[jira] [Updated] (ARCHETYPE-631) allow goal.txt in integration-testing to be filtered
[
https://issues.apache.org/jira/browse/ARCHETYPE-631?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel
]
Jordan Amar updated ARCHETYPE-631:
--
Description:
I need to pass on a dynamic property to the command line contained in goal.txt.
More specifically i need to pass a maven property like "-gs
${path.to.settings}".
was:
I need to pass on a dynamic property to the command line contained in goal.txt.
More specifically i need to pass a maven property like "-gs
path/to/global/settings.xml".
> allow goal.txt in integration-testing to be filtered
>
>
> Key: ARCHETYPE-631
> URL: https://issues.apache.org/jira/browse/ARCHETYPE-631
> Project: Maven Archetype
> Issue Type: New Feature
> Components: Creator
>Affects Versions: 3.2.1
>Reporter: Jordan Amar
>Priority: Major
>
> I need to pass on a dynamic property to the command line contained in
> goal.txt. More specifically i need to pass a maven property like "-gs
> ${path.to.settings}".
>
--
This message was sent by Atlassian Jira
(v8.20.7#820007)
[jira] [Commented] (ARCHETYPE-631) allow goal.txt in integration-testing to be filtered
[
https://issues.apache.org/jira/browse/ARCHETYPE-631?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=17553934#comment-17553934
]
Jordan Amar commented on ARCHETYPE-631:
---
I am talking about the goal.txt file that we see here: [Maven Archetype Plugin
– archetype:integration-test
(apache.org)|https://maven.apache.org/archetype/maven-archetype-plugin/integration-test-mojo.html]
in the IT folder setup.
> allow goal.txt in integration-testing to be filtered
>
>
> Key: ARCHETYPE-631
> URL: https://issues.apache.org/jira/browse/ARCHETYPE-631
> Project: Maven Archetype
> Issue Type: New Feature
> Components: Creator
>Affects Versions: 3.2.1
>Reporter: Jordan Amar
>Priority: Major
>
> I need to pass on a dynamic property to the command line contained in
> goal.txt. More specifically i need to pass a maven property like "-gs
> ${path.to.settings}".
>
--
This message was sent by Atlassian Jira
(v8.20.7#820007)
[GitHub] [maven] gnodet commented on pull request #744: [MNG-7360] Fix xml transformation to ensure proper context
gnodet commented on PR #744: URL: https://github.com/apache/maven/pull/744#issuecomment-1154859379 @mthmulders would you mind approving the PR for the record ? -- This is an automated message from the Apache Git Service. To respond to the message, please log on to GitHub and use the URL above to go to the specific comment. To unsubscribe, e-mail: issues-unsubscr...@maven.apache.org For queries about this service, please contact Infrastructure at: us...@infra.apache.org
[jira] [Commented] (MNG-7360) Can't parse project that has tag in plugin configuration
[
https://issues.apache.org/jira/browse/MNG-7360?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=17553969#comment-17553969
]
ASF GitHub Bot commented on MNG-7360:
-
gnodet commented on PR #744:
URL: https://github.com/apache/maven/pull/744#issuecomment-1154859379
@mthmulders would you mind approving the PR for the record ?
> Can't parse project that has tag in plugin configuration
> -
>
> Key: MNG-7360
> URL: https://issues.apache.org/jira/browse/MNG-7360
> Project: Maven
> Issue Type: Bug
> Components: build/consumer
>Affects Versions: 4.0.x-candidate
> Environment: Apache Maven 4.0.0-alpha-1-SNAPSHOT
> (3a06530dbce82e2054afa3cc4c81631910474bd0)
> Maven home:
> /usr/local/Cellar/maven-snapshot/4.0.0-alpha-1-SNAPSHOT_290/libexec
> Java version: 17.0.1, vendor: Eclipse Adoptium, runtime:
> /Library/Java/JavaVirtualMachines/temurin-17.jdk/Contents/Home
> Default locale: en_GB, platform encoding: UTF-8
> OS name: "mac os x", version: "11.5", arch: "x86_64", family: "mac"
>Reporter: Maarten Mulders
>Assignee: Guillaume Nodet
>Priority: Major
> Attachments: Screenshot 2021-12-13 at 13.45.01.png
>
>
> The Apache Camel project has the following snippet in their root POM:
> {code:xml}
>
> org.codehaus.mojo
> flatten-maven-plugin
> 1.2.5
>
>
> default-cli
> process-resources
>
> flatten
>
>
>
>
>
> expand
>
>
>
>
>
>
> {code}
> With Maven 4's "Build Consumer" feature enabled, parsing this plugin
> definition breaks with
> {code:none}
> [INFO] BuildTimeEventSpy is registered.
> [INFO] Scanning for projects...
> [ERROR] [ERROR] Some problems were encountered while processing the POMs:
> [FATAL] Unable to transform pom
> [ERROR] The build could not read 1 project -> [Help 1]
> [ERROR]
> [ERROR] The project (/Users/maarten/Code/open-source/camel/pom.xml) has 1
> error
> [ERROR] Unable to transform pom: Not a regular file:
> /Users/maarten/Code/open-source/pom.xml
> [ERROR]
> [ERROR] To see the full stack trace of the errors, re-run Maven with the '-e'
> switch
> [ERROR] Re-run Maven using the '-X' switch to enable verbose output
> [ERROR]
> [ERROR] For more information about the errors and possible solutions, please
> read the following articles:
> [ERROR] [Help 1]
> http://cwiki.apache.org/confluence/display/MAVEN/ProjectBuildingException
> {code}
> I suspect that the {{}} tag is the culprit. It seems to me that it
> causes the {{ParentXMLFilter}} to think it needs to do its work. The attached
> screenshot shows the stacktrace that brought me to this idea. As the
> {{BufferingParser}} class processes its buffer of events, it encounters a
> situation of an "end {{parent}} tag". But that {{parent}} tag did not have
> child elements {{version}} and {{relativePath}} and so, it decides it needs
> to resolve the parent as {{../pom.xml}} against the project path
> ({{/Users/maarten/Code/open-source/camel/}} in my case), leading to the
> non-existing path of {{/Users/maarten/Code/open-source/pom.xml}}.
> I think the bug here is not that it resolves to a non-existing path (it's
> good to check that before actually reading the file). I think the bug is that
> the {{ParentXMLFilter}} is acting on the {{parent}} tag inside the plugin
> configuration.
--
This message was sent by Atlassian Jira
(v8.20.7#820007)
[jira] [Created] (MRELEASE-1099) Use shallow checkout/clone during release:perform
Michael Cramer created MRELEASE-1099:
Summary: Use shallow checkout/clone during release:perform
Key: MRELEASE-1099
URL: https://issues.apache.org/jira/browse/MRELEASE-1099
Project: Maven Release Plugin
Issue Type: Improvement
Components: scm
Affects Versions: 3.0.0-M5
Reporter: Michael Cramer
Assignee: Michael Osipov
Fix For: 3.0.0-M6
after implementing sonar into our release process we noticed that sonar is
complaining about missing blame information
{noformat}
[INFO] [WARNING] Missing blame information for the following files:
{noformat}
I've seen that in MRELEASE-993 this new type of checkout was introduced and it
mentions that "per default" the checkout will use the shallow clone. to me, it
sounds that this is an option that can be configured, but after taking a look
in the code I see that {{true}} is hardcoded
i would propose to make this option configurable and have a default of {{true}}
that can be changed when needed, e.g. in the case during the release sonarqube
is called which needs the full history.
--
This message was sent by Atlassian Jira
(v8.20.7#820007)
[jira] [Updated] (MRELEASE-1099) Use shallow checkout/clone during release:perform
[
https://issues.apache.org/jira/browse/MRELEASE-1099?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel
]
Michael Cramer updated MRELEASE-1099:
-
Description:
this is a follow-up for MRELEASE-1082.
after using the new 3.0.0-M6 version we are still getting the warning about
missing blame information during the sonarqube analysis performed during the
perform step. While checking why it doesn't work I figured out that the
previous implementation is incomplete.
{noformat}
[INFO] [WARNING] Missing blame information for the following files:
{noformat}
Two things are missing as far as i have seen:
- the {{release-descriptor.mdo}} is incomplete
-- missing equals implementation for {{scmShallowClone}}
-- missing hashcode implementation for {{scmShallowClone}}
- during perform the default of true is used for {{scmShallowClone}} because no
parameter is available for {{scmShallowClone}}
was:
after implementing sonar into our release process we noticed that sonar is
complaining about missing blame information
{noformat}
[INFO] [WARNING] Missing blame information for the following files:
{noformat}
I've seen that in MRELEASE-993 this new type of checkout was introduced and it
mentions that "per default" the checkout will use the shallow clone. to me, it
sounds that this is an option that can be configured, but after taking a look
in the code I see that {{true}} is hardcoded
i would propose to make this option configurable and have a default of {{true}}
that can be changed when needed, e.g. in the case during the release sonarqube
is called which needs the full history.
> Use shallow checkout/clone during release:perform
> -
>
> Key: MRELEASE-1099
> URL: https://issues.apache.org/jira/browse/MRELEASE-1099
> Project: Maven Release Plugin
> Issue Type: Improvement
> Components: scm
>Affects Versions: 3.0.0-M5
>Reporter: Michael Cramer
>Assignee: Michael Osipov
>Priority: Major
> Labels: checkout, clone, git, shallow, up-for-grabs
> Fix For: 3.0.0-M6
>
>
> this is a follow-up for MRELEASE-1082.
> after using the new 3.0.0-M6 version we are still getting the warning about
> missing blame information during the sonarqube analysis performed during the
> perform step. While checking why it doesn't work I figured out that the
> previous implementation is incomplete.
> {noformat}
> [INFO] [WARNING] Missing blame information for the following files:
> {noformat}
> Two things are missing as far as i have seen:
> - the {{release-descriptor.mdo}} is incomplete
> -- missing equals implementation for {{scmShallowClone}}
> -- missing hashcode implementation for {{scmShallowClone}}
> - during perform the default of true is used for {{scmShallowClone}} because
> no parameter is available for {{scmShallowClone}}
--
This message was sent by Atlassian Jira
(v8.20.7#820007)
[jira] [Updated] (MRELEASE-1099) Use shallow checkout/clone during release:perform
[
https://issues.apache.org/jira/browse/MRELEASE-1099?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel
]
Michael Cramer updated MRELEASE-1099:
-
Affects Version/s: 3.0.0-M6
(was: 3.0.0-M5)
> Use shallow checkout/clone during release:perform
> -
>
> Key: MRELEASE-1099
> URL: https://issues.apache.org/jira/browse/MRELEASE-1099
> Project: Maven Release Plugin
> Issue Type: Improvement
> Components: scm
>Affects Versions: 3.0.0-M6
>Reporter: Michael Cramer
>Assignee: Michael Osipov
>Priority: Major
> Labels: checkout, clone, git, shallow, up-for-grabs
> Fix For: 3.0.0-M6
>
>
> this is a follow-up for MRELEASE-1082.
> after using the new 3.0.0-M6 version we are still getting the warning about
> missing blame information during the sonarqube analysis performed during the
> perform step. While checking why it doesn't work I figured out that the
> previous implementation is incomplete.
> {noformat}
> [INFO] [WARNING] Missing blame information for the following files:
> {noformat}
> Two things are missing as far as i have seen:
> - the {{release-descriptor.mdo}} is incomplete
> -- missing equals implementation for {{scmShallowClone}}
> -- missing hashcode implementation for {{scmShallowClone}}
> - during perform the default of true is used for {{scmShallowClone}} because
> no parameter is available for {{scmShallowClone}}
--
This message was sent by Atlassian Jira
(v8.20.7#820007)
[jira] [Created] (MDEPLOY-294) Maven deploy fails with the below issue M2:deploy-file: javax/xml/bind/JAXBException
Anusha Shetty created MDEPLOY-294: - Summary: Maven deploy fails with the below issue M2:deploy-file: javax/xml/bind/JAXBException Key: MDEPLOY-294 URL: https://issues.apache.org/jira/browse/MDEPLOY-294 Project: Maven Deploy Plugin Issue Type: Bug Components: deploy:deploy-file Reporter: Anusha Shetty -- This message was sent by Atlassian Jira (v8.20.7#820007)
[jira] [Updated] (MRELEASE-1099) Use shallow checkout/clone during release:perform
[
https://issues.apache.org/jira/browse/MRELEASE-1099?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel
]
Michael Osipov updated MRELEASE-1099:
-
Fix Version/s: (was: 3.0.0-M6)
> Use shallow checkout/clone during release:perform
> -
>
> Key: MRELEASE-1099
> URL: https://issues.apache.org/jira/browse/MRELEASE-1099
> Project: Maven Release Plugin
> Issue Type: Improvement
> Components: scm
>Affects Versions: 3.0.0-M6
>Reporter: Michael Cramer
>Assignee: Michael Osipov
>Priority: Major
> Labels: checkout, clone, git, shallow, up-for-grabs
>
> this is a follow-up for MRELEASE-1082.
> after using the new 3.0.0-M6 version we are still getting the warning about
> missing blame information during the sonarqube analysis performed during the
> perform step. While checking why it doesn't work I figured out that the
> previous implementation is incomplete.
> {noformat}
> [INFO] [WARNING] Missing blame information for the following files:
> {noformat}
> Two things are missing as far as i have seen:
> - the {{release-descriptor.mdo}} is incomplete
> -- missing equals implementation for {{scmShallowClone}}
> -- missing hashcode implementation for {{scmShallowClone}}
> - during perform the default of true is used for {{scmShallowClone}} because
> no parameter is available for {{scmShallowClone}}
--
This message was sent by Atlassian Jira
(v8.20.7#820007)
[jira] [Closed] (MDEPLOY-294) Maven deploy fails with the below issue M2:deploy-file: javax/xml/bind/JAXBException
[ https://issues.apache.org/jira/browse/MDEPLOY-294?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ] Michael Osipov closed MDEPLOY-294. -- Resolution: Incomplete > Maven deploy fails with the below issue M2:deploy-file: > javax/xml/bind/JAXBException > > > Key: MDEPLOY-294 > URL: https://issues.apache.org/jira/browse/MDEPLOY-294 > Project: Maven Deploy Plugin > Issue Type: Bug > Components: deploy:deploy-file >Reporter: Anusha Shetty >Priority: Major > -- This message was sent by Atlassian Jira (v8.20.7#820007)
[jira] [Assigned] (MRELEASE-1099) Use shallow checkout/clone during release:perform
[
https://issues.apache.org/jira/browse/MRELEASE-1099?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel
]
Michael Osipov reassigned MRELEASE-1099:
Assignee: (was: Michael Osipov)
> Use shallow checkout/clone during release:perform
> -
>
> Key: MRELEASE-1099
> URL: https://issues.apache.org/jira/browse/MRELEASE-1099
> Project: Maven Release Plugin
> Issue Type: Improvement
> Components: scm
>Affects Versions: 3.0.0-M6
>Reporter: Michael Cramer
>Priority: Major
> Labels: checkout, clone, git, shallow, up-for-grabs
>
> this is a follow-up for MRELEASE-1082.
> after using the new 3.0.0-M6 version we are still getting the warning about
> missing blame information during the sonarqube analysis performed during the
> perform step. While checking why it doesn't work I figured out that the
> previous implementation is incomplete.
