Re: [VOTE] Create new component commons-signing

+1 Greetings Bernd Von: Mark Thomas Gesendet: Freitag, 2. Februar 2018 18:54 An: Commons Developers List Betreff: [VOTE] Create new component commons-signing Hello all, I propose that we create a new component [commons-signing]. The scope of the component is code signing utilities including

RE: [Signing] New component for code signing

Well, there are plans by me. I would not invest time in a project nobody else can use… Maybe there can be some consensus on a common protocol. Gruss Bernd Von: Robert Munteanu Gesendet: Dienstag, 30. Januar 2018 11:21 An: Commons Developers List Betreff: Re: [Signing] New component for code

Re: [Signing] New component for code signing

+1 - and I would expect we also see a Server-side component. BTW: Eclipse also has some infrastructure for this (we use a modified Version with a PHP backend on-prem) http://git.eclipse.org/c/cbi/org.eclipse.cbi.git/tree/maven-plugins/README.md Gruss Bernd -- http://bernd.eckenfels.net Von

[IO-564] Javadoc inheritance for ByteArrayOutputStream.write

Need to be replicated as it is not inherited. d) Expand the existing documentation. This will take most work and space in the Code Whats your Preference? I would really like to use a) in this case, is this acceptable? Gruss Bernd -- http://bernd.eckenfels.net Von: Bernd Eckenfels (JIRA

AW: [PROPOSAL][test] Apache Commons JUnit

Hello, commons-vfs does this (at the Moment it only dumps the threads and does not break the build) https://github.com/apache/commons-vfs/blob/trunk/commons-vfs2/src/test/java/org/apache/commons/vfs2/test/AbstractTestSuite.java#L213 Gruss Bernd -- http://bernd.eckenfels.net Von: Romain

Re: [PROPOSAL] Apache Commons JUnit

about the Name and the Mission and less about the maven structure. Gruss Bernd Von: Gary Gregory Gesendet: Samstag, 4. November 2017 18:12 An: Commons Developers List Betreff: Re: [PROPOSAL] Apache Commons JUnit So are you advocating for a multi-module project? - commons-testing - commons-testing

Re: [PROPOSAL] Apache Commons JUnit

I like the idea (and prefer Commons Testing), for example a method to list all non-daemon threads after a test run (to see there is no resource leak) can be used independent of the Unit Test Framework. Gruss Bernd -- http://bernd.eckenfels.net From: Hasan Diwan

Re: [VOTE] Release Apache Commons VFS 2.2 from RC1.

Have no computer access for a couple more days so I can't verify with the needed due diligence, but thank you for the work, thumbs up. In case the vote last till Friday I might be able to vote. Gruss Bernd -- http://bernd.eckenfels.net From: Gary Gregory <gg

Re: svn commit: r1807421 - /commons/proper/vfs/trunk/BUILDING.txt

> -mvn clirr:check -pl core > +mvn clirr:check -pl commons-vfs2 Hmm, I think it is intentionally only building the core module, if that is no longer required would it be better to completely remove the -pl argument to control partial build? Gruss Bernd -- http://bernd.eckenfels.net

Re: [VOTE] Move Apache Commons Launcher to dormant?

+1 Gruss Bernd -- http://bernd.eckenfels.net On Sun, Aug 20, 2017 at 3:41 PM, Pascal Schumacher <pascalschumac...@gmx.net<mailto:pascalschumac...@gmx.net> wrote: > Hi all, > > as discussed, I'd like to propose to move Apache Commons Launcher to > dormant. > > Re

Re: Ready for JDK 9 ?

as module aware. But the compile checks should be easy to do.) Gruss Bernd Gruss Bernd -- http://bernd.eckenfels.net From: Jörg Schaible <joerg.schai...@bpm-inspire.com> Sent: Tuesday, August 8, 2017 5:07:54 PM To: dev@commons.apache.org Subject: Re: Ready for JDK 9

Re: [vfs] Lcurly=no (was: svn commit: r1802440 - /commons/proper/vfs/trunk/core/src/test/java/org/apache/commons/vfs2/provider/jar/test/JarAttributesTestCase.java

Hello Gary, Well I don't remember that we agreed on it, however as I said both is fine. Should we then make the change to checkstyle file and if yes, what change? Using eol for all lcurly entries? Gruss Bernd Gruss Bernd -- http://bernd.eckenfels.net From

