed] (OFBIZ-11451) ofbiz-plugins repo does not have our license
[ https://issues.apache.org/jira/browse/OFBIZ-11451?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ] Jacques Le Roux closed OFBIZ-11451. --- Fix Version/s: 17.12.02 18.12.01 Resolution: Fixed Committed, thanks Pierre > ofbiz-plugins repo does not have our license > > > Key: OFBIZ-11451 > URL: https://issues.apache.org/jira/browse/OFBIZ-11451 > Project: OFBiz > Issue Type: Bug > Components: git >Reporter: Pierre Smits >Assignee: Pierre Smits >Priority: Major > Labels: license > Fix For: 18.12.01, 17.12.02 > > > Our base repository has the license, but our plugins repo doesn't. -- This message was sent by Atlassian Jira (v8.3.4#803005)
[jira] [Commented] (OFBIZ-11244) Remove the user login security question
[ https://issues.apache.org/jira/browse/OFBIZ-11244?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel=17058817#comment-17058817 ] Jacques Le Roux commented on OFBIZ-11244: - +1, looks quite good to me too (disclaimer did not test). Just one point Wiebke: please use diff format for your patches (no /a /b). > Remove the user login security question > --- > > Key: OFBIZ-11244 > URL: https://issues.apache.org/jira/browse/OFBIZ-11244 > Project: OFBiz > Issue Type: Improvement > Components: ecommerce, framework, party >Affects Versions: Trunk >Reporter: Jacques Le Roux >Assignee: Michael Brohl >Priority: Major > Attachments: OFBIZ-11244-framework.patch, OFBIZ-11244-plugins.patch > > > After our discussion in dev ML at > https://markmail.org/message/2dhc4al4adwgvl7z we will remove this feature. > This [~paulfoxworthy]'s remark is notably important: > bq. Security is only as good as its weakest link ( > https://www.schneier.com/essays/archives/2005/02/the_curse_of_the_sec.html) , > and security questions can be a real weakness. Any organisation using OFBiz > that really hates passwords could look at security keys from Yubico or the > like. -- This message was sent by Atlassian Jira (v8.3.4#803005)
[jira] [Updated] (OFBIZ-7004) Allow to accept CDATA
[ https://issues.apache.org/jira/browse/OFBIZ-7004?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ] Pierre Smits updated OFBIZ-7004: Component/s: (was: ALL APPLICATIONS) framework/widget > Allow to accept CDATA > - > > Key: OFBIZ-7004 > URL: https://issues.apache.org/jira/browse/OFBIZ-7004 > Project: OFBiz > Issue Type: Improvement > Components: framework/widget >Affects Versions: Trunk >Reporter: James Yong >Assignee: Jacques Le Roux >Priority: Minor > Attachments: OFBIZ-7004.patch, OFBIZ-7004.patch > > > Currently, html-template tag accepts a location attribute. > Propose that the html-template tag also accepts CDATA content. > OFBiz will look for CDATA content if the location attribute is empty. > > The advantage is that we need not create a .ftl file whenever we add some > html contents into the screen widget. > I need some opinions before starting work on this. -- This message was sent by Atlassian Jira (v8.3.4#803005)
[jira] [Commented] (OFBIZ-4956) "auth" should be true for all the request url used for Application components.