> {noformat}
> [INFO] [WARNING] Missing blame information for the following files:
> {noformat}
> Two things are missing as far as i have seen:
> - the {{release-descriptor.mdo}} is incomplete
> -- missing equals implementation for {{scmShallowClone}}
> -- missing hashcode implementation for {{scmShallowClone}}
> - during perform the default of true is used for {{scmShallowClone}} because
> no parameter is available for {{scmShallowClone}}
--
This message was sent by Atlassian Jira
(v8.20.7#820007)
[jira] [Updated] (MDEPLOY-294) Maven deploy fails with the below issue M2:deploy-file: javax/xml/bind/JAXBException
[ https://issues.apache.org/jira/browse/MDEPLOY-294?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ] Anusha Shetty updated MDEPLOY-294: -- Language: java python Affects Version/s: 3.0.0-M2 Description: !image-2022-06-14-18-23-32-368.png! !image-2022-06-14-18-31-32-647.png! i am facing the above issue even after using the latest maven-deploy-plugin i.e 3.0.0-M2 i understand that jaxb apis has been removed from jdk after java 11 and hence as mentioned in other solutions i had added the below dependencies to my pom. javax.xml.bind jaxb-api 2.3.0 com.sun.xml.bind jaxb-impl 2.3.0 org.glassfish.jaxb jaxb-runtime 2.3.0 javax.activation activation 1.1.1 But still i am getting the same issue. i also tried adding the dependency within the plugin org.apache.maven.plugins maven-deploy-plugin 3.0.0-M2 javax.xml.bind jaxb-api 2.3.0 i checked for jaxb-api jar and it was present with JAXException class. Inspite of adding all the above dependency maven deploy fails . Could you tell me what is that i am missing here. > Maven deploy fails with the below issue M2:deploy-file: > javax/xml/bind/JAXBException > > > Key: MDEPLOY-294 > URL: https://issues.apache.org/jira/browse/MDEPLOY-294 > Project: Maven Deploy Plugin > Issue Type: Bug > Components: deploy:deploy-file >Affects Versions: 3.0.0-M2 >Reporter: Anusha Shetty >Priority: Major > > !image-2022-06-14-18-23-32-368.png! > !image-2022-06-14-18-31-32-647.png! > > i am facing the above issue even after using the latest maven-deploy-plugin > i.e 3.0.0-M2 > i understand that jaxb apis has been removed from jdk after java 11 and > hence as mentioned in other solutions i had added the below dependencies to > my pom. > > javax.xml.bind > jaxb-api > 2.3.0 > > > com.sun.xml.bind > jaxb-impl > 2.3.0 > > > org.glassfish.jaxb > jaxb-runtime > 2.3.0 > > > javax.activation > activation > 1.1.1 > > But still i am getting the same issue. > i also tried adding the dependency within the plugin > > org.apache.maven.plugins > maven-deploy-plugin > 3.0.0-M2 > > > javax.xml.bind > jaxb-api > 2.3.0 > > > > i checked for jaxb-api jar and it was present with JAXException class. > Inspite of adding all the above dependency maven deploy fails . Could you > tell me what is that i am missing here. > -- This message was sent by Atlassian Jira (v8.20.7#820007)
[jira] [Commented] (MASFRES-55) Artifacts missing from the nexus-maven-repository-index
[ https://issues.apache.org/jira/browse/MASFRES-55?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=17554093#comment-17554093 ] Dave Harmon commented on MASFRES-55: Can you point me in the right direction? I know Maven has a lot of subprojects but this was the only one I could find on this site > Artifacts missing from the nexus-maven-repository-index > --- > > Key: MASFRES-55 > URL: https://issues.apache.org/jira/browse/MASFRES-55 > Project: Apache Maven Resource Bundles > Issue Type: Bug > Components: apache-jar-resource-bundle >Reporter: Dave Harmon >Priority: Minor > > I downloaded a central index following the instructions from > [https://maven.apache.org/repository/central-index.html.] However some > artifacts are missing and I'm hoping someone could tell me where to find the > missing parts of the dataset. > > I downloaded the full index, all the incremental updates appear to be in the > full index. The full index has entries for all the versions of spring-boot, > but only the javadocs, sources, and modules, e.g. it has > [https://repo1.maven.org/maven2/org/springframework/spring-beans/5.3.0/spring-beans-5.3.0-javadoc.jar.sha1] > in the central index, but not > [https://repo1.maven.org/maven2/org/springframework/spring-beans/5.3.0/spring-beans-5.3.0.jar.sha1]. > > > I only need the entry for the distributable artifact, since the data exists > clearly and is accessible via other search functionality, e.g. > [https://search.maven.org/solrsearch/select?q=1:bd01e44fd597fd8e14fb4ff2bc11362305b3a0b8.] > Can someone help me understand why the data isn't in the central index and > where I might be able to find it? -- This message was sent by Atlassian Jira (v8.20.7#820007)
[jira] [Commented] (MRELEASE-1099) Use shallow checkout/clone during release:perform
[
https://issues.apache.org/jira/browse/MRELEASE-1099?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=17554098#comment-17554098
]
Michael Cramer commented on MRELEASE-1099:
--
will create a PR later today
> Use shallow checkout/clone during release:perform
> -
>
> Key: MRELEASE-1099
> URL: https://issues.apache.org/jira/browse/MRELEASE-1099
> Project: Maven Release Plugin
> Issue Type: Improvement
> Components: scm
>Affects Versions: 3.0.0-M6
>Reporter: Michael Cramer
>Priority: Major
> Labels: checkout, clone, git, shallow, up-for-grabs
>
> this is a follow-up for MRELEASE-1082.
> after using the new 3.0.0-M6 version we are still getting the warning about
> missing blame information during the sonarqube analysis performed during the
> perform step. While checking why it doesn't work I figured out that the
> previous implementation is incomplete.
> {noformat}
> [INFO] [WARNING] Missing blame information for the following files:
> {noformat}
> Two things are missing as far as i have seen:
> - the {{release-descriptor.mdo}} is incomplete
> -- missing equals implementation for {{scmShallowClone}}
> -- missing hashcode implementation for {{scmShallowClone}}
> - during perform the default of true is used for {{scmShallowClone}} because
> no parameter is available for {{scmShallowClone}}
--
This message was sent by Atlassian Jira
(v8.20.7#820007)
[jira] [Commented] (MDEPLOY-293) Maven deploy fails with 401 Unauthorized when using £ in password
[
https://issues.apache.org/jira/browse/MDEPLOY-293?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=17554158#comment-17554158
]
Michael Osipov commented on MDEPLOY-293:
Did you enable preemptive authentication? If yes, disable and try again.
> Maven deploy fails with 401 Unauthorized when using £ in password
> -
>
> Key: MDEPLOY-293
> URL: https://issues.apache.org/jira/browse/MDEPLOY-293
> Project: Maven Deploy Plugin
> Issue Type: Bug
>Reporter: Nélson Cunha
>Assignee: Michael Osipov
>Priority: Major
> Fix For: waiting-for-feedback
>
> Attachments: image-2022-06-08-20-06-39-388.png,
> image-2022-06-08-20-09-57-536.png, image-2022-06-09-16-52-04-876.png,
> image-2022-06-09-16-52-19-905.png, image-2022-06-09-17-01-18-568.png
>
>
> Hello.
> I'm using Apache Maven 3.6.3 and maven-deploy-plugin 2.8.2 on Oracle's Java
> version 1.8.0_321 and I'm currently receiving the 401 Unauthorized error
> when deploying an artifact to Sonatype Nexus:
> {noformat}
> [ERROR] Failed to execute goal
> org.apache.maven.plugins:maven-deploy-plugin:2.8.2:deploy (default-deploy) on
> project XXX: Failed to deploy artifacts: Could not transfer artifact
> XXX:XXX:pom:4.0.0-20220608.184337-1 from/to nexus-snapshots
> (http://.../repository/maven-snapshots/): Transfer failed for
> http://...-4.0.0-20220608.184337-1.pom 401 Unauthorized -> [Help 1]{noformat}
>
> This error showed up after I changed my password with a leading {{£}}
> character.
>
> Using Wireshark to capture the HTTP packages exchanged between the maven
> client and the nexus repository, I see 3 interactions:
> # unauthenticated GET request for a maven-metadata.xml file, followed by a
> 401 response
> # authenticated GET request for the same maven-metadata.xml file, followed
> by a 404 response
> # authenticated PUT request for the pom file, followed by a 401 response
>
> Now, analyzing the headers for the second and third request I noticed the
> base64 on the Authentication header is not the same.
> * 2nd request: GET metadata
> !image-2022-06-08-20-06-39-388.png!
>
> * 3rd request PUT pom
> !image-2022-06-08-20-09-57-536.png!
>
> The decoded base64 with the username:password, shows that, as expected, the
> request that received a 404 holds the right password, but on the other hand,
> the PUT request that got a 401 has a password with a {{?}} for the {{{}£{}}}.
>
> All the servers on my {{settings.xml}} hold the same user/password and I have
> tried with the passwords encoded and in plain text.
>
>
> Further tests with base64 encoding and decoding showed that the "wrong"
> password is the actual password but encoded from an ANSI code page where the
> password accepted by Nexus is encoded from utf8.
>
> I noticed the 401 responses don't specify the encoding on the
> {{WWW-Authenticate}} header, which should clear up which encoding to use, but
> still for some reason the two requests are apparently using different
> encodings.
--
This message was sent by Atlassian Jira
(v8.20.7#820007)
[jira] [Commented] (MDEPLOY-293) Maven deploy fails with 401 Unauthorized when using £ in password
[
https://issues.apache.org/jira/browse/MDEPLOY-293?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=17554159#comment-17554159
]
Michael Osipov commented on MDEPLOY-293:
I have found the cause, I want you to try the above first.
> Maven deploy fails with 401 Unauthorized when using £ in password
> -
>
> Key: MDEPLOY-293
> URL: https://issues.apache.org/jira/browse/MDEPLOY-293
> Project: Maven Deploy Plugin
> Issue Type: Bug
>Reporter: Nélson Cunha
>Assignee: Michael Osipov
>Priority: Major
> Fix For: waiting-for-feedback
>
> Attachments: image-2022-06-08-20-06-39-388.png,
> image-2022-06-08-20-09-57-536.png, image-2022-06-09-16-52-04-876.png,
> image-2022-06-09-16-52-19-905.png, image-2022-06-09-17-01-18-568.png
>
>
> Hello.
> I'm using Apache Maven 3.6.3 and maven-deploy-plugin 2.8.2 on Oracle's Java
> version 1.8.0_321 and I'm currently receiving the 401 Unauthorized error
> when deploying an artifact to Sonatype Nexus:
> {noformat}
> [ERROR] Failed to execute goal
> org.apache.maven.plugins:maven-deploy-plugin:2.8.2:deploy (default-deploy) on
> project XXX: Failed to deploy artifacts: Could not transfer artifact
> XXX:XXX:pom:4.0.0-20220608.184337-1 from/to nexus-snapshots
> (http://.../repository/maven-snapshots/): Transfer failed for
> http://...-4.0.0-20220608.184337-1.pom 401 Unauthorized -> [Help 1]{noformat}
>
> This error showed up after I changed my password with a leading {{£}}
> character.
>
> Using Wireshark to capture the HTTP packages exchanged between the maven
> client and the nexus repository, I see 3 interactions:
> # unauthenticated GET request for a maven-metadata.xml file, followed by a
> 401 response
> # authenticated GET request for the same maven-metadata.xml file, followed
> by a 404 response
> # authenticated PUT request for the pom file, followed by a 401 response
>
> Now, analyzing the headers for the second and third request I noticed the
> base64 on the Authentication header is not the same.
> * 2nd request: GET metadata
> !image-2022-06-08-20-06-39-388.png!
>
> * 3rd request PUT pom
> !image-2022-06-08-20-09-57-536.png!
>
> The decoded base64 with the username:password, shows that, as expected, the
> request that received a 404 holds the right password, but on the other hand,
> the PUT request that got a 401 has a password with a {{?}} for the {{{}£{}}}.
>
> All the servers on my {{settings.xml}} hold the same user/password and I have
> tried with the passwords encoded and in plain text.
>
>
> Further tests with base64 encoding and decoding showed that the "wrong"
> password is the actual password but encoded from an ANSI code page where the
> password accepted by Nexus is encoded from utf8.
>
> I noticed the 401 responses don't specify the encoding on the
> {{WWW-Authenticate}} header, which should clear up which encoding to use, but
> still for some reason the two requests are apparently using different
> encodings.
--
This message was sent by Atlassian Jira
(v8.20.7#820007)
[GitHub] [maven-release] BigMichi1 opened a new pull request, #139: [MRELEASE-1099] allow using a shallow clone during release:perform
BigMichi1 opened a new pull request, #139: URL: https://github.com/apache/maven-release/pull/139 Following this checklist to help us incorporate your contribution quickly and easily: - [x] Make sure there is a [JIRA issue](https://issues.apache.org/jira/browse/MJAVADOC) filed for the change (usually before you start working on it). Trivial changes like typos do not require a JIRA issue. Your pull request should address just this issue, without pulling in other changes. - [x] Each commit in the pull request should have a meaningful subject line and body. - [x] Format the pull request title like `[MJAVADOC-XXX] - Fixes bug in ApproximateQuantiles`, where you replace `MJAVADOC-XXX` with the appropriate JIRA issue. Best practice is to use the JIRA issue title in the pull request title and in the first line of the commit message. - [x] Write a pull request description that is detailed enough to understand what the pull request does, how, and why. - [x] Run `mvn clean verify -Prun-its` to make sure basic checks pass. A more thorough check will be performed on your pull request automatically. If your pull request is about ~20 lines of code you don't need to sign an [Individual Contributor License Agreement](https://www.apache.org/licenses/icla.pdf) if you are unsure please ask on the developers list. To make clear that you license your contribution under the [Apache License Version 2.0, January 2004](http://www.apache.org/licenses/LICENSE-2.0) you have to acknowledge this by using the following check-box. - [x] I hereby declare this contribution to be licenced under the [Apache License Version 2.0, January 2004](http://www.apache.org/licenses/LICENSE-2.0) - [ ] In any other case, please file an [Apache Individual Contributor License Agreement](https://www.apache.org/licenses/icla.pdf). This patch makes the shallow clone option also available for the `release:perform` step. Additionally, it adds the missing implementation for equals and hashCode in the release descriptor -- This is an automated message from the Apache Git Service. To respond to the message, please log on to GitHub and use the URL above to go to the specific comment. To unsubscribe, e-mail: issues-unsubscr...@maven.apache.org For queries about this service, please contact Infrastructure at: us...@infra.apache.org
[jira] [Commented] (MDEPLOY-293) Maven deploy fails with 401 Unauthorized when using £ in password
[
https://issues.apache.org/jira/browse/MDEPLOY-293?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=17554166#comment-17554166
]
Nélson Cunha commented on MDEPLOY-293:
--
Hello.
After googling how to enable it, I confirmed I don't have such configuration
for any server on my settings.xml.
Also, judging from the 401 response and lack of authorization header on the
first GET maven-metadata.xml request, I assume maven is not authenticating
preemptively.
> Maven deploy fails with 401 Unauthorized when using £ in password
> -
>
> Key: MDEPLOY-293
> URL: https://issues.apache.org/jira/browse/MDEPLOY-293
> Project: Maven Deploy Plugin
> Issue Type: Bug
>Reporter: Nélson Cunha
>Assignee: Michael Osipov
>Priority: Major
> Fix For: waiting-for-feedback
>
> Attachments: image-2022-06-08-20-06-39-388.png,
> image-2022-06-08-20-09-57-536.png, image-2022-06-09-16-52-04-876.png,
> image-2022-06-09-16-52-19-905.png, image-2022-06-09-17-01-18-568.png
>
>
> Hello.
> I'm using Apache Maven 3.6.3 and maven-deploy-plugin 2.8.2 on Oracle's Java
> version 1.8.0_321 and I'm currently receiving the 401 Unauthorized error
> when deploying an artifact to Sonatype Nexus:
> {noformat}
> [ERROR] Failed to execute goal
> org.apache.maven.plugins:maven-deploy-plugin:2.8.2:deploy (default-deploy) on
> project XXX: Failed to deploy artifacts: Could not transfer artifact
> XXX:XXX:pom:4.0.0-20220608.184337-1 from/to nexus-snapshots
> (http://.../repository/maven-snapshots/): Transfer failed for
> http://...-4.0.0-20220608.184337-1.pom 401 Unauthorized -> [Help 1]{noformat}
>
> This error showed up after I changed my password with a leading {{£}}
> character.
>
> Using Wireshark to capture the HTTP packages exchanged between the maven
> client and the nexus repository, I see 3 interactions:
> # unauthenticated GET request for a maven-metadata.xml file, followed by a
> 401 response
> # authenticated GET request for the same maven-metadata.xml file, followed
> by a 404 response
> # authenticated PUT request for the pom file, followed by a 401 response
>
> Now, analyzing the headers for the second and third request I noticed the
> base64 on the Authentication header is not the same.
> * 2nd request: GET metadata
> !image-2022-06-08-20-06-39-388.png!
>
> * 3rd request PUT pom
> !image-2022-06-08-20-09-57-536.png!
>
> The decoded base64 with the username:password, shows that, as expected, the
> request that received a 404 holds the right password, but on the other hand,
> the PUT request that got a 401 has a password with a {{?}} for the {{{}£{}}}.
>
> All the servers on my {{settings.xml}} hold the same user/password and I have
> tried with the passwords encoded and in plain text.
>
>
> Further tests with base64 encoding and decoding showed that the "wrong"
> password is the actual password but encoded from an ANSI code page where the
> password accepted by Nexus is encoded from utf8.
>
> I noticed the 401 responses don't specify the encoding on the
> {{WWW-Authenticate}} header, which should clear up which encoding to use, but
> still for some reason the two requests are apparently using different
> encodings.
--
This message was sent by Atlassian Jira
(v8.20.7#820007)
[jira] [Commented] (MASFRES-55) Artifacts missing from the nexus-maven-repository-index
[ https://issues.apache.org/jira/browse/MASFRES-55?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=17554199#comment-17554199 ] Slawomir Jaranowski commented on MASFRES-55: https://issues.sonatype.org/projects/OSSRH > Artifacts missing from the nexus-maven-repository-index > --- > > Key: MASFRES-55 > URL: https://issues.apache.org/jira/browse/MASFRES-55 > Project: Apache Maven Resource Bundles > Issue Type: Bug > Components: apache-jar-resource-bundle >Reporter: Dave Harmon >Priority: Minor > > I downloaded a central index following the instructions from > [https://maven.apache.org/repository/central-index.html.] However some > artifacts are missing and I'm hoping someone could tell me where to find the > missing parts of the dataset. > > I downloaded the full index, all the incremental updates appear to be in the > full index. The full index has entries for all the versions of spring-boot, > but only the javadocs, sources, and modules, e.g. it has > [https://repo1.maven.org/maven2/org/springframework/spring-beans/5.3.0/spring-beans-5.3.0-javadoc.jar.sha1] > in the central index, but not > [https://repo1.maven.org/maven2/org/springframework/spring-beans/5.3.0/spring-beans-5.3.0.jar.sha1]. > > > I only need the entry for the distributable artifact, since the data exists > clearly and is accessible via other search functionality, e.g. > [https://search.maven.org/solrsearch/select?q=1:bd01e44fd597fd8e14fb4ff2bc11362305b3a0b8.] > Can someone help me understand why the data isn't in the central index and > where I might be able to find it? -- This message was sent by Atlassian Jira (v8.20.7#820007)
[jira] [Commented] (MENFORCER-393) Upgrading to 3.0.0 causes `Could not build dependency tree` with repositories some unknown protocol
[
https://issues.apache.org/jira/browse/MENFORCER-393?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=17554206#comment-17554206
]
Tilman Hausherr commented on MENFORCER-393:
---
Still happens with 3.1.0.
> Upgrading to 3.0.0 causes `Could not build dependency tree` with repositories
> some unknown protocol
> ---
>
> Key: MENFORCER-393
> URL: https://issues.apache.org/jira/browse/MENFORCER-393
> Project: Maven Enforcer Plugin
> Issue Type: Bug
> Components: Plugin
>Affects Versions: 3.0.0
>Reporter: johnny willer gasperi goncalves
>Priority: Major
> Attachments: enforcer_output
>
>
> After upgrading to 3.0.0, it's not possible to validate the POM anymore, an
> error like
> {code:java}
> Could not build dependency tree Could not collect dependencies:
> {jarname}{code}
> happens.
