[GitHub] [maven-scm] michael-o commented on a diff in pull request #153: [SCM-945] Update to JGit 5.13.1 leveraging Apache Mina SSHD
michael-o commented on code in PR #153:
URL: https://github.com/apache/maven-scm/pull/153#discussion_r922809389
##
maven-scm-providers/maven-scm-providers-git/maven-scm-provider-gitexe/src/main/java/org/apache/maven/scm/provider/git/gitexe/command/checkin/GitCheckInCommand.java:
##
@@ -211,11 +220,12 @@ protected CheckInScmResult executeCheckInCommand(
ScmProviderRepository repo, Sc
//
// --
-public static Commandline createPushCommandLine( GitScmProviderRepository
repository,
+public Commandline createPushCommandLine( GitScmProviderRepository
repository,
ScmFileSet fileSet,
ScmVersion version )
Review Comment:
indent wrong
##
maven-scm-providers/maven-scm-providers-git/maven-scm-provider-gitexe/src/main/java/org/apache/maven/scm/provider/git/gitexe/command/checkin/GitCheckInCommand.java:
##
@@ -232,10 +242,18 @@ public static Commandline createPushCommandLine(
GitScmProviderRepository reposi
}
public static Commandline createCommitCommandLine(
GitScmProviderRepository repository, ScmFileSet fileSet,
- File messageFile )
+File messageFile )
Review Comment:
ditto
##
maven-scm-providers/maven-scm-providers-git/maven-scm-provider-jgit/pom.xml:
##
@@ -45,16 +45,26 @@
maven-scm-provider-git-commons
- org.eclipse.jgit
- org.eclipse.jgit
- 4.5.4.201711221230-r
+ plexus-interactivity-api
+ org.codehaus.plexus
+ 1.1
- commons-logging
- commons-logging
+ org.codehaus.plexus
+ plexus-container-default
Review Comment:
Why did you change positions? It makes reading the PR harder.
##
maven-scm-providers/maven-scm-providers-git/maven-scm-provider-gittest/pom.xml:
##
@@ -46,6 +46,29 @@
org.codehaus.plexus
plexus-utils
+
+
+ org.apache.sshd
+ sshd-git
+ 2.8.0
Review Comment:
Use a property for this.
##
maven-scm-providers/maven-scm-providers-git/maven-scm-provider-gitexe/src/main/java/org/apache/maven/scm/provider/git/gitexe/command/checkin/GitCheckInCommand.java:
##
@@ -57,6 +58,14 @@
extends AbstractCheckInCommand
implements GitCommand
{
+private final Map environmentVariables;
+
+public GitCheckInCommand( Map environmentVariables )
+{
+super();
+this.environmentVariables = environmentVariables;
+}
Review Comment:
There should be a zero-arg ctor too, no?
##
maven-scm-providers/maven-scm-providers-git/maven-scm-provider-gitexe/src/main/java/org/apache/maven/scm/provider/git/gitexe/command/remoteinfo/GitRemoteInfoCommand.java:
##
@@ -38,6 +40,13 @@
extends AbstractRemoteInfoCommand
implements GitCommand
{
+private final Map environmentVariables;
+
+public GitRemoteInfoCommand( Map environmentVariables )
+{
+super();
+this.environmentVariables = environmentVariables;
+}
Review Comment:
zero-arg ctor
##
maven-scm-providers/maven-scm-providers-git/maven-scm-provider-gitexe/src/test/java/org/apache/maven/scm/provider/git/gitexe/command/checkout/GitExeSshCheckOutCommandTckTest.java:
##
@@ -0,0 +1,70 @@
+package org.apache.maven.scm.provider.git.gitexe.command.checkout;
+
+/*
+ * Licensed to the Apache Software Foundation (ASF) under one
+ * or more contributor license agreements. See the NOTICE file
+ * distributed with this work for additional information
+ * regarding copyright ownership. The ASF licenses this file
+ * to you under the Apache License, Version 2.0 (the
+ * "License"); you may not use this file except in compliance
+ * with the License. You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing,
+ * software distributed under the License is distributed on an
+ * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
+ * KIND, either express or implied. See the License for the
+ * specific language governing permissions and limitations
+ * under the License.
+ */
+
+import java.io.IOException;
+import java.nio.file.Files;
+import java.nio.file.Path;
+import java.security.GeneralSecurityException;
+
+import org.apache.commons.io.FilenameUtils;
+import
org.apache.maven.scm.provider.git.command.checkout.GitSshCheckOutCommandTckTest;
+import org.apache.maven.scm.provider.git.gitexe.GitExeScmProvider;
+import org.apache.maven.scm.provider.git.repository.GitScmProviderRepository;
+
+/**
+ *
+ */
+public class GitExeSshCheckOutCommandTckTest
+extends GitSshCheckOutCommandTckTest
+{
+private Path knownHostsFile;
+
+public static final String VARIABLE_GIT_SSH_COMMAND = "GIT_SSH_COMMAND";
// ht
[jira] [Commented] (SCM-945) Support OpenSSH private keys with maven-scm-provider-jgit
[
https://issues.apache.org/jira/browse/SCM-945?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=17567598#comment-17567598
]
ASF GitHub Bot commented on SCM-945:
michael-o commented on code in PR #153:
URL: https://github.com/apache/maven-scm/pull/153#discussion_r922809389
##
maven-scm-providers/maven-scm-providers-git/maven-scm-provider-gitexe/src/main/java/org/apache/maven/scm/provider/git/gitexe/command/checkin/GitCheckInCommand.java:
##
@@ -211,11 +220,12 @@ protected CheckInScmResult executeCheckInCommand(
ScmProviderRepository repo, Sc
//
// --
-public static Commandline createPushCommandLine( GitScmProviderRepository
repository,
+public Commandline createPushCommandLine( GitScmProviderRepository
repository,
ScmFileSet fileSet,
ScmVersion version )
Review Comment:
indent wrong
##
maven-scm-providers/maven-scm-providers-git/maven-scm-provider-gitexe/src/main/java/org/apache/maven/scm/provider/git/gitexe/command/checkin/GitCheckInCommand.java:
##
@@ -232,10 +242,18 @@ public static Commandline createPushCommandLine(
GitScmProviderRepository reposi
}
public static Commandline createCommitCommandLine(
GitScmProviderRepository repository, ScmFileSet fileSet,
- File messageFile )
+File messageFile )
Review Comment:
ditto
##
maven-scm-providers/maven-scm-providers-git/maven-scm-provider-jgit/pom.xml:
##
@@ -45,16 +45,26 @@
maven-scm-provider-git-commons
- org.eclipse.jgit
- org.eclipse.jgit
- 4.5.4.201711221230-r
+ plexus-interactivity-api
+ org.codehaus.plexus
+ 1.1
- commons-logging
- commons-logging
+ org.codehaus.plexus
+ plexus-container-default
Review Comment:
Why did you change positions? It makes reading the PR harder.
##
maven-scm-providers/maven-scm-providers-git/maven-scm-provider-gittest/pom.xml:
##
@@ -46,6 +46,29 @@
org.codehaus.plexus
plexus-utils
+ Support OpenSSH private keys with maven-scm-provider-jgit
> -
>
> Key: SCM-945
> URL: https://issues.apache.org/jira/browse/SCM-945
> Project: Maven SCM
> Issue Type: Bug
> Components: maven-scm-provider-jgit
>Affects Versions: 1.11.2
>Reporter: Konrad Windszus
>Priority: Major
>
> For SSH based authentication with private keys in the OpenSSH format the
> following error is being emitted: {{invalid privatekey: ...}}
> This is due to the use of JGit 4.5.4
> (https://github.com/apache/maven-scm/blob/c5eb2c187568809e0dc0ea9ac83031f1dcb5ad1a/maven-scm-providers/maven-scm-providers-git/maven-scm-provider-jgit/pom.xml#L53)
> which used JSch which lacks support for those private keys. JGit 5.2 comes
> with a new SSH implementation
> (https://bugs.eclipse.org/bugs/show_bug.cgi?id=520927) and should by that
> also support OpenSSH private keys.
--
This message was sent by Atlassian Jira
(v8.20.10#820010)
[GitHub] [maven-scm] michael-o commented on pull request #153: [SCM-945] Update to JGit 5.13.1 leveraging Apache Mina SSHD
michael-o commented on PR #153: URL: https://github.com/apache/maven-scm/pull/153#issuecomment-1186476412 Since the title of this PR is different to the JIRA issue, I have the following understanding: * It is hard to split apart to due to inter-PR dependencies * You need to upgrade JGit for OpenSSH style key format My proposal w/o ripping this apart: * Create three issues: (issue a) Upgrade JGit to XXX, (issue b) rework OpenSSH private key handing for gitexe and jgit providers, (issue c) Support alternative SSH private keys with gitexe provider * Issue a will depend on issue b * Issue b will do all the hard work with proper description * SCM-945 will depend on issue b * Issue c depends on issue b Thus, all requirements/changes are visible and understood. WDYT? -- This is an automated message from the Apache Git Service. To respond to the message, please log on to GitHub and use the URL above to go to the specific comment. To unsubscribe, e-mail: issues-unsubscr...@maven.apache.org For queries about this service, please contact Infrastructure at: us...@infra.apache.org
[jira] [Commented] (SCM-945) Support OpenSSH private keys with maven-scm-provider-jgit
[
https://issues.apache.org/jira/browse/SCM-945?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=17567601#comment-17567601
]
ASF GitHub Bot commented on SCM-945:
michael-o commented on PR #153:
URL: https://github.com/apache/maven-scm/pull/153#issuecomment-1186476412
Since the title of this PR is different to the JIRA issue, I have the
following understanding:
* It is hard to split apart to due to inter-PR dependencies
* You need to upgrade JGit for OpenSSH style key format
My proposal w/o ripping this apart:
* Create three issues: (issue a) Upgrade JGit to XXX, (issue b) rework
OpenSSH private key handing for gitexe and jgit providers, (issue c) Support
alternative SSH private keys with gitexe provider
* Issue a will depend on issue b
* Issue b will do all the hard work with proper description
* SCM-945 will depend on issue b
* Issue c depends on issue b
Thus, all requirements/changes are visible and understood.
WDYT?
> Support OpenSSH private keys with maven-scm-provider-jgit
> -
>
> Key: SCM-945
> URL: https://issues.apache.org/jira/browse/SCM-945
> Project: Maven SCM
> Issue Type: Bug
> Components: maven-scm-provider-jgit
>Affects Versions: 1.11.2
>Reporter: Konrad Windszus
>Priority: Major
>
> For SSH based authentication with private keys in the OpenSSH format the
> following error is being emitted: {{invalid privatekey: ...}}
> This is due to the use of JGit 4.5.4
> (https://github.com/apache/maven-scm/blob/c5eb2c187568809e0dc0ea9ac83031f1dcb5ad1a/maven-scm-providers/maven-scm-providers-git/maven-scm-provider-jgit/pom.xml#L53)
> which used JSch which lacks support for those private keys. JGit 5.2 comes
> with a new SSH implementation
> (https://bugs.eclipse.org/bugs/show_bug.cgi?id=520927) and should by that
> also support OpenSSH private keys.
--
This message was sent by Atlassian Jira
(v8.20.10#820010)
[jira] [Assigned] (SCM-945) Support OpenSSH private keys with maven-scm-provider-jgit
[
https://issues.apache.org/jira/browse/SCM-945?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel
]
Michael Osipov reassigned SCM-945:
--
Assignee: Michael Osipov
> Support OpenSSH private keys with maven-scm-provider-jgit
> -
>
> Key: SCM-945
> URL: https://issues.apache.org/jira/browse/SCM-945
> Project: Maven SCM
> Issue Type: Bug
> Components: maven-scm-provider-jgit
>Affects Versions: 1.11.2
>Reporter: Konrad Windszus
>Assignee: Michael Osipov
>Priority: Major
>
> For SSH based authentication with private keys in the OpenSSH format the
> following error is being emitted: {{invalid privatekey: ...}}
> This is due to the use of JGit 4.5.4
> (https://github.com/apache/maven-scm/blob/c5eb2c187568809e0dc0ea9ac83031f1dcb5ad1a/maven-scm-providers/maven-scm-providers-git/maven-scm-provider-jgit/pom.xml#L53)
> which used JSch which lacks support for those private keys. JGit 5.2 comes
> with a new SSH implementation
> (https://bugs.eclipse.org/bugs/show_bug.cgi?id=520927) and should by that
> also support OpenSSH private keys.
--
This message was sent by Atlassian Jira
(v8.20.10#820010)
[GitHub] [maven-common-artifact-filters] michael-o commented on a diff in pull request #29: [MSHARED-1104] Four element pattern may be GATV or GATC
michael-o commented on code in PR #29:
URL:
https://github.com/apache/maven-common-artifact-filters/pull/29#discussion_r922818348
##
src/main/java/org/apache/maven/shared/artifact/filter/PatternIncludesArtifactFilter.java:
##
@@ -481,15 +475,22 @@ else if ( ANY.equals( tokens[1] ) )
}
}
-private static Pattern toPattern( final String token, final Coordinate
coordinate )
+private static Pattern toPattern( final String token, final Coordinate...
coordinate )
+{
+return toPattern( token, token, coordinate );
+}
+
+private static Pattern toPattern( final String pattern, final String
token, final Coordinate... coordinate )
Review Comment:
coordinates
##
src/main/java/org/apache/maven/shared/artifact/filter/PatternIncludesArtifactFilter.java:
##
@@ -481,15 +475,22 @@ else if ( ANY.equals( tokens[1] ) )
}
}
-private static Pattern toPattern( final String token, final Coordinate
coordinate )
+private static Pattern toPattern( final String token, final Coordinate...
coordinate )
Review Comment:
coordinates
--
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.
To unsubscribe, e-mail: issues-unsubscr...@maven.apache.org
For queries about this service, please contact Infrastructure at:
us...@infra.apache.org
[jira] [Commented] (SCM-914) InfoItem.lastChangedDate is leaky abstraction
[ https://issues.apache.org/jira/browse/SCM-914?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=17567605#comment-17567605 ] Michael Osipov commented on SCM-914: Still interested in pursuing this? > InfoItem.lastChangedDate is leaky abstraction > - > > Key: SCM-914 > URL: https://issues.apache.org/jira/browse/SCM-914 > Project: Maven SCM > Issue Type: Bug > Components: maven-scm-api >Reporter: Tobias Gruetzmacher >Priority: Minor > > I was looking into implementing > [https://github.com/mojohaus/buildnumber-maven-plugin/pull/16] in a sane way, > but had to conclude that InfoItem.lastChangedDate is unfortunately just a > string and not a Data, so will leak the console output of different providers > to the user. > Does anybody see a sane way to fix this API and create a sane abstraction for > different SCMs? If yes, I would try to go ahead with the following tasks: > # Fix InfoItem, so that lastChangedDate is a Date > # Fix the current providers filling this field (svnexe and svnjava AFAICS - > aside: why is svnjava not part of the maven-scm repository?) > # Implement this feature for at least gitexe (and maybe jgit) so I can use > it for my usecase > Ideas, comments? -- This message was sent by Atlassian Jira (v8.20.10#820010)
[jira] [Updated] (SCM-924) Enhance SCM changelog model to hold information about tagged commits
[
https://issues.apache.org/jira/browse/SCM-924?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel
]
Michael Osipov updated SCM-924:
---
Fix Version/s: waiting-for-feedback
> Enhance SCM changelog model to hold information about tagged commits
>
>
> Key: SCM-924
> URL: https://issues.apache.org/jira/browse/SCM-924
> Project: Maven SCM
> Issue Type: Improvement
> Components: maven-scm-api, maven-scm-provider-gitexe
>Affects Versions: 1.11.2
>Reporter: Sven Linstaedt
>Priority: Minor
> Fix For: waiting-for-feedback
>
>
> Hi, in order to support something like semantic releases via maven directly
> and not some 3rd party tools, not only being able to create tags, but also
> processing them as part of the changelog would be great.
> Tag information are are part of the commit history, accessible via git
> commandline
> {{git log --decorate}}
> This additional information could be parsed to enhance the ChangeSet model
> containing optional information about any tags for this particular commit.
> A patch at least for gitexe could be provided, if needed.
--
This message was sent by Atlassian Jira
(v8.20.10#820010)
[jira] [Commented] (SCM-924) Enhance SCM changelog model to hold information about tagged commits
[
https://issues.apache.org/jira/browse/SCM-924?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=17567606#comment-17567606
]
Michael Osipov commented on SCM-924:
Is this still an issue with upcoming 2.0.0-M2?
> Enhance SCM changelog model to hold information about tagged commits
>
>
> Key: SCM-924
> URL: https://issues.apache.org/jira/browse/SCM-924
> Project: Maven SCM
> Issue Type: Improvement
> Components: maven-scm-api, maven-scm-provider-gitexe
>Affects Versions: 1.11.2
>Reporter: Sven Linstaedt
>Priority: Minor
>
> Hi, in order to support something like semantic releases via maven directly
> and not some 3rd party tools, not only being able to create tags, but also
> processing them as part of the changelog would be great.
> Tag information are are part of the commit history, accessible via git
> commandline
> {{git log --decorate}}
> This additional information could be parsed to enhance the ChangeSet model
> containing optional information about any tags for this particular commit.
> A patch at least for gitexe could be provided, if needed.
--
This message was sent by Atlassian Jira
(v8.20.10#820010)
[GitHub] [maven-scm] kwin commented on a diff in pull request #153: [SCM-945] Update to JGit 5.13.1 leveraging Apache Mina SSHD
kwin commented on code in PR #153:
URL: https://github.com/apache/maven-scm/pull/153#discussion_r922819148
##
maven-scm-providers/maven-scm-providers-git/maven-scm-provider-gitexe/src/main/java/org/apache/maven/scm/provider/git/gitexe/command/checkin/GitCheckInCommand.java:
##
@@ -57,6 +58,14 @@
extends AbstractCheckInCommand
implements GitCommand
{
+private final Map environmentVariables;
+
+public GitCheckInCommand( Map environmentVariables )
+{
+super();
+this.environmentVariables = environmentVariables;
+}
Review Comment:
I didn't consider this API, the only usage is from within
`GitExeScmProvider` and that one only leverages the one with map.
