[jira] [Resolved] (SLING-5406) Optimize configuration change handling

[ https://issues.apache.org/jira/browse/SLING-5406?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ] Carsten Ziegeler resolved SLING-5406. - Resolution: Fixed I've refactored the change handling in rev 1722178. Queue configuration

Re: How to whitelist legit usages of loginAdministrative?

On 12/29/15, 1:24 PM, "Bertrand Delacretaz" wrote: >On Tue, Dec 29, 2015 at 11:29 AM, Carsten Ziegeler >wrote: >... >>> If "admin safe" mode is enabled, loginAdmin fails *unless* the code >>> that calls is is marked with the reason why

Re: [VOTE] Release Apache Sling Settings 1.3.8

+1 On Tue, Dec 29, 2015 at 6:33 AM, Bertrand Delacretaz wrote: > On Tue, Dec 29, 2015 at 11:21 AM, Carsten Ziegeler > wrote: > > ...Staging repository: > > https://repository.apache.org/content/repositories/orgapachesling-1390/ > .. > > +1 for the

Re: [VOTE] Release org.apache.sling.junit.core 1.0.16

+1 On Tue, Dec 29, 2015 at 7:23 AM, Carsten Ziegeler wrote: > +1 > > > > -- > Carsten Ziegeler > Adobe Research Switzerland > cziege...@apache.org >

Re: [VOTE] Release org.apache.sling.junit.teleporter 1.0.6

+1 On Tue, Dec 29, 2015 at 7:23 AM, Carsten Ziegeler wrote: > +1 > > > > -- > Carsten Ziegeler > Adobe Research Switzerland > cziege...@apache.org >

Re: [VOTE] Release Apache Sling Discovery Standalone 1.0.2

+1 On Tue, Dec 29, 2015 at 8:49 AM, Carsten Ziegeler wrote: > +1 > > > > -- > Carsten Ziegeler > Adobe Research Switzerland > cziege...@apache.org >

[VOTE] Release Apache Sling Parent 26

Hi, we solved eight issues https://issues.apache.org/jira/browse/SLING/fixforversion/12333678 Staging repository: https://repository.apache.org/content/repositories/orgapachesling-1394/ You can use this UNIX script to download the release and verify the signatures:

Re: [VOTE] Release Apache Sling Parent 26

+1 -- Carsten Ziegeler Adobe Research Switzerland cziege...@apache.org

[jira] [Commented] (SLING-4752) New resource query API

[ https://issues.apache.org/jira/browse/SLING-4752?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel=15074713#comment-15074713 ] Carsten Ziegeler commented on SLING-4752: - Moving new query api to next version > New resource

[jira] [Updated] (SLING-5221) Implement query provider

[ https://issues.apache.org/jira/browse/SLING-5221?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ] Carsten Ziegeler updated SLING-5221: Fix Version/s: (was: JCR Resource 2.6.0) JCR Resource 2.7.0 >

[jira] [Commented] (SLING-5221) Implement query provider

[ https://issues.apache.org/jira/browse/SLING-5221?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel=15074712#comment-15074712 ] Carsten Ziegeler commented on SLING-5221: - Moving new query implementation to next version >

[jira] [Updated] (SLING-4752) New resource query API

[ https://issues.apache.org/jira/browse/SLING-4752?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ] Carsten Ziegeler updated SLING-4752: Fix Version/s: (was: JCR Resource 2.6.0) (was: Resource Resolver

How to whitelist legit usages of loginAdministrative?

Hi, This is about SLING-5135, do people have ideas for identifying which usages of loginAdministrative are acceptable? I'll need this for SLING-5355 for example, which creates users and sets access control. IMO the proper way to keep track of this is to keep the explanation why the programmer

[jira] [Commented] (SLING-5135) Extend AbstractSlingRepositoryManager to whitelist loginAdministrative usage

[ https://issues.apache.org/jira/browse/SLING-5135?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel=15073669#comment-15073669 ] Bertrand Delacretaz commented on SLING-5135: Note that we'll need a similar mechanism for

Re: How to whitelist legit usages of loginAdministrative?

Hi, I don't understand what makes grepping for SlingAdminSession easier than grepping for loginAdministrative? Carsten Bertrand Delacretaz wrote > Hi, > > This is about SLING-5135, do people have ideas for identifying which > usages of loginAdministrative are acceptable? > > I'll need this

Re: How to whitelist legit usages of loginAdministrative?

Hi, On Tue, Dec 29, 2015 at 10:10 AM, Carsten Ziegeler wrote: > I don't understand what makes grepping for SlingAdminSession easier than > grepping for loginAdministrative? Grepping for loginAdministrative returns all existing legacy occurences, you have no way of knowing

Re: How to whitelist legit usages of loginAdministrative?

Bertrand Delacretaz wrote > Hi, > > On Tue, Dec 29, 2015 at 10:10 AM, Carsten Ziegeler > wrote: >> I don't understand what makes grepping for SlingAdminSession easier than >> grepping for loginAdministrative? > > Grepping for loginAdministrative returns all existing

Re: How to whitelist legit usages of loginAdministrative?