>
> I'm attaching the `mvn validate -X` dump (i have omitted some jars from the
> output)
--
This message was sent by Atlassian Jira
(v8.20.7#820007)
[GitHub] [maven-deploy-plugin] slawekjaranowski commented on a diff in pull request #20: [MDEPLOY-193] Deploy At End feature (no extension)
slawekjaranowski commented on code in PR #20:
URL: https://github.com/apache/maven-deploy-plugin/pull/20#discussion_r897123602
##
src/main/java/org/apache/maven/plugins/deploy/DeployMojo.java:
##
@@ -177,29 +180,84 @@ public void execute()
}
else
{
-DEPLOYREQUESTS.add( pdr );
-addedDeployRequest = true;
+if ( altReleaseDeploymentRepository != null )
+{
+getPluginContext().put(
+DEPLOY_ALT_RELEASE_DEPLOYMENT_REPOSITORY,
+altReleaseDeploymentRepository
+);
+}
+if ( altSnapshotDeploymentRepository != null )
+{
+getPluginContext().put(
+DEPLOY_ALT_SNAPSHOT_DEPLOYMENT_REPOSITORY,
+altSnapshotDeploymentRepository
+);
+}
+if ( altDeploymentRepository != null )
+{
+getPluginContext().put(
+DEPLOY_ALT_DEPLOYMENT_REPOSITORY,
+altDeploymentRepository
+);
+}
Review Comment:
If we can add null value - I would not check for null
--
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.
To unsubscribe, e-mail: issues-unsubscr...@maven.apache.org
For queries about this service, please contact Infrastructure at:
us...@infra.apache.org
[GitHub] [maven-site] slawekjaranowski merged pull request #294: typo in "direct plugin goal invocation" example
slawekjaranowski merged PR #294: URL: https://github.com/apache/maven-site/pull/294 -- This is an automated message from the Apache Git Service. To respond to the message, please log on to GitHub and use the URL above to go to the specific comment. To unsubscribe, e-mail: issues-unsubscr...@maven.apache.org For queries about this service, please contact Infrastructure at: us...@infra.apache.org
[GitHub] [maven-site] slawekjaranowski commented on pull request #294: typo in "direct plugin goal invocation" example
slawekjaranowski commented on PR #294: URL: https://github.com/apache/maven-site/pull/294#issuecomment-1155517323 @bhamail thanks -- This is an automated message from the Apache Git Service. To respond to the message, please log on to GitHub and use the URL above to go to the specific comment. To unsubscribe, e-mail: issues-unsubscr...@maven.apache.org For queries about this service, please contact Infrastructure at: us...@infra.apache.org
[GitHub] [maven-archiver] slawekjaranowski merged pull request #24: [MSHARED-1082] - Update Plexus IO to 3.3.1
slawekjaranowski merged PR #24: URL: https://github.com/apache/maven-archiver/pull/24 -- This is an automated message from the Apache Git Service. To respond to the message, please log on to GitHub and use the URL above to go to the specific comment. To unsubscribe, e-mail: issues-unsubscr...@maven.apache.org For queries about this service, please contact Infrastructure at: us...@infra.apache.org
[jira] [Commented] (MSHARED-1082) Update Plexus IO to 3.3.1
[ https://issues.apache.org/jira/browse/MSHARED-1082?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=17554229#comment-17554229 ] ASF GitHub Bot commented on MSHARED-1082: - slawekjaranowski merged PR #24: URL: https://github.com/apache/maven-archiver/pull/24 > Update Plexus IO to 3.3.1 > - > > Key: MSHARED-1082 > URL: https://issues.apache.org/jira/browse/MSHARED-1082 > Project: Maven Shared Components > Issue Type: Dependency upgrade > Components: maven-archiver >Affects Versions: maven-archiver-3.5.2 >Reporter: Jorge Solórzano >Priority: Trivial > -- This message was sent by Atlassian Jira (v8.20.7#820007)
[jira] [Closed] (MSHARED-1082) Update Plexus IO to 3.3.1
[ https://issues.apache.org/jira/browse/MSHARED-1082?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ] Slawomir Jaranowski closed MSHARED-1082. Fix Version/s: maven-archiver-3.6.0 Resolution: Fixed > Update Plexus IO to 3.3.1 > - > > Key: MSHARED-1082 > URL: https://issues.apache.org/jira/browse/MSHARED-1082 > Project: Maven Shared Components > Issue Type: Dependency upgrade > Components: maven-archiver >Affects Versions: maven-archiver-3.5.2 >Reporter: Jorge Solórzano >Priority: Trivial > Fix For: maven-archiver-3.6.0 > > -- This message was sent by Atlassian Jira (v8.20.7#820007)
[jira] [Assigned] (MSHARED-1082) Update Plexus IO to 3.3.1
[ https://issues.apache.org/jira/browse/MSHARED-1082?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ] Slawomir Jaranowski reassigned MSHARED-1082: Assignee: Slawomir Jaranowski > Update Plexus IO to 3.3.1 > - > > Key: MSHARED-1082 > URL: https://issues.apache.org/jira/browse/MSHARED-1082 > Project: Maven Shared Components > Issue Type: Dependency upgrade > Components: maven-archiver >Affects Versions: maven-archiver-3.5.2 >Reporter: Jorge Solórzano >Assignee: Slawomir Jaranowski >Priority: Trivial > Fix For: maven-archiver-3.6.0 > > -- This message was sent by Atlassian Jira (v8.20.7#820007)
[jira] [Commented] (MSHARED-1082) Update Plexus IO to 3.3.1
[ https://issues.apache.org/jira/browse/MSHARED-1082?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=17554250#comment-17554250 ] Hudson commented on MSHARED-1082: - Build succeeded in Jenkins: Maven » Maven TLP » maven-archiver » master #10 See https://ci-maven.apache.org/job/Maven/job/maven-box/job/maven-archiver/job/master/10/ > Update Plexus IO to 3.3.1 > - > > Key: MSHARED-1082 > URL: https://issues.apache.org/jira/browse/MSHARED-1082 > Project: Maven Shared Components > Issue Type: Dependency upgrade > Components: maven-archiver >Affects Versions: maven-archiver-3.5.2 >Reporter: Jorge Solórzano >Assignee: Slawomir Jaranowski >Priority: Trivial > Fix For: maven-archiver-3.6.0 > > -- This message was sent by Atlassian Jira (v8.20.7#820007)
[GitHub] [maven-wrapper] slawekjaranowski closed pull request #49: Bump mavenVersion from 3.1.0 to 3.8.6
slawekjaranowski closed pull request #49: Bump mavenVersion from 3.1.0 to 3.8.6 URL: https://github.com/apache/maven-wrapper/pull/49 -- This is an automated message from the Apache Git Service. To respond to the message, please log on to GitHub and use the URL above to go to the specific comment. To unsubscribe, e-mail: issues-unsubscr...@maven.apache.org For queries about this service, please contact Infrastructure at: us...@infra.apache.org
[GitHub] [maven-wrapper] dependabot[bot] commented on pull request #49: Bump mavenVersion from 3.1.0 to 3.8.6
dependabot[bot] commented on PR #49: URL: https://github.com/apache/maven-wrapper/pull/49#issuecomment-1155618216 OK, I won't notify you again about this release, but will get in touch when a new version is available. You can also ignore all major, minor, or patch releases for a dependency by adding an [`ignore` condition](https://docs.github.com/en/code-security/supply-chain-security/configuration-options-for-dependency-updates#ignore) with the desired `update_types` to your config file. If you change your mind, just re-open this PR and I'll resolve any conflicts on it. -- This is an automated message from the Apache Git Service. To respond to the message, please log on to GitHub and use the URL above to go to the specific comment. To unsubscribe, e-mail: issues-unsubscr...@maven.apache.org For queries about this service, please contact Infrastructure at: us...@infra.apache.org
[jira] [Assigned] (MRELEASE-1099) Use shallow checkout/clone during release:perform
[
https://issues.apache.org/jira/browse/MRELEASE-1099?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel
]
Michael Osipov reassigned MRELEASE-1099:
Assignee: Michael Osipov
> Use shallow checkout/clone during release:perform
> -
>
> Key: MRELEASE-1099
> URL: https://issues.apache.org/jira/browse/MRELEASE-1099
> Project: Maven Release Plugin
> Issue Type: Improvement
> Components: scm
>Affects Versions: 3.0.0-M6
>Reporter: Michael Cramer
>Assignee: Michael Osipov
>Priority: Major
> Labels: checkout, clone, git, shallow, up-for-grabs
>
> this is a follow-up for MRELEASE-1082.
> after using the new 3.0.0-M6 version we are still getting the warning about
> missing blame information during the sonarqube analysis performed during the
> perform step. While checking why it doesn't work I figured out that the
> previous implementation is incomplete.
> {noformat}
> [INFO] [WARNING] Missing blame information for the following files:
> {noformat}
> Two things are missing as far as i have seen:
> - the {{release-descriptor.mdo}} is incomplete
> -- missing equals implementation for {{scmShallowClone}}
> -- missing hashcode implementation for {{scmShallowClone}}
> - during perform the default of true is used for {{scmShallowClone}} because
> no parameter is available for {{scmShallowClone}}
--
This message was sent by Atlassian Jira
(v8.20.7#820007)
[jira] [Updated] (MRELEASE-1099) Use shallow checkout/clone during release:perform
[
https://issues.apache.org/jira/browse/MRELEASE-1099?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel
]
Michael Osipov updated MRELEASE-1099:
-
Fix Version/s: 3.0.0-M7
> Use shallow checkout/clone during release:perform
> -
>
> Key: MRELEASE-1099
> URL: https://issues.apache.org/jira/browse/MRELEASE-1099
> Project: Maven Release Plugin
> Issue Type: Improvement
> Components: scm
>Affects Versions: 3.0.0-M6
>Reporter: Michael Cramer
>Assignee: Michael Osipov
>Priority: Major
> Labels: checkout, clone, git, shallow, up-for-grabs
> Fix For: 3.0.0-M7
>
>
> this is a follow-up for MRELEASE-1082.
> after using the new 3.0.0-M6 version we are still getting the warning about
> missing blame information during the sonarqube analysis performed during the
> perform step. While checking why it doesn't work I figured out that the
> previous implementation is incomplete.
> {noformat}
> [INFO] [WARNING] Missing blame information for the following files:
> {noformat}
> Two things are missing as far as i have seen:
> - the {{release-descriptor.mdo}} is incomplete
> -- missing equals implementation for {{scmShallowClone}}
> -- missing hashcode implementation for {{scmShallowClone}}
> - during perform the default of true is used for {{scmShallowClone}} because
> no parameter is available for {{scmShallowClone}}
--
This message was sent by Atlassian Jira
(v8.20.7#820007)
[GitHub] [maven-help-plugin] dependabot[bot] commented on pull request #64: Bump maven-model from 3.8.5 to 3.8.6
dependabot[bot] commented on PR #64: URL: https://github.com/apache/maven-help-plugin/pull/64#issuecomment-1155621220 Looks like org.apache.maven:maven-model is no longer being updated by Dependabot, so this is no longer needed. -- This is an automated message from the Apache Git Service. To respond to the message, please log on to GitHub and use the URL above to go to the specific comment. To unsubscribe, e-mail: issues-unsubscr...@maven.apache.org For queries about this service, please contact Infrastructure at: us...@infra.apache.org
[GitHub] [maven-help-plugin] dependabot[bot] closed pull request #64: Bump maven-model from 3.8.5 to 3.8.6
dependabot[bot] closed pull request #64: Bump maven-model from 3.8.5 to 3.8.6 URL: https://github.com/apache/maven-help-plugin/pull/64 -- This is an automated message from the Apache Git Service. To respond to the message, please log on to GitHub and use the URL above to go to the specific comment. To unsubscribe, e-mail: issues-unsubscr...@maven.apache.org For queries about this service, please contact Infrastructure at: us...@infra.apache.org
[GitHub] [maven-install-plugin] dependabot[bot] commented on pull request #30: Bump mavenVersion from 3.2.5 to 3.8.6
dependabot[bot] commented on PR #30: URL: https://github.com/apache/maven-install-plugin/pull/30#issuecomment-1155622834 Looks like these dependencies are no longer being updated by Dependabot, so this is no longer needed. -- This is an automated message from the Apache Git Service. To respond to the message, please log on to GitHub and use the URL above to go to the specific comment. To unsubscribe, e-mail: issues-unsubscr...@maven.apache.org For queries about this service, please contact Infrastructure at: us...@infra.apache.org
[GitHub] [maven-install-plugin] dependabot[bot] closed pull request #30: Bump mavenVersion from 3.2.5 to 3.8.6
dependabot[bot] closed pull request #30: Bump mavenVersion from 3.2.5 to 3.8.6 URL: https://github.com/apache/maven-install-plugin/pull/30 -- This is an automated message from the Apache Git Service. To respond to the message, please log on to GitHub and use the URL above to go to the specific comment. To unsubscribe, e-mail: issues-unsubscr...@maven.apache.org For queries about this service, please contact Infrastructure at: us...@infra.apache.org
[GitHub] [maven-clean-plugin] dependabot[bot] commented on pull request #18: Bump mavenVersion from 3.2.5 to 3.8.6
dependabot[bot] commented on PR #18: URL: https://github.com/apache/maven-clean-plugin/pull/18#issuecomment-1155624108 Looks like these dependencies are no longer being updated by Dependabot, so this is no longer needed. -- This is an automated message from the Apache Git Service. To respond to the message, please log on to GitHub and use the URL above to go to the specific comment. To unsubscribe, e-mail: issues-unsubscr...@maven.apache.org For queries about this service, please contact Infrastructure at: us...@infra.apache.org
[GitHub] [maven-clean-plugin] dependabot[bot] closed pull request #18: Bump mavenVersion from 3.2.5 to 3.8.6
dependabot[bot] closed pull request #18: Bump mavenVersion from 3.2.5 to 3.8.6 URL: https://github.com/apache/maven-clean-plugin/pull/18 -- This is an automated message from the Apache Git Service. To respond to the message, please log on to GitHub and use the URL above to go to the specific comment. To unsubscribe, e-mail: issues-unsubscr...@maven.apache.org For queries about this service, please contact Infrastructure at: us...@infra.apache.org
[jira] [Moved] (WAGON-627) Maven deploy fails with 401 Unauthorized when using £ in password
[
https://issues.apache.org/jira/browse/WAGON-627?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel
]
Michael Osipov moved MDEPLOY-293 to WAGON-627:
--
Fix Version/s: (was: waiting-for-feedback)
Key: WAGON-627 (was: MDEPLOY-293)
Project: Maven Wagon (was: Maven Deploy Plugin)
> Maven deploy fails with 401 Unauthorized when using £ in password
> -
>
> Key: WAGON-627
> URL: https://issues.apache.org/jira/browse/WAGON-627
> Project: Maven Wagon
> Issue Type: Bug
>Reporter: Nélson Cunha
>Assignee: Michael Osipov
>Priority: Major
> Attachments: image-2022-06-08-20-06-39-388.png,
> image-2022-06-08-20-09-57-536.png, image-2022-06-09-16-52-04-876.png,
> image-2022-06-09-16-52-19-905.png, image-2022-06-09-17-01-18-568.png
>
>
> Hello.
> I'm using Apache Maven 3.6.3 and maven-deploy-plugin 2.8.2 on Oracle's Java
> version 1.8.0_321 and I'm currently receiving the 401 Unauthorized error
> when deploying an artifact to Sonatype Nexus:
> {noformat}
> [ERROR] Failed to execute goal
> org.apache.maven.plugins:maven-deploy-plugin:2.8.2:deploy (default-deploy) on
> project XXX: Failed to deploy artifacts: Could not transfer artifact
> XXX:XXX:pom:4.0.0-20220608.184337-1 from/to nexus-snapshots
> (http://.../repository/maven-snapshots/): Transfer failed for
> http://...-4.0.0-20220608.184337-1.pom 401 Unauthorized -> [Help 1]{noformat}
>
> This error showed up after I changed my password with a leading {{£}}
> character.
>
> Using Wireshark to capture the HTTP packages exchanged between the maven
> client and the nexus repository, I see 3 interactions:
> # unauthenticated GET request for a maven-metadata.xml file, followed by a
> 401 response
> # authenticated GET request for the same maven-metadata.xml file, followed
> by a 404 response
> # authenticated PUT request for the pom file, followed by a 401 response
>
> Now, analyzing the headers for the second and third request I noticed the
> base64 on the Authentication header is not the same.
> * 2nd request: GET metadata
> !image-2022-06-08-20-06-39-388.png!
>
> * 3rd request PUT pom
> !image-2022-06-08-20-09-57-536.png!
>
> The decoded base64 with the username:password, shows that, as expected, the
> request that received a 404 holds the right password, but on the other hand,
> the PUT request that got a 401 has a password with a {{?}} for the {{{}£{}}}.
>
> All the servers on my {{settings.xml}} hold the same user/password and I have
> tried with the passwords encoded and in plain text.
>
>
> Further tests with base64 encoding and decoding showed that the "wrong"
> password is the actual password but encoded from an ANSI code page where the
> password accepted by Nexus is encoded from utf8.
>
> I noticed the 401 responses don't specify the encoding on the
> {{WWW-Authenticate}} header, which should clear up which encoding to use, but
> still for some reason the two requests are apparently using different
> encodings.