[vfs] Lcurly=no (was: svn commit: r1802440 - /commons/proper/vfs/trunk/core/src/test/java/org/apache/commons/vfs2/provider/jar/test/JarAttributesTestCase.java

-vfs/blob/trunk/checkstyle.properties#L17 Gruss Bernd -- http://bernd.eckenfels.net _ From: ggreg...@apache.org<mailto:ggreg...@apache.org> Sent: Donnerstag, Juli 20, 2017 1:56 AM Subject: svn commit: r1802440 - /commons/proper/vfs/trunk/core/src/test/java/org/

Re: [daemon] : fixing some general stuff

anybody know? Thanks for looking at the issues, would be good if you commit smaller batches more often, since there is generally some more interest in the project currently. If you want I can help with the Javadoc warnings? Gruss Bernd -- http://bernd.eckenfels.net

Re: OSGi Version at Package Level

to get a radically different view. (But Imagree with others that for most commons projects (especially tools libraries) there is not much benefit for having package versions different from bundle versions. Especially not since there is no overall OSGi theme going on.) Gruss Bernd -- http

Re: Wondering VFS will support Read/Write on Google Cloud Storage?

println("f exists" + f.exists() + " is dir " + f.isDirectory() + " is file " + f.isFile() + " norm " + f.getCanonicalPath() + " len " + f.length()) So we can see what the responses are? Gruss Bernd

Re: Wondering VFS will support Read/Write on Google Cloud Storage?

Hello, The Local file provider should be able to deal with fuse mounted directories. It is hard to say what the problem is. Can you tell us how the path is named, what operations you tried, what exceptions are happening and what `ls` is returning. Gruss Bernd -- http://bernd.eckenfels.net

Re: Compiler targets and Java 9

. This is true for 1.6 projects compiled with 1.8 maven-Java today. So while it is good to review prerequisite minimum versions regularly Java 9 seems not a immediate motivation. Gruss Bernd -- http://bernd.eckenfels.net From: Benedikt Ritter <brit...@apache.org>

Re: [all] Should our gitignore files contain only build-related entries?

GIBo uses the Github profiles: https://github.com/github/gitignore/blob/master/Java.gitignore https://github.com/github/gitignore/blob/master/Maven.gitignore Gruss Bernd -- http://bernd.eckenfels.net From: Benedikt Ritter <brit...@apache.org> Sent: Tuesday,

Re: [all] Should our gitignore files contain only build-related entries?

Are we talking about only the Maven profile or also about the Java profile. I find that one overly eager and why does it contain BlueJ IDE (only)? Gruss Bernd -- http://bernd.eckenfels.net From: sebb <seb...@gmail.com> Sent: Monday, June 5, 2017 5:09

Re: commons-dbcp patch

Hello, You need to clone the project to your own repos and there you can push the changes (to a branch) and then create a PR. Gruss Bernd -- http://bernd.eckenfels.net _ From: Gary Evesson <geves...@atlassian.com<mailto:geves...@atlassian.com>> Sent: M

Re: [all] Java 9 module names

). This is basically the same as with OSGi (only that modules allow friends easier). The runtime scope in maven would be for those modules which are not explicitely required but needed at runtime. Gruss Bernd -- http://bernd.eckenfels.net From: jodastep...@gmail.com

Re: [all] Java 9 module names

Hm why is that? What step in your compile would need the runtime module? Gruss Bernd -- http://bernd.eckenfels.net From: Ralph Goers <ralph.go...@dslextreme.com> Sent: Sunday, April 23, 2017 7:14:02 PM To: Commons Developers List Subject: Re: [all] Java 9

Re: [Filter] No code?

also teaching again DSP from Sept so that gives me naturally time to work on it. Best, /Bernd On 13/01/17 08:51, Eric Barnhill wrote: > That was where we left it. I asked Bernd if he did not have write access to > the sandbox. If there was a reply to that I didn't see it. > > This woul

Re: [all] Java 9 module names

) is a good one (as long as they do not require imports?) Gruss Bernd -- http://bernd.eckenfels.net From: jodastep...@gmail.com <jodastep...@gmail.com> on behalf of Stephen Colebourne <scolebou...@joda.org> Sent: Saturday, April 22, 2017 10:16:40 AM To: Common

