[GitHub] [maven-site-plugin] asfgit closed pull request #41: Bump jettyVersion from 9.2.29.v20191105 to 11.0.2

asfgit closed pull request #41: URL: https://github.com/apache/maven-site-plugin/pull/41 -- This is an automated message from the Apache Git Service. To respond to the message, please log on to GitHub and use the URL above to go to the specific comment. For queries about this service,

[GitHub] [maven-site-plugin] dependabot[bot] commented on pull request #41: Bump jettyVersion from 9.2.29.v20191105 to 11.0.2

dependabot[bot] commented on pull request #41: URL: https://github.com/apache/maven-site-plugin/pull/41#issuecomment-813643926 OK, I won't notify you again about this release, but will get in touch when a new version is available. If you change your mind, just re-open this PR and

[GitHub] [maven-site-plugin] asfgit closed pull request #45: Bump sisu-inject-plexus from 1.4.2 to 2.6.0

asfgit closed pull request #45: URL: https://github.com/apache/maven-site-plugin/pull/45 -- This is an automated message from the Apache Git Service. To respond to the message, please log on to GitHub and use the URL above to go to the specific comment. For queries about this service,

[GitHub] [maven-site-plugin] dependabot[bot] commented on pull request #45: Bump sisu-inject-plexus from 1.4.2 to 2.6.0

dependabot[bot] commented on pull request #45: URL: https://github.com/apache/maven-site-plugin/pull/45#issuecomment-813643205 OK, I won't notify you again about this release, but will get in touch when a new version is available. If you change your mind, just re-open this PR and

[GitHub] [maven-site-plugin] dependabot[bot] commented on pull request #44: Bump maven-plugin-testing-harness from 2.1 to 3.3.0

dependabot[bot] commented on pull request #44: URL: https://github.com/apache/maven-site-plugin/pull/44#issuecomment-813642866 OK, I won't notify you again about this release, but will get in touch when a new version is available. If you change your mind, just re-open this PR and

[GitHub] [maven-site-plugin] asfgit closed pull request #44: Bump maven-plugin-testing-harness from 2.1 to 3.3.0

asfgit closed pull request #44: URL: https://github.com/apache/maven-site-plugin/pull/44 -- This is an automated message from the Apache Git Service. To respond to the message, please log on to GitHub and use the URL above to go to the specific comment. For queries about this service,

[GitHub] [maven-site-plugin] dependabot[bot] commented on pull request #46: Bump mavenVersion from 3.0.5 to 3.8.1

dependabot[bot] commented on pull request #46: URL: https://github.com/apache/maven-site-plugin/pull/46#issuecomment-813642580 OK, I won't notify you again about this release, but will get in touch when a new version is available. If you change your mind, just re-open this PR and

[GitHub] [maven-site-plugin] slachiewicz closed pull request #46: Bump mavenVersion from 3.0.5 to 3.8.1

slachiewicz closed pull request #46: URL: https://github.com/apache/maven-site-plugin/pull/46 -- This is an automated message from the Apache Git Service. To respond to the message, please log on to GitHub and use the URL above to go to the specific comment. For queries about this

Re: [VOTE] Release Apache Maven Wrapper Plugin version 3.0.2

+1 Tested with Maven 3.8.1 on macOS. Plugin does not generate a wrapper for Maven 3.6.3, 3.7.0 or 3.8.1. Maarten On 05/04/2021 16:29, Robert Scholte wrote: To: "Maven Developers List" Subject: [VOTE] Release Apache Maven Wrapper Plugin version 3.0.2 Hi, We solved 2 issues:

Re: Security/Versioning policy proposal

Le lun. 5 avr. 2021 à 17:42, Ralph Goers a écrit : > I don’t understand the point. The very next version of Maven did get the > security fix. Just because the release manager decided to follow a peculiar > version numbering practice unique to Maven doesn’t mean there is a problem. > This had

Re: Security/Versioning policy proposal

I don’t understand the point. The very next version of Maven did get the security fix. Just because the release manager decided to follow a peculiar version numbering practice unique to Maven doesn’t mean there is a problem. I don’t know what you mean by random, nor do I know what you mean by a

Re: [ANN] Apache Maven 3.8.1 Released

FWIW, takari wrapper also still mentions Maven 3.7.0 for a replacement. I created https://github.com/takari/maven-wrapper/pull/176 to correct that but I have no idea whether someone will merge that as the project is basically inactive. Cheers, Falko Am 05.04.2021 um 16:01 schrieb Robert

[VOTE] Release Apache Maven Wrapper Plugin version 3.0.2

To: "Maven Developers List" Subject: [VOTE] Release Apache Maven Wrapper Plugin version 3.0.2 Hi, We solved 2 issues: https://issues.apache.org/jira/secure/ReleaseNote.jspa?projectId=12323721=12348358=Text There are zero issues left in JIRA:

Re: [ANN] Apache Maven 3.8.1 Released

Right, as mentioned in the release notes it only contains CVE related fixes. The maven-wrapper-plugin will only work with Maven 4 (Maven 3.7.0 was renamed to Maven 4.0.0-alpha-1) due to a specific dependency that doesn't exist in Maven 3. I'll release the maven-wrapper-plugin with improved

Re: [ANN] Apache Maven 3.8.1 Released

Does the Maven Wrapper need to be release/upgraded at the same time as core Maven? I was using takari maven wrapper, so did this to upgrade; $ ./mvnw -N io.takari:maven:0.7.7:wrapper -Dmaven=3.8.1 >From what I can tell everything still works with Takari v0.7.7 and Maven >v3.8.1. I then wanted

Re: Security/Versioning policy proposal

Hmm, general/common asf way of doing is to move forward until users ask (and if so any branch is patched while a pr is done). If maven does not follow that practise it cant say "last version will get the security fix" too because it means "we dont care of users, to get the cve fix you will have to