[ https://issues.apache.org/jira/browse/OFBIZ-4956?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel=17058705#comment-17058705 ] Pierre Smits commented on OFBIZ-4956: - Is this still an issue to be addressed? > "auth" should be true for all the request url used for Application components. > -- > > Key: OFBIZ-4956 > URL: https://issues.apache.org/jira/browse/OFBIZ-4956 > Project: OFBiz > Issue Type: Improvement > Components: ALL APPLICATIONS >Affects Versions: Release Branch 11.04, Release Branch 12.04, Release > Branch 13.07, Trunk >Reporter: Amardeep Singh Jhajj >Assignee: Amardeep Singh Jhajj >Priority: Major > Attachments: OFBIZ-4956-Release-10.04.patch, > OFBIZ-4956-Release-11.04.patch, OFBIZ-4956.patch > > > Currently there are some url present in application components with > auth="false". So anyone can hit this urls and can access any resources > without authorization. > For Example - > https://demo-trunk.ofbiz.apache.org:8443/content/control/ViewSimpleContent?dataResourceId=GZ-DIG > Currently, the above url does not need authorization (you can access any > resource by changing the dataResourceId). I think all the url should be > secure with auth="true" and https="true" in all the application components. -- This message was sent by Atlassian Jira (v8.3.4#803005)
[jira] [Updated] (OFBIZ-10579) Date filtered queries with caching should be restricted to cache
[ https://issues.apache.org/jira/browse/OFBIZ-10579?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ] Pierre Smits updated OFBIZ-10579: - Component/s: (was: ALL APPLICATIONS) framework/entity > Date filtered queries with caching should be restricted to cache > > > Key: OFBIZ-10579 > URL: https://issues.apache.org/jira/browse/OFBIZ-10579 > Project: OFBiz > Issue Type: Improvement > Components: framework/entity >Affects Versions: Upcoming Branch >Reporter: Suraj Khurana >Assignee: Suraj Khurana >Priority: Major > Attachments: OFBIZ-10579.patch, OFBIZ-10579.patch > > > As per discussion on Dev ML > https://markmail.org/thread/3qnkihmsyhly3lsg -- This message was sent by Atlassian Jira (v8.3.4#803005)
[jira] [Created] (OFBIZ-11453) repository ofbiz-tools does not have a license
Pierre Smits created OFBIZ-11453: Summary: repository ofbiz-tools does not have a license Key: OFBIZ-11453 URL: https://issues.apache.org/jira/browse/OFBIZ-11453 Project: OFBiz Issue Type: Bug Components: tools Reporter: Pierre Smits Assignee: Pierre Smits -- This message was sent by Atlassian Jira (v8.3.4#803005)
[GitHub] [ofbiz-site] PierreSmits opened a new pull request #3: Implemented: have a license (OFBIZ-11452)
PierreSmits opened a new pull request #3: Implemented: have a license (OFBIZ-11452) URL: https://github.com/apache/ofbiz-site/pull/3 Added the license This is an automated message from the Apache Git Service. To respond to the message, please log on to GitHub and use the URL above to go to the specific comment. For queries about this service, please contact Infrastructure at: us...@infra.apache.org With regards, Apache Git Services
[jira] [Created] (OFBIZ-11452) repository ofbiz-site does not have a license
Pierre Smits created OFBIZ-11452: Summary: repository ofbiz-site does not have a license Key: OFBIZ-11452 URL: https://issues.apache.org/jira/browse/OFBIZ-11452 Project: OFBiz Issue Type: Bug Components: site Reporter: Pierre Smits Assignee: Pierre Smits -- This message was sent by Atlassian Jira (v8.3.4#803005)
[jira] [Commented] (OFBIZ-11244) Remove the user login security question
[ https://issues.apache.org/jira/browse/OFBIZ-11244?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel=17058682#comment-17058682 ] Swapnil Mane commented on OFBIZ-11244: -- Thank you [~wpaetzold] for your contribution. The patch looks good to me. Thanks! > Remove the user login security question > --- > > Key: OFBIZ-11244 > URL: https://issues.apache.org/jira/browse/OFBIZ-11244 > Project: OFBiz > Issue Type: Improvement > Components: ecommerce, framework, party >Affects Versions: Trunk >Reporter: Jacques Le Roux >Assignee: Michael Brohl >Priority: Major > Attachments: OFBIZ-11244-framework.patch, OFBIZ-11244-plugins.patch > > > After our discussion in dev ML at > https://markmail.org/message/2dhc4al4adwgvl7z we will remove this feature. > This [~paulfoxworthy]'s remark is notably important: > bq. Security is only as good as its weakest link ( > https://www.schneier.com/essays/archives/2005/02/the_curse_of_the_sec.html) , > and security questions can be a real weakness. Any organisation using OFBiz > that really hates passwords could look at security keys from Yubico or the > like. -- This message was sent by Atlassian Jira (v8.3.4#803005)