--
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.
To unsubscribe, e-mail: issues-unsubscr...@maven.apache.org
For queries about this service, please contact Infrastructure at:
us...@infra.apache.org
[jira] [Commented] (SCM-945) Support OpenSSH private keys with maven-scm-provider-jgit
[
https://issues.apache.org/jira/browse/SCM-945?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=17567610#comment-17567610
]
ASF GitHub Bot commented on SCM-945:
kwin commented on code in PR #153:
URL: https://github.com/apache/maven-scm/pull/153#discussion_r922819246
##
maven-scm-providers/maven-scm-providers-git/maven-scm-provider-jgit/src/main/java/org/apache/maven/scm/provider/git/jgit/command/PlexusInteractivityCredentialsProvider.java:
##
@@ -0,0 +1,101 @@
+package org.apache.maven.scm.provider.git.jgit.command;
+
+/*
+ * Licensed to the Apache Software Foundation (ASF) under one
+ * or more contributor license agreements. See the NOTICE file
+ * distributed with this work for additional information
+ * regarding copyright ownership. The ASF licenses this file
+ * to you under the Apache License, Version 2.0 (the
+ * "License"); you may not use this file except in compliance
+ * with the License. You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing,
+ * software distributed under the License is distributed on an
+ * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
+ * KIND, either express or implied. See the License for the
+ * specific language governing permissions and limitations
+ * under the License.
+ */
+
+
+import java.util.Arrays;
+
+import org.codehaus.plexus.components.interactivity.Prompter;
+import org.codehaus.plexus.components.interactivity.PrompterException;
+import org.eclipse.jgit.errors.UnsupportedCredentialItem;
+import org.eclipse.jgit.transport.CredentialItem;
+import org.eclipse.jgit.transport.CredentialsProvider;
+import org.eclipse.jgit.transport.URIish;
+
+/**
+ * {@link CredentialsProvider} leveraging the {@link Prompter} component.
+ *
+ */
+public class PlexusInteractivityCredentialsProvider extends CredentialsProvider
+{
+private final boolean isInteractive;
Review Comment:
I was hoping that I somehow can figure out if Maven is called in batch mode
or not via some injections. Any ideas?
> Support OpenSSH private keys with maven-scm-provider-jgit
> -
>
> Key: SCM-945
> URL: https://issues.apache.org/jira/browse/SCM-945
> Project: Maven SCM
> Issue Type: Bug
> Components: maven-scm-provider-jgit
>Affects Versions: 1.11.2
>Reporter: Konrad Windszus
>Assignee: Michael Osipov
>Priority: Major
>
> For SSH based authentication with private keys in the OpenSSH format the
> following error is being emitted: {{invalid privatekey: ...}}
> This is due to the use of JGit 4.5.4
> (https://github.com/apache/maven-scm/blob/c5eb2c187568809e0dc0ea9ac83031f1dcb5ad1a/maven-scm-providers/maven-scm-providers-git/maven-scm-provider-jgit/pom.xml#L53)
> which used JSch which lacks support for those private keys. JGit 5.2 comes
> with a new SSH implementation
> (https://bugs.eclipse.org/bugs/show_bug.cgi?id=520927) and should by that
> also support OpenSSH private keys.
--
This message was sent by Atlassian Jira
(v8.20.10#820010)
[GitHub] [maven-scm] kwin commented on a diff in pull request #153: [SCM-945] Update to JGit 5.13.1 leveraging Apache Mina SSHD
kwin commented on code in PR #153:
URL: https://github.com/apache/maven-scm/pull/153#discussion_r922819246
##
maven-scm-providers/maven-scm-providers-git/maven-scm-provider-jgit/src/main/java/org/apache/maven/scm/provider/git/jgit/command/PlexusInteractivityCredentialsProvider.java:
##
@@ -0,0 +1,101 @@
+package org.apache.maven.scm.provider.git.jgit.command;
+
+/*
+ * Licensed to the Apache Software Foundation (ASF) under one
+ * or more contributor license agreements. See the NOTICE file
+ * distributed with this work for additional information
+ * regarding copyright ownership. The ASF licenses this file
+ * to you under the Apache License, Version 2.0 (the
+ * "License"); you may not use this file except in compliance
+ * with the License. You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing,
+ * software distributed under the License is distributed on an
+ * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
+ * KIND, either express or implied. See the License for the
+ * specific language governing permissions and limitations
+ * under the License.
+ */
+
+
+import java.util.Arrays;
+
+import org.codehaus.plexus.components.interactivity.Prompter;
+import org.codehaus.plexus.components.interactivity.PrompterException;
+import org.eclipse.jgit.errors.UnsupportedCredentialItem;
+import org.eclipse.jgit.transport.CredentialItem;
+import org.eclipse.jgit.transport.CredentialsProvider;
+import org.eclipse.jgit.transport.URIish;
+
+/**
+ * {@link CredentialsProvider} leveraging the {@link Prompter} component.
+ *
+ */
+public class PlexusInteractivityCredentialsProvider extends CredentialsProvider
+{
+private final boolean isInteractive;
Review Comment:
I was hoping that I somehow can figure out if Maven is called in batch mode
or not via some injections. Any ideas?
--
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.
To unsubscribe, e-mail: issues-unsubscr...@maven.apache.org
For queries about this service, please contact Infrastructure at:
us...@infra.apache.org
[jira] [Commented] (SCM-945) Support OpenSSH private keys with maven-scm-provider-jgit
[
https://issues.apache.org/jira/browse/SCM-945?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=17567608#comment-17567608
]
ASF GitHub Bot commented on SCM-945:
kwin commented on code in PR #153:
URL: https://github.com/apache/maven-scm/pull/153#discussion_r922819148
##
maven-scm-providers/maven-scm-providers-git/maven-scm-provider-gitexe/src/main/java/org/apache/maven/scm/provider/git/gitexe/command/checkin/GitCheckInCommand.java:
##
@@ -57,6 +58,14 @@
extends AbstractCheckInCommand
implements GitCommand
{
+private final Map environmentVariables;
+
+public GitCheckInCommand( Map environmentVariables )
+{
+super();
+this.environmentVariables = environmentVariables;
+}
Review Comment:
I didn't consider this API, the only usage is from within
`GitExeScmProvider` and that one only leverages the one with map.
> Support OpenSSH private keys with maven-scm-provider-jgit
> -
>
> Key: SCM-945
> URL: https://issues.apache.org/jira/browse/SCM-945
> Project: Maven SCM
> Issue Type: Bug
> Components: maven-scm-provider-jgit
>Affects Versions: 1.11.2
>Reporter: Konrad Windszus
>Assignee: Michael Osipov
>Priority: Major
>
> For SSH based authentication with private keys in the OpenSSH format the
> following error is being emitted: {{invalid privatekey: ...}}
> This is due to the use of JGit 4.5.4
> (https://github.com/apache/maven-scm/blob/c5eb2c187568809e0dc0ea9ac83031f1dcb5ad1a/maven-scm-providers/maven-scm-providers-git/maven-scm-provider-jgit/pom.xml#L53)
> which used JSch which lacks support for those private keys. JGit 5.2 comes
> with a new SSH implementation
> (https://bugs.eclipse.org/bugs/show_bug.cgi?id=520927) and should by that
> also support OpenSSH private keys.
--
This message was sent by Atlassian Jira
(v8.20.10#820010)
[jira] [Updated] (SCM-929) Release plugin does not work with central repository and always performs clone operation
[
https://issues.apache.org/jira/browse/SCM-929?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel
]
Michael Osipov updated SCM-929:
---
Fix Version/s: waiting-for-feedback
> Release plugin does not work with central repository and always performs
> clone operation
>
>
> Key: SCM-929
> URL: https://issues.apache.org/jira/browse/SCM-929
> Project: Maven SCM
> Issue Type: Improvement
> Components: maven-scm-provider-mercurial (hg)
> Environment: Ubuntu 11.04/ArchLinux
> Maven 3.0.3
> Mercurial 1.7.5/1.9.1
> vars:
> MAVEN_OPTS="-DaltDeploymentRepository=abetaev::default::file://$HOME/mvn"
>Reporter: Alexander Betaev
>Priority: Major
> Fix For: waiting-for-feedback
>
> Attachments: maven-release-plugin.patch, maven-release-plugin.patch,
> maven-scm.patch, maven-test-project.tar.bz2
>
>
> Plugin cannot work with repositories as if they were central ones. It pushes
> and updates data from central repo.
> Please take a look at the patch here: SCM-631
> Also look at MRELEASE-707 issue. The patch from attachment enables usage of
> $\{project.scm.developerConnection} var.
> The attached patch makes plugin to work with repository as if it was central.
> The following arguments were used for manual testing:
> {noformat}
> mvn -f parent/pom.xml -DpushChanges=false -DscmPerformLocalUpdate=true
> -Dproject.scm.developerConnection=scm:hg:file://\${basedir}/../
> release:prepare
> mvn -f parent/pom.xml -DpushChanges=false -DscmPerformLocalUpdate=true
> -Dproject.scm.developerConnection=scm:hg:file://\${basedir}/../
> release:perform
> {noformat}
--
This message was sent by Atlassian Jira
(v8.20.10#820010)
[jira] [Updated] (SCM-833) getLastChangedRevision() returns null whereas as getRevision() get correct versions
[
https://issues.apache.org/jira/browse/SCM-833?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel
]
Michael Osipov updated SCM-833:
---
Fix Version/s: waiting-for-feedback
> getLastChangedRevision() returns null whereas as getRevision() get correct
> versions
> ---
>
> Key: SCM-833
> URL: https://issues.apache.org/jira/browse/SCM-833
> Project: Maven SCM
> Issue Type: Bug
> Components: maven-scm-api, maven-scm-provider-jgit
>Affects Versions: 1.9.4, 1.9.5
>Reporter: Karl Heinz Marbaise
>Priority: Minor
> Fix For: waiting-for-feedback
>
>
> Currently there is a method like this in the code (buildnumber-maven-plugin):
> AbstractScmMojo.java:
> {code:java}
> protected String getScmRevision()
> throws ScmException
> {
> ScmRepository repository = getScmRepository();
> InfoScmResult scmResult = info( repository, new ScmFileSet(
> scmDirectory ) );
> if ( scmResult == null || scmResult.getInfoItems().isEmpty() )
> {
> return ( !StringUtils.isEmpty( revisionOnScmFailure ) ) ?
> revisionOnScmFailure : null;
> }
> checkResult( scmResult );
> InfoItem info = scmResult.getInfoItems().get( 0 );
>
> List infoItems = scmResult.getInfoItems();
>
> for (InfoItem infoItem : infoItems) {
> getLog().info("Item: " +infoItem.getRevision() + " lcr: " +
> infoItem.getLastChangedRevision() );
> }
> getLog().info("useLastCommittedRevision: " +
> useLastCommittedRevision);
> if ( useLastCommittedRevision )
> {
> return info.getLastChangedRevision();
> }
> return info.getRevision();
> }
> {code}
> The problem is simply that {{getLastChangedRevision()}} returns null whereas
> {{getRevision()}} returns the requested value?...
> So ATM I'm not sure if this is really a bug in SCM or a misusage in
> buildnumber-maven-plugin ?
--
This message was sent by Atlassian Jira
(v8.20.10#820010)
[jira] [Commented] (SCM-929) Release plugin does not work with central repository and always performs clone operation
[
https://issues.apache.org/jira/browse/SCM-929?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=17567609#comment-17567609
]
Michael Osipov commented on SCM-929:
[~infestator], do you want to pursue this?
> Release plugin does not work with central repository and always performs
> clone operation
>
>
> Key: SCM-929
> URL: https://issues.apache.org/jira/browse/SCM-929
> Project: Maven SCM
> Issue Type: Improvement
> Components: maven-scm-provider-mercurial (hg)
> Environment: Ubuntu 11.04/ArchLinux
> Maven 3.0.3
> Mercurial 1.7.5/1.9.1
> vars:
> MAVEN_OPTS="-DaltDeploymentRepository=abetaev::default::file://$HOME/mvn"
>Reporter: Alexander Betaev
>Priority: Major
> Fix For: waiting-for-feedback
>
> Attachments: maven-release-plugin.patch, maven-release-plugin.patch,
> maven-scm.patch, maven-test-project.tar.bz2
>
>
> Plugin cannot work with repositories as if they were central ones. It pushes
> and updates data from central repo.
> Please take a look at the patch here: SCM-631
> Also look at MRELEASE-707 issue. The patch from attachment enables usage of
> $\{project.scm.developerConnection} var.
> The attached patch makes plugin to work with repository as if it was central.
> The following arguments were used for manual testing:
> {noformat}
> mvn -f parent/pom.xml -DpushChanges=false -DscmPerformLocalUpdate=true
> -Dproject.scm.developerConnection=scm:hg:file://\${basedir}/../
> release:prepare
> mvn -f parent/pom.xml -DpushChanges=false -DscmPerformLocalUpdate=true
> -Dproject.scm.developerConnection=scm:hg:file://\${basedir}/../
> release:perform
> {noformat}
--
This message was sent by Atlassian Jira
(v8.20.10#820010)
[jira] [Commented] (SCM-833) getLastChangedRevision() returns null whereas as getRevision() get correct versions
[
https://issues.apache.org/jira/browse/SCM-833?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=17567607#comment-17567607
]
Michael Osipov commented on SCM-833:
[~khmarbaise], do you want to pursue this?
> getLastChangedRevision() returns null whereas as getRevision() get correct
> versions
> ---
>
> Key: SCM-833
> URL: https://issues.apache.org/jira/browse/SCM-833
> Project: Maven SCM
> Issue Type: Bug
> Components: maven-scm-api, maven-scm-provider-jgit
>Affects Versions: 1.9.4, 1.9.5
>Reporter: Karl Heinz Marbaise
>Priority: Minor
>
> Currently there is a method like this in the code (buildnumber-maven-plugin):
> AbstractScmMojo.java:
> {code:java}
> protected String getScmRevision()
> throws ScmException
> {
> ScmRepository repository = getScmRepository();
> InfoScmResult scmResult = info( repository, new ScmFileSet(
> scmDirectory ) );
> if ( scmResult == null || scmResult.getInfoItems().isEmpty() )
> {
> return ( !StringUtils.isEmpty( revisionOnScmFailure ) ) ?
> revisionOnScmFailure : null;
> }
> checkResult( scmResult );
> InfoItem info = scmResult.getInfoItems().get( 0 );
>
> List infoItems = scmResult.getInfoItems();
>
> for (InfoItem infoItem : infoItems) {
> getLog().info("Item: " +infoItem.getRevision() + " lcr: " +
> infoItem.getLastChangedRevision() );
> }
> getLog().info("useLastCommittedRevision: " +
> useLastCommittedRevision);
> if ( useLastCommittedRevision )
> {
> return info.getLastChangedRevision();
> }
> return info.getRevision();
> }
> {code}
> The problem is simply that {{getLastChangedRevision()}} returns null whereas
> {{getRevision()}} returns the requested value?...
> So ATM I'm not sure if this is really a bug in SCM or a misusage in
> buildnumber-maven-plugin ?
--
This message was sent by Atlassian Jira
(v8.20.10#820010)
[GitHub] [maven-scm] kwin commented on a diff in pull request #153: [SCM-945] Update to JGit 5.13.1 leveraging Apache Mina SSHD
kwin commented on code in PR #153:
URL: https://github.com/apache/maven-scm/pull/153#discussion_r922819277
##
maven-scm-providers/maven-scm-providers-git/maven-scm-provider-jgit/src/main/java/org/apache/maven/scm/provider/git/jgit/JGitScmProvider.java:
##
@@ -54,6 +58,12 @@
public class JGitScmProvider
extends AbstractGitScmProvider
{
+@Inject
+public JGitScmProvider( Prompter prompter )
+{
+CredentialsProvider.setDefault( new
PlexusInteractivityCredentialsProvider( true, prompter ) );
Review Comment:
https://github.com/apache/maven-scm/pull/153#discussion_r922819246
--
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.
To unsubscribe, e-mail: issues-unsubscr...@maven.apache.org
For queries about this service, please contact Infrastructure at:
us...@infra.apache.org
[jira] [Commented] (SCM-945) Support OpenSSH private keys with maven-scm-provider-jgit
[
https://issues.apache.org/jira/browse/SCM-945?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=17567611#comment-17567611
]
ASF GitHub Bot commented on SCM-945:
kwin commented on code in PR #153:
URL: https://github.com/apache/maven-scm/pull/153#discussion_r922819277
##
maven-scm-providers/maven-scm-providers-git/maven-scm-provider-jgit/src/main/java/org/apache/maven/scm/provider/git/jgit/JGitScmProvider.java:
##
@@ -54,6 +58,12 @@
public class JGitScmProvider
extends AbstractGitScmProvider
{
+@Inject
+public JGitScmProvider( Prompter prompter )
+{
+CredentialsProvider.setDefault( new
PlexusInteractivityCredentialsProvider( true, prompter ) );
Review Comment:
https://github.com/apache/maven-scm/pull/153#discussion_r922819246
> Support OpenSSH private keys with maven-scm-provider-jgit
> -
>
> Key: SCM-945
> URL: https://issues.apache.org/jira/browse/SCM-945
> Project: Maven SCM
> Issue Type: Bug
> Components: maven-scm-provider-jgit
>Affects Versions: 1.11.2
>Reporter: Konrad Windszus
>Assignee: Michael Osipov
>Priority: Major
>
> For SSH based authentication with private keys in the OpenSSH format the
> following error is being emitted: {{invalid privatekey: ...}}
> This is due to the use of JGit 4.5.4
> (https://github.com/apache/maven-scm/blob/c5eb2c187568809e0dc0ea9ac83031f1dcb5ad1a/maven-scm-providers/maven-scm-providers-git/maven-scm-provider-jgit/pom.xml#L53)
> which used JSch which lacks support for those private keys. JGit 5.2 comes
> with a new SSH implementation
> (https://bugs.eclipse.org/bugs/show_bug.cgi?id=520927) and should by that
> also support OpenSSH private keys.