--
This message was sent by Atlassian Jira
(v8.20.7#820007)
[GitHub] [maven-verifier] dependabot[bot] commented on pull request #27: Bump maven-embedder from 3.8.4 to 3.8.6
dependabot[bot] commented on PR #27: URL: https://github.com/apache/maven-verifier/pull/27#issuecomment-1155625623 Looks like org.apache.maven:maven-embedder is no longer being updated by Dependabot, so this is no longer needed. -- This is an automated message from the Apache Git Service. To respond to the message, please log on to GitHub and use the URL above to go to the specific comment. To unsubscribe, e-mail: issues-unsubscr...@maven.apache.org For queries about this service, please contact Infrastructure at: us...@infra.apache.org
[GitHub] [maven-verifier] dependabot[bot] closed pull request #28: Bump maven-compat from 3.8.4 to 3.8.6
dependabot[bot] closed pull request #28: Bump maven-compat from 3.8.4 to 3.8.6 URL: https://github.com/apache/maven-verifier/pull/28 -- This is an automated message from the Apache Git Service. To respond to the message, please log on to GitHub and use the URL above to go to the specific comment. To unsubscribe, e-mail: issues-unsubscr...@maven.apache.org For queries about this service, please contact Infrastructure at: us...@infra.apache.org
[GitHub] [maven-verifier] dependabot[bot] closed pull request #27: Bump maven-embedder from 3.8.4 to 3.8.6
dependabot[bot] closed pull request #27: Bump maven-embedder from 3.8.4 to 3.8.6 URL: https://github.com/apache/maven-verifier/pull/27 -- This is an automated message from the Apache Git Service. To respond to the message, please log on to GitHub and use the URL above to go to the specific comment. To unsubscribe, e-mail: issues-unsubscr...@maven.apache.org For queries about this service, please contact Infrastructure at: us...@infra.apache.org
[GitHub] [maven-verifier] dependabot[bot] commented on pull request #28: Bump maven-compat from 3.8.4 to 3.8.6
dependabot[bot] commented on PR #28: URL: https://github.com/apache/maven-verifier/pull/28#issuecomment-1155625624 Looks like org.apache.maven:maven-compat is no longer being updated by Dependabot, so this is no longer needed. -- This is an automated message from the Apache Git Service. To respond to the message, please log on to GitHub and use the URL above to go to the specific comment. To unsubscribe, e-mail: issues-unsubscr...@maven.apache.org For queries about this service, please contact Infrastructure at: us...@infra.apache.org
[GitHub] [maven-verifier] dependabot[bot] opened a new pull request, #29: Bump maven-resolver-connector-basic from 1.6.3 to 1.8.1
dependabot[bot] opened a new pull request, #29: URL: https://github.com/apache/maven-verifier/pull/29 Bumps [maven-resolver-connector-basic](https://github.com/apache/maven-resolver) from 1.6.3 to 1.8.1. Commits https://github.com/apache/maven-resolver/commit/01a820ac40b25acb924f289056e9fa77de10a81f";>01a820a [maven-release-plugin] prepare release maven-resolver-1.8.1 https://github.com/apache/maven-resolver/commit/e9fe72f198f4fbf8ec4526a77068c9bed37c2a99";>e9fe72f Replace TBD placeholders with next version https://github.com/apache/maven-resolver/commit/4702bcf246f018ec8e9d1d3dd3f3dfe9a86b8da0";>4702bcf [MRESOLVER-262] Provide contextual data in trace during collect (https://github-redirect.dependabot.com/apache/maven-resolver/issues/182";>#182) https://github.com/apache/maven-resolver/commit/d1833cf88083017237324a156d2949777e10d809";>d1833cf Remove unused stuff (https://github-redirect.dependabot.com/apache/maven-resolver/issues/181";>#181) https://github.com/apache/maven-resolver/commit/1ab297e4a2b59d2ea21eec2aa1928dea2eec0f0f";>1ab297e Extract class PremanagedDependency (https://github-redirect.dependabot.com/apache/maven-resolver/issues/179";>#179) https://github.com/apache/maven-resolver/commit/a626750bf60a6f8209d3e2ccc0902d15f1d24140";>a626750 Collapse collectors (https://github-redirect.dependabot.com/apache/maven-resolver/issues/177";>#177) https://github.com/apache/maven-resolver/commit/570c65e6a8d86ed76df87c2b6f88df6941299b61";>570c65e Add test for empty children and collapse tests (https://github-redirect.dependabot.com/apache/maven-resolver/issues/175";>#175) https://github.com/apache/maven-resolver/commit/2ea36519a72079b9efa59c6278b15bfb01a53fb4";>2ea3651 [MRESOLVER-256] Dependency tree is different between DF and BF strategies whe... https://github.com/apache/maven-resolver/commit/adf3f7504eac3e199af236e25a48ed1286ab3878";>adf3f75 configure Jira integration https://github.com/apache/maven-resolver/commit/6e12ad3932e57c1eb57dc9250c35304fdaf7f0fb";>6e12ad3 [MRESOLVER-255] Update Jetty to 9.4.46.v20220331 (https://github-redirect.dependabot.com/apache/maven-resolver/issues/171";>#171) Additional commits viewable in https://github.com/apache/maven-resolver/compare/maven-resolver-1.6.3...maven-resolver-1.8.1";>compare view [](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores) Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting `@dependabot rebase`. [//]: # (dependabot-automerge-start) [//]: # (dependabot-automerge-end) --- Dependabot commands and options You can trigger Dependabot actions by commenting on this PR: - `@dependabot rebase` will rebase this PR - `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it - `@dependabot merge` will merge this PR after your CI passes on it - `@dependabot squash and merge` will squash and merge this PR after your CI passes on it - `@dependabot cancel merge` will cancel a previously requested merge and block automerging - `@dependabot reopen` will reopen this PR if it is closed - `@dependabot close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually - `@dependabot ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself) -- This is an automated message from the Apache Git Service. To respond to the message, please log on to GitHub and use the URL above to go to the specific comment. To unsubscribe, e-mail: issues-unsubscr...@maven.apache.org For queries about this service, please contact Infrastructure at: us...@infra.apache.org
[GitHub] [maven-verifier] dependabot[bot] opened a new pull request, #30: Bump maven-resolver-transport-http from 1.6.3 to 1.8.1
dependabot[bot] opened a new pull request, #30: URL: https://github.com/apache/maven-verifier/pull/30 Bumps [maven-resolver-transport-http](https://github.com/apache/maven-resolver) from 1.6.3 to 1.8.1. Commits https://github.com/apache/maven-resolver/commit/01a820ac40b25acb924f289056e9fa77de10a81f";>01a820a [maven-release-plugin] prepare release maven-resolver-1.8.1 https://github.com/apache/maven-resolver/commit/e9fe72f198f4fbf8ec4526a77068c9bed37c2a99";>e9fe72f Replace TBD placeholders with next version https://github.com/apache/maven-resolver/commit/4702bcf246f018ec8e9d1d3dd3f3dfe9a86b8da0";>4702bcf [MRESOLVER-262] Provide contextual data in trace during collect (https://github-redirect.dependabot.com/apache/maven-resolver/issues/182";>#182) https://github.com/apache/maven-resolver/commit/d1833cf88083017237324a156d2949777e10d809";>d1833cf Remove unused stuff (https://github-redirect.dependabot.com/apache/maven-resolver/issues/181";>#181) https://github.com/apache/maven-resolver/commit/1ab297e4a2b59d2ea21eec2aa1928dea2eec0f0f";>1ab297e Extract class PremanagedDependency (https://github-redirect.dependabot.com/apache/maven-resolver/issues/179";>#179) https://github.com/apache/maven-resolver/commit/a626750bf60a6f8209d3e2ccc0902d15f1d24140";>a626750 Collapse collectors (https://github-redirect.dependabot.com/apache/maven-resolver/issues/177";>#177) https://github.com/apache/maven-resolver/commit/570c65e6a8d86ed76df87c2b6f88df6941299b61";>570c65e Add test for empty children and collapse tests (https://github-redirect.dependabot.com/apache/maven-resolver/issues/175";>#175) https://github.com/apache/maven-resolver/commit/2ea36519a72079b9efa59c6278b15bfb01a53fb4";>2ea3651 [MRESOLVER-256] Dependency tree is different between DF and BF strategies whe... https://github.com/apache/maven-resolver/commit/adf3f7504eac3e199af236e25a48ed1286ab3878";>adf3f75 configure Jira integration https://github.com/apache/maven-resolver/commit/6e12ad3932e57c1eb57dc9250c35304fdaf7f0fb";>6e12ad3 [MRESOLVER-255] Update Jetty to 9.4.46.v20220331 (https://github-redirect.dependabot.com/apache/maven-resolver/issues/171";>#171) Additional commits viewable in https://github.com/apache/maven-resolver/compare/maven-resolver-1.6.3...maven-resolver-1.8.1";>compare view [](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores) Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting `@dependabot rebase`. [//]: # (dependabot-automerge-start) [//]: # (dependabot-automerge-end) --- Dependabot commands and options You can trigger Dependabot actions by commenting on this PR: - `@dependabot rebase` will rebase this PR - `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it - `@dependabot merge` will merge this PR after your CI passes on it - `@dependabot squash and merge` will squash and merge this PR after your CI passes on it - `@dependabot cancel merge` will cancel a previously requested merge and block automerging - `@dependabot reopen` will reopen this PR if it is closed - `@dependabot close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually - `@dependabot ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself) -- This is an automated message from the Apache Git Service. To respond to the message, please log on to GitHub and use the URL above to go to the specific comment. To unsubscribe, e-mail: issues-unsubscr...@maven.apache.org For queries about this service, please contact Infrastructure at: us...@infra.apache.org
[GitHub] [maven-pdf-plugin] dependabot[bot] commented on pull request #26: Bump mavenVersion from 3.2.5 to 3.8.6
dependabot[bot] commented on PR #26: URL: https://github.com/apache/maven-pdf-plugin/pull/26#issuecomment-1155627256 Looks like these dependencies are no longer being updated by Dependabot, so this is no longer needed. -- This is an automated message from the Apache Git Service. To respond to the message, please log on to GitHub and use the URL above to go to the specific comment. To unsubscribe, e-mail: issues-unsubscr...@maven.apache.org For queries about this service, please contact Infrastructure at: us...@infra.apache.org
[GitHub] [maven-pdf-plugin] dependabot[bot] closed pull request #26: Bump mavenVersion from 3.2.5 to 3.8.6
dependabot[bot] closed pull request #26: Bump mavenVersion from 3.2.5 to 3.8.6 URL: https://github.com/apache/maven-pdf-plugin/pull/26 -- This is an automated message from the Apache Git Service. To respond to the message, please log on to GitHub and use the URL above to go to the specific comment. To unsubscribe, e-mail: issues-unsubscr...@maven.apache.org For queries about this service, please contact Infrastructure at: us...@infra.apache.org
[GitHub] [maven-filtering] dependabot[bot] commented on pull request #39: Bump mavenVersion from 3.2.5 to 3.8.6
dependabot[bot] commented on PR #39: URL: https://github.com/apache/maven-filtering/pull/39#issuecomment-1155629718 Looks like these dependencies are no longer being updated by Dependabot, so this is no longer needed. -- This is an automated message from the Apache Git Service. To respond to the message, please log on to GitHub and use the URL above to go to the specific comment. To unsubscribe, e-mail: issues-unsubscr...@maven.apache.org For queries about this service, please contact Infrastructure at: us...@infra.apache.org
[GitHub] [maven-filtering] dependabot[bot] closed pull request #39: Bump mavenVersion from 3.2.5 to 3.8.6
dependabot[bot] closed pull request #39: Bump mavenVersion from 3.2.5 to 3.8.6 URL: https://github.com/apache/maven-filtering/pull/39 -- This is an automated message from the Apache Git Service. To respond to the message, please log on to GitHub and use the URL above to go to the specific comment. To unsubscribe, e-mail: issues-unsubscr...@maven.apache.org For queries about this service, please contact Infrastructure at: us...@infra.apache.org
[jira] [Commented] (WAGON-627) Maven deploy fails with 401 Unauthorized when using £ in password
[
https://issues.apache.org/jira/browse/WAGON-627?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=17554262#comment-17554262
]
Michael Osipov commented on WAGON-627:
--
I will try one more thing tomorrow. Your last statement is wrong, preemptive
authentication must be enabled explicitly and it can only be applied to methods
with potential body.
> Maven deploy fails with 401 Unauthorized when using £ in password
> -
>
> Key: WAGON-627
> URL: https://issues.apache.org/jira/browse/WAGON-627
> Project: Maven Wagon
> Issue Type: Bug
>Reporter: Nélson Cunha
>Assignee: Michael Osipov
>Priority: Major
> Attachments: image-2022-06-08-20-06-39-388.png,
> image-2022-06-08-20-09-57-536.png, image-2022-06-09-16-52-04-876.png,
> image-2022-06-09-16-52-19-905.png, image-2022-06-09-17-01-18-568.png
>
>
> Hello.
> I'm using Apache Maven 3.6.3 and maven-deploy-plugin 2.8.2 on Oracle's Java
> version 1.8.0_321 and I'm currently receiving the 401 Unauthorized error
> when deploying an artifact to Sonatype Nexus:
> {noformat}
> [ERROR] Failed to execute goal
> org.apache.maven.plugins:maven-deploy-plugin:2.8.2:deploy (default-deploy) on
> project XXX: Failed to deploy artifacts: Could not transfer artifact
> XXX:XXX:pom:4.0.0-20220608.184337-1 from/to nexus-snapshots
> (http://.../repository/maven-snapshots/): Transfer failed for
> http://...-4.0.0-20220608.184337-1.pom 401 Unauthorized -> [Help 1]{noformat}
>
> This error showed up after I changed my password with a leading {{£}}
> character.
>
> Using Wireshark to capture the HTTP packages exchanged between the maven
> client and the nexus repository, I see 3 interactions:
> # unauthenticated GET request for a maven-metadata.xml file, followed by a
> 401 response
> # authenticated GET request for the same maven-metadata.xml file, followed
> by a 404 response
> # authenticated PUT request for the pom file, followed by a 401 response
>
> Now, analyzing the headers for the second and third request I noticed the
> base64 on the Authentication header is not the same.
> * 2nd request: GET metadata
> !image-2022-06-08-20-06-39-388.png!
>
> * 3rd request PUT pom
> !image-2022-06-08-20-09-57-536.png!
>
> The decoded base64 with the username:password, shows that, as expected, the
> request that received a 404 holds the right password, but on the other hand,
> the PUT request that got a 401 has a password with a {{?}} for the {{{}£{}}}.
>
> All the servers on my {{settings.xml}} hold the same user/password and I have
> tried with the passwords encoded and in plain text.
>
>
> Further tests with base64 encoding and decoding showed that the "wrong"
> password is the actual password but encoded from an ANSI code page where the
> password accepted by Nexus is encoded from utf8.
>
> I noticed the 401 responses don't specify the encoding on the
> {{WWW-Authenticate}} header, which should clear up which encoding to use, but
> still for some reason the two requests are apparently using different
> encodings.
--
This message was sent by Atlassian Jira
(v8.20.7#820007)
[GitHub] [maven-filtering] slawekjaranowski commented on pull request #37: Bump mockito-core from 2.28.2 to 4.6.1
slawekjaranowski commented on PR #37: URL: https://github.com/apache/maven-filtering/pull/37#issuecomment-1155630455 @dependabot rebase -- This is an automated message from the Apache Git Service. To respond to the message, please log on to GitHub and use the URL above to go to the specific comment. To unsubscribe, e-mail: issues-unsubscr...@maven.apache.org For queries about this service, please contact Infrastructure at: us...@infra.apache.org
[jira] [Commented] (WAGON-627) Maven deploy fails with 401 Unauthorized when using £ in password
[
https://issues.apache.org/jira/browse/WAGON-627?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=17554263#comment-17554263
]
Michael Osipov commented on WAGON-627:
--
If you are able to test a custom Maven version, let me know, I will provide one.
> Maven deploy fails with 401 Unauthorized when using £ in password
> -
>
> Key: WAGON-627
> URL: https://issues.apache.org/jira/browse/WAGON-627
> Project: Maven Wagon
> Issue Type: Bug
>Reporter: Nélson Cunha
>Assignee: Michael Osipov
>Priority: Major
> Attachments: image-2022-06-08-20-06-39-388.png,
> image-2022-06-08-20-09-57-536.png, image-2022-06-09-16-52-04-876.png,
> image-2022-06-09-16-52-19-905.png, image-2022-06-09-17-01-18-568.png
>
>
> Hello.
> I'm using Apache Maven 3.6.3 and maven-deploy-plugin 2.8.2 on Oracle's Java
> version 1.8.0_321 and I'm currently receiving the 401 Unauthorized error
> when deploying an artifact to Sonatype Nexus:
> {noformat}
> [ERROR] Failed to execute goal
> org.apache.maven.plugins:maven-deploy-plugin:2.8.2:deploy (default-deploy) on
> project XXX: Failed to deploy artifacts: Could not transfer artifact
> XXX:XXX:pom:4.0.0-20220608.184337-1 from/to nexus-snapshots
> (http://.../repository/maven-snapshots/): Transfer failed for
> http://...-4.0.0-20220608.184337-1.pom 401 Unauthorized -> [Help 1]{noformat}
>
> This error showed up after I changed my password with a leading {{£}}
> character.
>
> Using Wireshark to capture the HTTP packages exchanged between the maven
> client and the nexus repository, I see 3 interactions:
> # unauthenticated GET request for a maven-metadata.xml file, followed by a
> 401 response
> # authenticated GET request for the same maven-metadata.xml file, followed
> by a 404 response
> # authenticated PUT request for the pom file, followed by a 401 response
>
> Now, analyzing the headers for the second and third request I noticed the
> base64 on the Authentication header is not the same.
> * 2nd request: GET metadata
> !image-2022-06-08-20-06-39-388.png!
>
> * 3rd request PUT pom
> !image-2022-06-08-20-09-57-536.png!
>
> The decoded base64 with the username:password, shows that, as expected, the
> request that received a 404 holds the right password, but on the other hand,
> the PUT request that got a 401 has a password with a {{?}} for the {{{}£{}}}.
>
> All the servers on my {{settings.xml}} hold the same user/password and I have
> tried with the passwords encoded and in plain text.
>
>
> Further tests with base64 encoding and decoding showed that the "wrong"
> password is the actual password but encoded from an ANSI code page where the
> password accepted by Nexus is encoded from utf8.
>
> I noticed the 401 responses don't specify the encoding on the
> {{WWW-Authenticate}} header, which should clear up which encoding to use, but
> still for some reason the two requests are apparently using different
> encodings.