I think that adding new api in whatever form is not a good idea: this makes the code unusable with older api versions and binds it to the latest and greatest repository api/implementation. Adding a new api because of a tooling problem (simple grep not working) while breaking compatibility is

[jira] [Assigned] (SLING-5135) Extend AbstractSlingRepositoryManager to whitelist loginAdministrative usage

[ https://issues.apache.org/jira/browse/SLING-5135?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ] Bertrand Delacretaz reassigned SLING-5135: -- Assignee: Bertrand Delacretaz > Extend AbstractSlingRepositoryManager to

Re: How to whitelist legit usages of loginAdministrative?

On Tue, Dec 29, 2015 at 11:29 AM, Carsten Ziegeler wrote: ... >> If "admin safe" mode is enabled, loginAdmin fails *unless* the code >> that calls is is marked with the reason why it's needed. > > Don't want to be a pita, but that requirement is not in the issue :).. I

[VOTE] Release org.apache.sling.junit.core 1.0.16

Hi, We solved 1 issue in this release: https://issues.apache.org/jira/browse/SLING/fixforversion/12334311 Staging repository: https://repository.apache.org/content/repositories/orgapachesling-1392 You can use this UNIX script to download the release and verify the signatures:

Re: [VOTE] Release org.apache.sling.junit.core 1.0.16

+1 -- Carsten Ziegeler Adobe Research Switzerland cziege...@apache.org

Re: [VOTE] Release Apache Sling Settings 1.3.8

On Tue, Dec 29, 2015 at 11:21 AM, Carsten Ziegeler wrote: > ...Staging repository: > https://repository.apache.org/content/repositories/orgapachesling-1390/.. +1 for the release of SHA1(org.apache.sling.settings-1.3.8-source-release.zip)=

Re: [VOTE] Release org.apache.sling.junit.teleporter 1.0.6

+1 -- Carsten Ziegeler Adobe Research Switzerland cziege...@apache.org

Re: How to whitelist legit usages of loginAdministrative?

Bertrand Delacretaz wrote > On Tue, Dec 29, 2015 at 11:29 AM, Carsten Ziegeler > wrote: > ... >>> If "admin safe" mode is enabled, loginAdmin fails *unless* the code >>> that calls is is marked with the reason why it's needed. >> >> Don't want to be a pita, but that

[VOTE] Release Apache Sling Discovery Standalone 1.0.2

Hi, we solved one issue https://issues.apache.org/jira/browse/SLING-5405 Staging repository: https://repository.apache.org/content/repositories/orgapachesling-1393/ You can use this UNIX script to download the release and verify the signatures:

Re: [VOTE] Release Apache Sling Discovery Standalone 1.0.2

+1 -- Carsten Ziegeler Adobe Research Switzerland cziege...@apache.org

[VOTE] Release org.apache.sling.junit.teleporter 1.0.6

Hi, We solved 2 issues in this release: https://issues.apache.org/jira/browse/SLING/fixforversion/12334312 Staging repository: https://repository.apache.org/content/repositories/orgapachesling-1391 You can use this UNIX script to download the release and verify the signatures:

[jira] [Resolved] (SLING-5405) TopologyView contract is not correctly followed on property changes

[ https://issues.apache.org/jira/browse/SLING-5405?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ] Carsten Ziegeler resolved SLING-5405. - Resolution: Fixed Creating a new view on each change now, invalidating old views. Added a

[jira] [Created] (SLING-5406) Optimize configuration change handling

Carsten Ziegeler created SLING-5406: --- Summary: Optimize configuration change handling Key: SLING-5406 URL: https://issues.apache.org/jira/browse/SLING-5406 Project: Sling Issue Type:

Re: How to whitelist legit usages of loginAdministrative?

On Tue, Dec 29, 2015 at 10:43 AM, Carsten Ziegeler wrote: > ...If we simply > require a comment on the same line as the loginAdmin (just as an > example) a simple grep works ootb That's not sufficient, IMO the SLING-5135 requirement is: If "admin safe" mode is

Re: How to whitelist legit usages of loginAdministrative?

Bertrand Delacretaz wrote > On Tue, Dec 29, 2015 at 10:43 AM, Carsten Ziegeler > wrote: >> ...If we simply >> require a comment on the same line as the loginAdmin (just as an >> example) a simple grep works ootb > > That's not sufficient, IMO the SLING-5135 requirement

[jira] [Created] (SLING-5405) TopologyView contract is not correctly followed on property changes

Carsten Ziegeler created SLING-5405: --- Summary: TopologyView contract is not correctly followed on property changes Key: SLING-5405 URL: https://issues.apache.org/jira/browse/SLING-5405 Project:

[VOTE] Release Apache Sling Settings 1.3.8

Hi, we solved two issues https://issues.apache.org/jira/browse/SLING/fixforversion/12329660 Staging repository: https://repository.apache.org/content/repositories/orgapachesling-1390/ You can use this UNIX script to download the release and verify the signatures:

Re: [VOTE] Release Apache Sling Settings 1.3.8

+1 -- Carsten Ziegeler Adobe Research Switzerland cziege...@apache.org