--
This message was sent by Atlassian Jira
(v8.20.10#820010)
[GitHub] [maven-scm] kwin commented on pull request #153: [SCM-945] Update to JGit 5.13.1 leveraging Apache Mina SSHD
kwin commented on PR #153: URL: https://github.com/apache/maven-scm/pull/153#issuecomment-1186492662 > * Create three issues: (issue a) Upgrade JGit to XXX, (issue b) rework OpenSSH private key handing for gitexe and jgit providers, (issue c) Support alternative SSH private keys with gitexe provider This PR does not "rework OpenSSH private key handing for gitexe" nor does it "Support alternative SSH private keys with gitexe provider". The environment variables are only necessary to test existing functionality in gitexe (namely test authorization with SSH). -- This is an automated message from the Apache Git Service. To respond to the message, please log on to GitHub and use the URL above to go to the specific comment. To unsubscribe, e-mail: issues-unsubscr...@maven.apache.org For queries about this service, please contact Infrastructure at: us...@infra.apache.org
[jira] [Commented] (SCM-945) Support OpenSSH private keys with maven-scm-provider-jgit
[
https://issues.apache.org/jira/browse/SCM-945?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=17567613#comment-17567613
]
ASF GitHub Bot commented on SCM-945:
kwin commented on PR #153:
URL: https://github.com/apache/maven-scm/pull/153#issuecomment-1186492662
> * Create three issues: (issue a) Upgrade JGit to XXX, (issue b) rework
OpenSSH private key handing for gitexe and jgit providers, (issue c) Support
alternative SSH private keys with gitexe provider
This PR does not "rework OpenSSH private key handing for gitexe" nor does it
"Support alternative SSH private keys with gitexe provider". The environment
variables are only necessary to test existing functionality in gitexe (namely
test authorization with SSH).
> Support OpenSSH private keys with maven-scm-provider-jgit
> -
>
> Key: SCM-945
> URL: https://issues.apache.org/jira/browse/SCM-945
> Project: Maven SCM
> Issue Type: Bug
> Components: maven-scm-provider-jgit
>Affects Versions: 1.11.2
>Reporter: Konrad Windszus
>Assignee: Michael Osipov
>Priority: Major
>
> For SSH based authentication with private keys in the OpenSSH format the
> following error is being emitted: {{invalid privatekey: ...}}
> This is due to the use of JGit 4.5.4
> (https://github.com/apache/maven-scm/blob/c5eb2c187568809e0dc0ea9ac83031f1dcb5ad1a/maven-scm-providers/maven-scm-providers-git/maven-scm-provider-jgit/pom.xml#L53)
> which used JSch which lacks support for those private keys. JGit 5.2 comes
> with a new SSH implementation
> (https://bugs.eclipse.org/bugs/show_bug.cgi?id=520927) and should by that
> also support OpenSSH private keys.
--
This message was sent by Atlassian Jira
(v8.20.10#820010)
[GitHub] [maven-scm] michael-o commented on a diff in pull request #153: [SCM-945] Update to JGit 5.13.1 leveraging Apache Mina SSHD
michael-o commented on code in PR #153:
URL: https://github.com/apache/maven-scm/pull/153#discussion_r922819720
##
maven-scm-providers/maven-scm-providers-git/maven-scm-provider-gitexe/src/main/java/org/apache/maven/scm/provider/git/gitexe/command/checkin/GitCheckInCommand.java:
##
@@ -57,6 +58,14 @@
extends AbstractCheckInCommand
implements GitCommand
{
+private final Map environmentVariables;
+
+public GitCheckInCommand( Map environmentVariables )
+{
+super();
+this.environmentVariables = environmentVariables;
+}
Review Comment:
Alright, let's leave then as-is as long as it is consistent with the rest.
--
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.
To unsubscribe, e-mail: issues-unsubscr...@maven.apache.org
For queries about this service, please contact Infrastructure at:
us...@infra.apache.org
[jira] [Commented] (SCM-945) Support OpenSSH private keys with maven-scm-provider-jgit
[
https://issues.apache.org/jira/browse/SCM-945?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=17567614#comment-17567614
]
ASF GitHub Bot commented on SCM-945:
michael-o commented on code in PR #153:
URL: https://github.com/apache/maven-scm/pull/153#discussion_r922819720
##
maven-scm-providers/maven-scm-providers-git/maven-scm-provider-gitexe/src/main/java/org/apache/maven/scm/provider/git/gitexe/command/checkin/GitCheckInCommand.java:
##
@@ -57,6 +58,14 @@
extends AbstractCheckInCommand
implements GitCommand
{
+private final Map environmentVariables;
+
+public GitCheckInCommand( Map environmentVariables )
+{
+super();
+this.environmentVariables = environmentVariables;
+}
Review Comment:
Alright, let's leave then as-is as long as it is consistent with the rest.
> Support OpenSSH private keys with maven-scm-provider-jgit
> -
>
> Key: SCM-945
> URL: https://issues.apache.org/jira/browse/SCM-945
> Project: Maven SCM
> Issue Type: Bug
> Components: maven-scm-provider-jgit
>Affects Versions: 1.11.2
>Reporter: Konrad Windszus
>Assignee: Michael Osipov
>Priority: Major
>
> For SSH based authentication with private keys in the OpenSSH format the
> following error is being emitted: {{invalid privatekey: ...}}
> This is due to the use of JGit 4.5.4
> (https://github.com/apache/maven-scm/blob/c5eb2c187568809e0dc0ea9ac83031f1dcb5ad1a/maven-scm-providers/maven-scm-providers-git/maven-scm-provider-jgit/pom.xml#L53)
> which used JSch which lacks support for those private keys. JGit 5.2 comes
> with a new SSH implementation
> (https://bugs.eclipse.org/bugs/show_bug.cgi?id=520927) and should by that
> also support OpenSSH private keys.
--
This message was sent by Atlassian Jira
(v8.20.10#820010)
[GitHub] [maven-scm] michael-o commented on a diff in pull request #153: [SCM-945] Update to JGit 5.13.1 leveraging Apache Mina SSHD
michael-o commented on code in PR #153:
URL: https://github.com/apache/maven-scm/pull/153#discussion_r922820137
##
maven-scm-providers/maven-scm-providers-git/maven-scm-provider-jgit/src/main/java/org/apache/maven/scm/provider/git/jgit/command/PlexusInteractivityCredentialsProvider.java:
##
@@ -0,0 +1,101 @@
+package org.apache.maven.scm.provider.git.jgit.command;
+
+/*
+ * Licensed to the Apache Software Foundation (ASF) under one
+ * or more contributor license agreements. See the NOTICE file
+ * distributed with this work for additional information
+ * regarding copyright ownership. The ASF licenses this file
+ * to you under the Apache License, Version 2.0 (the
+ * "License"); you may not use this file except in compliance
+ * with the License. You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing,
+ * software distributed under the License is distributed on an
+ * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
+ * KIND, either express or implied. See the License for the
+ * specific language governing permissions and limitations
+ * under the License.
+ */
+
+
+import java.util.Arrays;
+
+import org.codehaus.plexus.components.interactivity.Prompter;
+import org.codehaus.plexus.components.interactivity.PrompterException;
+import org.eclipse.jgit.errors.UnsupportedCredentialItem;
+import org.eclipse.jgit.transport.CredentialItem;
+import org.eclipse.jgit.transport.CredentialsProvider;
+import org.eclipse.jgit.transport.URIish;
+
+/**
+ * {@link CredentialsProvider} leveraging the {@link Prompter} component.
+ *
+ */
+public class PlexusInteractivityCredentialsProvider extends CredentialsProvider
+{
+private final boolean isInteractive;
Review Comment:
The only option I can think of is that a setter on the provider being
interactive by default and the caller sets to false. E.g., Maven Release can
piggy back this. WDYT?
--
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.
To unsubscribe, e-mail: issues-unsubscr...@maven.apache.org
For queries about this service, please contact Infrastructure at:
us...@infra.apache.org
[jira] [Commented] (SCM-945) Support OpenSSH private keys with maven-scm-provider-jgit
[
https://issues.apache.org/jira/browse/SCM-945?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=17567615#comment-17567615
]
ASF GitHub Bot commented on SCM-945:
michael-o commented on code in PR #153:
URL: https://github.com/apache/maven-scm/pull/153#discussion_r922820137
##
maven-scm-providers/maven-scm-providers-git/maven-scm-provider-jgit/src/main/java/org/apache/maven/scm/provider/git/jgit/command/PlexusInteractivityCredentialsProvider.java:
##
@@ -0,0 +1,101 @@
+package org.apache.maven.scm.provider.git.jgit.command;
+
+/*
+ * Licensed to the Apache Software Foundation (ASF) under one
+ * or more contributor license agreements. See the NOTICE file
+ * distributed with this work for additional information
+ * regarding copyright ownership. The ASF licenses this file
+ * to you under the Apache License, Version 2.0 (the
+ * "License"); you may not use this file except in compliance
+ * with the License. You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing,
+ * software distributed under the License is distributed on an
+ * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
+ * KIND, either express or implied. See the License for the
+ * specific language governing permissions and limitations
+ * under the License.
+ */
+
+
+import java.util.Arrays;
+
+import org.codehaus.plexus.components.interactivity.Prompter;
+import org.codehaus.plexus.components.interactivity.PrompterException;
+import org.eclipse.jgit.errors.UnsupportedCredentialItem;
+import org.eclipse.jgit.transport.CredentialItem;
+import org.eclipse.jgit.transport.CredentialsProvider;
+import org.eclipse.jgit.transport.URIish;
+
+/**
+ * {@link CredentialsProvider} leveraging the {@link Prompter} component.
+ *
+ */
+public class PlexusInteractivityCredentialsProvider extends CredentialsProvider
+{
+private final boolean isInteractive;
Review Comment:
The only option I can think of is that a setter on the provider being
interactive by default and the caller sets to false. E.g., Maven Release can
piggy back this. WDYT?
> Support OpenSSH private keys with maven-scm-provider-jgit
> -
>
> Key: SCM-945
> URL: https://issues.apache.org/jira/browse/SCM-945
> Project: Maven SCM
> Issue Type: Bug
> Components: maven-scm-provider-jgit
>Affects Versions: 1.11.2
>Reporter: Konrad Windszus
>Assignee: Michael Osipov
>Priority: Major
>
> For SSH based authentication with private keys in the OpenSSH format the
> following error is being emitted: {{invalid privatekey: ...}}
> This is due to the use of JGit 4.5.4
> (https://github.com/apache/maven-scm/blob/c5eb2c187568809e0dc0ea9ac83031f1dcb5ad1a/maven-scm-providers/maven-scm-providers-git/maven-scm-provider-jgit/pom.xml#L53)
> which used JSch which lacks support for those private keys. JGit 5.2 comes
> with a new SSH implementation
> (https://bugs.eclipse.org/bugs/show_bug.cgi?id=520927) and should by that
> also support OpenSSH private keys.
--
This message was sent by Atlassian Jira
(v8.20.10#820010)
[GitHub] [maven-scm] michael-o commented on a diff in pull request #153: [SCM-945] Update to JGit 5.13.1 leveraging Apache Mina SSHD
michael-o commented on code in PR #153:
URL: https://github.com/apache/maven-scm/pull/153#discussion_r922820340
##
maven-scm-providers/maven-scm-providers-git/maven-scm-provider-jgit/src/main/java/org/apache/maven/scm/provider/git/jgit/command/PlexusInteractivityCredentialsProvider.java:
##
@@ -0,0 +1,101 @@
+package org.apache.maven.scm.provider.git.jgit.command;
+
+/*
+ * Licensed to the Apache Software Foundation (ASF) under one
+ * or more contributor license agreements. See the NOTICE file
+ * distributed with this work for additional information
+ * regarding copyright ownership. The ASF licenses this file
+ * to you under the Apache License, Version 2.0 (the
+ * "License"); you may not use this file except in compliance
+ * with the License. You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing,
+ * software distributed under the License is distributed on an
+ * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
+ * KIND, either express or implied. See the License for the
+ * specific language governing permissions and limitations
+ * under the License.
+ */
+
+
+import java.util.Arrays;
+
+import org.codehaus.plexus.components.interactivity.Prompter;
+import org.codehaus.plexus.components.interactivity.PrompterException;
+import org.eclipse.jgit.errors.UnsupportedCredentialItem;
+import org.eclipse.jgit.transport.CredentialItem;
+import org.eclipse.jgit.transport.CredentialsProvider;
+import org.eclipse.jgit.transport.URIish;
+
+/**
+ * {@link CredentialsProvider} leveraging the {@link Prompter} component.
+ *
+ */
+public class PlexusInteractivityCredentialsProvider extends CredentialsProvider
+{
+private final boolean isInteractive;
Review Comment:
But beside that, the code does not respect the flag at all. It should be
`interactive`, I think Maven uses the same in CLI in Java.
--
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.
To unsubscribe, e-mail: issues-unsubscr...@maven.apache.org
For queries about this service, please contact Infrastructure at:
us...@infra.apache.org
[jira] [Commented] (SCM-945) Support OpenSSH private keys with maven-scm-provider-jgit
[
https://issues.apache.org/jira/browse/SCM-945?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=17567616#comment-17567616
]
ASF GitHub Bot commented on SCM-945:
michael-o commented on code in PR #153:
URL: https://github.com/apache/maven-scm/pull/153#discussion_r922820340
##
maven-scm-providers/maven-scm-providers-git/maven-scm-provider-jgit/src/main/java/org/apache/maven/scm/provider/git/jgit/command/PlexusInteractivityCredentialsProvider.java:
##
@@ -0,0 +1,101 @@
+package org.apache.maven.scm.provider.git.jgit.command;
+
+/*
+ * Licensed to the Apache Software Foundation (ASF) under one
+ * or more contributor license agreements. See the NOTICE file
+ * distributed with this work for additional information
+ * regarding copyright ownership. The ASF licenses this file
+ * to you under the Apache License, Version 2.0 (the
+ * "License"); you may not use this file except in compliance
+ * with the License. You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing,
+ * software distributed under the License is distributed on an
+ * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
+ * KIND, either express or implied. See the License for the
+ * specific language governing permissions and limitations
+ * under the License.
+ */
+
+
+import java.util.Arrays;
+
+import org.codehaus.plexus.components.interactivity.Prompter;
+import org.codehaus.plexus.components.interactivity.PrompterException;
+import org.eclipse.jgit.errors.UnsupportedCredentialItem;
+import org.eclipse.jgit.transport.CredentialItem;
+import org.eclipse.jgit.transport.CredentialsProvider;
+import org.eclipse.jgit.transport.URIish;
+
+/**
+ * {@link CredentialsProvider} leveraging the {@link Prompter} component.
+ *
+ */
+public class PlexusInteractivityCredentialsProvider extends CredentialsProvider
+{
+private final boolean isInteractive;
Review Comment:
But beside that, the code does not respect the flag at all. It should be
`interactive`, I think Maven uses the same in CLI in Java.
> Support OpenSSH private keys with maven-scm-provider-jgit
> -
>
> Key: SCM-945
> URL: https://issues.apache.org/jira/browse/SCM-945
> Project: Maven SCM
> Issue Type: Bug
> Components: maven-scm-provider-jgit
>Affects Versions: 1.11.2
>Reporter: Konrad Windszus
>Assignee: Michael Osipov
>Priority: Major
>
> For SSH based authentication with private keys in the OpenSSH format the
> following error is being emitted: {{invalid privatekey: ...}}
> This is due to the use of JGit 4.5.4
> (https://github.com/apache/maven-scm/blob/c5eb2c187568809e0dc0ea9ac83031f1dcb5ad1a/maven-scm-providers/maven-scm-providers-git/maven-scm-provider-jgit/pom.xml#L53)
> which used JSch which lacks support for those private keys. JGit 5.2 comes
> with a new SSH implementation
> (https://bugs.eclipse.org/bugs/show_bug.cgi?id=520927) and should by that
> also support OpenSSH private keys.
--
This message was sent by Atlassian Jira
(v8.20.10#820010)
[jira] [Commented] (SCM-945) Support OpenSSH private keys with maven-scm-provider-jgit
[
https://issues.apache.org/jira/browse/SCM-945?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=17567617#comment-17567617
]
ASF GitHub Bot commented on SCM-945:
michael-o commented on PR #153:
URL: https://github.com/apache/maven-scm/pull/153#issuecomment-1186494030
> > * Create three issues: (issue a) Upgrade JGit to XXX, (issue b) rework
OpenSSH private key handing for gitexe and jgit providers, (issue c) Support
alternative SSH private keys with gitexe provider
>
> This PR does not "rework OpenSSH private key handing for gitexe" nor does
it "Support alternative SSH private keys with gitexe provider". The environment
variables are only necessary to test existing functionality in gitexe (namely
test authorization with SSH).
Please summarize what is necessary to make this proper.