--
This message was sent by Atlassian Jira
(v8.20.7#820007)
[GitHub] [maven-surefire] dependabot[bot] commented on pull request #546: Bump mavenVersion from 3.2.5 to 3.8.6
dependabot[bot] commented on PR #546: URL: https://github.com/apache/maven-surefire/pull/546#issuecomment-1155631482 Looks like these dependencies are no longer being updated by Dependabot, so this is no longer needed. -- This is an automated message from the Apache Git Service. To respond to the message, please log on to GitHub and use the URL above to go to the specific comment. To unsubscribe, e-mail: issues-unsubscr...@maven.apache.org For queries about this service, please contact Infrastructure at: us...@infra.apache.org
[GitHub] [maven-surefire] dependabot[bot] closed pull request #546: Bump mavenVersion from 3.2.5 to 3.8.6
dependabot[bot] closed pull request #546: Bump mavenVersion from 3.2.5 to 3.8.6 URL: https://github.com/apache/maven-surefire/pull/546 -- This is an automated message from the Apache Git Service. To respond to the message, please log on to GitHub and use the URL above to go to the specific comment. To unsubscribe, e-mail: issues-unsubscr...@maven.apache.org For queries about this service, please contact Infrastructure at: us...@infra.apache.org
[jira] [Commented] (MASFRES-55) Artifacts missing from the nexus-maven-repository-index
[ https://issues.apache.org/jira/browse/MASFRES-55?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=17554268#comment-17554268 ] Dave Harmon commented on MASFRES-55: Thanks! > Artifacts missing from the nexus-maven-repository-index > --- > > Key: MASFRES-55 > URL: https://issues.apache.org/jira/browse/MASFRES-55 > Project: Apache Maven Resource Bundles > Issue Type: Bug > Components: apache-jar-resource-bundle >Reporter: Dave Harmon >Priority: Minor > > I downloaded a central index following the instructions from > [https://maven.apache.org/repository/central-index.html.] However some > artifacts are missing and I'm hoping someone could tell me where to find the > missing parts of the dataset. > > I downloaded the full index, all the incremental updates appear to be in the > full index. The full index has entries for all the versions of spring-boot, > but only the javadocs, sources, and modules, e.g. it has > [https://repo1.maven.org/maven2/org/springframework/spring-beans/5.3.0/spring-beans-5.3.0-javadoc.jar.sha1] > in the central index, but not > [https://repo1.maven.org/maven2/org/springframework/spring-beans/5.3.0/spring-beans-5.3.0.jar.sha1]. > > > I only need the entry for the distributable artifact, since the data exists > clearly and is accessible via other search functionality, e.g. > [https://search.maven.org/solrsearch/select?q=1:bd01e44fd597fd8e14fb4ff2bc11362305b3a0b8.] > Can someone help me understand why the data isn't in the central index and > where I might be able to find it? -- This message was sent by Atlassian Jira (v8.20.7#820007)
[GitHub] [maven] mthmulders commented on pull request #744: [MNG-7360] Fix xml transformation to ensure proper context
mthmulders commented on PR #744: URL: https://github.com/apache/maven/pull/744#issuecomment-1155667002 > @mthmulders would you mind approving the PR for the record ? My pleasure! -- This is an automated message from the Apache Git Service. To respond to the message, please log on to GitHub and use the URL above to go to the specific comment. To unsubscribe, e-mail: issues-unsubscr...@maven.apache.org For queries about this service, please contact Infrastructure at: us...@infra.apache.org
[jira] [Commented] (MNG-7360) Can't parse project that has tag in plugin configuration
[
https://issues.apache.org/jira/browse/MNG-7360?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=17554275#comment-17554275
]
ASF GitHub Bot commented on MNG-7360:
-
mthmulders commented on PR #744:
URL: https://github.com/apache/maven/pull/744#issuecomment-1155667002
> @mthmulders would you mind approving the PR for the record ?
My pleasure!
> Can't parse project that has tag in plugin configuration
> -
>
> Key: MNG-7360
> URL: https://issues.apache.org/jira/browse/MNG-7360
> Project: Maven
> Issue Type: Bug
> Components: build/consumer
>Affects Versions: 4.0.x-candidate
> Environment: Apache Maven 4.0.0-alpha-1-SNAPSHOT
> (3a06530dbce82e2054afa3cc4c81631910474bd0)
> Maven home:
> /usr/local/Cellar/maven-snapshot/4.0.0-alpha-1-SNAPSHOT_290/libexec
> Java version: 17.0.1, vendor: Eclipse Adoptium, runtime:
> /Library/Java/JavaVirtualMachines/temurin-17.jdk/Contents/Home
> Default locale: en_GB, platform encoding: UTF-8
> OS name: "mac os x", version: "11.5", arch: "x86_64", family: "mac"
>Reporter: Maarten Mulders
>Assignee: Guillaume Nodet
>Priority: Major
> Attachments: Screenshot 2021-12-13 at 13.45.01.png
>
>
> The Apache Camel project has the following snippet in their root POM:
> {code:xml}
>
> org.codehaus.mojo
> flatten-maven-plugin
> 1.2.5
>
>
> default-cli
> process-resources
>
> flatten
>
>
>
>
>
> expand
>
>
>
>
>
>
> {code}
> With Maven 4's "Build Consumer" feature enabled, parsing this plugin
> definition breaks with
> {code:none}
> [INFO] BuildTimeEventSpy is registered.
> [INFO] Scanning for projects...
> [ERROR] [ERROR] Some problems were encountered while processing the POMs:
> [FATAL] Unable to transform pom
> [ERROR] The build could not read 1 project -> [Help 1]
> [ERROR]
> [ERROR] The project (/Users/maarten/Code/open-source/camel/pom.xml) has 1
> error
> [ERROR] Unable to transform pom: Not a regular file:
> /Users/maarten/Code/open-source/pom.xml
> [ERROR]
> [ERROR] To see the full stack trace of the errors, re-run Maven with the '-e'
> switch
> [ERROR] Re-run Maven using the '-X' switch to enable verbose output
> [ERROR]
> [ERROR] For more information about the errors and possible solutions, please
> read the following articles:
> [ERROR] [Help 1]
> http://cwiki.apache.org/confluence/display/MAVEN/ProjectBuildingException
> {code}
> I suspect that the {{}} tag is the culprit. It seems to me that it
> causes the {{ParentXMLFilter}} to think it needs to do its work. The attached
> screenshot shows the stacktrace that brought me to this idea. As the
> {{BufferingParser}} class processes its buffer of events, it encounters a
> situation of an "end {{parent}} tag". But that {{parent}} tag did not have
> child elements {{version}} and {{relativePath}} and so, it decides it needs
> to resolve the parent as {{../pom.xml}} against the project path
> ({{/Users/maarten/Code/open-source/camel/}} in my case), leading to the
> non-existing path of {{/Users/maarten/Code/open-source/pom.xml}}.
> I think the bug here is not that it resolves to a non-existing path (it's
> good to check that before actually reading the file). I think the bug is that
> the {{ParentXMLFilter}} is acting on the {{parent}} tag inside the plugin
> configuration.
--
This message was sent by Atlassian Jira
(v8.20.7#820007)
[jira] [Comment Edited] (WAGON-627) Maven deploy fails with 401 Unauthorized when using £ in password
[
https://issues.apache.org/jira/browse/WAGON-627?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=17554262#comment-17554262
]
Michael Osipov edited comment on WAGON-627 at 6/14/22 8:14 PM:
---
I will try one more thing tomorrow.
was (Author: michael-o):
I will try one more thing tomorrow. Your last statement is wrong, preemptive
authentication must be enabled explicitly and it can only be applied to methods
with potential body.
> Maven deploy fails with 401 Unauthorized when using £ in password
> -
>
> Key: WAGON-627
> URL: https://issues.apache.org/jira/browse/WAGON-627
> Project: Maven Wagon
> Issue Type: Bug
>Reporter: Nélson Cunha
>Assignee: Michael Osipov
>Priority: Major
> Attachments: image-2022-06-08-20-06-39-388.png,
> image-2022-06-08-20-09-57-536.png, image-2022-06-09-16-52-04-876.png,
> image-2022-06-09-16-52-19-905.png, image-2022-06-09-17-01-18-568.png
>
>
> Hello.
> I'm using Apache Maven 3.6.3 and maven-deploy-plugin 2.8.2 on Oracle's Java
> version 1.8.0_321 and I'm currently receiving the 401 Unauthorized error
> when deploying an artifact to Sonatype Nexus:
> {noformat}
> [ERROR] Failed to execute goal
> org.apache.maven.plugins:maven-deploy-plugin:2.8.2:deploy (default-deploy) on
> project XXX: Failed to deploy artifacts: Could not transfer artifact
> XXX:XXX:pom:4.0.0-20220608.184337-1 from/to nexus-snapshots
> (http://.../repository/maven-snapshots/): Transfer failed for
> http://...-4.0.0-20220608.184337-1.pom 401 Unauthorized -> [Help 1]{noformat}
>
> This error showed up after I changed my password with a leading {{£}}
> character.
>
> Using Wireshark to capture the HTTP packages exchanged between the maven
> client and the nexus repository, I see 3 interactions:
> # unauthenticated GET request for a maven-metadata.xml file, followed by a
> 401 response
> # authenticated GET request for the same maven-metadata.xml file, followed
> by a 404 response
> # authenticated PUT request for the pom file, followed by a 401 response
>
> Now, analyzing the headers for the second and third request I noticed the
> base64 on the Authentication header is not the same.
> * 2nd request: GET metadata
> !image-2022-06-08-20-06-39-388.png!
>
> * 3rd request PUT pom
> !image-2022-06-08-20-09-57-536.png!
>
> The decoded base64 with the username:password, shows that, as expected, the
> request that received a 404 holds the right password, but on the other hand,
> the PUT request that got a 401 has a password with a {{?}} for the {{{}£{}}}.
>
> All the servers on my {{settings.xml}} hold the same user/password and I have
> tried with the passwords encoded and in plain text.
>
>
> Further tests with base64 encoding and decoding showed that the "wrong"
> password is the actual password but encoded from an ANSI code page where the
> password accepted by Nexus is encoded from utf8.
>
> I noticed the 401 responses don't specify the encoding on the
> {{WWW-Authenticate}} header, which should clear up which encoding to use, but
> still for some reason the two requests are apparently using different
> encodings.
--
This message was sent by Atlassian Jira
(v8.20.7#820007)
[GitHub] [maven-fluido-skin] stevecrox commented on pull request #34: Mskins 191 dynamic library retrieval
stevecrox commented on PR #34: URL: https://github.com/apache/maven-fluido-skin/pull/34#issuecomment-1155693133 @michael-o @olamy @slachiewicz @jvanzyl Everything should now be resolved. I'm not sure why its still listing a conflict to resolve. I've gone through each IT example comparing it to main branch builds and to the 1.10.0 release and everything seems to be producing something identical. I've noticed PR-33 broke "mvn --errors --batch-mode --show-version -D"invoker.streamLogsOnFailures" -DskipTests -P reporting site site:stage" which was run by Jenkins file however that PR introducted "mvn -Prun-its,reporting verify site" and that successfully completes. -- This is an automated message from the Apache Git Service. To respond to the message, please log on to GitHub and use the URL above to go to the specific comment. To unsubscribe, e-mail: issues-unsubscr...@maven.apache.org For queries about this service, please contact Infrastructure at: us...@infra.apache.org
[GitHub] [maven-fluido-skin] stevecrox commented on pull request #37: [MSKINS-194] load GitHub ribbon with CSS
stevecrox commented on PR #37: URL: https://github.com/apache/maven-fluido-skin/pull/37#issuecomment-1155718107 mskins-22 and mskins-22_default have examples which display the github overlay, both render correctly and are embedded into the bar. Seems a good change to me. -- This is an automated message from the Apache Git Service. To respond to the message, please log on to GitHub and use the URL above to go to the specific comment. To unsubscribe, e-mail: issues-unsubscr...@maven.apache.org For queries about this service, please contact Infrastructure at: us...@infra.apache.org
[GitHub] [maven-fluido-skin] stevecrox commented on pull request #36: [MSKINS-193] remove loading 3rd party resources for Google site search
stevecrox commented on PR #36: URL: https://github.com/apache/maven-fluido-skin/pull/36#issuecomment-1155708962 That is not something I thought of. For me this builds, the search box remains in the topbar and sidebar and looks fine. The search functionality still works in both versions. -- This is an automated message from the Apache Git Service. To respond to the message, please log on to GitHub and use the URL above to go to the specific comment. To unsubscribe, e-mail: issues-unsubscr...@maven.apache.org For queries about this service, please contact Infrastructure at: us...@infra.apache.org
[jira] [Commented] (MSKINS-175) Upgrade to JQuery 3.6.0 in Fluido skin
[ https://issues.apache.org/jira/browse/MSKINS-175?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=17554289#comment-17554289 ] Stephen Crocker commented on MSKINS-175: I've created a branch to look at the feasibility, switching between 1.11.2 and 3.6.0 (latest release) doesnt break Bootstrap, Anchor.js or code-prettify. I've looked at various IT builds and everything is rendering and working correctly. > Upgrade to JQuery 3.6.0 in Fluido skin > -- > > Key: MSKINS-175 > URL: https://issues.apache.org/jira/browse/MSKINS-175 > Project: Maven Skins > Issue Type: Bug > Components: Fluido Skin >Reporter: László Langó >Priority: Critical > Labels: Securtity > > Please upgrade to JQuery 3.6.0 due to CVEs > ([CVE-2020-11022|https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-11022] > and > [CVE-2020-11023|https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-11023]) > affecting JQuery <3.5.0. -- This message was sent by Atlassian Jira (v8.20.7#820007)
[jira] [Commented] (WAGON-627) Maven deploy fails with 401 Unauthorized when using £ in password
[
https://issues.apache.org/jira/browse/WAGON-627?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=17554290#comment-17554290
]
Nélson Cunha commented on WAGON-627:
If it's already built and runs on windows, yes, please share it.
> Maven deploy fails with 401 Unauthorized when using £ in password
> -
>
> Key: WAGON-627
> URL: https://issues.apache.org/jira/browse/WAGON-627
> Project: Maven Wagon
> Issue Type: Bug
>Reporter: Nélson Cunha
>Assignee: Michael Osipov
>Priority: Major
> Attachments: image-2022-06-08-20-06-39-388.png,
> image-2022-06-08-20-09-57-536.png, image-2022-06-09-16-52-04-876.png,
> image-2022-06-09-16-52-19-905.png, image-2022-06-09-17-01-18-568.png
>
>
> Hello.
> I'm using Apache Maven 3.6.3 and maven-deploy-plugin 2.8.2 on Oracle's Java
> version 1.8.0_321 and I'm currently receiving the 401 Unauthorized error
> when deploying an artifact to Sonatype Nexus:
> {noformat}
> [ERROR] Failed to execute goal
> org.apache.maven.plugins:maven-deploy-plugin:2.8.2:deploy (default-deploy) on
> project XXX: Failed to deploy artifacts: Could not transfer artifact
> XXX:XXX:pom:4.0.0-20220608.184337-1 from/to nexus-snapshots
> (http://.../repository/maven-snapshots/): Transfer failed for
> http://...-4.0.0-20220608.184337-1.pom 401 Unauthorized -> [Help 1]{noformat}
>
> This error showed up after I changed my password with a leading {{£}}
> character.
>
> Using Wireshark to capture the HTTP packages exchanged between the maven
> client and the nexus repository, I see 3 interactions:
> # unauthenticated GET request for a maven-metadata.xml file, followed by a
> 401 response
> # authenticated GET request for the same maven-metadata.xml file, followed
> by a 404 response
> # authenticated PUT request for the pom file, followed by a 401 response
>
> Now, analyzing the headers for the second and third request I noticed the
> base64 on the Authentication header is not the same.
> * 2nd request: GET metadata
> !image-2022-06-08-20-06-39-388.png!
>
> * 3rd request PUT pom
> !image-2022-06-08-20-09-57-536.png!
>
> The decoded base64 with the username:password, shows that, as expected, the
> request that received a 404 holds the right password, but on the other hand,
> the PUT request that got a 401 has a password with a {{?}} for the {{{}£{}}}.
>
> All the servers on my {{settings.xml}} hold the same user/password and I have
> tried with the passwords encoded and in plain text.
>
>
> Further tests with base64 encoding and decoding showed that the "wrong"
> password is the actual password but encoded from an ANSI code page where the
> password accepted by Nexus is encoded from utf8.
>
> I noticed the 401 responses don't specify the encoding on the
> {{WWW-Authenticate}} header, which should clear up which encoding to use, but
> still for some reason the two requests are apparently using different
> encodings.