[jira] [Commented] (OFBIZ-11244) Remove the user login security question
[ https://issues.apache.org/jira/browse/OFBIZ-11244?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel=17058630#comment-17058630 ] Michael Brohl commented on OFBIZ-11244: --- This looks good to me, any objections to commit this work? > Remove the user login security question > --- > > Key: OFBIZ-11244 > URL: https://issues.apache.org/jira/browse/OFBIZ-11244 > Project: OFBiz > Issue Type: Improvement > Components: ecommerce, framework, party >Affects Versions: Trunk >Reporter: Jacques Le Roux >Assignee: Michael Brohl >Priority: Major > Attachments: OFBIZ-11244-framework.patch, OFBIZ-11244-plugins.patch > > > After our discussion in dev ML at > https://markmail.org/message/2dhc4al4adwgvl7z we will remove this feature. > This [~paulfoxworthy]'s remark is notably important: > bq. Security is only as good as its weakest link ( > https://www.schneier.com/essays/archives/2005/02/the_curse_of_the_sec.html) , > and security questions can be a real weakness. Any organisation using OFBiz > that really hates passwords could look at security keys from Yubico or the > like. -- This message was sent by Atlassian Jira (v8.3.4#803005)
[jira] [Commented] (OFBIZ-11450) The doap does not reflect the latest release
[ https://issues.apache.org/jira/browse/OFBIZ-11450?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel=17058598#comment-17058598 ] Jacques Le Roux commented on OFBIZ-11450: - Thanks Pierre! > The doap does not reflect the latest release > > > Key: OFBIZ-11450 > URL: https://issues.apache.org/jira/browse/OFBIZ-11450 > Project: OFBiz > Issue Type: Bug > Components: site >Reporter: Pierre Smits >Assignee: Pierre Smits >Priority: Major > Labels: Communication > Time Spent: 20m > Remaining Estimate: 0h > > The DOAP file is out of date. -- This message was sent by Atlassian Jira (v8.3.4#803005)
[jira] [Created] (OFBIZ-11451) ofbiz-plugins repo does not have our license
Pierre Smits created OFBIZ-11451: Summary: ofbiz-plugins repo does not have our license Key: OFBIZ-11451 URL: https://issues.apache.org/jira/browse/OFBIZ-11451 Project: OFBiz Issue Type: Bug Components: git Reporter: Pierre Smits Assignee: Pierre Smits Our base repository has the license, but our plugins repo doesn't. -- This message was sent by Atlassian Jira (v8.3.4#803005)
[jira] [Commented] (OFBIZ-11450) The doap does not reflect the latest release
[ https://issues.apache.org/jira/browse/OFBIZ-11450?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel=17058579#comment-17058579 ] Pierre Smits commented on OFBIZ-11450: -- Thanks Jacques, for your support in getting this incorporated in the codebase. > The doap does not reflect the latest release > > > Key: OFBIZ-11450 > URL: https://issues.apache.org/jira/browse/OFBIZ-11450 > Project: OFBiz > Issue Type: Bug > Components: site >Reporter: Pierre Smits >Assignee: Pierre Smits >Priority: Major > Labels: Communication > Time Spent: 20m > Remaining Estimate: 0h > > The DOAP file is out of date. -- This message was sent by Atlassian Jira (v8.3.4#803005)
[jira] [Assigned] (OFBIZ-11450) The doap does not reflect the latest release
[ https://issues.apache.org/jira/browse/OFBIZ-11450?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ] Pierre Smits reassigned OFBIZ-11450: Assignee: Pierre Smits (was: Jacques Le Roux) > The doap does not reflect the latest release > > > Key: OFBIZ-11450 > URL: https://issues.apache.org/jira/browse/OFBIZ-11450 > Project: OFBiz > Issue Type: Bug > Components: site >Reporter: Pierre Smits >Assignee: Pierre Smits >Priority: Major > Labels: Communication > Time Spent: 20m > Remaining Estimate: 0h > > The DOAP file is out of date. -- This message was sent by Atlassian Jira (v8.3.4#803005)