> Support OpenSSH private keys with maven-scm-provider-jgit
> -
>
> Key: SCM-945
> URL: https://issues.apache.org/jira/browse/SCM-945
> Project: Maven SCM
> Issue Type: Bug
> Components: maven-scm-provider-jgit
>Affects Versions: 1.11.2
>Reporter: Konrad Windszus
>Assignee: Michael Osipov
>Priority: Major
>
> For SSH based authentication with private keys in the OpenSSH format the
> following error is being emitted: {{invalid privatekey: ...}}
> This is due to the use of JGit 4.5.4
> (https://github.com/apache/maven-scm/blob/c5eb2c187568809e0dc0ea9ac83031f1dcb5ad1a/maven-scm-providers/maven-scm-providers-git/maven-scm-provider-jgit/pom.xml#L53)
> which used JSch which lacks support for those private keys. JGit 5.2 comes
> with a new SSH implementation
> (https://bugs.eclipse.org/bugs/show_bug.cgi?id=520927) and should by that
> also support OpenSSH private keys.
--
This message was sent by Atlassian Jira
(v8.20.10#820010)
[GitHub] [maven-scm] michael-o commented on pull request #153: [SCM-945] Update to JGit 5.13.1 leveraging Apache Mina SSHD
michael-o commented on PR #153: URL: https://github.com/apache/maven-scm/pull/153#issuecomment-1186494030 > > * Create three issues: (issue a) Upgrade JGit to XXX, (issue b) rework OpenSSH private key handing for gitexe and jgit providers, (issue c) Support alternative SSH private keys with gitexe provider > > This PR does not "rework OpenSSH private key handing for gitexe" nor does it "Support alternative SSH private keys with gitexe provider". The environment variables are only necessary to test existing functionality in gitexe (namely test authorization with SSH). Please summarize what is necessary to make this proper. -- This is an automated message from the Apache Git Service. To respond to the message, please log on to GitHub and use the URL above to go to the specific comment. To unsubscribe, e-mail: issues-unsubscr...@maven.apache.org For queries about this service, please contact Infrastructure at: us...@infra.apache.org
[GitHub] [maven-scm] kwin commented on pull request #153: [SCM-945] Update to JGit 5.13.1 leveraging Apache Mina SSHD
kwin commented on PR #153: URL: https://github.com/apache/maven-scm/pull/153#issuecomment-1186505043 Maybe split up into a) update JGit b) add credentials provider for JGit c) add IT for SSH authentication during git clone (both git providers) Then the environment variable would belong to c) -- This is an automated message from the Apache Git Service. To respond to the message, please log on to GitHub and use the URL above to go to the specific comment. To unsubscribe, e-mail: issues-unsubscr...@maven.apache.org For queries about this service, please contact Infrastructure at: us...@infra.apache.org
[jira] [Commented] (SCM-945) Support OpenSSH private keys with maven-scm-provider-jgit
[
https://issues.apache.org/jira/browse/SCM-945?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=17567627#comment-17567627
]
ASF GitHub Bot commented on SCM-945:
kwin commented on PR #153:
URL: https://github.com/apache/maven-scm/pull/153#issuecomment-1186505043
Maybe split up into
a) update JGit
b) add credentials provider for JGit
c) add IT for SSH authentication during git clone (both git providers)
Then the environment variable would belong to c)
> Support OpenSSH private keys with maven-scm-provider-jgit
> -
>
> Key: SCM-945
> URL: https://issues.apache.org/jira/browse/SCM-945
> Project: Maven SCM
> Issue Type: Bug
> Components: maven-scm-provider-jgit
>Affects Versions: 1.11.2
>Reporter: Konrad Windszus
>Assignee: Michael Osipov
>Priority: Major
>
> For SSH based authentication with private keys in the OpenSSH format the
> following error is being emitted: {{invalid privatekey: ...}}
> This is due to the use of JGit 4.5.4
> (https://github.com/apache/maven-scm/blob/c5eb2c187568809e0dc0ea9ac83031f1dcb5ad1a/maven-scm-providers/maven-scm-providers-git/maven-scm-provider-jgit/pom.xml#L53)
> which used JSch which lacks support for those private keys. JGit 5.2 comes
> with a new SSH implementation
> (https://bugs.eclipse.org/bugs/show_bug.cgi?id=520927) and should by that
> also support OpenSSH private keys.
--
This message was sent by Atlassian Jira
(v8.20.10#820010)
[GitHub] [maven-scm] michael-o commented on pull request #153: [SCM-945] Update to JGit 5.13.1 leveraging Apache Mina SSHD
michael-o commented on PR #153: URL: https://github.com/apache/maven-scm/pull/153#issuecomment-1186508402 > Maybe split up into a) update JGit b) add credentials provider for JGit c) add IT for SSH authentication during git clone (both git providers) > > Then the environment variable would belong to c) That sounds good, though advertising that gitexe supports alternative SSH private keys would we that bad, no? Especially in consistency with JGit. WDYT? -- This is an automated message from the Apache Git Service. To respond to the message, please log on to GitHub and use the URL above to go to the specific comment. To unsubscribe, e-mail: issues-unsubscr...@maven.apache.org For queries about this service, please contact Infrastructure at: us...@infra.apache.org
[jira] [Commented] (SCM-945) Support OpenSSH private keys with maven-scm-provider-jgit
[
https://issues.apache.org/jira/browse/SCM-945?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=17567628#comment-17567628
]
ASF GitHub Bot commented on SCM-945:
michael-o commented on PR #153:
URL: https://github.com/apache/maven-scm/pull/153#issuecomment-1186508402
> Maybe split up into a) update JGit b) add credentials provider for JGit c)
add IT for SSH authentication during git clone (both git providers)
>
> Then the environment variable would belong to c)
That sounds good, though advertising that gitexe supports alternative SSH
private keys would we that bad, no? Especially in consistency with JGit. WDYT?
> Support OpenSSH private keys with maven-scm-provider-jgit
> -
>
> Key: SCM-945
> URL: https://issues.apache.org/jira/browse/SCM-945
> Project: Maven SCM
> Issue Type: Bug
> Components: maven-scm-provider-jgit
>Affects Versions: 1.11.2
>Reporter: Konrad Windszus
>Assignee: Michael Osipov
>Priority: Major
>
> For SSH based authentication with private keys in the OpenSSH format the
> following error is being emitted: {{invalid privatekey: ...}}
> This is due to the use of JGit 4.5.4
> (https://github.com/apache/maven-scm/blob/c5eb2c187568809e0dc0ea9ac83031f1dcb5ad1a/maven-scm-providers/maven-scm-providers-git/maven-scm-provider-jgit/pom.xml#L53)
> which used JSch which lacks support for those private keys. JGit 5.2 comes
> with a new SSH implementation
> (https://bugs.eclipse.org/bugs/show_bug.cgi?id=520927) and should by that
> also support OpenSSH private keys.
--
This message was sent by Atlassian Jira
(v8.20.10#820010)
[GitHub] [maven-scm] kwin commented on pull request #153: [SCM-945] Update to JGit 5.13.1 leveraging Apache Mina SSHD
kwin commented on PR #153: URL: https://github.com/apache/maven-scm/pull/153#issuecomment-1186509299 git executable leverages the ssh executable for authentication and therefore there is no change with regard to supported private keys formats -- This is an automated message from the Apache Git Service. To respond to the message, please log on to GitHub and use the URL above to go to the specific comment. To unsubscribe, e-mail: issues-unsubscr...@maven.apache.org For queries about this service, please contact Infrastructure at: us...@infra.apache.org
[jira] [Commented] (SCM-945) Support OpenSSH private keys with maven-scm-provider-jgit
[
https://issues.apache.org/jira/browse/SCM-945?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=17567629#comment-17567629
]
ASF GitHub Bot commented on SCM-945:
kwin commented on PR #153:
URL: https://github.com/apache/maven-scm/pull/153#issuecomment-1186509299
git executable leverages the ssh executable for authentication and therefore
there is no change with regard to supported private keys formats
> Support OpenSSH private keys with maven-scm-provider-jgit
> -
>
> Key: SCM-945
> URL: https://issues.apache.org/jira/browse/SCM-945
> Project: Maven SCM
> Issue Type: Bug
> Components: maven-scm-provider-jgit
>Affects Versions: 1.11.2
>Reporter: Konrad Windszus
>Assignee: Michael Osipov
>Priority: Major
>
> For SSH based authentication with private keys in the OpenSSH format the
> following error is being emitted: {{invalid privatekey: ...}}
> This is due to the use of JGit 4.5.4
> (https://github.com/apache/maven-scm/blob/c5eb2c187568809e0dc0ea9ac83031f1dcb5ad1a/maven-scm-providers/maven-scm-providers-git/maven-scm-provider-jgit/pom.xml#L53)
> which used JSch which lacks support for those private keys. JGit 5.2 comes
> with a new SSH implementation
> (https://bugs.eclipse.org/bugs/show_bug.cgi?id=520927) and should by that
> also support OpenSSH private keys.
--
This message was sent by Atlassian Jira
(v8.20.10#820010)
[jira] [Updated] (MGPG-86) NullPointerException when gpg executable cannot be found
[
https://issues.apache.org/jira/browse/MGPG-86?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel
]
Sylwester Lachiewicz updated MGPG-86:
-
Fix Version/s: 3.1.0
> NullPointerException when gpg executable cannot be found
>
>
> Key: MGPG-86
> URL: https://issues.apache.org/jira/browse/MGPG-86
> Project: Maven GPG Plugin
> Issue Type: Bug
>Affects Versions: 1.5, 1.6, 3.0.1
> Environment: linux, macos
>Reporter: Chas Honton
>Priority: Major
> Fix For: 3.1.0
>
>
> {noformat}
> [ERROR] Failed to execute goal
> org.apache.maven.plugins:maven-gpg-plugin:3.0.1:sign (sign-artifacts) on
> project git-tag-maven-plugin: Execution sign-artifacts of goal
> org.apache.maven.plugins:maven-gpg-plugin:3.0.1:sign failed.:
> NullPointerException -> [Help 1]
> org.apache.maven.lifecycle.LifecycleExecutionException: Failed to execute
> goal org.apache.maven.plugins:maven-gpg-plugin:3.0.1:sign (sign-artifacts) on
> project git-tag-maven-plugin: Execution sign-artifacts of goal
> org.apache.maven.plugins:maven-gpg-plugin:3.0.1:sign failed.
> at org.apache.maven.lifecycle.internal.MojoExecutor.doExecute
> (MojoExecutor.java:306)
> at org.apache.maven.lifecycle.internal.MojoExecutor.execute
> (MojoExecutor.java:211)
> at org.apache.maven.lifecycle.internal.MojoExecutor.execute
> (MojoExecutor.java:165)
> at org.apache.maven.lifecycle.internal.MojoExecutor.execute
> (MojoExecutor.java:157)
> at
> org.apache.maven.lifecycle.internal.LifecycleModuleBuilder.buildProject
> (LifecycleModuleBuilder.java:121)
> at
> org.apache.maven.lifecycle.internal.LifecycleModuleBuilder.buildProject
> (LifecycleModuleBuilder.java:81)
> at
> org.apache.maven.lifecycle.internal.builder.singlethreaded.SingleThreadedBuilder.build
> (SingleThreadedBuilder.java:56)
> at org.apache.maven.lifecycle.internal.LifecycleStarter.execute
> (LifecycleStarter.java:127)
> at org.apache.maven.DefaultMaven.doExecute (DefaultMaven.java:294)
> at org.apache.maven.DefaultMaven.doExecute (DefaultMaven.java:192)
> at org.apache.maven.DefaultMaven.execute (DefaultMaven.java:105)
> at org.apache.maven.cli.MavenCli.execute (MavenCli.java:960)
> at org.apache.maven.cli.MavenCli.doMain (MavenCli.java:293)
> at org.apache.maven.cli.MavenCli.main (MavenCli.java:196)
> at jdk.internal.reflect.NativeMethodAccessorImpl.invoke0 (Native Method)
> at jdk.internal.reflect.NativeMethodAccessorImpl.invoke
> (NativeMethodAccessorImpl.java:62)
> at jdk.internal.reflect.DelegatingMethodAccessorImpl.invoke
> (DelegatingMethodAccessorImpl.java:43)
> at java.lang.reflect.Method.invoke (Method.java:566)
> at org.codehaus.plexus.classworlds.launcher.Launcher.launchEnhanced
> (Launcher.java:282)
> at org.codehaus.plexus.classworlds.launcher.Launcher.launch
> (Launcher.java:225)
> at org.codehaus.plexus.classworlds.launcher.Launcher.mainWithExitCode
> (Launcher.java:406)
> at org.codehaus.plexus.classworlds.launcher.Launcher.main
> (Launcher.java:347)
> Caused by: org.apache.maven.plugin.PluginExecutionException: Execution
> sign-artifacts of goal org.apache.maven.plugins:maven-gpg-plugin:3.0.1:sign
> failed.
> at org.apache.maven.plugin.DefaultBuildPluginManager.executeMojo
> (DefaultBuildPluginManager.java:148)
> at org.apache.maven.lifecycle.internal.MojoExecutor.doExecute
> (MojoExecutor.java:301)
> at org.apache.maven.lifecycle.internal.MojoExecutor.execute
> (MojoExecutor.java:211)
> at org.apache.maven.lifecycle.internal.MojoExecutor.execute
> (MojoExecutor.java:165)
> at org.apache.maven.lifecycle.internal.MojoExecutor.execute
> (MojoExecutor.java:157)
> at
> org.apache.maven.lifecycle.internal.LifecycleModuleBuilder.buildProject
> (LifecycleModuleBuilder.java:121)
> at
> org.apache.maven.lifecycle.internal.LifecycleModuleBuilder.buildProject
> (LifecycleModuleBuilder.java:81)
> at
> org.apache.maven.lifecycle.internal.builder.singlethreaded.SingleThreadedBuilder.build
> (SingleThreadedBuilder.java:56)
> at org.apache.maven.lifecycle.internal.LifecycleStarter.execute
> (LifecycleStarter.java:127)
> at org.apache.maven.DefaultMaven.doExecute (DefaultMaven.java:294)
> at org.apache.maven.DefaultMaven.doExecute (DefaultMaven.java:192)
> at org.apache.maven.DefaultMaven.execute (DefaultMaven.java:105)
> at org.apache.maven.cli.MavenCli.execute (MavenCli.java:960)
> at org.apache.maven.cli.MavenCli.doMain (MavenCli.java:293)
> at org.apache.maven.cli.MavenCli.main (MavenCli.java:196)
> at jdk.internal.reflect.NativeMethodAccessorImpl.invoke0 (Native Method)
> at jdk.internal.reflect.NativeMethodAccessorImpl.invoke
> (NativeMethodAccessorImpl.java:62)
> at jdk.internal.reflect.Delegat
[GitHub] [maven-scm] michael-o commented on pull request #153: [SCM-945] Update to JGit 5.13.1 leveraging Apache Mina SSHD
michael-o commented on PR #153: URL: https://github.com/apache/maven-scm/pull/153#issuecomment-1186512316 > git executable leverages the ssh executable for authentication and therefore there is no change with regard to supported private keys formats That's not what I mean, I mean that you can now supply an expliclt key which wasn't supported by now. Of course, the format and transport won't change. -- This is an automated message from the Apache Git Service. To respond to the message, please log on to GitHub and use the URL above to go to the specific comment. To unsubscribe, e-mail: issues-unsubscr...@maven.apache.org For queries about this service, please contact Infrastructure at: us...@infra.apache.org
[GitHub] [maven] Yougoss opened a new pull request, #768: [MNG-7509] - Huge memory cost when parent pom widely used in a big project for dependencyManagement for 3.9.x
Yougoss opened a new pull request, #768: URL: https://github.com/apache/maven/pull/768 Following this checklist to help us incorporate your contribution quickly and easily: - [x] Make sure there is a [JIRA issue](https://issues.apache.org/jira/browse/MNG) filed for the change (usually before you start working on it). Trivial changes like typos do not require a JIRA issue. Your pull request should address just this issue, without pulling in other changes. - [x] Each commit in the pull request should have a meaningful subject line and body. - [x] Format the pull request title like `[MNG-XXX] SUMMARY`, where you replace `MNG-XXX` and `SUMMARY` with the appropriate JIRA issue. Best practice is to use the JIRA issue title in the pull request title and in the first line of the commit message. - [x] Write a pull request description that is detailed enough to understand what the pull request does, how, and why. - [x] Run `mvn clean verify` to make sure basic checks pass. A more thorough check will be performed on your pull request automatically. - [ ] You have run the [Core IT][core-its] successfully. If your pull request is about ~20 lines of code you don't need to sign an [Individual Contributor License Agreement](https://www.apache.org/licenses/icla.pdf) if you are unsure please ask on the developers list. To make clear that you license your contribution under the [Apache License Version 2.0, January 2004](http://www.apache.org/licenses/LICENSE-2.0) you have to acknowledge this by using the following check-box. - [x] I hereby declare this contribution to be licenced under the [Apache License Version 2.0, January 2004](http://www.apache.org/licenses/LICENSE-2.0) - [x] In any other case, please file an [Apache Individual Contributor License Agreement](https://www.apache.org/licenses/icla.pdf). [core-its]: https://maven.apache.org/core-its/core-it-suite/ -- This is an automated message from the Apache Git Service. To respond to the message, please log on to GitHub and use the URL above to go to the specific comment. To unsubscribe, e-mail: issues-unsubscr...@maven.apache.org For queries about this service, please contact Infrastructure at: us...@infra.apache.org
[jira] [Commented] (SCM-945) Support OpenSSH private keys with maven-scm-provider-jgit
[
https://issues.apache.org/jira/browse/SCM-945?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=17567631#comment-17567631
]
ASF GitHub Bot commented on SCM-945:
michael-o commented on PR #153:
URL: https://github.com/apache/maven-scm/pull/153#issuecomment-1186512316
> git executable leverages the ssh executable for authentication and
therefore there is no change with regard to supported private keys formats
That's not what I mean, I mean that you can now supply an expliclt key which
wasn't supported by now. Of course, the format and transport won't change.