--
This message was sent by Atlassian Jira
(v8.20.7#820007)
[jira] [Commented] (MNGSITE-485) Expired signature in provided KEYS file on the download page
[ https://issues.apache.org/jira/browse/MNGSITE-485?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=17554291#comment-17554291 ] Baiyang Li commented on MNGSITE-485: Gotcha. Thanks for the information. > Expired signature in provided KEYS file on the download page > > > Key: MNGSITE-485 > URL: https://issues.apache.org/jira/browse/MNGSITE-485 > Project: Maven Project Web Site > Issue Type: Bug >Reporter: Baiyang Li >Assignee: Michael Osipov >Priority: Major > > Hey, > I met the same expired signature issue described in this close > [issue|https://issues.apache.org/jira/browse/MNGSITE-458?page=com.atlassian.jira.plugin.system.issuetabpanels%3Acomment-tabpanel&focusedCommentId=17410236#comment-17410236]. > When i follow the procedure to verify the signature using the KEYS file, both > provided on the maven's download page:: > * KEYS file import: gpg --import KEYS > * signature verification; gpg --verify .\apache-maven-3.8.2-bin.tar.gz.asc > .\apache-maven-3.8.2-bin.tar.gz > I've got the following message at the second step: > gpg: Good signature from "Michael Osipov (Java developer) > <1983-01...@gmx.net>" [expired] > gpg: aka "Michael Osipov " [expired] > gpg: Note: This key has expired! > According to the same procedure: "A signature is valid, if gpg verifies the > .asc as a good signature, and doesn't complain about expired or revoked > keys", so, technically, the signature is not valid. -- This message was sent by Atlassian Jira (v8.20.7#820007)
[jira] [Commented] (MSKINS-188) Build by use old Maven logo
[ https://issues.apache.org/jira/browse/MSKINS-188?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=17554292#comment-17554292 ] Stephen Crocker commented on MSKINS-188: The SVG of the logo is here: https://svn.apache.org/repos/asf/comdev/project-logos/originals/maven.svg. We have 3 logos https://github.com/apache/maven-fluido-skin/blob/master/src/main/resources/images/logos/build-by-maven-black.png https://github.com/apache/maven-fluido-skin/blob/master/src/main/resources/images/logos/build-by-maven-white.png https://github.com/apache/maven-fluido-skin/blob/master/src/main/resources/images/logos/maven-feather.png Moving to the SVG should allow better scaling on to High resolution screens. > Build by use old Maven logo > --- > > Key: MSKINS-188 > URL: https://issues.apache.org/jira/browse/MSKINS-188 > Project: Maven Skins > Issue Type: Improvement >Reporter: Slawomir Jaranowski >Priority: Major > Attachments: image-2022-05-15-10-26-28-674.png, > image-2022-05-15-10-29-02-990.png > > > h2. Actual logo: > [https://www.apache.org/logos/#maven] > h2. Default Skin > !image-2022-05-15-10-26-28-674.png! > > h2. Fluido Skin > !image-2022-05-15-10-29-02-990.png! > -- This message was sent by Atlassian Jira (v8.20.7#820007)
[jira] [Commented] (MSKINS-109) Support HiDPI displays
[ https://issues.apache.org/jira/browse/MSKINS-109?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=17554303#comment-17554303 ] Stephen Crocker commented on MSKINS-109: I don't have a 4k screen do the icons embeded into Bootstrap scale nicely you can see them here: https://icons.getbootstrap.com/ Fontawesome is normally the fallback when you can't find the appropriate icons, how does these look on a 4k monitor? https://fontawesome.com/search?s=thin > Support HiDPI displays > -- > > Key: MSKINS-109 > URL: https://issues.apache.org/jira/browse/MSKINS-109 > Project: Maven Skins > Issue Type: Improvement > Components: Fluido Skin >Affects Versions: fluido-1.3.1 > Environment: HiDPI/Retina display >Reporter: Hendrik Schreiber >Priority: Major > > Graphics provided in the skin (github ribbon, "Built by Maven", link icons, > ...) are only provided in standard resolution. By now, this looks amateurish > on screens with HiDPI (i.e. Retina displays). > Please provide hi res images that are scaled with width/height parameters so > that they look good on hi res displays. > Thanks. -- This message was sent by Atlassian Jira (v8.20.7#820007)
[jira] [Commented] (MSKINS-117) Improve lisibility and user-friendliness in the left menu
[ https://issues.apache.org/jira/browse/MSKINS-117?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=17554307#comment-17554307 ] Stephen Crocker commented on MSKINS-117: This should be fairly straight forward to achieve by modifying the sidebar margins on sub items, I will create a branch. > Improve lisibility and user-friendliness in the left menu > - > > Key: MSKINS-117 > URL: https://issues.apache.org/jira/browse/MSKINS-117 > Project: Maven Skins > Issue Type: Wish > Components: Fluido Skin >Affects Versions: fluido-1.4 >Reporter: Cyril JACQUENOT >Priority: Major > Attachments: actual_skin_bad_lisibility.jpg, > skin_maven_old_better_lisibility.jpg > > > In our company, we now use *Maven Fluido Skin* for our projects > online-documentation. > I like the design but the lisibility is not optimal: it is hard for me to > find the location of my current page in the menu. > Great improvements should be : > * to increase indentations > * to use fonts weight to show different levels of indentation > * to give the possibility to manage more than 2 levels in the menu > _here is the bad lisibility skin :_ > !actual_skin_bad_lisibility.jpg! > _here is an old skin, but with *better lisibility* :_ > !skin_maven_old_better_lisibility.jpg! -- This message was sent by Atlassian Jira (v8.20.7#820007)
[jira] [Commented] (MENFORCER-402) RequireUpperBoundDeps now follow scope provided transitive dependencies
[
https://issues.apache.org/jira/browse/MENFORCER-402?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=17554310#comment-17554310
]
Daniel Norberg commented on MENFORCER-402:
--
I believe the root cause here might be
https://issues.apache.org/jira/browse/MSHARED-1016 and that
[https://github.com/apache/maven-dependency-tree/pull/9] might also be a better
fix for https://issues.apache.org/jira/browse/MENFORCER-394
> RequireUpperBoundDeps now follow scope provided transitive dependencies
> ---
>
> Key: MENFORCER-402
> URL: https://issues.apache.org/jira/browse/MENFORCER-402
> Project: Maven Enforcer Plugin
> Issue Type: Bug
> Components: Plugin
>Affects Versions: 3.0.0
>Reporter: Thomas Mortagne
>Assignee: Slawomir Jaranowski
>Priority: Major
> Fix For: 3.1.0
>
>
> I have a dependency on org.infinispan:infinispan-core:12.1.7.Final and
> upgrading to the enforcer plugin 3.0.0 suddenly made my module fail because
> infinispan-core have conflicting provided dependencies on
> javax.annotation-api:
> {noformat}
> Require upper bound dependencies error for
> javax.annotation:javax.annotation-api:1.3.1 [provided] paths to dependency
> are:
> +-org.xwiki.commons:xwiki-commons-cache-infinispan:13.9-SNAPSHOT
> +-org.infinispan:infinispan-core:12.1.7.Final
> +-javax.annotation:javax.annotation-api:1.3.1 [provided]
> and
> +-org.xwiki.commons:xwiki-commons-cache-infinispan:13.9-SNAPSHOT
> +-org.infinispan:infinispan-core:12.1.7.Final
> +-org.infinispan:infinispan-commons:12.1.7.Final
> +-javax.annotation:javax.annotation-api:1.3.1 [provided]
> and
> +-org.xwiki.commons:xwiki-commons-cache-infinispan:13.9-SNAPSHOT
> +-org.infinispan:infinispan-core:12.1.7.Final
> +-org.infinispan:infinispan-component-processor:12.1.7.Final [provided]
> +-javax.annotation:javax.annotation-api:1.3.1 [provided]
> and
> +-org.xwiki.commons:xwiki-commons-cache-infinispan:13.9-SNAPSHOT
> +-org.infinispan:infinispan-core:12.1.7.Final
> +-org.infinispan.protostream:protostream-types:4.4.1.Final
> +-javax.annotation:javax.annotation-api:1.3.2 [provided]
> and
> +-org.xwiki.commons:xwiki-commons-cache-infinispan:13.9-SNAPSHOT
> +-org.infinispan:infinispan-core:12.1.7.Final
> +-org.infinispan.protostream:protostream-processor:4.4.1.Final [provided]
> +-javax.annotation:javax.annotation-api:1.3.2 [provided]
> and
> +-org.xwiki.commons:xwiki-commons-cache-infinispan:13.9-SNAPSHOT
> +-org.infinispan:infinispan-core:12.1.7.Final
> +-org.infinispan:infinispan-commons:12.1.7.Final
> +-org.infinispan:infinispan-commons-jdk11:12.1.7.Final [provided]
> +-javax.annotation:javax.annotation-api:1.3.1 [provided]
> {noformat}
> It's not clear if this was done on purpose since I cannot find anything about
> that in the release note, but I might have missed it. Problem is that
> provided scope dependencies are not necessarily used at runtime (it's often
> used as a way to avoid making transitive a dependency you only need at build
> time) and adding an for a non-transitive dependency feels quite
> weird.
> At least if this is not a bug, it would be nice to make this behavior
> configurable.
--
This message was sent by Atlassian Jira
(v8.20.7#820007)
[jira] [Comment Edited] (MENFORCER-402) RequireUpperBoundDeps now follow scope provided transitive dependencies
[
https://issues.apache.org/jira/browse/MENFORCER-402?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=17554310#comment-17554310
]
Daniel Norberg edited comment on MENFORCER-402 at 6/14/22 10:13 PM:
I believe the root cause here might be
https://issues.apache.org/jira/browse/MSHARED-1016 and that
[https://github.com/apache/maven-dependency-tree/pull/9] might also be a better
fix for https://issues.apache.org/jira/browse/MENFORCER-394.
Should this issue be reopened?
was (Author: danielnorberg):
I believe the root cause here might be
https://issues.apache.org/jira/browse/MSHARED-1016 and that
[https://github.com/apache/maven-dependency-tree/pull/9] might also be a better
fix for https://issues.apache.org/jira/browse/MENFORCER-394
> RequireUpperBoundDeps now follow scope provided transitive dependencies
> ---
>
> Key: MENFORCER-402
> URL: https://issues.apache.org/jira/browse/MENFORCER-402
> Project: Maven Enforcer Plugin
> Issue Type: Bug
> Components: Plugin
>Affects Versions: 3.0.0
>Reporter: Thomas Mortagne
>Assignee: Slawomir Jaranowski
>Priority: Major
> Fix For: 3.1.0
>
>
> I have a dependency on org.infinispan:infinispan-core:12.1.7.Final and
> upgrading to the enforcer plugin 3.0.0 suddenly made my module fail because
> infinispan-core have conflicting provided dependencies on
> javax.annotation-api:
> {noformat}
> Require upper bound dependencies error for
> javax.annotation:javax.annotation-api:1.3.1 [provided] paths to dependency
> are:
> +-org.xwiki.commons:xwiki-commons-cache-infinispan:13.9-SNAPSHOT
> +-org.infinispan:infinispan-core:12.1.7.Final
> +-javax.annotation:javax.annotation-api:1.3.1 [provided]
> and
> +-org.xwiki.commons:xwiki-commons-cache-infinispan:13.9-SNAPSHOT
> +-org.infinispan:infinispan-core:12.1.7.Final
> +-org.infinispan:infinispan-commons:12.1.7.Final
> +-javax.annotation:javax.annotation-api:1.3.1 [provided]
> and
> +-org.xwiki.commons:xwiki-commons-cache-infinispan:13.9-SNAPSHOT
> +-org.infinispan:infinispan-core:12.1.7.Final
> +-org.infinispan:infinispan-component-processor:12.1.7.Final [provided]
> +-javax.annotation:javax.annotation-api:1.3.1 [provided]
> and
> +-org.xwiki.commons:xwiki-commons-cache-infinispan:13.9-SNAPSHOT
> +-org.infinispan:infinispan-core:12.1.7.Final
> +-org.infinispan.protostream:protostream-types:4.4.1.Final
> +-javax.annotation:javax.annotation-api:1.3.2 [provided]
> and
> +-org.xwiki.commons:xwiki-commons-cache-infinispan:13.9-SNAPSHOT
> +-org.infinispan:infinispan-core:12.1.7.Final
> +-org.infinispan.protostream:protostream-processor:4.4.1.Final [provided]
> +-javax.annotation:javax.annotation-api:1.3.2 [provided]
> and
> +-org.xwiki.commons:xwiki-commons-cache-infinispan:13.9-SNAPSHOT
> +-org.infinispan:infinispan-core:12.1.7.Final
> +-org.infinispan:infinispan-commons:12.1.7.Final
> +-org.infinispan:infinispan-commons-jdk11:12.1.7.Final [provided]
> +-javax.annotation:javax.annotation-api:1.3.1 [provided]
> {noformat}
> It's not clear if this was done on purpose since I cannot find anything about
> that in the release note, but I might have missed it. Problem is that
> provided scope dependencies are not necessarily used at runtime (it's often
> used as a way to avoid making transitive a dependency you only need at build
> time) and adding an for a non-transitive dependency feels quite
> weird.
> At least if this is not a bug, it would be nice to make this behavior
> configurable.
--
This message was sent by Atlassian Jira
(v8.20.7#820007)
[jira] [Commented] (MSHARED-1016) Transitive provided dependencies are not removed from collected dependency graph
[ https://issues.apache.org/jira/browse/MSHARED-1016?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=17554312#comment-17554312 ] Daniel Norberg commented on MSHARED-1016: - Maven removes "provided" dependencies from the graph using the ScopeDependencySelector as seen here [https://github.com/apache/maven/blob/706d9319f14b507f3c3deeba4eeda1a51a531c9b/maven-resolver-provider/src/main/java/org/apache/maven/repository/internal/MavenRepositorySystemUtils.java#L80.] This component is used by maven-enforcer which exhibits issues https://issues.apache.org/jira/browse/MENFORCER-402 and https://issues.apache.org/jira/browse/MENFORCER-394 which I believe to be due to this issue. > Transitive provided dependencies are not removed from collected dependency > graph > > > Key: MSHARED-1016 > URL: https://issues.apache.org/jira/browse/MSHARED-1016 > Project: Maven Shared Components > Issue Type: Bug > Components: maven-dependency-tree >Affects Versions: maven-dependency-tree-3.1.0 >Reporter: Daniel Norberg >Priority: Major > > DependencyCollectorBuilder#collectDependencyGraph returns a dependency graph > containing transitive provided scope dependencies. This is inconsistent with > Maven behavior, which removes transitive provided scope dependencies from the > dependency graph: > [https://github.com/apache/maven/blob/706d9319f14b507f3c3deeba4eeda1a51a531c9b/maven-resolver-provider/src/main/java/org/apache/maven/repository/internal/MavenRepositorySystemUtils.java#L80|https://github.com/apache/maven/blob/706d9319f14b507f3c3deeba4eeda1a51a531c9b/maven-resolver-provider/src/main/java/org/apache/maven/repository/internal/MavenRepositorySystemUtils.java#L80.] > This might be the root cause of > https://issues.apache.org/jira/browse/MENFORCER-402 and > https://issues.apache.org/jira/browse/MENFORCER-394 > Note that transitive test scope dependencies are correctly filtered out using > a dependency selector. > It seems to me that we can add another dependency selector to also filter out > transitive provided scope dependencies: > [https://github.com/apache/maven-dependency-tree/blob/7a1a12533ac6898fcb3dacbcf2466ef71d11c43a/src/main/java/org/apache/maven/shared/dependency/graph/internal/Maven31DependencyCollectorBuilder.java#L108|https://github.com/apache/maven-dependency-tree/blob/master/src/main/java/org/apache/maven/shared/dependency/graph/internal/Maven31DependencyCollectorBuilder.java#L108] > [https://github.com/apache/maven-dependency-tree/blob/7a1a12533ac6898fcb3dacbcf2466ef71d11c43a/src/main/java/org/apache/maven/shared/dependency/graph/internal/Maven3DependencyCollectorBuilder.java#L108] > I have submitted a PR to do this: > [https://github.com/apache/maven-dependency-tree/pull/9] > > > > -- This message was sent by Atlassian Jira (v8.20.7#820007)
[GitHub] [maven-invoker-plugin] dependabot[bot] opened a new pull request, #130: Bump maven-common-artifact-filters from 3.2.0 to 3.3.0
dependabot[bot] opened a new pull request, #130: URL: https://github.com/apache/maven-invoker-plugin/pull/130 Bumps [maven-common-artifact-filters](https://github.com/apache/maven-common-artifact-filters) from 3.2.0 to 3.3.0. Commits https://github.com/apache/maven-common-artifact-filters/commit/ae01a994907a39e7391e2f431bca3c5314890bdd";>ae01a99 [maven-release-plugin] prepare release maven-common-artifact-filters-3.3.0 https://github.com/apache/maven-common-artifact-filters/commit/0c6674fae7cf110c4a12d0f0f80e93d61f0be391";>0c6674f [MSHARED-1077] Bugfix for classifier in pattern (https://github-redirect.dependabot.com/apache/maven-common-artifact-filters/issues/26";>#26) https://github.com/apache/maven-common-artifact-filters/commit/72981e4288c4c314e7d78061bd6220141ef1d9ba";>72981e4 [MSHARED-1078] Update parent POM and drop maven-shared-utils (https://github-redirect.dependabot.com/apache/maven-common-artifact-filters/issues/27";>#27) https://github.com/apache/maven-common-artifact-filters/commit/6ba230d1de6b05b4827db9bdcb4113f5d6832277";>6ba230d Shared GitHub actions v2 https://github.com/apache/maven-common-artifact-filters/commit/26796743072eaba1e7e928f3b158cb8b1bbdb000";>2679674 [MSHARED-1017] null passed to DependencyFilter in EclipseAetherFilterTransfor... https://github.com/apache/maven-common-artifact-filters/commit/6236b1b42647b674a5e97f44b35fc2964c132262";>6236b1b (doc) use shared worflow for gha https://github.com/apache/maven-common-artifact-filters/commit/0569dc9386958477116afb5db28469be94538350";>0569dc9 update CI url https://github.com/apache/maven-common-artifact-filters/commit/36e992b580dfdff8ee2c23d1196c77b074c6888f";>36e992b Dependency scopes cleanup https://github.com/apache/maven-common-artifact-filters/commit/54e333058d75a4792ede57635e2abc128e113b1a";>54e3330 Update resolver to latest Java7 version. https://github.com/apache/maven-common-artifact-filters/commit/7c83ef433c29c7360edba9df11061b4bf5b833a5";>7c83ef4 [MSHARED-988] Remove CP duplicates Additional commits viewable in https://github.com/apache/maven-common-artifact-filters/compare/maven-common-artifact-filters-3.2.0...maven-common-artifact-filters-3.3.0";>compare view [](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores) Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting `@dependabot rebase`. [//]: # (dependabot-automerge-start) [//]: # (dependabot-automerge-end) --- Dependabot commands and options You can trigger Dependabot actions by commenting on this PR: - `@dependabot rebase` will rebase this PR - `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it - `@dependabot merge` will merge this PR after your CI passes on it - `@dependabot squash and merge` will squash and merge this PR after your CI passes on it - `@dependabot cancel merge` will cancel a previously requested merge and block automerging - `@dependabot reopen` will reopen this PR if it is closed - `@dependabot close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually - `@dependabot ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself) -- This is an automated message from the Apache Git Service. To respond to the message, please log on to GitHub and use the URL above to go to the specific comment. To unsubscribe, e-mail: issues-unsubscr...@maven.apache.org For queries about this service, please contact Infrastructure at: us...@infra.apache.org