Re: [all] Java 9 module names

. In fact java.util.logging comes from java.logging while java.util is in java.base. http://cr.openjdk.java.net/~mr/jigsaw/ea/module-summary.html The only inclusion dependency is in source archives as they require a new level directory per each module. Gruss Bernd -- http://bernd.eckenfels.net

Re: [all] Java 9 module names

Around what? there is no problem to have multiple packages in multiple modules depending on each other (if you decide to ship modules at all). Only split packages is a problem (but this is also a problem for OSGi or code signing so nobody should really use that anyway) Gruss Bernd -- http

Re: [DBCP] isValid replacement

You can run a verification SQL instead. So I guess doing nothing would be fine as well, as the verification SQL (on borrow) could be configured instead. Other methods which do a round trip to the database can be used as well (for example setAutocommit() on some drivers). Gruss Bernd -- http

Convert RNG help wanted into generic request

does not attract the right engagement (besides the wording is outdated) We could replace it for a more generic Apache Commons Feedback wanted task: if you use a Apache Commons components share your experience, problems and Feedback on the User List. - or similar? Gruss Bernd -- http

Re: Help with task: Random number generators

://commons.apache.org/proper/commons-rng/ Gruss Bernd -- http://bernd.eckenfels.net _ From: Prashanth.R <prash.r...@gmail.com<mailto:prash.r...@gmail.com>> Sent: Donnerstag, März 16, 2017 1:23 AM Subject: Help with task: Random number generators To: <dev@commons.apache

Re: Help with task: Random number generators

if you solve a real world problem of yours. Let us know if project Homepage would be enough to start - and otherwise see the linked contributors guide. Gruss Bernd -- http://bernd.eckenfels.net _ From: Frank Es <escobarbfrank...@gmail.com> Sent: Donnerstag, März 2,

Re: [VFS] invert matches for PatternFileSelector

Hello, I guess that could be helpful. Keep in mind that the selector not only selects the elemements to match but also the directory hierarchy to travers, so composition can be a bit tricky. Gruss Bernd -- http://bernd.eckenfels.net On Fri, Jan 20, 2017 at 5:21 AM +0100, "Gary Gr

Re: [Filter] No code?

Ooops. Sorry. Didn't see that e-mail. I'm away to Greece at the moment but I'll have a try re write access at the weekend. I agree that it would be much quicker if I could commit to the sandbox straight away. /Bernd On 13/01/17 10:51, Eric Barnhill wrote: That was where we left it. I asked

Re: [Filter] No code?

Hi Gilles, I *think* I suggested to add a couple of subdirs. One of them with my IIR filter code and another one for the Kalman filter in it. However, I don't have write access to it so I think Eric is planning of doing it. Best, /Bernd On 13/01/17 01:33, Gilles wrote: Hello. As of today

Re: [VOTE] Promote TEXT to Proper

> --[X] +1 Move > [text] to Commons Proper Gruss Bernd -- http://bernd.eckenfels.net _ From: Rob Tompkins <chtom...@gmail.com> Sent: Dienstag, Januar 3, 2017 8:40 PM Su

Re: [text] TEXT-36 (Was: [text] 1.0 release progress)

The issues of the j.u.Random implementation are only for the default implementation, if you provide a different algorithm (from Securearandom or any distribution from RNG) you can avoid it (if needed) Gruss Bernd -- http://bernd.eckenfels.net On Fri, Dec 30, 2016 at 10:50 PM +0100, "G

Re: [text] TEXT-36 (Was: [text] 1.0 release progress)

dge can be provided in RNG for other uses as well. Gruss Bernd -- http://bernd.eckenfels.net On Fri, Dec 30, 2016 at 7:11 PM +0100, "Gilles" <gil...@harfang.homelinux.org> wrote: On Fri, 30 Dec 2016 17:30:17 + (UTC), Bernd Eckenfels wrote: > Sorry I meant

Re: [text] TEXT-36 (Was: [text] 1.0 release progress)

Sorry I meant *uniform* distribution Gruss Bernd On Fri, Dec 30, 2016 at 5:58 PM +0100, "Bernd Eckenfels" <e...@zusammenkunft.net> wrote: Hello, I am somewhat unclear, why would you require a random distribution (Interface). Is there no better more generic Inte