> Support OpenSSH private keys with maven-scm-provider-jgit
> -
>
> Key: SCM-945
> URL: https://issues.apache.org/jira/browse/SCM-945
> Project: Maven SCM
> Issue Type: Bug
> Components: maven-scm-provider-jgit
>Affects Versions: 1.11.2
>Reporter: Konrad Windszus
>Assignee: Michael Osipov
>Priority: Major
>
> For SSH based authentication with private keys in the OpenSSH format the
> following error is being emitted: {{invalid privatekey: ...}}
> This is due to the use of JGit 4.5.4
> (https://github.com/apache/maven-scm/blob/c5eb2c187568809e0dc0ea9ac83031f1dcb5ad1a/maven-scm-providers/maven-scm-providers-git/maven-scm-provider-jgit/pom.xml#L53)
> which used JSch which lacks support for those private keys. JGit 5.2 comes
> with a new SSH implementation
> (https://bugs.eclipse.org/bugs/show_bug.cgi?id=520927) and should by that
> also support OpenSSH private keys.
--
This message was sent by Atlassian Jira
(v8.20.10#820010)
[jira] [Commented] (MNG-7509) Huge memory cost when parent pom widely used in a big project for dependencyManagement
[ https://issues.apache.org/jira/browse/MNG-7509?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=17567632#comment-17567632 ] ASF GitHub Bot commented on MNG-7509: - Yougoss opened a new pull request, #768: URL: https://github.com/apache/maven/pull/768 Following this checklist to help us incorporate your contribution quickly and easily: - [x] Make sure there is a [JIRA issue](https://issues.apache.org/jira/browse/MNG) filed for the change (usually before you start working on it). Trivial changes like typos do not require a JIRA issue. Your pull request should address just this issue, without pulling in other changes. - [x] Each commit in the pull request should have a meaningful subject line and body. - [x] Format the pull request title like `[MNG-XXX] SUMMARY`, where you replace `MNG-XXX` and `SUMMARY` with the appropriate JIRA issue. Best practice is to use the JIRA issue title in the pull request title and in the first line of the commit message. - [x] Write a pull request description that is detailed enough to understand what the pull request does, how, and why. - [x] Run `mvn clean verify` to make sure basic checks pass. A more thorough check will be performed on your pull request automatically. - [ ] You have run the [Core IT][core-its] successfully. If your pull request is about ~20 lines of code you don't need to sign an [Individual Contributor License Agreement](https://www.apache.org/licenses/icla.pdf) if you are unsure please ask on the developers list. To make clear that you license your contribution under the [Apache License Version 2.0, January 2004](http://www.apache.org/licenses/LICENSE-2.0) you have to acknowledge this by using the following check-box. - [x] I hereby declare this contribution to be licenced under the [Apache License Version 2.0, January 2004](http://www.apache.org/licenses/LICENSE-2.0) - [x] In any other case, please file an [Apache Individual Contributor License Agreement](https://www.apache.org/licenses/icla.pdf). [core-its]: https://maven.apache.org/core-its/core-it-suite/ > Huge memory cost when parent pom widely used in a big project for > dependencyManagement > -- > > Key: MNG-7509 > URL: https://issues.apache.org/jira/browse/MNG-7509 > Project: Maven > Issue Type: Improvement > Components: Performance >Reporter: Xiong Luyao >Priority: Major > Attachments: image-2022-07-09-09-37-53-823.png, > image-2022-07-09-09-38-26-354.png, image-2022-07-09-10-27-12-668.png, > image-2022-07-09-10-27-56-437.png, image-2022-07-09-10-28-05-706.png, > image-2022-07-09-10-28-22-864.png, image-2022-07-09-10-28-35-341.png, > image-2022-07-09-10-28-40-612.png, image-2022-07-09-10-29-04-045.png, > image-2022-07-09-10-29-15-822.png, image-2022-07-09-10-29-21-991.png, > image-2022-07-09-10-29-46-216.png, image-2022-07-09-10-29-51-456.png > > > When maven try to resolve dependency relationship, it will create many > instances of dependency / artifact, even the dependency/artifact content is > totally same, but just in different pom models. It cost huge memory if there > is a parent pom with dependencyManagement which managed a lot of > dependencies, and this parent pom are implemented by many project libraries. > (libraries_count * managedDependency_count) dependency instances will be > created. For example, if there are 3000 libraries, and all the library > introduce same parent pom which managed 3000 dependencies version. There will > be 3000*3000 =9,000,000 dependency instances will be created. But most of > them are same, in fact, we only need one instance for each dependency in > parent pom (3000 dependency instances). > > I'm from eBay, and here is a real case in enterprise level project. We have > about 3000 business domain libraries, there are dependency relationship > between them. We need to build all libraries in one release to keep all the > libraries in same release are based on same code. So we used a parent pom as > a central management to manage all the version for a release, and introduced > by those libraries. As below picture, when the release start, it will > calculate and start with the library which doesn't depend on others, then > start the library which dependency libraries are already built. Keep this > process until all libraries are built. > With current maven resolve logic, it costs huge memory in above ways to built > libraries. And even the libraries have been released, if the project which > contains a lot of above libraries, it also cost huge memory when building > project. > So current now, we have to specify
[jira] [Comment Edited] (MNG-7509) Huge memory cost when parent pom widely used in a big project for dependencyManagement
[ https://issues.apache.org/jira/browse/MNG-7509?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=17564491#comment-17564491 ] Xiong Luyao edited comment on MNG-7509 at 7/17/22 1:08 PM: --- The reason is, when maven resolving the relationship, for each library it will create instances for the dependencies in dependencyManagement. So for those dependencies in parent pom, they will be created many times even they are totally same. In the worst cases, If a project introduce 3000 libraries and each library introduce the same parent pom which managed 3000 libraries version. There will be 9 million Dependency instance created. But in fact, only 3000 Dependency instances are necessary for this case. I think we can resolve it by adding a cache map for the dependencies. If the dependency instance is already in the cache map, it will get instance from the map rather than creating a new one. Fortunately, we needn't worry about the case that different model refer to the same dependency instance, and it will impact others if one model change the dependency. Since Dependency (including DefaultArtifact in it) is already designed as immutable, which means, if someone changes the value in somewhere, it won’t change the existing instance, but return a totally new one. Here is the PR: * [https://github.com/apache/maven/pull/764] * [https://github.com/apache/maven/pull/768] Currently, I just make PR for 3.8.x and 3.9.x, but I think it can be applied to other version as well if the solution is OK was (Author: JIRAUSER292130): The reason is, when maven resolving the relationship, for each library it will create instances for the dependencies in dependencyManagement. So for those dependencies in parent pom, they will be created many times even they are totally same. In the worst cases, If a project introduce 3000 libraries and each library introduce the same parent pom which managed 3000 libraries version. There will be 9 million Dependency instance created. But in fact, only 3000 Dependency instances are necessary for this case. I think we can resolve it by adding a cache map for the dependencies. If the dependency instance is already in the cache map, it will get instance from the map rather than creating a new one. Fortunately, we needn't worry about the case that different model refer to the same dependency instance, and it will impact others if one model change the dependency. Since Dependency (including DefaultArtifact in it) is already designed as immutable, which means, if someone changes the value in somewhere, it won’t change the existing instance, but return a totally new one. Here is the PR: [https://github.com/apache/maven/pull/764] Currently, I just make PR for 3.8.x, but I think it can be applied to other version as well if the solution is OK > Huge memory cost when parent pom widely used in a big project for > dependencyManagement > -- > > Key: MNG-7509 > URL: https://issues.apache.org/jira/browse/MNG-7509 > Project: Maven > Issue Type: Improvement > Components: Performance >Reporter: Xiong Luyao >Priority: Major > Attachments: image-2022-07-09-09-37-53-823.png, > image-2022-07-09-09-38-26-354.png, image-2022-07-09-10-27-12-668.png, > image-2022-07-09-10-27-56-437.png, image-2022-07-09-10-28-05-706.png, > image-2022-07-09-10-28-22-864.png, image-2022-07-09-10-28-35-341.png, > image-2022-07-09-10-28-40-612.png, image-2022-07-09-10-29-04-045.png, > image-2022-07-09-10-29-15-822.png, image-2022-07-09-10-29-21-991.png, > image-2022-07-09-10-29-46-216.png, image-2022-07-09-10-29-51-456.png > > > When maven try to resolve dependency relationship, it will create many > instances of dependency / artifact, even the dependency/artifact content is > totally same, but just in different pom models. It cost huge memory if there > is a parent pom with dependencyManagement which managed a lot of > dependencies, and this parent pom are implemented by many project libraries. > (libraries_count * managedDependency_count) dependency instances will be > created. For example, if there are 3000 libraries, and all the library > introduce same parent pom which managed 3000 dependencies version. There will > be 3000*3000 =9,000,000 dependency instances will be created. But most of > them are same, in fact, we only need one instance for each dependency in > parent pom (3000 dependency instances). > > I'm from eBay, and here is a real case in enterprise level project. We have > about 3000 business domain libraries, there are dependency relationship > between them. We need to build all libraries in one release to keep all the > libraries in same release are based on same code. So we used a
[jira] [Updated] (MGPG-83) Require Maven 3.2.5+
[ https://issues.apache.org/jira/browse/MGPG-83?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ] Sylwester Lachiewicz updated MGPG-83: - Summary: Require Maven 3.2.5+ (was: Require Maven 3.1.1) > Require Maven 3.2.5+ > > > Key: MGPG-83 > URL: https://issues.apache.org/jira/browse/MGPG-83 > Project: Maven GPG Plugin > Issue Type: Dependency upgrade >Reporter: Sylwester Lachiewicz >Priority: Major > -- This message was sent by Atlassian Jira (v8.20.10#820010)
[jira] [Created] (MGPG-88) Require Java 8
Sylwester Lachiewicz created MGPG-88: Summary: Require Java 8 Key: MGPG-88 URL: https://issues.apache.org/jira/browse/MGPG-88 Project: Maven GPG Plugin Issue Type: Task Reporter: Sylwester Lachiewicz -- This message was sent by Atlassian Jira (v8.20.10#820010)
[jira] [Assigned] (MGPG-88) Require Java 8
[ https://issues.apache.org/jira/browse/MGPG-88?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ] Sylwester Lachiewicz reassigned MGPG-88: Assignee: Sylwester Lachiewicz > Require Java 8 > -- > > Key: MGPG-88 > URL: https://issues.apache.org/jira/browse/MGPG-88 > Project: Maven GPG Plugin > Issue Type: Task >Reporter: Sylwester Lachiewicz >Assignee: Sylwester Lachiewicz >Priority: Minor > Fix For: 3.1.0 > > -- This message was sent by Atlassian Jira (v8.20.10#820010)
[jira] [Updated] (MGPG-88) Require Java 8
[ https://issues.apache.org/jira/browse/MGPG-88?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ] Sylwester Lachiewicz updated MGPG-88: - Fix Version/s: 3.1.0 > Require Java 8 > -- > > Key: MGPG-88 > URL: https://issues.apache.org/jira/browse/MGPG-88 > Project: Maven GPG Plugin > Issue Type: Task >Reporter: Sylwester Lachiewicz >Priority: Minor > Fix For: 3.1.0 > > -- This message was sent by Atlassian Jira (v8.20.10#820010)
[jira] [Closed] (MGPG-88) Require Java 8
[ https://issues.apache.org/jira/browse/MGPG-88?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ] Sylwester Lachiewicz closed MGPG-88. Resolution: Fixed > Require Java 8 > -- > > Key: MGPG-88 > URL: https://issues.apache.org/jira/browse/MGPG-88 > Project: Maven GPG Plugin > Issue Type: Task >Reporter: Sylwester Lachiewicz >Assignee: Sylwester Lachiewicz >Priority: Minor > Fix For: 3.1.0 > > -- This message was sent by Atlassian Jira (v8.20.10#820010)
[GitHub] [maven-gpg-plugin] dependabot[bot] opened a new pull request, #19: Bump maven-artifact-transfer from 0.12.0 to 0.13.1
dependabot[bot] opened a new pull request, #19: URL: https://github.com/apache/maven-gpg-plugin/pull/19 Bumps [maven-artifact-transfer](https://github.com/apache/maven-artifact-transfer) from 0.12.0 to 0.13.1. Commits https://github.com/apache/maven-artifact-transfer/commit/ee4b1f50504d9538ea447e0d987a44e9e89e8dc1";>ee4b1f5 [maven-release-plugin] prepare release maven-artifact-transfer-0.13.1 https://github.com/apache/maven-artifact-transfer/commit/410ab39c0101f29c44d8d3b054241de90a4ba8be";>410ab39 Bump groovy from 3.0.6 to 3.0.7 https://github.com/apache/maven-artifact-transfer/commit/998d32016d8c949a72949f927fdd88a298b8f4b9";>998d320 Bump groovy from 3.0.4 to 3.0.6 https://github.com/apache/maven-artifact-transfer/commit/7f8251e01a7169232df6c1ad9b8d0d2b0ce3495a";>7f8251e Bump junit from 4.13 to 4.13.1 https://github.com/apache/maven-artifact-transfer/commit/dfb1e61c4f5db6fe167b3d879a37ab5e25c8475c";>dfb1e61 Quick fixes for problems reported by the IDE https://github.com/apache/maven-artifact-transfer/commit/0e1b8787b324b40376844280078fea8b5bcdb1f7";>0e1b878 Drop unused dependency commons-codec https://github.com/apache/maven-artifact-transfer/commit/a87ec073ea6a7e97bda97af54b96a6b7223b6dbb";>a87ec07 Bump groovy from 3.0.3 to 3.0.4 https://github.com/apache/maven-artifact-transfer/commit/f2b0b25be400ca1174b1af79488ded26b9bfe720";>f2b0b25 Run integration tests only with Java 8, 11 and 15 https://github.com/apache/maven-artifact-transfer/commit/64442121574513ab899efc408c9c9291df1071c7";>6444212 Remove unnecessary file causing Animal Sniffer to fail build https://github.com/apache/maven-artifact-transfer/commit/92a6791223c6af78b1c402c0d20bd9234499ea6e";>92a6791 update ASF CI url Additional commits viewable in https://github.com/apache/maven-artifact-transfer/compare/maven-artifact-transfer-0.12.0...maven-artifact-transfer-0.13.1";>compare view [](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores) Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting `@dependabot rebase`. [//]: # (dependabot-automerge-start) [//]: # (dependabot-automerge-end) --- Dependabot commands and options You can trigger Dependabot actions by commenting on this PR: - `@dependabot rebase` will rebase this PR - `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it - `@dependabot merge` will merge this PR after your CI passes on it - `@dependabot squash and merge` will squash and merge this PR after your CI passes on it - `@dependabot cancel merge` will cancel a previously requested merge and block automerging - `@dependabot reopen` will reopen this PR if it is closed - `@dependabot close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually - `@dependabot ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself) -- This is an automated message from the Apache Git Service. To respond to the message, please log on to GitHub and use the URL above to go to the specific comment. To unsubscribe, e-mail: issues-unsubscr...@maven.apache.org For queries about this service, please contact Infrastructure at: us...@infra.apache.org
[GitHub] [maven-gpg-plugin] dependabot[bot] opened a new pull request, #18: Bump mavenVersion from 3.0 to 3.8.6
