On 26/09/18 06:17, Tim Boudreau wrote:
The plugins site could sign modules, but since it aggregates modules from
elsewhere, that wouldn't mean much. And if the signature is not tied to the
download host, all it means is "someone signed it" - a proxy that injects
code and signs the result would
Yes, exactly, you will create a release branch on the 30th and the first
voting candidate on October 1. With that achieved, we’ll be in really good
shape to complete the release on schedule.
Gj
On Wednesday, September 26, 2018, Laszlo Kishalmi
wrote:
> This looks great!
> I just wanted to ask
Agreed. Let's see how things go for this release. But we may need to focus
on 3 releases per year, potentially one or two of them synced with new
releases of the JDK, or else we must make this 2 months release process
shorter in future, somehow.
Gj
On Wednesday, September 26, 2018, John
Generate HTML files. Publish them online. Let modules include a help URL
and when herp is invoked, find out via the classloader.
A netty based web server can run in an 8mb memory footprint. Have an
"offline help" module that bundles them and a tiny web server. For third
party modules, have the
On Tue, Sep 25, 2018 at 1:04 PM Antonio wrote:
> Hi Kenneth,
>
> I don't think there's any security related problem here. The Apache
> Mirror System, for instance, uses "http" frequently. IMHO there's no
> need to encrypt files that are publicly available for everyone to see.
Nonsense. There
Hi Kenneth,
No need to apologize at all. On the contrary. I think it's very good
reporting things that we think are security concerns. Whether these are
really affecting users' security or not can be discussed later. The
important thing is to raise these quickly and clearly, as you've done.
One note, subdomains can do rollups if using SEO and analytics with one
single point to review, and multiple domains are separate unless cross
domain configuration is required. Separate domains allows collections and
analytics about your traffic flow by domain. It all depends on if the data
is
Hi all!
Is there somebody what happens with the removed modules of JDK?
I guess the codebase still has some value and should be able to compiled
and distributed on its own, even if it is not part of the JDK any more.
Thanks!
I've added it[1]. Then I've integrated PHPStan[2].
[1] https://github.com/apache/incubator-netbeans/pull/891
[2] https://github.com/apache/incubator-netbeans/pull/896
Thanks,
Junichi
On Thu, Sep 20, 2018 at 7:30 PM Junichi Yamamoto wrote:
>
> I'll try adding the php cluster to
My one concern with the timetable is that it looks like its under 2 months
to do a release (if all goes well) from the 24th September to 15 November.
While this is doable and I have no problems with Jiri's timeframe, it does
imo put a little strain on us if we are attempting to do quarterly
I’m thinking the same thing here. stageing.netbeans.org for one makes sense to
me, all others should be subdomains also.
> On 24 Sep 2018, at 23:21, Scott Palmer wrote:
>
> I’m curious as to why subdomains are not used instead?
>
> stage.netbeans.org
> dev.netbeans.org
>
> I agree that .com
This looks great!
I just wanted to ask for the NetBeans 10 Release Schedule, as it seems
we do not have it in the Wiki.
Shall we create a different page for that?
As far as I feel we have the "go through the PRs and merge" week this
week, finalize the scope by Sept 30.
cut the release
To me, this looks good and doable -- though I agree Laszlo needs to take a
look at this proposal too from his release manager perspective, at least to
be aware of this schedule.
Thanks,
Gj
On Tue, Sep 25, 2018 at 3:34 PM, Jiří Kovalský
wrote:
> Hello NetBeans community,
>
>the November
Good catch!
Would you create an issue on that?
On 09/25/2018 09:35 AM, Kenneth Jaeger wrote:
Has anyone else seen this behavior? I am just curious if this is also how
it appears on a clean install.
On Fri, Aug 17, 2018 at 11:46 AM Kenneth Jaeger wrote:
The "About" screen in NetBeans 9.0
Apologies for not classifying this correctly. Yes, this is not a security
issue with NetBeans itself.
On Tue, Sep 25, 2018 at 1:47 PM Antonio wrote:
> Hi Kenneth,
>
> I fully agree with you. I'd add a JIRA so we can remember it, but I
> won't classify this as a security problem. For me
One thing to do is to update the JUnit spec to include the new JUnit 5
support, I think:
http://netbeans-vm.apache.org/synergy/client/app/#/title/junit_testing_specification/
Gj
On Thu, Sep 20, 2018 at 4:54 PM, John McDonnell
wrote:
> Hi All,
>
> I have submitted a PR today for JUnit 5
Kenneth
apache.netbeans.org supports https, so once everything redirects here we
should be good by default. There is a Jira to find a solution to the plugin
hosting question once we go fully move over but I think that's the still
TBD. Maybe find that Jira and add some comments to mention the new
Hi Kenneth,
I fully agree with you. I'd add a JIRA so we can remember it, but I
won't classify this as a security problem. For me security issues have
special priority, I don't see that priority here.