Re: [text] TEXT-36 (Was: [text] 1.0 release progress)

source. Gruss Bernd -- http://bernd.eckenfels.net On Fri, Dec 30, 2016 at 5:04 PM +0100, "Jörg Schaible" <joerg.schai...@gmx.de> wrote: Gilles wrote: > Hi. > > On Fri, 30 Dec 2016 09:40:20 -0500, Rob Tompkins wrote: >> Hello all, >> >> Pers

Re: [ALL] Changing the commons process

POM nuances) Gruss Bernd -- http://bernd.eckenfels.net On Sun, Dec 25, 2016 at 12:02 AM +0100, "Apache" <ralph.go...@dslextreme.com> wrote: Maven is going to publish all the artifacts that are built to the repository. This isn’t necessarily a bad thing as people

Re: [ALL] Changing the commons process

Hello, I think hybrid -sry/source does not work very well, since the IDE expect a package-like directory structure. I am not sure it would work with src/main/ prefix. Gruss Bernd -- http://bernd.eckenfels.net On Fri, Dec 23, 2016 at 11:33 PM +0100, "Gary Gregory" <garydgreg

Re: [ALL] Changing the commons process

to Apache Distribution Site vs > Maven Central. Uh, how can that happen, the release process verifies the checksums. Gruss Bernd - To unsubscribe, e-mail: dev-unsubscr...@commons.apache.org For additional commands, e-mail: dev-h...@commons.apache.org

Re: (DBUTILS-131) Speedup query calls without parameters

Hello, What database system/driver did you test? Did you test repeating statements or not. Because some drivers optimize statement caches only for prepared statements. This also means it should be configurable. Gruss Bernd -- http://bernd.eckenfels.net On Sat, Dec 10, 2016 at 10:34 PM

Re: VFS - CIFS (Sandbox) Query

that component (In this case sandbox does not mean incomplete). The most likely development is that the sandbox is dropped, hopefully somebody would release a forked binary outside the ASF. (Not sure how that would be done in regards to package naming). Gruss Bernd -- http://bernd.eckenfels.net

Re: svn commit: r1771815 - /commons/proper/daemon/trunk/src/native/windows/src/service.c

Hello Mark, are we sure the removed TODO is not related with apxPoolAlloc() return code? (I also miss the inserted closing brace, does it still compile? Is that a different commit?) Gruss Bernd Am Mon, 28 Nov 2016 21:04:06 - schrieb ma...@apache.org: > Author: markt > Date: Mon

Re: [VOTE] Accept Commons RDF as a new component

(... sorry got interrupted) ... there are arguments for a commons component, but it could also be arguments having a dedicated community. So I wanted to express that with an abstain. Gruss Bernd -- http://bernd.eckenfels.net On Thu, Nov 24, 2016 at 4:02 PM +0100, "Bernd Eckenfels

Re: [VOTE] Accept Commons RDF as a new component

Hello, Thank you for the summmary. I was aware of the incubation and the discussion on rdf-dev. There are arguments for a common component,  Gruss Bernd -- http://bernd.eckenfels.net On Thu, Nov 24, 2016 at 12:05 PM +0100, "Sergio Fernández" <wik...@apache.org> wrote:

Re: [Filter] Better name? (Was: [math] IIR filter library [...])

so ideally they should live in subdirectories at least so we could create sub-packages then? Best, /Bernd On 23/11/16 13:34, Gilles wrote: Hi Bernd, Eric (and others). I was about to request a JIRA project for the "filter" component.[1] The name "FILTER" is not taken (as a JIRA p

Re: [VOTE] Accept Commons RDF as a new component

+0 Undecided as there where no activity on commons-dev it feels to me like an other home would be better Am Wed, 23 Nov 2016 13:47:03 + schrieb Stian Soiland-Reyes : > [Note: this is the Commons PMC vote on dev@commons - there's a > concurrent IPMC VOTE thread on

Re: [complex] commons-complex module

Hi Eric, how do we move this forward? I cannot commit to the CVS so shall I send you patches and you work them in or what is the workflow? Best /Bernd On 26/10/16 13:48, Eric Barnhill wrote: On Wed, Oct 26, 2016 at 2:25 PM, Gilles <gil...@harfang.homelinux.org> wrote: It sounds li