[jira] [Closed] (OFBIZ-11450) The doap does not reflect the latest release
[ https://issues.apache.org/jira/browse/OFBIZ-11450?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ] Jacques Le Roux closed OFBIZ-11450. --- Resolution: Implemented Committed, I wanted to squash and merge the PR but it seems it does not rebase so I have rather taken the 2 commits and rebased > The doap does not reflect the latest release > > > Key: OFBIZ-11450 > URL: https://issues.apache.org/jira/browse/OFBIZ-11450 > Project: OFBiz > Issue Type: Bug > Components: site >Reporter: Pierre Smits >Assignee: Jacques Le Roux >Priority: Major > Labels: Communication > Time Spent: 20m > Remaining Estimate: 0h > > The DOAP file is out of date. -- This message was sent by Atlassian Jira (v8.3.4#803005)
[jira] [Commented] (OFBIZ-11450) The doap does not reflect the latest release
[ https://issues.apache.org/jira/browse/OFBIZ-11450?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel=17058576#comment-17058576 ] Jacopo Cappellato commented on OFBIZ-11450: --- yes, dev@ is fine imo > The doap does not reflect the latest release > > > Key: OFBIZ-11450 > URL: https://issues.apache.org/jira/browse/OFBIZ-11450 > Project: OFBiz > Issue Type: Bug > Components: site >Reporter: Pierre Smits >Assignee: Jacques Le Roux >Priority: Major > Labels: Communication > Time Spent: 20m > Remaining Estimate: 0h > > The DOAP file is out of date. -- This message was sent by Atlassian Jira (v8.3.4#803005)
[GitHub] [ofbiz-site] JacquesLeRoux commented on issue #2: Improved: adding release info (OFBIZ-11450)
JacquesLeRoux commented on issue #2: Improved: adding release info (OFBIZ-11450) URL: https://github.com/apache/ofbiz-site/pull/2#issuecomment-598639358 I wanted to squash and merge but it seems it does not rebase so I'll rather take the 2 commits and rebase This is an automated message from the Apache Git Service. To respond to the message, please log on to GitHub and use the URL above to go to the specific comment. For queries about this service, please contact Infrastructure at: us...@infra.apache.org With regards, Apache Git Services
[GitHub] [ofbiz-site] JacquesLeRoux merged pull request #2: Improved: adding release info (OFBIZ-11450)
JacquesLeRoux merged pull request #2: Improved: adding release info (OFBIZ-11450) URL: https://github.com/apache/ofbiz-site/pull/2 This is an automated message from the Apache Git Service. To respond to the message, please log on to GitHub and use the URL above to go to the specific comment. For queries about this service, please contact Infrastructure at: us...@infra.apache.org With regards, Apache Git Services
[jira] [Commented] (OFBIZ-11450) The doap does not reflect the latest release
[ https://issues.apache.org/jira/browse/OFBIZ-11450?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel=17058558#comment-17058558 ] Pierre Smits commented on OFBIZ-11450: -- Done. > The doap does not reflect the latest release > > > Key: OFBIZ-11450 > URL: https://issues.apache.org/jira/browse/OFBIZ-11450 > Project: OFBiz > Issue Type: Bug > Components: site >Reporter: Pierre Smits >Assignee: Jacques Le Roux >Priority: Major > Labels: Communication > Time Spent: 10m > Remaining Estimate: 0h > > The DOAP file is out of date. -- This message was sent by Atlassian Jira (v8.3.4#803005)
[jira] [Commented] (OFBIZ-11450) The doap does not reflect the latest release
[ https://issues.apache.org/jira/browse/OFBIZ-11450?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel=17058542#comment-17058542 ] Jacques Le Roux commented on OFBIZ-11450: - Pierre, could you please update the PR? It will be much easier for me, TIA :) > The doap does not reflect the latest release > > > Key: OFBIZ-11450 > URL: https://issues.apache.org/jira/browse/OFBIZ-11450 > Project: OFBiz > Issue Type: Bug > Components: site >Reporter: Pierre Smits >Assignee: Jacques Le Roux >Priority: Major > Labels: Communication > Time Spent: 10m > Remaining Estimate: 0h > > The DOAP file is out of date. -- This message was sent by Atlassian Jira (v8.3.4#803005)
