Very nice! Thanks!
Lukasz Lenart نوشت:
>A new issue type was defined
>https://issues.apache.org/jira/secure/ReleaseNote.jspa?projectId=12311041&version=12341116
>
>2017-07-27 11:25 GMT+02:00 Lukasz Lenart :
>> 2017-07-27 11:10 GMT+02:00 Stefaan Dutry :
>>> An alternative solution, that requires
A new issue type was defined
https://issues.apache.org/jira/secure/ReleaseNote.jspa?projectId=12311041&version=12341116
2017-07-27 11:25 GMT+02:00 Lukasz Lenart :
> 2017-07-27 11:10 GMT+02:00 Stefaan Dutry :
>> An alternative solution, that requires less changes, could be to add a
>> label to thes
2017-07-27 11:10 GMT+02:00 Stefaan Dutry :
> An alternative solution, that requires less changes, could be to add a
> label to these issues.
>
> Issues can be filtered on a label in JIRA.
>
> for example:
> https://issues.apache.org/jira/issues/?jql=project%20%3D%20WW%20AND%20labels%20%3D%20depende
An alternative solution, that requires less changes, could be to add a
label to these issues.
Issues can be filtered on a label in JIRA.
for example:
https://issues.apache.org/jira/issues/?jql=project%20%3D%20WW%20AND%20labels%20%3D%20dependency-upgrade
or with a fix version:
https://issues.apac
2017-07-14 9:43 GMT+02:00 Stefaan Dutry :
>> Yes and this additional issue type should allow easily identify such
>> duplications when assembling a version notes - all the changes in
>> dependencies will be listed in a one place :)
>
> Great.
>
>
> In short:
> Seems good to me. Thx for considering
> To sum up: only the latest version of a dependency will be listed in
> the version notes
Great.
> but in this case (if the vulnerability can have large impact) we are
> preparing a fast track release (e.g. 2.5.10.1) - in this case the list
> of changes is none or very minimal
True, those chang
2017-07-14 9:04 GMT+02:00 Stefaan Dutry :
> What happens when a dependency gets updated multiple times in a
> release? Will it be listed multiple times (since it shows all issues
> with that type)?
It will allow me (or anybody other) quickly figure out the duplication
and I can just leave info abo
Łukasz,
That will probably work.
What happens when a dependency gets updated multiple times in a
release? Will it be listed multiple times (since it shows all issues
with that type)?
My reasoning was:
* When you need to do a quick upgrade due to a fixed vulnerability you
just want a quick checkl
2017-07-13 21:28 GMT+02:00 Stefaan Dutry :
> Łukasz,
>
> You are right, the issue mentioning about the change to commons-lang3
> version 3.6 is in the issue list.
> This is also where we found what needed to be done.
>
> This is the list where we looked when something was wrong,
> unfortunately for
Łukasz,
You are right, the issue mentioning about the change to commons-lang3
version 3.6 is in the issue list.
This is also where we found what needed to be done.
This is the list where we looked when something was wrong,
unfortunately for us, we spotted a different issue first:
* [WW-4748] - Up
2017-07-13 14:20 GMT+02:00 Stefaan Dutry :
> We are upgrading our projects at work to the new released struts version
> 2.5.12.
>
> We encountered a problem while upgrading one of our applications.
> The problem was that the project defined a dependency to commons-lang3.
> The struts AnnotationVal
We are upgrading our projects at work to the new released struts version 2.5.12.
We encountered a problem while upgrading one of our applications.
The problem was that the project defined a dependency to commons-lang3.
The struts AnnotationValidationInterceptor uses a method that was
added to comm
12 matches
Mail list logo