Re: commons-filter sandbox is operational

Hi Eric, the error came from not having a site subtree. I've added one. That needs to change so that it fits into the numbering scheme of the library. I guess it will be a sub-topic in the filter.xml? Either way "mvn site" works now to get it going. /Bernd On 02/11/16 09:09, Eri

Re: commons-filter sandbox is operational

Hi Eric, there hasn't been any documentation except of javadoc on it. I've added a page in the APT format. msv site requires documentation. Not sure what's required here. Best, /Bernd On 02/11/16 09:09, Eric Barnhill wrote: Hi Bernd, looks like I need org/sonatype/aether/graph

Re: commons-filter sandbox is operational

Thanks, Eric for setting up a sandbox project. What is required for "mvn site"? /Bernd On 01/11/16 16:17, Eric Barnhill wrote: I have set up a sandbox project for commons-filter in the commons sandbox subversion repository. I used models in the sandbox for LICENSE.txt,

Re: [complex] commons-complex module

) filters these are causal digital filters as they essentially behave as an analogue circuit in a digital form. For the casual (!) user of filters they'd probably just look for a filter... /Bernd On 25-Oct-16 23:00, Gary Gregory wrote: On Tue, Oct 25, 2016 at 12:07 PM, Eric Barnhill <ericba

Re: [math] IIR filter library (Butterworth,Bessel,...)

which can also design its own low/high/band/stopband filter via different methods then I think we should also add this. For example filters based on sinc functions and windowed with a choice of standard windows would be nice. /Bernd On 25/10/16 12:33, Arne Ploese wrote: > Am Montag, den 24.10.2

Re: [math] IIR filter library (Butterworth,Bessel,...)

e "filter" package is a strong candidate to examine thoroughly and revamp, if necessary, for inclusion in a component of its own (or "filter" itself). No sure what you mean by this. Can give an example? So, that do I need to do at

Re: [math] IIR filter library (Butterworth,Bessel,...)

P.S.: Just tested it with 3.0.0. There the Laguerre Root function is not yet implemented. For 3.0.0 we needed to exclude the Bessel filter. That works from 3.1.0. On 24/10/16 10:25, Eric Barnhill wrote: > Hi Bernd, sounds like we agree on basically everything there is to do. > > >

Re: [math] IIR filter library (Butterworth,Bessel,...)

Hi Eric, On 24/10/16 10:25, Eric Barnhill wrote: > Hi Bernd, sounds like we agree on basically everything there is to do. > > >> I've spent the weekend adding maven support to the IIRJ library. So now >> a simple "mvn install" does the job. Also done the testing pr

Re: [math] IIR filter library (Butterworth,Bessel,...)

ics: https://github.com/berndporr/fir1 Arne, do you have an efficient way of doing that in JAVA? That would be nice. Best, /Bernd On 24/10/16 09:28, Arne Ploese wrote: > Am Samstag, den 22.10.2016, 23:25 +0100 schrieb Bernd Porr: > > (...) > >> I'm not too crazy about proper FIR filters

Re: [math] IIR filter library (Butterworth,Bessel,...)

a simple "mvn install" does the job. Also done the testing properly with "mvn test" which generates all the different kinds of impulse responses and puts them in different subdirs for evaluation. https://github.com/berndporr/iirj Best, /Bernd > > Eric > -- www:http

Re: [math] IIR filter library (Butterworth,Bessel,...)

ss is fine but of course that's only a tiny part of signal processing. I have a whole convolution library I wrote at: https://github.com/ericbarnhill/JVCL which includes GPU based finite differences convolutions which are quite speedy (and as always, complex-friendly). With Bernd contributing I

Re: [math] IIR filter library (Butterworth,Bessel,...)