dependabot[bot] opened a new pull request, #18: URL: https://github.com/apache/maven-gpg-plugin/pull/18 Bumps `mavenVersion` from 3.0 to 3.8.6. Updates `maven-plugin-api` from 3.0 to 3.8.6 Release notes Sourced from https://github.com/apache/maven/releases";>maven-plugin-api's releases. 3.8.6 What's Changed [MNG-7441] 3.8.x Update version of logback by https://github.com/cstamas";>@cstamas in https://github-redirect.dependabot.com/apache/maven/pull/708";>apache/maven#708 [MNG-7432] Resolver session contains non-MavenWorkspaceReader by https://github.com/laeubi";>@laeubi in https://github-redirect.dependabot.com/apache/maven/pull/695";>apache/maven#695 [MNG-7459] Revert "[3.8.x][MNG-7347] SessionScoped beans should be singletons for a given session" by https://github.com/gnodet";>@gnodet in https://github-redirect.dependabot.com/apache/maven/pull/715";>apache/maven#715 [3.8.x] [MNG-7476] Display a warning when an aggregator mojo locks other mojos executions by https://github.com/gnodet";>@gnodet in https://github-redirect.dependabot.com/apache/maven/pull/736";>apache/maven#736 Full Changelog: https://github.com/apache/maven/compare/maven-3.8.5...maven-3.8.6";>https://github.com/apache/maven/compare/maven-3.8.5...maven-3.8.6 3.8.5 What's Changed [3.8.x][MNG-7156][MNG-7285] Add locking in MojoExecutor by https://github.com/gnodet";>@gnodet in https://github-redirect.dependabot.com/apache/maven/pull/628";>apache/maven#628 [MNG-6326] Make the build fail if core extensions can not be loaded by https://github.com/gnodet";>@gnodet in https://github-redirect.dependabot.com/apache/maven/pull/648";>apache/maven#648 [3.8.x][MNG-7347] SessionScoped beans should be singletons for a given session by https://github.com/gnodet";>@gnodet in https://github-redirect.dependabot.com/apache/maven/pull/653";>apache/maven#653 [3.8.x][MNG-7386] Make sure the ModelMerger$MergingList can be serialized by https://github.com/gnodet";>@gnodet in https://github-redirect.dependabot.com/apache/maven/pull/656";>apache/maven#656 [3.8.x][MNG-7349] Limit relocation warning message to direct dependencies only by https://github.com/gnodet";>@gnodet in https://github-redirect.dependabot.com/apache/maven/pull/657";>apache/maven#657 [3.8.x][MNG-6727] Changed expression check to project.version and project.parent.version by https://github.com/gnodet";>@gnodet in https://github-redirect.dependabot.com/apache/maven/pull/670";>apache/maven#670 [3.8.x][MNG-7395] - Support system-properties in extension.xml by https://github.com/laeubi";>@laeubi in https://github-redirect.dependabot.com/apache/maven/pull/673";>apache/maven#673 New Contributors https://github.com/laeubi";>@laeubi made their first contribution in https://github-redirect.dependabot.com/apache/maven/pull/673";>apache/maven#673 Full Changelog: https://github.com/apache/maven/compare/maven-3.8.4...maven-3.8.5";>https://github.com/apache/maven/compare/maven-3.8.4...maven-3.8.5 3.8.4 What's Changed [MNG-6302] logging the module count by https://github.com/rmannibucau";>@rmannibucau in https://github-redirect.dependabot.com/apache/maven/pull/136";>apache/maven#136 [MNG-6424] - Upgrade plexus-interpolation to 1.25 by https://github.com/shemic87";>@shemic87 in https://github-redirect.dependabot.com/apache/maven/pull/172";>apache/maven#172 Update Jenkins build to use Maven 3.5.4 by https://github.com/slachiewicz";>@slachiewicz in https://github-redirect.dependabot.com/apache/maven/pull/179";>apache/maven#179 [MNG-6473] Update Mockito to 2.21.0 by https://github.com/slachiewicz";>@slachiewicz in https://github-redirect.dependabot.com/apache/maven/pull/181";>apache/maven#181 MNG-6414 Add more Apache license headers to skip downloading license … by https://github.com/slachiewicz";>@slachiewicz in https://github-redirect.dependabot.com/apache/maven/pull/167";>apache/maven#167 [MNG-6479] Upgrade XMLUnit to 2.2.1 by https://github.com/slachiewicz";>@slachiewicz in https://github-redirect.dependabot.com/apache/maven/pull/183";>apache/maven#183 Fixed typo in exception logging by https://github.com/slachiewicz";>@slachiewicz in https://github-redirect.dependabot.com/apache/maven/pull/170";>apache/maven#170 [MNG-6490] Maven fails reporting circular dependency when the depende… by https://github.com/slachiewicz";>@slachiewicz in https://github-redirect.dependabot.com/apache/maven/pull/188";>apache/maven#188 [MNG-6261] - using java File api to compare by https://github.com/fabcipriano";>@fabcipriano in https://github-redirect.dependabot.com/apache/maven/pull/192";>apache/maven#192 MNG-6529 - ProjectBuild.build(projectsList, ...) ignores request.isResolveDependencies() by https://github.com/mickaelistria";>@mickaelistria in https://github-redirect.dependabot.com/apache/maven/pull/193";>apache/maven#193 [MNG-6559] Fix mailing list U
[GitHub] [maven-gpg-plugin] dependabot[bot] opened a new pull request, #20: Bump maven-resolver-util from 1.4.1 to 1.8.1
dependabot[bot] opened a new pull request, #20: URL: https://github.com/apache/maven-gpg-plugin/pull/20 Bumps [maven-resolver-util](https://github.com/apache/maven-resolver) from 1.4.1 to 1.8.1. Commits https://github.com/apache/maven-resolver/commit/01a820ac40b25acb924f289056e9fa77de10a81f";>01a820a [maven-release-plugin] prepare release maven-resolver-1.8.1 https://github.com/apache/maven-resolver/commit/e9fe72f198f4fbf8ec4526a77068c9bed37c2a99";>e9fe72f Replace TBD placeholders with next version https://github.com/apache/maven-resolver/commit/4702bcf246f018ec8e9d1d3dd3f3dfe9a86b8da0";>4702bcf [MRESOLVER-262] Provide contextual data in trace during collect (https://github-redirect.dependabot.com/apache/maven-resolver/issues/182";>#182) https://github.com/apache/maven-resolver/commit/d1833cf88083017237324a156d2949777e10d809";>d1833cf Remove unused stuff (https://github-redirect.dependabot.com/apache/maven-resolver/issues/181";>#181) https://github.com/apache/maven-resolver/commit/1ab297e4a2b59d2ea21eec2aa1928dea2eec0f0f";>1ab297e Extract class PremanagedDependency (https://github-redirect.dependabot.com/apache/maven-resolver/issues/179";>#179) https://github.com/apache/maven-resolver/commit/a626750bf60a6f8209d3e2ccc0902d15f1d24140";>a626750 Collapse collectors (https://github-redirect.dependabot.com/apache/maven-resolver/issues/177";>#177) https://github.com/apache/maven-resolver/commit/570c65e6a8d86ed76df87c2b6f88df6941299b61";>570c65e Add test for empty children and collapse tests (https://github-redirect.dependabot.com/apache/maven-resolver/issues/175";>#175) https://github.com/apache/maven-resolver/commit/2ea36519a72079b9efa59c6278b15bfb01a53fb4";>2ea3651 [MRESOLVER-256] Dependency tree is different between DF and BF strategies whe... https://github.com/apache/maven-resolver/commit/adf3f7504eac3e199af236e25a48ed1286ab3878";>adf3f75 configure Jira integration https://github.com/apache/maven-resolver/commit/6e12ad3932e57c1eb57dc9250c35304fdaf7f0fb";>6e12ad3 [MRESOLVER-255] Update Jetty to 9.4.46.v20220331 (https://github-redirect.dependabot.com/apache/maven-resolver/issues/171";>#171) Additional commits viewable in https://github.com/apache/maven-resolver/compare/maven-resolver-1.4.1...maven-resolver-1.8.1";>compare view [](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores) Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting `@dependabot rebase`. [//]: # (dependabot-automerge-start) [//]: # (dependabot-automerge-end) --- Dependabot commands and options You can trigger Dependabot actions by commenting on this PR: - `@dependabot rebase` will rebase this PR - `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it - `@dependabot merge` will merge this PR after your CI passes on it - `@dependabot squash and merge` will squash and merge this PR after your CI passes on it - `@dependabot cancel merge` will cancel a previously requested merge and block automerging - `@dependabot reopen` will reopen this PR if it is closed - `@dependabot close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually - `@dependabot ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself) -- This is an automated message from the Apache Git Service. To respond to the message, please log on to GitHub and use the URL above to go to the specific comment. To unsubscribe, e-mail: issues-unsubscr...@maven.apache.org For queries about this service, please contact Infrastructure at: us...@infra.apache.org
[GitHub] [maven-gpg-plugin] dependabot[bot] opened a new pull request, #21: Bump maven-plugins from 34 to 36
dependabot[bot] opened a new pull request, #21: URL: https://github.com/apache/maven-gpg-plugin/pull/21 Bumps [maven-plugins](https://github.com/apache/maven-parent) from 34 to 36. Release notes Sourced from https://github.com/apache/maven-parent/releases";>maven-plugins's releases. 36 What's Changed [MPOM-300] switch from GA to ASF Matomo. by https://github.com/bmarwell";>@bmarwell in https://github-redirect.dependabot.com/apache/maven-parent/pull/58";>apache/maven-parent#58 [MPOM-308] Upgrade Maven PMD Plugin from 3.15.0 to 3.16.0 by https://github.com/slawekjaranowski";>@slawekjaranowski in https://github-redirect.dependabot.com/apache/maven-parent/pull/59";>apache/maven-parent#59 Bump taglist-maven-plugin from 2.4 to 3.0.0 by https://github.com/dependabot";>@dependabot in https://github-redirect.dependabot.com/apache/maven-parent/pull/45";>apache/maven-parent#45 Bump maven-jxr-plugin from 3.1.1 to 3.2.0 by https://github.com/dependabot";>@dependabot in https://github-redirect.dependabot.com/apache/maven-parent/pull/60";>apache/maven-parent#60 [MPOM-313] execute checkstyle in early phase of the build by https://github.com/olamy";>@olamy in https://github-redirect.dependabot.com/apache/maven-parent/pull/55";>apache/maven-parent#55 [MPOM-314] Upgrade modello-maven-plugin from 1.11 to 2.0.0 by https://github.com/slawekjaranowski";>@slawekjaranowski in https://github-redirect.dependabot.com/apache/maven-parent/pull/61";>apache/maven-parent#61 Bump apache from 25 to 26 by https://github.com/dependabot";>@dependabot in https://github-redirect.dependabot.com/apache/maven-parent/pull/62";>apache/maven-parent#62 New Contributors https://github.com/bmarwell";>@bmarwell made their first contribution in https://github-redirect.dependabot.com/apache/maven-parent/pull/58";>apache/maven-parent#58 https://github.com/olamy";>@olamy made their first contribution in https://github-redirect.dependabot.com/apache/maven-parent/pull/55";>apache/maven-parent#55 Full Changelog: https://github.com/apache/maven-parent/compare/maven-parent-35...maven-parent-36";>https://github.com/apache/maven-parent/compare/maven-parent-35...maven-parent-36 35 What's Changed docs: remove out of date comment by https://github.com/elharo";>@elharo in https://github-redirect.dependabot.com/apache/maven-parent/pull/8";>apache/maven-parent#8 [MPOM-252] remove broken mail list archives by https://github.com/elharo";>@elharo in https://github-redirect.dependabot.com/apache/maven-parent/pull/18";>apache/maven-parent#18 Bump plexus-utils from 3.1.0 to 3.3.0 by https://github.com/dependabot";>@dependabot in https://github-redirect.dependabot.com/apache/maven-parent/pull/13";>apache/maven-parent#13 Bump maven-toolchains-plugin from 1.1 to 3.0.0 by https://github.com/dependabot";>@dependabot in https://github-redirect.dependabot.com/apache/maven-parent/pull/10";>apache/maven-parent#10 Bump plexus-container-default from 1.0-alpha-30 to 2.1.0 by https://github.com/dependabot";>@dependabot in https://github-redirect.dependabot.com/apache/maven-parent/pull/11";>apache/maven-parent#11 Bump plexus-component-annotations from 2.0.0 to 2.1.0 by https://github.com/dependabot";>@dependabot in https://github-redirect.dependabot.com/apache/maven-parent/pull/15";>apache/maven-parent#15 Bump mavenPluginToolsVersion from 3.5.2 to 3.6.0 by https://github.com/dependabot";>@dependabot in https://github-redirect.dependabot.com/apache/maven-parent/pull/16";>apache/maven-parent#16 Bump modello-maven-plugin from 1.9.1 to 1.11 by https://github.com/dependabot";>@dependabot in https://github-redirect.dependabot.com/apache/maven-parent/pull/12";>apache/maven-parent#12 Bump maven-jxr-plugin from 2.5 to 3.0.0 by https://github.com/dependabot";>@dependabot in https://github-redirect.dependabot.com/apache/maven-parent/pull/9";>apache/maven-parent#9 Bump maven-pmd-plugin from 3.8 to 3.13.0 by https://github.com/dependabot";>@dependabot in https://github-redirect.dependabot.com/apache/maven-parent/pull/17";>apache/maven-parent#17 Bump maven-pmd-plugin from 3.14.0 to 3.15.0 by https://github.com/dependabot";>@dependabot in https://github-redirect.dependabot.com/apache/maven-parent/pull/28";>apache/maven-parent#28 [MPOM-268] - Removed unused property by https://github.com/khmarbaise";>@khmarbaise in https://github-redirect.dependabot.com/apache/maven-parent/pull/29";>apache/maven-parent#29 Bump mavenPluginToolsVersion from 3.6.0 to 3.6.1 by https://github.com/dependabot";>@dependabot in https://github-redirect.dependabot.com/apache/maven-parent/pull/25";>apache/maven-parent#25 [MPOM-270] Fix enforcer plugin by https://github.com/cstamas";>@cstamas in https://github-redirect.dependabot.com/apache/maven-parent/pull/32";>apache/maven-parent#32 [MPOM-271] Add "drop legacy dependencies" profile by https://github.com/cstamas";>@cstamas in ht
[GitHub] [maven-gpg-plugin] dependabot[bot] opened a new pull request, #22: Bump maven-shade-plugin from 3.2.2 to 3.3.0
dependabot[bot] opened a new pull request, #22: URL: https://github.com/apache/maven-gpg-plugin/pull/22 Bumps [maven-shade-plugin](https://github.com/apache/maven-shade-plugin) from 3.2.2 to 3.3.0. Commits https://github.com/apache/maven-shade-plugin/commit/7169fded927b20c99534f6b30551b97fd2120676";>7169fde [maven-release-plugin] prepare release maven-shade-plugin-3.3.0 https://github.com/apache/maven-shade-plugin/commit/e5dcf95ab7956dc52fdf5e6cf465576c5b6a2ef8";>e5dcf95 Revert "[maven-release-plugin] prepare release maven-shade-plugin-3.3.0" https://github.com/apache/maven-shade-plugin/commit/c2473cbab1837b499f144d3de98f7e8c3ca32d4e";>c2473cb [maven-release-plugin] prepare release maven-shade-plugin-3.3.0 https://github.com/apache/maven-shade-plugin/commit/ece4172b240cde8a5969890df7b989d93c98ce84";>ece4172 Revert "[maven-release-plugin] prepare release maven-shade-plugin-3.3.0" https://github.com/apache/maven-shade-plugin/commit/0c6f823b9e53e0a9803ec5528c25a6aa6f37ce44";>0c6f823 Revert "[maven-release-plugin] prepare for next development iteration" https://github.com/apache/maven-shade-plugin/commit/a9355b31dd901a73a75ec18027964a0f012459fe";>a9355b3 [maven-release-plugin] prepare for next development iteration https://github.com/apache/maven-shade-plugin/commit/fc1dcc22ac5a21e5e882ec0faa32ae21b4336681";>fc1dcc2 [maven-release-plugin] prepare release maven-shade-plugin-3.3.0 https://github.com/apache/maven-shade-plugin/commit/aa019caa0a88714be532c973e5f73fbc7f0fbdd1";>aa019ca Bump hamcrest-core from 1.3 to 2.2 https://github.com/apache/maven-shade-plugin/commit/17b87aa368db6e0bcea4f6c2f1e07e46945f2f4b";>17b87aa [MSHADE-412] avoid possible NPE since rawString was added in SimpleRelocator ... https://github.com/apache/maven-shade-plugin/commit/04afab6ed3f82d5286babc42c660402ef7c325ad";>04afab6 Shared GitHub actions v2 Additional commits viewable in https://github.com/apache/maven-shade-plugin/compare/maven-shade-plugin-3.2.2...maven-shade-plugin-3.3.0";>compare view [](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores) Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting `@dependabot rebase`. [//]: # (dependabot-automerge-start) [//]: # (dependabot-automerge-end) --- Dependabot commands and options You can trigger Dependabot actions by commenting on this PR: - `@dependabot rebase` will rebase this PR - `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it - `@dependabot merge` will merge this PR after your CI passes on it - `@dependabot squash and merge` will squash and merge this PR after your CI passes on it - `@dependabot cancel merge` will cancel a previously requested merge and block automerging - `@dependabot reopen` will reopen this PR if it is closed - `@dependabot close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually - `@dependabot ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself) -- This is an automated message from the Apache Git Service. To respond to the message, please log on to GitHub and use the URL above to go to the specific comment. To unsubscribe, e-mail: issues-unsubscr...@maven.apache.org For queries about this service, please contact Infrastructure at: us...@infra.apache.org
[GitHub] [maven-gpg-plugin] dependabot[bot] opened a new pull request, #23: Bump maven-invoker from 3.1.0 to 3.2.0