Kind regards,
Antonio
On 25/09/18 19:16, Kenneth Jaeger wrote:
I understand since there
I understand since there is no login information being sent to
plugins.netbeans.org, that security is less of a concern, but this is a
front facing website. It is not just used by the IDE. Browsers are going
to start yelling at us when we go to any http site (as I personally think
they should
Recently I've been looking at doing a complete end to end jenkinsfile to
replace the 5 jenkins jobs down to 1 multibranch pipeline that will build
and test both windows and linux and not duplicate some of the steps like
some jobs do.
This error happens every so often on my builds, and I've been
Hi Kenneth,
I don't think there's any security related problem here. The Apache
Mirror System, for instance, uses "http" frequently. IMHO there's no
need to encrypt files that are publicly available for everyone to see.
Security is on the IDE side: verifying that the downloaded file has not
El 24/09/2018 a las 21:28, Matthias Bläsing escribió:
I don't like the rush - Oracle claims to be able to host whole clouds,
it should be possible to continue providing a simple server for a few
months.
Wise words. I don't like the rush either.
As Gj points in another email it's not about
The plugins.netbeans.org does not use https by default, nor does it allow
https. An error occurs if you try to change it to https.
The updates.netbeans.org site does allow the use of https, but does not
redirect to https if http is used.
Hi Eric,
Am Dienstag, den 25.09.2018, 17:25 +0200 schrieb Eric Barboni:
> New layout make git repo clearer, great job.
> I just have an issue on "ant clean" (failing at a time build
> is cleaning platform/openide.util.lookup module) is this target
> supposed to work ?
it normally does.
Hi,
I'm afraid this will be complicated. We don't know the previous process of 8.2
artefact publication.
There is a way with OSSRH [1] but we need more complete pom.xml that we had on
bits.netbeans.org.
Pom generated by nb-repository maven plugin [2] do not have licence section
(others
Has anyone else seen this behavior? I am just curious if this is also how
it appears on a clean install.
On Fri, Aug 17, 2018 at 11:46 AM Kenneth Jaeger wrote:
> The "About" screen in NetBeans 9.0 has an "Updates" line that seems
> erroneous or inaccurate.
> Here is the full text from the
On 09/25/2018 08:34 AM, Jiří Kovalský wrote:
> Hello NetBeans community,
>
> the November release of Apache NetBeans is quickly approaching so I
> would like to propose a schedule for the NetCAT 10.0 program [1].
> Release drivers for version 10.0 are JDK 11 features and PHP support.
>
> [1]
Hi,
New layout make git repo clearer, great job.
I just have an issue on "ant clean" (failing at a time build is cleaning
platform/openide.util.lookup module) is this target supposed to work ?
Regards
Eric
-Message d'origine-
De : Geertjan Wielenga
Envoyé : mercredi 12 septembre
Hello NetBeans community,
the November release of Apache NetBeans is quickly approaching so I
would like to propose a schedule for the NetCAT 10.0 program [1].
Release drivers for version 10.0 are JDK 11 features and PHP support.
[1]
Nice.
If those working on Java EE manage to get everything done this week, we
could include that cluster in the first voting candidate for Apache
NetBeans 10 -- and then if there turn out to be serious problems, we could
then decide to exclude that cluster in the next voting candidate.
But only
Am 25.09.18 um 01:00 schrieb Jan Tosovsky:
On 2018-09-24 Peter Nabbefeld wrote:
Am 23.09.18 um 21:20 schrieb Jan Tosovsky:
On 2018-09-18 Peter Nabbefeld wrote:
What about some JavaHelp 3.0 (which probably needs a new name),
building on Lucene but with a replaceable GUI (probably based on
Hi Geertjan,
Yes, I've not made it through the licensing for the Java EE modules as
quickly as I had hoped to. There are a couple of particularly messy
modules that I've been working with...but I will try to get through more
this week.
Thanks for following up...I appreciate it!
On Tue, Sep 25,
I see a lot of items still open in the 'enterprise' cluster when I look at
the Rat report:
https://builds.apache.org/job/incubator-netbeans-linux/826/artifact/nbbuild/build/rat-report.txt
Gj
On Tue, Sep 18, 2018 at 1:35 PM, Josh Juneau wrote:
> Hi All,
>
> I've been trying to get through the
vote +1, to keep most of the domains for transition purpose and notes below:
Basically restated:
1. Consider the redirects as noted from Gj and also what Ken F. and Ed's
additions of netbeans.com, .net, and .info for the reasons they stated
above.
2. Keep fake sites away in case
34 matches
Mail list logo