Hi both, great to get such a positive response. On 22/10/16 15:59, Gilles wrote: > Hello. > > On Sat, 22 Oct 2016 12:51:03 +0200, Eric Barnhill wrote: >> Dear Bernd, >> >> Thank you for this interesting contribution. I use these sorts of >> filters >> fre

[math] IIR filter library (Butterworth,Bessel,...)

and the documentation is probably not complete for apache but before I embark on it I'd rather ask if there is interest. Best, /Bernd Porr -- www:http://www.berndporr.me.uk/ http://www.linux-usb-daq.co.uk/ http://www.imdb.com/name/nm3293421/ Mobile: +44 (0)7840 340069 Work: +44 (0

Re: Help with task: Random number generators

of it (in case any are required) As the release is immanent, it would be good to do that quickly (but of course if you come around to do it later it is still valuable for forthcoming releases). Thank you for your help and contributions. Gruss Bernd Am Sat, 15 Oct 2016 09:53:15 -0600 schrieb

Re: [Fileupload] CVE security page and site distribution

as well. Gruss Bernd Am Thu, 30 Jun 2016 10:46:12 + schrieb Benedikt Ritter <brit...@apache.org>: > We still need to create a security site. Commons Compress can be used > as an example for this. I don't have time to do it right now. > > Benedikt > > Benedikt Ritter <

[Fileupload] CVE security page and site distribution

ink to a definitive source. Gruss Bernd

Re: [VOTE] Move Apache Commons Primitives to dormant

+1 (binding) > [X] +1, yes move Primitives to dormant - To unsubscribe, e-mail: dev-unsubscr...@commons.apache.org For additional commands, e-mail: dev-h...@commons.apache.org

[VFS] CI in POM?

the info on the commons.apache.org site easily, should we do something about that?) I think there is somewhere a Jenkins running (for us?) Gruss Bernd - To unsubscribe, e-mail: dev-unsubscr...@commons.apache.org For additional commands

[Result][VFS] Switch to Git

Hello, There was no objection to switching VFS project to Git as the primary source control. Here are the people participated (I also vote +1): Bernd Eckenfels Gary Gregory Dave Brosius Woonsan Ko Josh Elser Ralph Goers Jochen Wiedmann Christopher How to proceed? Open an Infra ticket? Gruss

Re: [VOTE] Release Apache Commons FileUpload 1.3.2 based on RC1

+1 (binding) i do have some remarks/discussion points: RELEASE-NOTES.txt contains the site link as http instead of https, I had the impression we wanted to switch the defaults? Is the site planned to be "rolled back" to 1.3.2 or will it stay 1.4-SNAPSHOT? Gruss Bernd Am Mon, 23 M

[Poll][VFS] Switch to Git

will probably need a few days to come back to this, so this poll with lazy consensus is open for at least 5 days. Gruss Bernd - To unsubscribe, e-mail: dev-unsubscr...@commons.apache.org For additional commands, e-mail: dev-h

Re: Interest in some code to read DMG files?

abstraction API, as this is a possible candidate for VFS to envolve to. (I think commons-compress does not have a abstraction API for this). Are you planning to support writing/creating images as well? Gruss Bernd Am Sat, 21 May 2016 08:10:12 + schrieb Christofer Dutz <christofer.d...@c-ware

Re: [VOTE] Apache Commons VFS 2.1 rc2

Hello, Thanks Josh! This is a binding +1 (however I have some minor optional points which could be fixed in another RC or before releasing the repo): 2016-05-12 5:29 GMT+02:00 Josh Elser : > All, > > Please consider the following for Apache Commons VFS2 version 2.1 (rc2).

Re: [VOTE] Apache Commons VFS 2.1 rc1

Thanks Stian! Do you plan to report the noexec issue? If not let me know and I will file one. I thought we already had one but I cant find it. I will do some windows tests and then vote. Gruss Bernd Am Wed, 4 May 2016 13:28:54 +0100 schrieb Stian Soiland-Reyes <st...@apache.org>: >

Re: [VFS] Disallowed dependencies in build? (was Re: [VOTE] Apache Commons-VFS2 2.1 rc0)

it is not built or shipped by default and called sandbox. (this was not my idea and before my time but I dont see a reason to change this for this release) Gruss Bernd - To unsubscribe, e-mail: dev-unsubscr...@commons.apache.org For addi

Re: [VFS] Disallowed dependencies in build? (was Re: [VOTE] Apache Commons-VFS2 2.1 rc0)

Hello, the sandbox works perfectly fine for me. Why do you think it is not ready for release (beside we do not want to?) I dont think we should burden such structural and long standing changes onto a voluntary release manager given the 2.0 had the same structure. Gruss Bernd Am Tue, 3 May