dependabot[bot] opened a new pull request, #23: URL: https://github.com/apache/maven-gpg-plugin/pull/23 Bumps [maven-invoker](https://github.com/apache/maven-invoker) from 3.1.0 to 3.2.0. Release notes Sourced from https://github.com/apache/maven-invoker/releases";>maven-invoker's releases. 3.2.0 🚀 New features and improvements https://issues.apache.org/jira/browse/MSHARED-1040";>[MSHARED-1040] - Require Java 8 (https://github-redirect.dependabot.com/apache/maven-invoker/issues/45";>#45) https://github.com/slawekjaranowski";>@slawekjaranowski https://issues.apache.org/jira/browse/MSHARED-1019";>[MSHARED-1019] - Allow pass raw cli option to Maven process (https://github-redirect.dependabot.com/apache/maven-invoker/issues/43";>#43) https://github.com/slawekjaranowski";>@slawekjaranowski https://issues.apache.org/jira/browse/MSHARED-1018";>[MSHARED-1018] - Allow for using the -ntp ,--no-transfer-progress flag in Maven invocations (https://github-redirect.dependabot.com/apache/maven-invoker/issues/42";>#42) https://github.com/slawekjaranowski";>@slawekjaranowski https://issues.apache.org/jira/browse/MSHARED-1009";>[MSHARED-1009] - Allow providing Maven executable from workspace (https://github-redirect.dependabot.com/apache/maven-invoker/issues/38";>#38) https://github.com/slawekjaranowski";>@slawekjaranowski https://issues.apache.org/jira/browse/MSHARED-649";>[MSHARED-649] - Allow Pom file outside base directory (https://github-redirect.dependabot.com/apache/maven-invoker/issues/37";>#37) https://github.com/slawekjaranowski";>@slawekjaranowski https://issues.apache.org/jira/browse/MSHARED-1007";>[MSHARED-1007] - Add MavenHome and MavenExecutable options to InvocationRequest (https://github-redirect.dependabot.com/apache/maven-invoker/issues/34";>#34) https://github.com/slawekjaranowski";>@slawekjaranowski https://issues.apache.org/jira/browse/MINVOKER-233";>[MINVOKER-233] - Improve DefaultInvoker with a timeout. (https://github-redirect.dependabot.com/apache/maven-invoker/issues/1";>#1) https://github.com/surli";>@surli 🐛 Bug Fixes https://issues.apache.org/jira/browse/MSHARED-1008";>[MSHARED-1008] - Set builder id in proper way (https://github-redirect.dependabot.com/apache/maven-invoker/issues/33";>#33) https://github.com/slawekjaranowski";>@slawekjaranowski 📦 Dependency updates https://issues.apache.org/jira/browse/MSHARED-1042";>[MSHARED-1042] - Upgrade Parent to 35 (https://github-redirect.dependabot.com/apache/maven-invoker/issues/47";>#47) https://github.com/slawekjaranowski";>@slawekjaranowski Bump maven-site-plugin from 3.9.1 to 3.10.0 (https://github-redirect.dependabot.com/apache/maven-invoker/issues/36";>#36) https://github.com/dependabot";>@dependabot Bump extra-enforcer-rules from 1.4 to 1.5.1 (https://github-redirect.dependabot.com/apache/maven-invoker/issues/31";>#31) https://github.com/dependabot";>@dependabot Bump maven-project-info-reports-plugin from 3.1.1 to 3.1.2 (https://github-redirect.dependabot.com/apache/maven-invoker/issues/11";>#11) https://github.com/dependabot";>@dependabot Update build and deps (https://github-redirect.dependabot.com/apache/maven-invoker/issues/25";>#25) https://github.com/cstamas";>@cstamas Bump actions/setup-java from 2.3.0 to 2.3.1 (https://github-redirect.dependabot.com/apache/maven-invoker/issues/23";>#23) https://github.com/dependabot";>@dependabot Bump maven-javadoc-plugin from 3.2.0 to 3.3.1 (https://github-redirect.dependabot.com/apache/maven-invoker/issues/21";>#21) https://github.com/dependabot";>@dependabot Bump actions/setup-java from 2.2.0 to 2.3.0 (https://github-redirect.dependabot.com/apache/maven-invoker/issues/20";>#20) https://github.com/dependabot";>@dependabot Bump actions/cache from 2.1.5 to 2.1.6 (https://github-redirect.dependabot.com/apache/maven-invoker/issues/17";>#17) https://github.com/dependabot";>@dependabot Bump actions/checkout from 2 to 2.3.4 (https://github-redirect.dependabot.com/apache/maven-invoker/issues/14";>#14) https://github.com/dependabot";>@dependabot Bump actions/cache from v2.1.4 to v2.1.5 (https://github-redirect.dependabot.com/apache/maven-invoker/issues/10";>#10) https://github.com/dependabot";>@dependabot Bump junit from 4.13.1 to 4.13.2 (https://github-redirect.dependabot.com/apache/maven-invoker/issues/8";>#8) https://github.com/dependabot";>@dependabot 👻 Maintenance https://issues.apache.org/jira/browse/MSHARED-577";>[MSHARED-577] - Remove usage of M2_HOME environment variable (https://github-redirect.dependabot.com/apache/maven-invoker/issues/35";>#35) https://github.com/slawekjaranowski";>@slawekjaranowski https://issues.apache.org/jira/browse/MSHARED-1006";>[MSHARED-1006] - Deprecate not thread safe methods on Invoker (https://github-redirect.dependabot.com/apache/maven-invoker/issues/32";>#32) https://github.com/slaw
[GitHub] [maven-gpg-plugin] dependabot[bot] opened a new pull request, #24: Bump plexus-utils from 3.3.0 to 3.4.2
dependabot[bot] opened a new pull request, #24: URL: https://github.com/apache/maven-gpg-plugin/pull/24 Bumps [plexus-utils](https://github.com/codehaus-plexus/plexus-utils) from 3.3.0 to 3.4.2. Release notes Sourced from https://github.com/codehaus-plexus/plexus-utils/releases";>plexus-utils's releases. 3.4.2 🚀 New features and improvements Provides a CachingOuptutStream and a CachingWriter (https://github-redirect.dependabot.com/codehaus-plexus/plexus-utils/issues/184";>#184) https://github.com/gnodet";>@gnodet Use (already) precalculated value (https://github-redirect.dependabot.com/codehaus-plexus/plexus-utils/issues/186";>#186) https://github.com/pzygielo";>@pzygielo use github shared actions (https://github-redirect.dependabot.com/codehaus-plexus/plexus-utils/issues/171";>#171) https://github.com/olamy";>@olamy 🐛 Bug Fixes MXParser fixes (https://github-redirect.dependabot.com/codehaus-plexus/plexus-utils/issues/185";>#185) https://github.com/gnodet";>@gnodet Fix last modified time not being updated on linux (https://github-redirect.dependabot.com/codehaus-plexus/plexus-utils/issues/203";>#203) https://github.com/gnodet";>@gnodet Fix regression and deprecate: FileUtils.fileAppend should create file… (https://github-redirect.dependabot.com/codehaus-plexus/plexus-utils/issues/200";>#200) https://github.com/slachiewicz";>@slachiewicz Fix some testing XML files checkout with incorrect eol (https://github-redirect.dependabot.com/codehaus-plexus/plexus-utils/issues/198";>#198) https://github.com/belingueres";>@belingueres Fixed regressions: https://github-redirect.dependabot.com/codehaus-plexus/plexus-utils/issues/163";>#163 and https://github-redirect.dependabot.com/codehaus-plexus/plexus-utils/issues/194";>#194 (https://github-redirect.dependabot.com/codehaus-plexus/plexus-utils/issues/195";>#195) https://github.com/belingueres";>@belingueres Don't ignore valid SCM files (https://github-redirect.dependabot.com/codehaus-plexus/plexus-utils/issues/174";>#174) https://github.com/michael-o";>@michael-o 📦 Dependency updates Bump github/codeql-action from 1 to 2 (https://github-redirect.dependabot.com/codehaus-plexus/plexus-utils/issues/202";>#202) https://github.com/dependabot";>@dependabot Bump actions/checkout from 3.0.1 to 3.0.2 (https://github-redirect.dependabot.com/codehaus-plexus/plexus-utils/issues/199";>#199) https://github.com/dependabot";>@dependabot Bump release-drafter/release-drafter from 5.18.1 to 5.19.0 (https://github-redirect.dependabot.com/codehaus-plexus/plexus-utils/issues/188";>#188) https://github.com/dependabot";>@dependabot Bump jmh-generator-annprocess from 1.34 to 1.35 (https://github-redirect.dependabot.com/codehaus-plexus/plexus-utils/issues/189";>#189) https://github.com/dependabot";>@dependabot Bump jmh-core from 1.34 to 1.35 (https://github-redirect.dependabot.com/codehaus-plexus/plexus-utils/issues/190";>#190) https://github.com/dependabot";>@dependabot Bump actions/checkout from 2.4.0 to 3.0.1 (https://github-redirect.dependabot.com/codehaus-plexus/plexus-utils/issues/197";>#197) https://github.com/dependabot";>@dependabot Bump jmh-generator-annprocess from 1.33 to 1.34 (https://github-redirect.dependabot.com/codehaus-plexus/plexus-utils/issues/175";>#175) https://github.com/dependabot";>@dependabot Bump jmh-core from 1.33 to 1.34 (https://github-redirect.dependabot.com/codehaus-plexus/plexus-utils/issues/176";>#176) https://github.com/dependabot";>@dependabot Bump release-drafter/release-drafter from 5.15.0 to 5.18.1 (https://github-redirect.dependabot.com/codehaus-plexus/plexus-utils/issues/183";>#183) https://github.com/dependabot";>@dependabot Bump actions/checkout from 2.3.4 to 2.4.0 (https://github-redirect.dependabot.com/codehaus-plexus/plexus-utils/issues/173";>#173) https://github.com/dependabot";>@dependabot Bump actions/setup-java from 2.3.0 to 2.3.1 (https://github-redirect.dependabot.com/codehaus-plexus/plexus-utils/issues/170";>#170) https://github.com/dependabot";>@dependabot 3.4.1 🐛 Bug Fixes Fixes https://github-redirect.dependabot.com/codehaus-plexus/plexus-utils/issues/163";>#163: Regression: encoding error when parsing a ISO-8859-1 xml (https://github-redirect.dependabot.com/codehaus-plexus/plexus-utils/issues/164";>#164) https://github.com/belingueres";>@belingueres 📦 Dependency updates Bump actions/setup-java from 2.2.0 to 2.3.0 (https://github-redirect.dependabot.com/codehaus-plexus/plexus-utils/issues/168";>#168) https://github.com/dependabot";>@dependabot Bump jmh-generator-annprocess from 1.32 to 1.33 (https://github-redirect.dependabot.com/codehaus-plexus/plexus-utils/issues/166";>#166) https://github.com/dependabot";>@dependabot Bump jmh-core from 1.32 to 1.33 (https://github-redirect.dependabot.com/codehaus-plexus/plexus-utils/issues/165";>#1
[jira] [Commented] (MGPG-88) Require Java 8
[ https://issues.apache.org/jira/browse/MGPG-88?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=17567645#comment-17567645 ] Hudson commented on MGPG-88: Build succeeded in Jenkins: Maven » Maven TLP » maven-gpg-plugin » master #9 See https://ci-maven.apache.org/job/Maven/job/maven-box/job/maven-gpg-plugin/job/master/9/ > Require Java 8 > -- > > Key: MGPG-88 > URL: https://issues.apache.org/jira/browse/MGPG-88 > Project: Maven GPG Plugin > Issue Type: Task >Reporter: Sylwester Lachiewicz >Assignee: Sylwester Lachiewicz >Priority: Minor > Fix For: 3.1.0 > > -- This message was sent by Atlassian Jira (v8.20.10#820010)
[GitHub] [maven-gpg-plugin] slachiewicz closed pull request #17: [MGPG-86] - Prevent NullPointerException when executable cannot be run
slachiewicz closed pull request #17: [MGPG-86] - Prevent NullPointerException when executable cannot be run URL: https://github.com/apache/maven-gpg-plugin/pull/17 -- This is an automated message from the Apache Git Service. To respond to the message, please log on to GitHub and use the URL above to go to the specific comment. To unsubscribe, e-mail: issues-unsubscr...@maven.apache.org For queries about this service, please contact Infrastructure at: us...@infra.apache.org
[jira] [Assigned] (MGPG-86) NullPointerException when gpg executable cannot be found
[
https://issues.apache.org/jira/browse/MGPG-86?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel
]
Sylwester Lachiewicz reassigned MGPG-86:
Assignee: Sylwester Lachiewicz
> NullPointerException when gpg executable cannot be found
>
>
> Key: MGPG-86
> URL: https://issues.apache.org/jira/browse/MGPG-86
> Project: Maven GPG Plugin
> Issue Type: Bug
>Affects Versions: 1.5, 1.6, 3.0.1
> Environment: linux, macos
>Reporter: Chas Honton
>Assignee: Sylwester Lachiewicz
>Priority: Major
> Fix For: 3.1.0
>
>
> {noformat}
> [ERROR] Failed to execute goal
> org.apache.maven.plugins:maven-gpg-plugin:3.0.1:sign (sign-artifacts) on
> project git-tag-maven-plugin: Execution sign-artifacts of goal
> org.apache.maven.plugins:maven-gpg-plugin:3.0.1:sign failed.:
> NullPointerException -> [Help 1]
> org.apache.maven.lifecycle.LifecycleExecutionException: Failed to execute
> goal org.apache.maven.plugins:maven-gpg-plugin:3.0.1:sign (sign-artifacts) on
> project git-tag-maven-plugin: Execution sign-artifacts of goal
> org.apache.maven.plugins:maven-gpg-plugin:3.0.1:sign failed.
> at org.apache.maven.lifecycle.internal.MojoExecutor.doExecute
> (MojoExecutor.java:306)
> at org.apache.maven.lifecycle.internal.MojoExecutor.execute
> (MojoExecutor.java:211)
> at org.apache.maven.lifecycle.internal.MojoExecutor.execute
> (MojoExecutor.java:165)
> at org.apache.maven.lifecycle.internal.MojoExecutor.execute
> (MojoExecutor.java:157)
> at
> org.apache.maven.lifecycle.internal.LifecycleModuleBuilder.buildProject
> (LifecycleModuleBuilder.java:121)
> at
> org.apache.maven.lifecycle.internal.LifecycleModuleBuilder.buildProject
> (LifecycleModuleBuilder.java:81)
> at
> org.apache.maven.lifecycle.internal.builder.singlethreaded.SingleThreadedBuilder.build
> (SingleThreadedBuilder.java:56)
> at org.apache.maven.lifecycle.internal.LifecycleStarter.execute
> (LifecycleStarter.java:127)
> at org.apache.maven.DefaultMaven.doExecute (DefaultMaven.java:294)
> at org.apache.maven.DefaultMaven.doExecute (DefaultMaven.java:192)
> at org.apache.maven.DefaultMaven.execute (DefaultMaven.java:105)
> at org.apache.maven.cli.MavenCli.execute (MavenCli.java:960)
> at org.apache.maven.cli.MavenCli.doMain (MavenCli.java:293)
> at org.apache.maven.cli.MavenCli.main (MavenCli.java:196)
> at jdk.internal.reflect.NativeMethodAccessorImpl.invoke0 (Native Method)
> at jdk.internal.reflect.NativeMethodAccessorImpl.invoke
> (NativeMethodAccessorImpl.java:62)
> at jdk.internal.reflect.DelegatingMethodAccessorImpl.invoke
> (DelegatingMethodAccessorImpl.java:43)
> at java.lang.reflect.Method.invoke (Method.java:566)
> at org.codehaus.plexus.classworlds.launcher.Launcher.launchEnhanced
> (Launcher.java:282)
> at org.codehaus.plexus.classworlds.launcher.Launcher.launch
> (Launcher.java:225)
> at org.codehaus.plexus.classworlds.launcher.Launcher.mainWithExitCode
> (Launcher.java:406)
> at org.codehaus.plexus.classworlds.launcher.Launcher.main
> (Launcher.java:347)
> Caused by: org.apache.maven.plugin.PluginExecutionException: Execution
> sign-artifacts of goal org.apache.maven.plugins:maven-gpg-plugin:3.0.1:sign
> failed.
> at org.apache.maven.plugin.DefaultBuildPluginManager.executeMojo
> (DefaultBuildPluginManager.java:148)
> at org.apache.maven.lifecycle.internal.MojoExecutor.doExecute
> (MojoExecutor.java:301)
> at org.apache.maven.lifecycle.internal.MojoExecutor.execute
> (MojoExecutor.java:211)
> at org.apache.maven.lifecycle.internal.MojoExecutor.execute
> (MojoExecutor.java:165)
> at org.apache.maven.lifecycle.internal.MojoExecutor.execute
> (MojoExecutor.java:157)
> at
> org.apache.maven.lifecycle.internal.LifecycleModuleBuilder.buildProject
> (LifecycleModuleBuilder.java:121)
> at
> org.apache.maven.lifecycle.internal.LifecycleModuleBuilder.buildProject
> (LifecycleModuleBuilder.java:81)
> at
> org.apache.maven.lifecycle.internal.builder.singlethreaded.SingleThreadedBuilder.build
> (SingleThreadedBuilder.java:56)
> at org.apache.maven.lifecycle.internal.LifecycleStarter.execute
> (LifecycleStarter.java:127)
> at org.apache.maven.DefaultMaven.doExecute (DefaultMaven.java:294)
> at org.apache.maven.DefaultMaven.doExecute (DefaultMaven.java:192)
> at org.apache.maven.DefaultMaven.execute (DefaultMaven.java:105)
> at org.apache.maven.cli.MavenCli.execute (MavenCli.java:960)
> at org.apache.maven.cli.MavenCli.doMain (MavenCli.java:293)
> at org.apache.maven.cli.MavenCli.main (MavenCli.java:196)
> at jdk.internal.reflect.NativeMethodAccessorImpl.invoke0 (Native Method)
> at jdk.internal.reflect.NativeMethodAccessorImpl.invoke
> (NativeMeth
[jira] [Closed] (MGPG-86) NullPointerException when gpg executable cannot be found
[
https://issues.apache.org/jira/browse/MGPG-86?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel
]
Sylwester Lachiewicz closed MGPG-86.
Resolution: Fixed
> NullPointerException when gpg executable cannot be found
>
>
> Key: MGPG-86
> URL: https://issues.apache.org/jira/browse/MGPG-86
> Project: Maven GPG Plugin
> Issue Type: Bug
>Affects Versions: 1.5, 1.6, 3.0.1
> Environment: linux, macos
>Reporter: Chas Honton
>Assignee: Sylwester Lachiewicz
>Priority: Major
> Fix For: 3.1.0
>
>
> {noformat}
> [ERROR] Failed to execute goal
> org.apache.maven.plugins:maven-gpg-plugin:3.0.1:sign (sign-artifacts) on
> project git-tag-maven-plugin: Execution sign-artifacts of goal
> org.apache.maven.plugins:maven-gpg-plugin:3.0.1:sign failed.:
> NullPointerException -> [Help 1]
> org.apache.maven.lifecycle.LifecycleExecutionException: Failed to execute
> goal org.apache.maven.plugins:maven-gpg-plugin:3.0.1:sign (sign-artifacts) on
> project git-tag-maven-plugin: Execution sign-artifacts of goal
> org.apache.maven.plugins:maven-gpg-plugin:3.0.1:sign failed.
