We have fixed quite a few bugs and added some significant enhancements
since Apache Commons Text 1.10.0 was released, so I would like to
release Apache Commons Text 1.11.0.
Apache Commons Text 1.11.0 RC1 is available for review here:
https://dist.apache.org/repos/dist/dev/commons/text/1.11.0-R
https://issues.apache.org/jira/projects/TEXT/issues/TEXT-220?filter=allopenissues
is prirotized as a blocker. I haven't analyzed it in detail so I'm not
sure, but it is security related. If it is a blocker it should be
resolved before 1.11.0. If it is not a blocker, then the priority
should be down
The issue is a year old with zero comments, I downgraded it to "Major".
What's worse is that if it were a real security issue, it should have gone
through our security protocol and not a Jira (initially at least).
Gary
On Tue, Oct 24, 2023, 10:32 AM Elliotte Rusty Harold
wrote:
>
> https://iss
It's worth triaging the bug tracker sometime. At a quick glance I saw
several other issues that are arguably security related, mostly around
character escaping and unescaping.
On Tue, Oct 24, 2023 at 11:43 AM Gary Gregory wrote:
>
> The issue is a year old with zero comments, I downgraded it to "
Done
On Sun, 22 Oct 2023 at 14:40, Rob Tompkins wrote:
>
> +1
>
> > On Oct 21, 2023, at 7:46 PM, Gary Gregory wrote:
> >
> > Seems reasonable to me.
> >
> > Gary
> >
> > On Sat, Oct 21, 2023, 6:49 PM sebb wrote:
> >
> >> Reviving this thread.
> >>
> >> I think we should now change chain to dorm
I've updated the DOAPs for dormant components to add a (Dormant) suffix.
However, I wonder if it might not be better to drop the components
from projects.a.o?
Note that most of the dormant components are not in projects.a.o as
they do not have DOAPs.
Sebb
---
Or have a dormant section on the page?
Gary
On Tue, Oct 24, 2023, 3:37 PM sebb wrote:
> I've updated the DOAPs for dormant components to add a (Dormant) suffix.
>
> However, I wonder if it might not be better to drop the components
> from projects.a.o?
>
> Note that most of the dormant componen
On Tue, 24 Oct 2023 at 20:47, Gary Gregory wrote:
>
> Or have a dormant section on the page?
What page are you referring to?
Note that DOAPs appear in several places on the site:
e.g OGNL appears on:
https://projects.apache.org/project.html?commons-ognl
https://projects.apache.org/committee.ht