Re: [VFS] 2.1 Release Plan

Hello, see inline. Am Tue, 26 Apr 2016 18:05:01 -0400 schrieb Josh Elser <els...@apache.org>: > Thanks for the great details, Bernd. Some questions/comments: > > I hadn't even stumbled across VFS-570 due to its lack of > fixVersion=2.1. Are there more that need to be corr

Re: [VFS] 2.1 Release Plan

a joined RC1, I am just not sure it wont open a big chunk of additional work. Gruss Bernd Am Tue, 26 Apr 2016 09:40:01 -0400 schrieb Josh Elser <els...@apache.org>: > Thanks Matt and Gary. > > I do recall seeing the asf-wide note that my commit-bit also applies > to

Re: commons-vfs: github pull requests

ject. The details are described here, this is pretty current, but I think you are doing fine. We discussed your report just yesterday. I think we should get the mock http service in lace so we dont have to fix those external URLs (again). https://github.com/apache/commons-vfs/bl

Re: commons-vfs:org.apache.commons.vfs2.provider.http.test.HttpProviderTestCase fails

Hello, I think for this test we can do fine with a (java mock) http server started for the particular redirection test, other provider tests do that as well. Added benefit would be, that we can actually assert some properties of the request on server side. Gruss Bernd -- http

Re: commons-vfs: org.apache.commons.vfs2.provider.http.test.HttpProviderTestCase fails

Bernd Am Mon, 21 Mar 2016 21:38:46 + schrieb "Epstein, Ezra" <ezra.epst...@neustar.biz>: > I’ve forked and cloned the repo from GitHub and the build fails with: > > > Tests run: 90, Failures: 0, Errors: 1, Skipped: 0, Time elapsed: > 5.223 sec <<<

Re: [VOTE] Accept Chimera as new Apache Commons Component

+1 Accept Chimera as new Apache Commons Component Gruss Bernd Von: Benedikt Ritter Gesendet: Montag, 21. März 2016 09:45 An: Commons Developers List Cc: Hadoop Common Betreff: [VOTE] Accept Chimera as new Apache Commons Component Hi all, after long discussions I think we have gathered enough

AW: [VOTE] Form a separate TLP based on [math]

+0 (I would prefer to not see the traffic on the list) Von: Phil Steitz Gesendet: Samstag, 16. Januar 2016 16:19 An: Commons Developers List Betreff: [VOTE] Form a separate TLP based on [math] The discussion has thus far been generally favorable. I would like therefore to put the proposal to

[collections][site] publish security-report? (was: svn commit: r1719350 - /commons/proper/collections/trunk/src/site/xdoc/security-reports.xml)

Hello, I added a second CVE to the de-serialisation security-report for ACC, I dont have the infrastrcuture handy to push the site, can somebody do that, please? Gruss Bernd URL: http://svn.apache.org/viewvc?rev=1719350=rev Log: security-report: added CVE-2015-7501 (Red Hat) to de-serialisaton

Re: [vfs] New Properties for FtpFileSystemConfigBuilder

Hello Roger, sounds useful to me. Do you plan to parse a string range ("1-100") or define a min and max property? Gruss Bernd Am Mon, 7 Dec 2015 13:26:35 -0800 schrieb Roger Membreno <roger.membr...@celigo.com>: > Hello Apache Community, how are you doing? > > We u

Re: [COLLECTIONS] Bad press on twitter following serialization issue

Hello, BTW Oracle issued a "Strange" Security alert: 2015-4852 was released on November 10th, 2015. This vulnerability, which involves the Apache Commons and Oracle WebLogic Server, has received a CVSS Base Score of 7.5. ... Bernd > Am 08.11.2015 um 10:41 schrieb Benedikt

Re: [COLLECTIONS] Bad press on twitter following serialization issue

Am Mon, 9 Nov 2015 09:36:41 +0100 schrieb Benedikt Ritter <brit...@apache.org>: > Hello Bernd, > > very nice. I found two typos: > > "It is possible to limit the impact when using a custom > ObjecrtInputStream which overwrites" - should be ObjectInputStream fi

Re: [COLLECTIONS] Bad press on twitter following serialization issue

Thanks Timo! Am Mon, 9 Nov 2015 10:18:18 +0100 schrieb Timo <mailant...@gmx.de>: > Hello Bernd, > > nice article and I would be happy to see this on the ASF blog to point > people to it. > > I also found some typos: > > "Both research work shows that devel