[GitHub] [maven-indexer] dependabot[bot] opened a new pull request, #218: Bump resolver.version from 1.8.0 to 1.8.1
dependabot[bot] opened a new pull request, #218: URL: https://github.com/apache/maven-indexer/pull/218 Bumps `resolver.version` from 1.8.0 to 1.8.1. Updates `maven-resolver-api` from 1.8.0 to 1.8.1 Commits https://github.com/apache/maven-resolver/commit/01a820ac40b25acb924f289056e9fa77de10a81f";>01a820a [maven-release-plugin] prepare release maven-resolver-1.8.1 https://github.com/apache/maven-resolver/commit/e9fe72f198f4fbf8ec4526a77068c9bed37c2a99";>e9fe72f Replace TBD placeholders with next version https://github.com/apache/maven-resolver/commit/4702bcf246f018ec8e9d1d3dd3f3dfe9a86b8da0";>4702bcf [MRESOLVER-262] Provide contextual data in trace during collect (https://github-redirect.dependabot.com/apache/maven-resolver/issues/182";>#182) https://github.com/apache/maven-resolver/commit/d1833cf88083017237324a156d2949777e10d809";>d1833cf Remove unused stuff (https://github-redirect.dependabot.com/apache/maven-resolver/issues/181";>#181) https://github.com/apache/maven-resolver/commit/1ab297e4a2b59d2ea21eec2aa1928dea2eec0f0f";>1ab297e Extract class PremanagedDependency (https://github-redirect.dependabot.com/apache/maven-resolver/issues/179";>#179) https://github.com/apache/maven-resolver/commit/a626750bf60a6f8209d3e2ccc0902d15f1d24140";>a626750 Collapse collectors (https://github-redirect.dependabot.com/apache/maven-resolver/issues/177";>#177) https://github.com/apache/maven-resolver/commit/570c65e6a8d86ed76df87c2b6f88df6941299b61";>570c65e Add test for empty children and collapse tests (https://github-redirect.dependabot.com/apache/maven-resolver/issues/175";>#175) https://github.com/apache/maven-resolver/commit/2ea36519a72079b9efa59c6278b15bfb01a53fb4";>2ea3651 [MRESOLVER-256] Dependency tree is different between DF and BF strategies whe... https://github.com/apache/maven-resolver/commit/adf3f7504eac3e199af236e25a48ed1286ab3878";>adf3f75 configure Jira integration https://github.com/apache/maven-resolver/commit/6e12ad3932e57c1eb57dc9250c35304fdaf7f0fb";>6e12ad3 [MRESOLVER-255] Update Jetty to 9.4.46.v20220331 (https://github-redirect.dependabot.com/apache/maven-resolver/issues/171";>#171) Additional commits viewable in https://github.com/apache/maven-resolver/compare/maven-resolver-1.8.0...maven-resolver-1.8.1";>compare view Updates `maven-resolver-util` from 1.8.0 to 1.8.1 Commits https://github.com/apache/maven-resolver/commit/01a820ac40b25acb924f289056e9fa77de10a81f";>01a820a [maven-release-plugin] prepare release maven-resolver-1.8.1 https://github.com/apache/maven-resolver/commit/e9fe72f198f4fbf8ec4526a77068c9bed37c2a99";>e9fe72f Replace TBD placeholders with next version https://github.com/apache/maven-resolver/commit/4702bcf246f018ec8e9d1d3dd3f3dfe9a86b8da0";>4702bcf [MRESOLVER-262] Provide contextual data in trace during collect (https://github-redirect.dependabot.com/apache/maven-resolver/issues/182";>#182) https://github.com/apache/maven-resolver/commit/d1833cf88083017237324a156d2949777e10d809";>d1833cf Remove unused stuff (https://github-redirect.dependabot.com/apache/maven-resolver/issues/181";>#181) https://github.com/apache/maven-resolver/commit/1ab297e4a2b59d2ea21eec2aa1928dea2eec0f0f";>1ab297e Extract class PremanagedDependency (https://github-redirect.dependabot.com/apache/maven-resolver/issues/179";>#179) https://github.com/apache/maven-resolver/commit/a626750bf60a6f8209d3e2ccc0902d15f1d24140";>a626750 Collapse collectors (https://github-redirect.dependabot.com/apache/maven-resolver/issues/177";>#177) https://github.com/apache/maven-resolver/commit/570c65e6a8d86ed76df87c2b6f88df6941299b61";>570c65e Add test for empty children and collapse tests (https://github-redirect.dependabot.com/apache/maven-resolver/issues/175";>#175) https://github.com/apache/maven-resolver/commit/2ea36519a72079b9efa59c6278b15bfb01a53fb4";>2ea3651 [MRESOLVER-256] Dependency tree is different between DF and BF strategies whe... https://github.com/apache/maven-resolver/commit/adf3f7504eac3e199af236e25a48ed1286ab3878";>adf3f75 configure Jira integration https://github.com/apache/maven-resolver/commit/6e12ad3932e57c1eb57dc9250c35304fdaf7f0fb";>6e12ad3 [MRESOLVER-255] Update Jetty to 9.4.46.v20220331 (https://github-redirect.dependabot.com/apache/maven-resolver/issues/171";>#171) Additional commits viewable in https://github.com/apache/maven-resolver/compare/maven-resolver-1.8.0...maven-resolver-1.8.1";>compare view Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting `@dependabot rebase`. [//]: # (dependabot-automerge-start) [//]: # (dependabot-automerge-end) --- Dependabot commands and options You can trigger Dependabot actions by commenting on this PR: - `@dependabot rebase` will rebase this PR - `@dependabot recreate`
[jira] [Created] (MNG-7497) Split Packages in Maven Model Builder
Durgan McBroom created MNG-7497: --- Summary: Split Packages in Maven Model Builder Key: MNG-7497 URL: https://issues.apache.org/jira/browse/MNG-7497 Project: Maven Issue Type: Bug Components: POM Affects Versions: 3.8.6 Environment: OS: MacOS Catalina IDE: IntelliJ Idea Ultimate 2021.3.2 Java Version: Oracle OpenJDK 17.0.3 Reporter: Durgan McBroom The packages *"org.apache.maven.model.io"* and *"org.apache.maven.model.merge"* are shared between modules *"maven-model-builder"* and *"maven-model"* (both versions 3.8.6). In Java 9+ this causes split packages and compilation to fail when these are part of the module graph. -- This message was sent by Atlassian Jira (v8.20.7#820007)
[GitHub] [maven-resources-plugin] dependabot[bot] opened a new pull request, #31: Bump maven-resolver-api from 1.6.3 to 1.8.1
dependabot[bot] opened a new pull request, #31: URL: https://github.com/apache/maven-resources-plugin/pull/31 Bumps [maven-resolver-api](https://github.com/apache/maven-resolver) from 1.6.3 to 1.8.1. Commits https://github.com/apache/maven-resolver/commit/01a820ac40b25acb924f289056e9fa77de10a81f";>01a820a [maven-release-plugin] prepare release maven-resolver-1.8.1 https://github.com/apache/maven-resolver/commit/e9fe72f198f4fbf8ec4526a77068c9bed37c2a99";>e9fe72f Replace TBD placeholders with next version https://github.com/apache/maven-resolver/commit/4702bcf246f018ec8e9d1d3dd3f3dfe9a86b8da0";>4702bcf [MRESOLVER-262] Provide contextual data in trace during collect (https://github-redirect.dependabot.com/apache/maven-resolver/issues/182";>#182) https://github.com/apache/maven-resolver/commit/d1833cf88083017237324a156d2949777e10d809";>d1833cf Remove unused stuff (https://github-redirect.dependabot.com/apache/maven-resolver/issues/181";>#181) https://github.com/apache/maven-resolver/commit/1ab297e4a2b59d2ea21eec2aa1928dea2eec0f0f";>1ab297e Extract class PremanagedDependency (https://github-redirect.dependabot.com/apache/maven-resolver/issues/179";>#179) https://github.com/apache/maven-resolver/commit/a626750bf60a6f8209d3e2ccc0902d15f1d24140";>a626750 Collapse collectors (https://github-redirect.dependabot.com/apache/maven-resolver/issues/177";>#177) https://github.com/apache/maven-resolver/commit/570c65e6a8d86ed76df87c2b6f88df6941299b61";>570c65e Add test for empty children and collapse tests (https://github-redirect.dependabot.com/apache/maven-resolver/issues/175";>#175) https://github.com/apache/maven-resolver/commit/2ea36519a72079b9efa59c6278b15bfb01a53fb4";>2ea3651 [MRESOLVER-256] Dependency tree is different between DF and BF strategies whe... https://github.com/apache/maven-resolver/commit/adf3f7504eac3e199af236e25a48ed1286ab3878";>adf3f75 configure Jira integration https://github.com/apache/maven-resolver/commit/6e12ad3932e57c1eb57dc9250c35304fdaf7f0fb";>6e12ad3 [MRESOLVER-255] Update Jetty to 9.4.46.v20220331 (https://github-redirect.dependabot.com/apache/maven-resolver/issues/171";>#171) Additional commits viewable in https://github.com/apache/maven-resolver/compare/maven-resolver-1.6.3...maven-resolver-1.8.1";>compare view [](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores) Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting `@dependabot rebase`. [//]: # (dependabot-automerge-start) [//]: # (dependabot-automerge-end) --- Dependabot commands and options You can trigger Dependabot actions by commenting on this PR: - `@dependabot rebase` will rebase this PR - `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it - `@dependabot merge` will merge this PR after your CI passes on it - `@dependabot squash and merge` will squash and merge this PR after your CI passes on it - `@dependabot cancel merge` will cancel a previously requested merge and block automerging - `@dependabot reopen` will reopen this PR if it is closed - `@dependabot close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually - `@dependabot ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself) -- This is an automated message from the Apache Git Service. To respond to the message, please log on to GitHub and use the URL above to go to the specific comment. To unsubscribe, e-mail: issues-unsubscr...@maven.apache.org For queries about this service, please contact Infrastructure at: us...@infra.apache.org
[jira] [Updated] (MNG-7497) Split Packages in Maven Model Builder
[ https://issues.apache.org/jira/browse/MNG-7497?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ] Durgan McBroom updated MNG-7497: Component/s: (was: POM) > Split Packages in Maven Model Builder > - > > Key: MNG-7497 > URL: https://issues.apache.org/jira/browse/MNG-7497 > Project: Maven > Issue Type: Bug >Affects Versions: 3.8.6 > Environment: OS: MacOS Catalina > IDE: IntelliJ Idea Ultimate 2021.3.2 > Java Version: Oracle OpenJDK 17.0.3 >Reporter: Durgan McBroom >Priority: Major > Labels: java9, jpms > > The packages *"org.apache.maven.model.io"* and > *"org.apache.maven.model.merge"* are shared between modules > *"maven-model-builder"* and *"maven-model"* (both versions 3.8.6). In Java 9+ > this causes split packages and compilation to fail when these are part of the > module graph. -- This message was sent by Atlassian Jira (v8.20.7#820007)
[GitHub] [maven-resources-plugin] dependabot[bot] commented on pull request #25: Bump maven-resolver-api from 1.6.3 to 1.8.0
dependabot[bot] commented on PR #25: URL: https://github.com/apache/maven-resources-plugin/pull/25#issuecomment-1155969919 Superseded by #31. -- This is an automated message from the Apache Git Service. To respond to the message, please log on to GitHub and use the URL above to go to the specific comment. To unsubscribe, e-mail: issues-unsubscr...@maven.apache.org For queries about this service, please contact Infrastructure at: us...@infra.apache.org
[GitHub] [maven-resources-plugin] dependabot[bot] closed pull request #25: Bump maven-resolver-api from 1.6.3 to 1.8.0
dependabot[bot] closed pull request #25: Bump maven-resolver-api from 1.6.3 to 1.8.0 URL: https://github.com/apache/maven-resources-plugin/pull/25 -- This is an automated message from the Apache Git Service. To respond to the message, please log on to GitHub and use the URL above to go to the specific comment. To unsubscribe, e-mail: issues-unsubscr...@maven.apache.org For queries about this service, please contact Infrastructure at: us...@infra.apache.org
[GitHub] [maven-resources-plugin] dependabot[bot] opened a new pull request, #32: Bump maven-filtering from 3.2.0 to 3.3.0
dependabot[bot] opened a new pull request, #32: URL: https://github.com/apache/maven-resources-plugin/pull/32 Bumps [maven-filtering](https://github.com/apache/maven-filtering) from 3.2.0 to 3.3.0. Commits https://github.com/apache/maven-filtering/commit/e318cb3c4ec3e5d274cbe4255797ed0462423711";>e318cb3 [maven-release-plugin] prepare release maven-filtering-3.3.0 https://github.com/apache/maven-filtering/commit/3c92e1bc565fe82a3950051923b7c58d0e2c31e0";>3c92e1b [MSHARED-1080] Parent POM 36, Java8, drop legacy. (https://github-redirect.dependabot.com/apache/maven-filtering/issues/38";>#38) https://github.com/apache/maven-filtering/commit/0158eb95d9e097b771086e7886b34d4fdf2fd17a";>0158eb9 Applied PR comments https://github.com/apache/maven-filtering/commit/4e16d700d9ff823db377c8220f0e46a67fd18541";>4e16d70 Raise from the dead, neglect the smell. https://github.com/apache/maven-filtering/commit/b21a56651224d92edf26a10827e49e4af68ec3ad";>b21a566 Fix UT https://github.com/apache/maven-filtering/commit/e0f0ed6814366c4185f8a8ac0cc663b5f8ef744e";>e0f0ed6 WIP https://github.com/apache/maven-filtering/commit/d026df469c5f59966cdf7ebe4c5613c9724ef443";>d026df4 WIP https://github.com/apache/maven-filtering/commit/dedca2a980a31bfefaa2ecdd95cb7425bf3d7e46";>dedca2a [MSHARED-1080] Parent POM 36, Java8, drop legacy. https://github.com/apache/maven-filtering/commit/36012ddf6042599a5a76ef810d791ff6d2b0edeb";>36012dd Shared GitHub actions v2 https://github.com/apache/maven-filtering/commit/5ab4824ed4f98ef151080c68fa375b107cb858bc";>5ab4824 fix jira project key Additional commits viewable in https://github.com/apache/maven-filtering/compare/maven-filtering-3.2.0...maven-filtering-3.3.0";>compare view [](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores) Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting `@dependabot rebase`. [//]: # (dependabot-automerge-start) [//]: # (dependabot-automerge-end) --- Dependabot commands and options You can trigger Dependabot actions by commenting on this PR: - `@dependabot rebase` will rebase this PR - `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it - `@dependabot merge` will merge this PR after your CI passes on it - `@dependabot squash and merge` will squash and merge this PR after your CI passes on it - `@dependabot cancel merge` will cancel a previously requested merge and block automerging - `@dependabot reopen` will reopen this PR if it is closed - `@dependabot close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually - `@dependabot ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself) -- This is an automated message from the Apache Git Service. To respond to the message, please log on to GitHub and use the URL above to go to the specific comment. To unsubscribe, e-mail: issues-unsubscr...@maven.apache.org For queries about this service, please contact Infrastructure at: us...@infra.apache.org
[jira] [Commented] (SUREFIRE-2076) BufferOverflowException when encoding message with null runMode
[
https://issues.apache.org/jira/browse/SUREFIRE-2076?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=17554376#comment-17554376
]
Matthias J. Sax commented on SUREFIRE-2076:
---
Thanks for the update! – I opened a PR for our repo bumping to `-M7` – hope it
works: [https://github.com/confluentinc/ksql/pull/9200]
> BufferOverflowException when encoding message with null runMode
> ---
>
> Key: SUREFIRE-2076
> URL: https://issues.apache.org/jira/browse/SUREFIRE-2076
> Project: Maven Surefire
> Issue Type: Bug
> Components: Maven Surefire Plugin
>Affects Versions: 3.0.0-M6
>Reporter: Zoltan Meze
>Assignee: Tibor Digana
>Priority: Major
> Fix For: 3.0.0-M7
>
>
> Per
> [#issuecomment-1099231382|https://github.com/apache/maven-surefire/pull/518#issuecomment-1099231382],
>
> [#issuecomment-1099706229|https://github.com/apache/maven-surefire/pull/518#issuecomment-1099706229],
>
> [#pullrequestreview-951134938|https://github.com/apache/maven-surefire/pull/518#pullrequestreview-951134938]
> and
> [#issuecomment-1108371215|https://github.com/apache/maven-surefire/pull/518#issuecomment-1108371215]
> RunMode can be null causing BufferOverflowException when encoding message.
> Related to similar issue with null testIds:
> [SUREFIRE-2056|https://issues.apache.org/jira/browse/SUREFIRE-2056]
> [*AbstractStreamEncoder#encodeHeader*|https://github.com/apache/maven-surefire/blob/959c1e9cabb8d06c72f5ebd7eb6e56e9987eccf8/surefire-api/src/main/java/org/apache/maven/surefire/api/stream/AbstractStreamEncoder.java#L86]
> stores runMode in at least 3 bytes:
> * 1-byte length
> * 1-byte delimiter
> * length-bytes runMode
> * 1-byte delimiter
> In case of null runMode the encoded part becomes *0::* (exactly 3 bytes
> length)
> The issue is that
> [*AbstractStreamEncoder#estimateBufferLength*|https://github.com/apache/maven-surefire/blob/959c1e9cabb8d06c72f5ebd7eb6e56e9987eccf8/surefire-api/src/main/java/org/apache/maven/surefire/api/stream/AbstractStreamEncoder.java#L184]
> is not expecting/couting any bytes for runMode part in case of null runMode.
> This results in in BufferOverflowException becase the byte size of the
> message is underestimated.