[jira] [Commented] (OFBIZ-11450) The doap does not reflect the latest release
[ https://issues.apache.org/jira/browse/OFBIZ-11450?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel=17058536#comment-17058536 ] Jacques Le Roux commented on OFBIZ-11450: - Right Pierre, I'll use dev ML > The doap does not reflect the latest release > > > Key: OFBIZ-11450 > URL: https://issues.apache.org/jira/browse/OFBIZ-11450 > Project: OFBiz > Issue Type: Bug > Components: site >Reporter: Pierre Smits >Assignee: Jacques Le Roux >Priority: Major > Labels: Communication > Time Spent: 10m > Remaining Estimate: 0h > > The DOAP file is out of date. -- This message was sent by Atlassian Jira (v8.3.4#803005)
[jira] [Comment Edited] (OFBIZ-11450) The doap does not reflect the latest release
[ https://issues.apache.org/jira/browse/OFBIZ-11450?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel=17058525#comment-17058525 ] Pierre Smits edited comment on OFBIZ-11450 at 3/13/20, 8:58 AM: With current setup (using Git) any contributor *is enabled to* change the file. Committers have the discretion to merge changes into the codebase. was (Author: pfm.smits): With current setup (using Git) any contributor *are enabled to* change the file. Committers have the discretion to merge changes into the codebase. > The doap does not reflect the latest release > > > Key: OFBIZ-11450 > URL: https://issues.apache.org/jira/browse/OFBIZ-11450 > Project: OFBiz > Issue Type: Bug > Components: site >Reporter: Pierre Smits >Assignee: Jacques Le Roux >Priority: Major > Labels: Communication > Time Spent: 10m > Remaining Estimate: 0h > > The DOAP file is out of date. -- This message was sent by Atlassian Jira (v8.3.4#803005)
[jira] [Commented] (OFBIZ-11450) The doap does not reflect the latest release
[ https://issues.apache.org/jira/browse/OFBIZ-11450?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel=17058525#comment-17058525 ] Pierre Smits commented on OFBIZ-11450: -- With current setup (using Git) any contributor *are enabled to* change the file. Committers have the discretion to merge changes into the codebase. > The doap does not reflect the latest release > > > Key: OFBIZ-11450 > URL: https://issues.apache.org/jira/browse/OFBIZ-11450 > Project: OFBiz > Issue Type: Bug > Components: site >Reporter: Pierre Smits >Assignee: Jacques Le Roux >Priority: Major > Labels: Communication > Time Spent: 10m > Remaining Estimate: 0h > > The DOAP file is out of date. -- This message was sent by Atlassian Jira (v8.3.4#803005)
[jira] [Commented] (OFBIZ-11450) The doap does not reflect the latest release
[ https://issues.apache.org/jira/browse/OFBIZ-11450?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel=17058523#comment-17058523 ] Jacques Le Roux commented on OFBIZ-11450: - It depends, if committers are allowed to change this file. If so, yes IMO. How can we check that? > The doap does not reflect the latest release > > > Key: OFBIZ-11450 > URL: https://issues.apache.org/jira/browse/OFBIZ-11450 > Project: OFBiz > Issue Type: Bug > Components: site >Reporter: Pierre Smits >Assignee: Jacques Le Roux >Priority: Major > Labels: Communication > Time Spent: 10m > Remaining Estimate: 0h > > The DOAP file is out of date. -- This message was sent by Atlassian Jira (v8.3.4#803005)
[jira] [Commented] (OFBIZ-11450) The doap does not reflect the latest release
[ https://issues.apache.org/jira/browse/OFBIZ-11450?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel=17058520#comment-17058520 ] Pierre Smits commented on OFBIZ-11450: -- But maybe the associated email address should be changed to dev@? > The doap does not reflect the latest release > > > Key: OFBIZ-11450 > URL: https://issues.apache.org/jira/browse/OFBIZ-11450 > Project: OFBiz > Issue Type: Bug > Components: site >Reporter: Pierre Smits >Assignee: Jacques Le Roux >Priority: Major > Labels: Communication > Time Spent: 10m > Remaining Estimate: 0h > > The DOAP file is out of date. -- This message was sent by Atlassian Jira (v8.3.4#803005)