Blog post "commons" vulnerability

have some suggestions for improvement. Greetings Bernd (e...@apache.org) --- Apache Commons statement to widespread Java object de-serialisation vulnerability Authors: Bernd Eckenfels, Gary Grogory for Apache Commons In their [talk](http://frohoff.github.io/appseccali-marshalling-pickles

Re: [COLLECTIONS] Bad press on twitter following serialization issue

Hello, attached is the draft, thanks for Gary and Gabriel (did I miss any contribution?) I think "Bernd Eckenfels and Gary Gregory for Apache Commons" would be the author (includes a thanks to Gabriel at the end). What is the procedure to get this published? Title? "Apache Co

Re: [COLLECTIONS] Bad press on twitter following serialization issue

Hello Gary, thanks for the offer. I will sent you a edit-link for the article, here is a comment-only version for people to check: https://oasis.sandstorm.io/shared/prUMi3zkPMx9bdQ8X2vkX7nt7JW79G3b28IKhS_F8vQ Greetings Bernd Am Sun, 8 Nov 2015 12:20:55 -0800 schrieb Gary Gregory <garydg

Re: [RESULT] [VOTE] Accept Naomi

above clean-up in git(hub) and get it merged to the sandbox. gruss Bernd - To unsubscribe, e-mail: dev-unsubscr...@commons.apache.org For additional commands, e-mail: dev-h...@commons.apache.org

Re: [COLLECTIONS] Bad press on twitter following serialization issue

xt like that. Gruss Bernd Am Sun, 8 Nov 2015 10:22:12 -0800 schrieb Gary Gregory <garydgreg...@gmail.com>: > Hi All: > > What about agreeing on a plan before we post anything? My proposal > would be to follow up on an idea posted on the dev ML: Use a system > property to en

Re: [collection][security] InvokerTransformer missused in java object serialisation exploits

quot; which do start (readObject()) in JCL classes and then use pretty generic interfaces like Annotations or Comparators, so there is really no link between the types and the specific weakness. Greetings Bernd Am Sat, 7 Nov 2015 00:56:00 +0100 schrieb Thomas Neidhart <thomas.neidh...@gmail.com>:

[collection][security] InvokerTransformer missused in java object serialisation exploits

this class. Is this currently handled/reported? Of course the more general problem is using serialisation with untusted peers, and if commons-collection fixes this, there might still be other vectors, but still I think it would be good to do something against that "bad press"? Gruss Bernd

Re: Proposed Contribution to Apache Commons,

of the Naomi syntax/power...) And from my POV that would be a precondition to see some commitment of the original submitters. Why would we rush things? Gruss Bernd - To unsubscribe, e-mail: dev-unsubscr...@commons.apache.

AW: [VFS] Release road map?

It is in a good shape now, it only needs a compatibility statement for the release notes explaining the clirr-warnings and probably merging the hdfs write changes. Gruss Bernd Von: Gary Gregory Gesendet: Freitag, 2. Oktober 2015 19:36 An: Commons Developers List Betreff: [VFS] Release road

Re: [Math] Utilitzation of SLF4J?

t; No objection, then? Uh, be carefull with the trigger of that gun you point at somenes chest :) Gruss Bernd - To unsubscribe, e-mail: dev-unsubscr...@commons.apache.org For additional commands, e-mail: dev-h...@commons.apache.org

Contributor names in commit logs? (was: [jira] [Commented] (VFS-567) Timeout in vsFTPd causes exception when executing another command)

this is required for smaller contributions. (but I try to do it for VFS on all changes). Gruss Bernd -- Forwarded message -- From: Antonio Petrelli (JIRA) <j...@apache.org> Date: 2015-09-24 10:50 GMT+02:00 Subject: [jira] [Commented] (VFS-567) Timeout in vsFTPd causes exceptio

Re: Contributor names in commit logs? (was: [jira] [Commented] (VFS-567) Timeout in vsFTPd causes exception when executing another command)

Phil, Is this somewhere codified? 2015-09-24 18:47 GMT+02:00 Phil Steitz <phil.ste...@gmail.com>: > On 9/24/15 8:59 AM, Bernd wrote: >> Hello, >> >> do we have this rule to include the name of a patch contributor into >> the commit message? I havent seen that bee

<    1   2   3   4   5   >