> Exception thrown:
> {code:java}
> java.nio.BufferOverflowException
> at java.nio.Buffer.nextPutIndex(Buffer.java:547)
> at java.nio.HeapByteBuffer.put(HeapByteBuffer.java:172)
> at
> org.apache.maven.surefire.api.stream.AbstractStreamEncoder.encodeString(AbstractStreamEncoder.java:127)
> at
> org.apache.maven.surefire.api.stream.AbstractStreamEncoder.encodeStringData(AbstractStreamEncoder.java:171)
> at
> org.apache.maven.surefire.api.stream.AbstractStreamEncoder.encode(AbstractStreamEncoder.java:157)
> at
> org.apache.maven.surefire.booter.spi.EventChannelEncoder.encodeMessage(EventChannelEncoder.java:398)
> at
> org.apache.maven.surefire.booter.spi.EventChannelEncoder.setOutErr(EventChannelEncoder.java:188)
> at
> org.apache.maven.surefire.booter.spi.EventChannelEncoder.testOutput(EventChannelEncoder.java:183)
> at
> org.apache.maven.surefire.api.booter.ForkingRunListener.writeTestOutput(ForkingRunListener.java:113)
> at
> org.apache.maven.surefire.api.booter.ForkingRunListener.writeTestOutput(ForkingRunListener.java:44)
> at
> org.apache.maven.surefire.common.junit4.JUnit4RunListener.writeTestOutput(JUnit4RunListener.java:235)
> at
> org.apache.maven.surefire.api.report.ConsoleOutputCapture$ForwardingPrintStream.println(ConsoleOutputCapture.java:144)
> {code}
--
This message was sent by Atlassian Jira
(v8.20.7#820007)
[jira] [Updated] (MDEPLOY-294) Maven deploy fails with the below issue M2:deploy-file: javax/xml/bind/JAXBException
[ https://issues.apache.org/jira/browse/MDEPLOY-294?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ] Anusha Shetty updated MDEPLOY-294: -- Attachment: error.PNG > Maven deploy fails with the below issue M2:deploy-file: > javax/xml/bind/JAXBException > > > Key: MDEPLOY-294 > URL: https://issues.apache.org/jira/browse/MDEPLOY-294 > Project: Maven Deploy Plugin > Issue Type: Bug > Components: deploy:deploy-file >Affects Versions: 3.0.0-M2 >Reporter: Anusha Shetty >Priority: Major > Attachments: error.PNG > > > !image-2022-06-14-18-23-32-368.png! > !image-2022-06-14-18-31-32-647.png! > > i am facing the above issue even after using the latest maven-deploy-plugin > i.e 3.0.0-M2 > i understand that jaxb apis has been removed from jdk after java 11 and > hence as mentioned in other solutions i had added the below dependencies to > my pom. > > javax.xml.bind > jaxb-api > 2.3.0 > > > com.sun.xml.bind > jaxb-impl > 2.3.0 > > > org.glassfish.jaxb > jaxb-runtime > 2.3.0 > > > javax.activation > activation > 1.1.1 > > But still i am getting the same issue. > i also tried adding the dependency within the plugin > > org.apache.maven.plugins > maven-deploy-plugin > 3.0.0-M2 > > > javax.xml.bind > jaxb-api > 2.3.0 > > > > i checked for jaxb-api jar and it was present with JAXException class. > Inspite of adding all the above dependency maven deploy fails . Could you > tell me what is that i am missing here. > -- This message was sent by Atlassian Jira (v8.20.7#820007)
[jira] [Updated] (MDEPLOY-294) Maven deploy fails with the below issue M2:deploy-file: javax/xml/bind/JAXBException
[ https://issues.apache.org/jira/browse/MDEPLOY-294?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ] Anusha Shetty updated MDEPLOY-294: -- Attachment: error1.PNG > Maven deploy fails with the below issue M2:deploy-file: > javax/xml/bind/JAXBException > > > Key: MDEPLOY-294 > URL: https://issues.apache.org/jira/browse/MDEPLOY-294 > Project: Maven Deploy Plugin > Issue Type: Bug > Components: deploy:deploy-file >Affects Versions: 3.0.0-M2 >Reporter: Anusha Shetty >Priority: Major > Attachments: error.PNG, error1.PNG > > > !image-2022-06-14-18-23-32-368.png! > !image-2022-06-14-18-31-32-647.png! > > i am facing the above issue even after using the latest maven-deploy-plugin > i.e 3.0.0-M2 > i understand that jaxb apis has been removed from jdk after java 11 and > hence as mentioned in other solutions i had added the below dependencies to > my pom. > > javax.xml.bind > jaxb-api > 2.3.0 > > > com.sun.xml.bind > jaxb-impl > 2.3.0 > > > org.glassfish.jaxb > jaxb-runtime > 2.3.0 > > > javax.activation > activation > 1.1.1 > > But still i am getting the same issue. > i also tried adding the dependency within the plugin > > org.apache.maven.plugins > maven-deploy-plugin > 3.0.0-M2 > > > javax.xml.bind > jaxb-api > 2.3.0 > > > > i checked for jaxb-api jar and it was present with JAXException class. > Inspite of adding all the above dependency maven deploy fails . Could you > tell me what is that i am missing here. > -- This message was sent by Atlassian Jira (v8.20.7#820007)
[jira] [Updated] (MDEPLOY-294) Maven deploy fails with the below issue M2:deploy-file: javax/xml/bind/JAXBException
[ https://issues.apache.org/jira/browse/MDEPLOY-294?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ] Anusha Shetty updated MDEPLOY-294: -- Description: !image-2022-06-14-18-23-32-368.png! !image-2022-06-14-18-31-32-647.png! i am facing the issue(PFA) even after using the latest maven-deploy-plugin i.e 3.0.0-M2 i understand that jaxb apis has been removed from jdk after java 11 and hence as mentioned in other solutions i had added the below dependencies to my pom. javax.xml.bind jaxb-api 2.3.0 com.sun.xml.bind jaxb-impl 2.3.0 org.glassfish.jaxb jaxb-runtime 2.3.0 javax.activation activation 1.1.1 But still i am getting the same issue. i also tried adding the dependency within the plugin org.apache.maven.plugins maven-deploy-plugin 3.0.0-M2 javax.xml.bind jaxb-api 2.3.0 i checked for jaxb-api jar and it was present with JAXException class. Inspite of adding all the above dependency maven deploy fails . Could you tell me what is that i am missing here. was: !image-2022-06-14-18-23-32-368.png! !image-2022-06-14-18-31-32-647.png! i am facing the above issue even after using the latest maven-deploy-plugin i.e 3.0.0-M2 i understand that jaxb apis has been removed from jdk after java 11 and hence as mentioned in other solutions i had added the below dependencies to my pom. javax.xml.bind jaxb-api 2.3.0 com.sun.xml.bind jaxb-impl 2.3.0 org.glassfish.jaxb jaxb-runtime 2.3.0 javax.activation activation 1.1.1 But still i am getting the same issue. i also tried adding the dependency within the plugin org.apache.maven.plugins maven-deploy-plugin 3.0.0-M2 javax.xml.bind jaxb-api 2.3.0 i checked for jaxb-api jar and it was present with JAXException class. Inspite of adding all the above dependency maven deploy fails . Could you tell me what is that i am missing here. > Maven deploy fails with the below issue M2:deploy-file: > javax/xml/bind/JAXBException > > > Key: MDEPLOY-294 > URL: https://issues.apache.org/jira/browse/MDEPLOY-294 > Project: Maven Deploy Plugin > Issue Type: Bug > Components: deploy:deploy-file >Affects Versions: 3.0.0-M2 >Reporter: Anusha Shetty >Priority: Major > Attachments: error.PNG, error1.PNG > > > !image-2022-06-14-18-23-32-368.png! > !image-2022-06-14-18-31-32-647.png! > > i am facing the issue(PFA) even after using the latest maven-deploy-plugin > i.e 3.0.0-M2 > i understand that jaxb apis has been removed from jdk after java 11 and > hence as mentioned in other solutions i had added the below dependencies to > my pom. > > javax.xml.bind > jaxb-api > 2.3.0 > > > com.sun.xml.bind > jaxb-impl > 2.3.0 > > > org.glassfish.jaxb > jaxb-runtime > 2.3.0 > > > javax.activation > activation > 1.1.1 > > But still i am getting the same issue. > i also tried adding the dependency within the plugin > > org.apache.maven.plugins > maven-deploy-plugin > 3.0.0-M2 > > > javax.xml.bind > jaxb-api > 2.3.0 > > > > i checked for jaxb-api jar and it was present with JAXException class. > Inspite of adding all the above dependency maven deploy fails . Could you > tell me what is that i am missing here. > -- This message was sent by Atlassian Jira (v8.20.7#820007)
[jira] [Commented] (MDEPLOY-294) Maven deploy fails with the below issue M2:deploy-file: javax/xml/bind/JAXBException
[ https://issues.apache.org/jira/browse/MDEPLOY-294?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=17554386#comment-17554386 ] Anusha Shetty commented on MDEPLOY-294: --- Hello, I have updated my issue . Could you please look into it now. https://issues.apache.org/jira/browse/MDEPLOY-294 Thanks Anusha > Maven deploy fails with the below issue M2:deploy-file: > javax/xml/bind/JAXBException > > > Key: MDEPLOY-294 > URL: https://issues.apache.org/jira/browse/MDEPLOY-294 > Project: Maven Deploy Plugin > Issue Type: Bug > Components: deploy:deploy-file >Affects Versions: 3.0.0-M2 >Reporter: Anusha Shetty >Priority: Major > Attachments: error.PNG, error1.PNG > > > !image-2022-06-14-18-23-32-368.png! > !image-2022-06-14-18-31-32-647.png! > > i am facing the issue(PFA) even after using the latest maven-deploy-plugin > i.e 3.0.0-M2 > i understand that jaxb apis has been removed from jdk after java 11 and > hence as mentioned in other solutions i had added the below dependencies to > my pom. > > javax.xml.bind > jaxb-api > 2.3.0 > > > com.sun.xml.bind > jaxb-impl > 2.3.0 > > > org.glassfish.jaxb > jaxb-runtime > 2.3.0 > > > javax.activation > activation > 1.1.1 > > But still i am getting the same issue. > i also tried adding the dependency within the plugin > > org.apache.maven.plugins > maven-deploy-plugin > 3.0.0-M2 > > > javax.xml.bind > jaxb-api > 2.3.0 > > > > i checked for jaxb-api jar and it was present with JAXException class. > Inspite of adding all the above dependency maven deploy fails . Could you > tell me what is that i am missing here. > -- This message was sent by Atlassian Jira (v8.20.7#820007)
[GitHub] [maven-build-cache-extension] gnodet merged pull request #21: Add a remote cache IT
gnodet merged PR #21: URL: https://github.com/apache/maven-build-cache-extension/pull/21 -- This is an automated message from the Apache Git Service. To respond to the message, please log on to GitHub and use the URL above to go to the specific comment. To unsubscribe, e-mail: issues-unsubscr...@maven.apache.org For queries about this service, please contact Infrastructure at: us...@infra.apache.org
[GitHub] [maven-mvnd] gnodet merged pull request #646: Allow to the registry to be resized to avoid registry corruption (#645)
gnodet merged PR #646: URL: https://github.com/apache/maven-mvnd/pull/646 -- This is an automated message from the Apache Git Service. To respond to the message, please log on to GitHub and use the URL above to go to the specific comment. To unsubscribe, e-mail: issues-unsubscr...@maven.apache.org For queries about this service, please contact Infrastructure at: us...@infra.apache.org
[GitHub] [maven-mvnd] gnodet merged pull request #650: Cleanup
gnodet merged PR #650: URL: https://github.com/apache/maven-mvnd/pull/650 -- This is an automated message from the Apache Git Service. To respond to the message, please log on to GitHub and use the URL above to go to the specific comment. To unsubscribe, e-mail: issues-unsubscr...@maven.apache.org For queries about this service, please contact Infrastructure at: us...@infra.apache.org
[GitHub] [maven-build-cache-extension] olamy commented on a diff in pull request #21: Add a remote cache IT
olamy commented on code in PR #21:
URL:
https://github.com/apache/maven-build-cache-extension/pull/21#discussion_r897575746
##
src/test/java/org/apache/maven/buildcache/its/RemoteCacheDavTest.java:
##
@@ -0,0 +1,493 @@
+/*
+ * Licensed to the Apache Software Foundation (ASF) under one
+ * or more contributor license agreements. See the NOTICE file
+ * distributed with this work for additional information
+ * regarding copyright ownership. The ASF licenses this file
+ * to you under the Apache License, Version 2.0 (the
+ * "License"); you may not use this file except in compliance
+ * with the License. You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing,
+ * software distributed under the License is distributed on an
+ * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
+ * KIND, either express or implied. See the License for the
+ * specific language governing permissions and limitations
+ * under the License.
+ */
+package org.apache.maven.buildcache.its;
+
+import java.io.File;
+import java.io.IOException;
+import java.nio.charset.StandardCharsets;
+import java.nio.file.Files;
+import java.nio.file.LinkOption;
+import java.nio.file.Path;
+import java.nio.file.Paths;
+import java.nio.file.attribute.FileTime;
+import java.nio.file.attribute.PosixFilePermission;
+import java.nio.file.attribute.PosixFilePermissions;
+import java.time.Instant;
+import java.time.ZoneId;
+import java.time.ZonedDateTime;
+import java.time.format.DateTimeFormatter;
+import java.util.Arrays;
+import java.util.EnumSet;
+import java.util.Map;
+import java.util.Objects;
+import java.util.Set;
+import java.util.TreeMap;
+import java.util.function.Consumer;
+import java.util.function.Predicate;
+import java.util.regex.Pattern;
+import java.util.stream.Collectors;
+import java.util.stream.Stream;
+import org.apache.maven.buildcache.its.junit.BeforeEach;
+import org.apache.maven.buildcache.its.junit.Inject;
+import org.apache.maven.buildcache.its.junit.IntegrationTest;
+import org.apache.maven.buildcache.its.junit.IntegrationTestExtension;
+import org.apache.maven.it.VerificationException;
+import org.apache.maven.it.Verifier;
+import org.jetbrains.annotations.NotNull;
+import org.junit.jupiter.api.Test;
+import org.junit.jupiter.api.condition.EnabledOnOs;
+import org.junit.jupiter.api.condition.OS;
+import org.testcontainers.DockerClientFactory;
+import org.testcontainers.containers.GenericContainer;
+import org.testcontainers.junit.jupiter.Container;
+import org.testcontainers.junit.jupiter.Testcontainers;
+import org.testcontainers.utility.DockerImageName;
+
+import static org.junit.jupiter.api.Assertions.assertFalse;
+import static org.junit.jupiter.api.Assertions.assertTrue;
+import static org.junit.jupiter.api.Assumptions.assumeTrue;
+
+@IntegrationTest( "src/test/projects/remote-cache-dav" )
+@Testcontainers
+@EnabledOnOs( OS.LINUX ) // github actions do not support docker on windows
and osx
+public class RemoteCacheDavTest
+{
+
+public static final String DAV_DOCKER_IMAGE =
"xama/nginx-webdav@sha256:84171a7e67d7e98eeaa67de58e3ce141ec1d0ee9c37004e7096698c8379fd9cf";
+private static final String DAV_USERNAME = "admin";
+private static final String DAV_PASSWORD = "admin";
+private static final String REPO_ID = "build-cache";
+private static final String HTTP_TRANSPORT_PRIORITY =
"aether.priority.org.eclipse.aether.transport.http.HttpTransporterFactory";
+private static final String WAGON_TRANSPORT_PRIORITY =
"aether.priority.org.eclipse.aether.transport.wagon.WagonTransporterFactory";
+private static final String MAVEN_BUILD_CACHE_REMOTE_SAVE_ENABLED =
"maven.build.cache.remote.save.enabled";
+
+@Container
+GenericContainer dav;
+
+@Inject
+Verifier verifier;
+
+Path basedir;
+Path remoteCache;
+Path localCache;
+Path settings;
+Path logDir;
+
+@BeforeEach
+void setup() throws IOException
+{
+assumeTrue( DockerClientFactory.instance().isDockerAvailable(),
"docker is not available" );
Review Comment:
just use `@Testcontainers(disabledWithoutDocker = true)` at class level and
you do not need that
--
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.
To unsubscribe, e-mail: issues-unsubscr...@maven.apache.org
For queries about this service, please contact Infrastructure at:
us...@infra.apache.org
[jira] [Closed] (MNGSITE-485) Expired signature in provided KEYS file on the download page
[ https://issues.apache.org/jira/browse/MNGSITE-485?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ] Michael Osipov closed MNGSITE-485. -- Resolution: Fixed > Expired signature in provided KEYS file on the download page > > > Key: MNGSITE-485 > URL: https://issues.apache.org/jira/browse/MNGSITE-485 > Project: Maven Project Web Site > Issue Type: Bug >Reporter: Baiyang Li >Assignee: Michael Osipov >Priority: Major > > Hey, > I met the same expired signature issue described in this close > [issue|https://issues.apache.org/jira/browse/MNGSITE-458?page=com.atlassian.jira.plugin.system.issuetabpanels%3Acomment-tabpanel&focusedCommentId=17410236#comment-17410236]. > When i follow the procedure to verify the signature using the KEYS file, both > provided on the maven's download page:: > * KEYS file import: gpg --import KEYS > * signature verification; gpg --verify .\apache-maven-3.8.2-bin.tar.gz.asc > .\apache-maven-3.8.2-bin.tar.gz > I've got the following message at the second step: > gpg: Good signature from "Michael Osipov (Java developer) > <1983-01...@gmx.net>" [expired] > gpg: aka "Michael Osipov " [expired] > gpg: Note: This key has expired! > According to the same procedure: "A signature is valid, if gpg verifies the > .asc as a good signature, and doesn't complain about expired or revoked > keys", so, technically, the signature is not valid. -- This message was sent by Atlassian Jira (v8.20.7#820007)