[jira] [Commented] (OFBIZ-11450) The doap does not reflect the latest release
[ https://issues.apache.org/jira/browse/OFBIZ-11450?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel=17058519#comment-17058519 ] Jacopo Cappellato commented on OFBIZ-11450: --- [~mbrohl], I actually like the change introduced by [~pierresmits]: the PMC makes more sense as a maintainer. I don't think this is going to cause any problems, and we could adjust in the future if we will receive any remarks. > The doap does not reflect the latest release > > > Key: OFBIZ-11450 > URL: https://issues.apache.org/jira/browse/OFBIZ-11450 > Project: OFBiz > Issue Type: Bug > Components: site >Reporter: Pierre Smits >Assignee: Jacques Le Roux >Priority: Major > Labels: Communication > Time Spent: 10m > Remaining Estimate: 0h > > The DOAP file is out of date. -- This message was sent by Atlassian Jira (v8.3.4#803005)
[jira] [Updated] (OFBIZ-11450) The doap does not reflect the latest release
[ https://issues.apache.org/jira/browse/OFBIZ-11450?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ] Pierre Smits updated OFBIZ-11450: - Summary: The doap does not reflect the latest release (was: improve the doap to reflect the latest release) > The doap does not reflect the latest release > > > Key: OFBIZ-11450 > URL: https://issues.apache.org/jira/browse/OFBIZ-11450 > Project: OFBiz > Issue Type: Bug > Components: site >Reporter: Pierre Smits >Assignee: Jacques Le Roux >Priority: Major > Labels: Communication > Time Spent: 10m > Remaining Estimate: 0h > > The DOAP file is out of date. -- This message was sent by Atlassian Jira (v8.3.4#803005)
[jira] [Commented] (OFBIZ-11450) improve the doap to reflect the latest release
[ https://issues.apache.org/jira/browse/OFBIZ-11450?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel=17058502#comment-17058502 ] Michael Brohl commented on OFBIZ-11450: --- [~jacopoc] what do you think? > improve the doap to reflect the latest release > -- > > Key: OFBIZ-11450 > URL: https://issues.apache.org/jira/browse/OFBIZ-11450 > Project: OFBiz > Issue Type: Bug > Components: site >Reporter: Pierre Smits >Assignee: Jacques Le Roux >Priority: Major > Labels: Communication > Time Spent: 10m > Remaining Estimate: 0h > > The DOAP file is out of date. -- This message was sent by Atlassian Jira (v8.3.4#803005)
[jira] [Commented] (OFBIZ-11450) improve the doap to reflect the latest release
[ https://issues.apache.org/jira/browse/OFBIZ-11450?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel=17058499#comment-17058499 ] Pierre Smits commented on OFBIZ-11450: -- There seems to be a lot of flexibility regarding what is possible with doap files within the ASF. It is up to you what will be merged into the codebase. > improve the doap to reflect the latest release > -- > > Key: OFBIZ-11450 > URL: https://issues.apache.org/jira/browse/OFBIZ-11450 > Project: OFBiz > Issue Type: Bug > Components: site >Reporter: Pierre Smits >Assignee: Jacques Le Roux >Priority: Major > Labels: Communication > Time Spent: 10m > Remaining Estimate: 0h > > The DOAP file is out of date. -- This message was sent by Atlassian Jira (v8.3.4#803005)
[jira] [Commented] (OFBIZ-11450) improve the doap to reflect the latest release
[ https://issues.apache.org/jira/browse/OFBIZ-11450?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel=17058494#comment-17058494 ] Jacques Le Roux commented on OFBIZ-11450: - I had a look at https://projects.apache.org/doap.html and I could not find any information about that. It seems to me that a team is possible, opinion? > improve the doap to reflect the latest release > -- > > Key: OFBIZ-11450 > URL: https://issues.apache.org/jira/browse/OFBIZ-11450 > Project: OFBiz > Issue Type: Bug > Components: site >Reporter: Pierre Smits >Assignee: Jacques Le Roux >Priority: Major > Labels: Communication > Time Spent: 10m > Remaining Estimate: 0h > > The DOAP file is out of date. -- This message was sent by Atlassian Jira (v8.3.4#803005)