> at org.apache.maven.lifecycle.internal.MojoExecutor.doExecute
> (MojoExecutor.java:306)
> at org.apache.maven.lifecycle.internal.MojoExecutor.execute
> (MojoExecutor.java:211)
> at org.apache.maven.lifecycle.internal.MojoExecutor.execute
> (MojoExecutor.java:165)
> at org.apache.maven.lifecycle.internal.MojoExecutor.execute
> (MojoExecutor.java:157)
> at
> org.apache.maven.lifecycle.internal.LifecycleModuleBuilder.buildProject
> (LifecycleModuleBuilder.java:121)
> at
> org.apache.maven.lifecycle.internal.LifecycleModuleBuilder.buildProject
> (LifecycleModuleBuilder.java:81)
> at
> org.apache.maven.lifecycle.internal.builder.singlethreaded.SingleThreadedBuilder.build
> (SingleThreadedBuilder.java:56)
> at org.apache.maven.lifecycle.internal.LifecycleStarter.execute
> (LifecycleStarter.java:127)
> at org.apache.maven.DefaultMaven.doExecute (DefaultMaven.java:294)
> at org.apache.maven.DefaultMaven.doExecute (DefaultMaven.java:192)
> at org.apache.maven.DefaultMaven.execute (DefaultMaven.java:105)
> at org.apache.maven.cli.MavenCli.execute (MavenCli.java:960)
> at org.apache.maven.cli.MavenCli.doMain (MavenCli.java:293)
> at org.apache.maven.cli.MavenCli.main (MavenCli.java:196)
> at jdk.internal.reflect.NativeMethodAccessorImpl.invoke0 (Native Method)
> at jdk.internal.reflect.NativeMethodAccessorImpl.invoke
> (NativeMethodAccessorImpl.java:62)
> at jdk.internal.reflect.DelegatingMethodAccessorImpl.invoke
> (DelegatingMethodAccessorImpl.java:43)
> at java.lang.reflect.Method.invoke (Method.java:566)
> at org.codehaus.plexus.classworlds.launcher.Launcher.launchEnhanced
> (Launcher.java:282)
> at org.codehaus.plexus.classworlds.launcher.Launcher.launch
> (Launcher.java:225)
> at org.codehaus.plexus.classworlds.launcher.Launcher.mainWithExitCode
> (Launcher.java:406)
> at org.codehaus.plexus.classworlds.launcher.Launcher.main
> (Launcher.java:347)
> Caused by: org.apache.maven.plugin.PluginExecutionException: Execution
> sign-artifacts of goal org.apache.maven.plugins:maven-gpg-plugin:3.0.1:sign
> failed.
> at org.apache.maven.plugin.DefaultBuildPluginManager.executeMojo
> (DefaultBuildPluginManager.java:148)
> at org.apache.maven.lifecycle.internal.MojoExecutor.doExecute
> (MojoExecutor.java:301)
> at org.apache.maven.lifecycle.internal.MojoExecutor.execute
> (MojoExecutor.java:211)
> at org.apache.maven.lifecycle.internal.MojoExecutor.execute
> (MojoExecutor.java:165)
> at org.apache.maven.lifecycle.internal.MojoExecutor.execute
> (MojoExecutor.java:157)
> at
> org.apache.maven.lifecycle.internal.LifecycleModuleBuilder.buildProject
> (LifecycleModuleBuilder.java:121)
> at
> org.apache.maven.lifecycle.internal.LifecycleModuleBuilder.buildProject
> (LifecycleModuleBuilder.java:81)
> at
> org.apache.maven.lifecycle.internal.builder.singlethreaded.SingleThreadedBuilder.build
> (SingleThreadedBuilder.java:56)
> at org.apache.maven.lifecycle.internal.LifecycleStarter.execute
> (LifecycleStarter.java:127)
> at org.apache.maven.DefaultMaven.doExecute (DefaultMaven.java:294)
> at org.apache.maven.DefaultMaven.doExecute (DefaultMaven.java:192)
> at org.apache.maven.DefaultMaven.execute (DefaultMaven.java:105)
> at org.apache.maven.cli.MavenCli.execute (MavenCli.java:960)
> at org.apache.maven.cli.MavenCli.doMain (MavenCli.java:293)
> at org.apache.maven.cli.MavenCli.main (MavenCli.java:196)
> at jdk.internal.reflect.NativeMethodAccessorImpl.invoke0 (Native Method)
> at jdk.internal.reflect.NativeMethodAccessorImpl.invoke
> (NativeMethodAccessorImpl.java:62
[jira] [Closed] (MGPG-83) Require Maven 3.2.5+
[ https://issues.apache.org/jira/browse/MGPG-83?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ] Sylwester Lachiewicz closed MGPG-83. Resolution: Fixed > Require Maven 3.2.5+ > > > Key: MGPG-83 > URL: https://issues.apache.org/jira/browse/MGPG-83 > Project: Maven GPG Plugin > Issue Type: Dependency upgrade >Reporter: Sylwester Lachiewicz >Priority: Major > -- This message was sent by Atlassian Jira (v8.20.10#820010)
[jira] [Closed] (MGPG-53) sign-and-deploy-file goal insists on deploying source file for previous sign-and-deploy-file execution
[ https://issues.apache.org/jira/browse/MGPG-53?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ] Sylwester Lachiewicz closed MGPG-53. Resolution: Auto Closed > sign-and-deploy-file goal insists on deploying source file for previous > sign-and-deploy-file execution > -- > > Key: MGPG-53 > URL: https://issues.apache.org/jira/browse/MGPG-53 > Project: Maven GPG Plugin > Issue Type: Bug >Affects Versions: 1.6, 3.0.0 (cancelled) >Reporter: Stephan Leicht Vogt >Priority: Major > Attachments: MGPG-53_deployfile-with-multiple-executions.zip, > MGPG.diff > > > Like the issue MDEPLOY-202 the same occurs in the GPG plugin. -- This message was sent by Atlassian Jira (v8.20.10#820010)
[jira] [Closed] (MGPG-45) ascDirectory has no effect unless artifacts are not in target
[
https://issues.apache.org/jira/browse/MGPG-45?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel
]
Sylwester Lachiewicz closed MGPG-45.
Resolution: Auto Closed
> ascDirectory has no effect unless artifacts are not in target
> -
>
> Key: MGPG-45
> URL: https://issues.apache.org/jira/browse/MGPG-45
> Project: Maven GPG Plugin
> Issue Type: Bug
>Affects Versions: 1.4
>Reporter: Sebb
>Priority: Major
>
> Not sure if this is a documentation or code bug or both.
> The doc for gpg:sign / ascDirectory says:
> {code}
> The directory where to store signature files.
> Default: ${project.build.directory}/gpg
> {code}
> However changing this has no effect unless the artifacts are moved elsewhere
> than target (by changing assembly:outputDirectory).
> If outputDirectory is set to target/tarballs then the sig files are actually
> stored in target/gpg/target/tarballs for the default setting, rather than in
> the expected directory of target/gpg
> If ascDirectory is set to ASC then the sigs are stored in
> ASC/target/tarballs/ rather than ASC.
> If ascDirectory is set to "." then the sigs are stored in
> target/tarballs/ rather than the home directory.
> There does not seem to be any use-case for this behaviour, and if there is,
> it's not documented correctly.
--
This message was sent by Atlassian Jira
(v8.20.10#820010)
[jira] [Closed] (MGPG-57) passphraseServerId is ignored if a server with id gpg.passphrase exists
[
https://issues.apache.org/jira/browse/MGPG-57?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel
]
Sylwester Lachiewicz closed MGPG-57.
Resolution: Auto Closed
> passphraseServerId is ignored if a server with id gpg.passphrase exists
> ---
>
> Key: MGPG-57
> URL: https://issues.apache.org/jira/browse/MGPG-57
> Project: Maven GPG Plugin
> Issue Type: Bug
>Affects Versions: 1.6
> Environment: Linux, maven 3.2.5
>Reporter: Angelo D.
>Priority: Minor
>
> I have multiple GPG keys in my keyring and I'd like to select a specific one
> for signing. Each key has a different passphrase, stored encrypted in my
> local settings.xml file.
> {code:xml}
>
> gpg.passphrase
> ...
>
>
> my.signing.key
> ...
>
> {code}
> My gpg configuration in the project's pom.xml file hase
> {code:xml}
> ...
>
> my.signing.key
> my.signing.key
>
> ...
> {code}
> If I try to sign my artifacts with this configuration I get an error
> {noformat}
> [INFO] --- maven-gpg-plugin:1.6:sign (default-cli) @ client ---
> gpg: skipped "my.key": bad passphrase
> gpg: signing failed: bad passphrase
> {noformat}
> If I remove the {{gpg.passphrase}} server from the settings everything works
> fine.
--
This message was sent by Atlassian Jira
(v8.20.10#820010)
[jira] [Closed] (MGPG-73) Sorry, no terminal at all requested - can't get input
[
https://issues.apache.org/jira/browse/MGPG-73?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel
]
Sylwester Lachiewicz closed MGPG-73.
Resolution: Duplicate
> Sorry, no terminal at all requested - can't get input
> -
>
> Key: MGPG-73
> URL: https://issues.apache.org/jira/browse/MGPG-73
> Project: Maven GPG Plugin
> Issue Type: Bug
>Affects Versions: 3.0.0 (cancelled)
>Reporter: Markus Karg
>Priority: Major
>
> Running "mvn sign" (MGPG 1.7-SNAPSHOT) on public Gitlab.com CI/CD service
> with GnuPG 2.2.12 fails with:
> {{21329 [INFO] --- maven-gpg-plugin:1.7-SNAPSHOT:sign (sign-artifacts) @ cli
> ---}}
> {{*gpg: Sorry, no terminal at all requested - can't get input*}}
> maven-gpg-plugin
> 1.7-SNAPSHOT
> sign-artifacts verify
> sign
>
--
This message was sent by Atlassian Jira
(v8.20.10#820010)
[jira] [Commented] (MGPG-83) Require Maven 3.2.5+
[ https://issues.apache.org/jira/browse/MGPG-83?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=17567647#comment-17567647 ] Hudson commented on MGPG-83: Build failed in Jenkins: Maven » Maven TLP » maven-gpg-plugin » master #10 See https://ci-maven.apache.org/job/Maven/job/maven-box/job/maven-gpg-plugin/job/master/10/ > Require Maven 3.2.5+ > > > Key: MGPG-83 > URL: https://issues.apache.org/jira/browse/MGPG-83 > Project: Maven GPG Plugin > Issue Type: Dependency upgrade >Reporter: Sylwester Lachiewicz >Priority: Major > -- This message was sent by Atlassian Jira (v8.20.10#820010)
[jira] [Updated] (MGPG-87) NullPointerException when gpg not installed
[
https://issues.apache.org/jira/browse/MGPG-87?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel
]
Sylwester Lachiewicz updated MGPG-87:
-
Fix Version/s: 3.1.0
> NullPointerException when gpg not installed
> ---
>
> Key: MGPG-87
> URL: https://issues.apache.org/jira/browse/MGPG-87
> Project: Maven GPG Plugin
> Issue Type: Bug
>Affects Versions: 3.0.1
>Reporter: Dave Wichers
>Priority: Major
> Fix For: 3.1.0
>
>
> If you don't have gpg installed at all, you get the exception below when
> trying to use the mvn-gpg-plugin:
> Can you please update this to explain what the problem is and not throw an
> Exception? For example, "gpg must be installed to use this plugin."
> For other errors, error messages like: "no gpg.keyname/passphrase found in
> settings.xml", or no gpg key specified in settings.xml, or whatever, to help
> explain what the actual problem is.
> {*}Caused by{*}: java.lang.NullPointerException
> *at* org.apache.maven.plugins.gpg.GpgSigner.generateSignatureForFile
> ({*}GpgSigner.java:73{*})
> *at*
> org.apache.maven.plugins.gpg.AbstractGpgSigner.generateSignatureForArtifact
> ({*}AbstractGpgSigner.java:203{*})
> *at* org.apache.maven.plugins.gpg.GpgSignAttachedMojo.execute
> ({*}GpgSignAttachedMojo.java:143{*})
> *at* org.apache.maven.plugin.DefaultBuildPluginManager.executeMojo
> ({*}DefaultBuildPluginManager.java:137{*})
> *at* org.apache.maven.lifecycle.internal.MojoExecutor.doExecute2
> ({*}MojoExecutor.java:370{*})
> *at* org.apache.maven.lifecycle.internal.MojoExecutor.doExecute
> ({*}MojoExecutor.java:351{*})
> *at* org.apache.maven.lifecycle.internal.MojoExecutor.execute
> ({*}MojoExecutor.java:215{*})
> *at* org.apache.maven.lifecycle.internal.MojoExecutor.execute
> ({*}MojoExecutor.java:171{*})
> *at* org.apache.maven.lifecycle.internal.MojoExecutor.execute
> ({*}MojoExecutor.java:163{*})
> *at*
> org.apache.maven.lifecycle.internal.LifecycleModuleBuilder.buildProject
> ({*}LifecycleModuleBuilder.java:117{*})
> *at*
> org.apache.maven.lifecycle.internal.LifecycleModuleBuilder.buildProject
> ({*}LifecycleModuleBuilder.java:81{*})
> *at*
> org.apache.maven.lifecycle.internal.builder.singlethreaded.SingleThreadedBuilder.build
> ({*}SingleThreadedBuilder.java:56{*})
> *at* org.apache.maven.lifecycle.internal.LifecycleStarter.execute
> ({*}LifecycleStarter.java:128{*})
> *at* org.apache.maven.DefaultMaven.doExecute ({*}DefaultMaven.java:294{*})
> *at* org.apache.maven.DefaultMaven.doExecute ({*}DefaultMaven.java:192{*})
> *at* org.apache.maven.DefaultMaven.execute ({*}DefaultMaven.java:105{*})
> *at* org.apache.maven.cli.MavenCli.execute ({*}MavenCli.java:960{*})
> ...
--
This message was sent by Atlassian Jira
(v8.20.10#820010)
[jira] [Assigned] (MGPG-87) NullPointerException when gpg not installed
[
https://issues.apache.org/jira/browse/MGPG-87?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel
]
Sylwester Lachiewicz reassigned MGPG-87:
Assignee: Sylwester Lachiewicz
> NullPointerException when gpg not installed
> ---
>
> Key: MGPG-87
> URL: https://issues.apache.org/jira/browse/MGPG-87
> Project: Maven GPG Plugin
> Issue Type: Bug
>Affects Versions: 3.0.1
>Reporter: Dave Wichers
>Assignee: Sylwester Lachiewicz
>Priority: Major
> Fix For: 3.1.0
>
>
> If you don't have gpg installed at all, you get the exception below when
> trying to use the mvn-gpg-plugin:
> Can you please update this to explain what the problem is and not throw an
> Exception? For example, "gpg must be installed to use this plugin."
> For other errors, error messages like: "no gpg.keyname/passphrase found in
> settings.xml", or no gpg key specified in settings.xml, or whatever, to help
> explain what the actual problem is.
> {*}Caused by{*}: java.lang.NullPointerException
> *at* org.apache.maven.plugins.gpg.GpgSigner.generateSignatureForFile
> ({*}GpgSigner.java:73{*})
> *at*
> org.apache.maven.plugins.gpg.AbstractGpgSigner.generateSignatureForArtifact
> ({*}AbstractGpgSigner.java:203{*})
> *at* org.apache.maven.plugins.gpg.GpgSignAttachedMojo.execute
> ({*}GpgSignAttachedMojo.java:143{*})
> *at* org.apache.maven.plugin.DefaultBuildPluginManager.executeMojo
> ({*}DefaultBuildPluginManager.java:137{*})
> *at* org.apache.maven.lifecycle.internal.MojoExecutor.doExecute2
> ({*}MojoExecutor.java:370{*})
> *at* org.apache.maven.lifecycle.internal.MojoExecutor.doExecute
> ({*}MojoExecutor.java:351{*})
> *at* org.apache.maven.lifecycle.internal.MojoExecutor.execute
> ({*}MojoExecutor.java:215{*})
> *at* org.apache.maven.lifecycle.internal.MojoExecutor.execute
> ({*}MojoExecutor.java:171{*})
> *at* org.apache.maven.lifecycle.internal.MojoExecutor.execute
> ({*}MojoExecutor.java:163{*})
> *at*
> org.apache.maven.lifecycle.internal.LifecycleModuleBuilder.buildProject
> ({*}LifecycleModuleBuilder.java:117{*})
> *at*
> org.apache.maven.lifecycle.internal.LifecycleModuleBuilder.buildProject
> ({*}LifecycleModuleBuilder.java:81{*})
> *at*
> org.apache.maven.lifecycle.internal.builder.singlethreaded.SingleThreadedBuilder.build
> ({*}SingleThreadedBuilder.java:56{*})
> *at* org.apache.maven.lifecycle.internal.LifecycleStarter.execute
> ({*}LifecycleStarter.java:128{*})
> *at* org.apache.maven.DefaultMaven.doExecute ({*}DefaultMaven.java:294{*})
> *at* org.apache.maven.DefaultMaven.doExecute ({*}DefaultMaven.java:192{*})
> *at* org.apache.maven.DefaultMaven.execute ({*}DefaultMaven.java:105{*})
> *at* org.apache.maven.cli.MavenCli.execute ({*}MavenCli.java:960{*})
> ...
--
This message was sent by Atlassian Jira
(v8.20.10#820010)
[jira] [Closed] (MGPG-87) NullPointerException when gpg not installed
[
https://issues.apache.org/jira/browse/MGPG-87?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel
]
Sylwester Lachiewicz closed MGPG-87.
Resolution: Duplicate
> NullPointerException when gpg not installed
> ---
>
> Key: MGPG-87
> URL: https://issues.apache.org/jira/browse/MGPG-87
> Project: Maven GPG Plugin
> Issue Type: Bug
>Affects Versions: 3.0.1
>Reporter: Dave Wichers
>Priority: Major
> Fix For: 3.1.0
>
>
> If you don't have gpg installed at all, you get the exception below when
> trying to use the mvn-gpg-plugin:
> Can you please update this to explain what the problem is and not throw an
> Exception? For example, "gpg must be installed to use this plugin."
> For other errors, error messages like: "no gpg.keyname/passphrase found in
> settings.xml", or no gpg key specified in settings.xml, or whatever, to help
> explain what the actual problem is.
> {*}Caused by{*}: java.lang.NullPointerException
> *at* org.apache.maven.plugins.gpg.GpgSigner.generateSignatureForFile
> ({*}GpgSigner.java:73{*})
> *at*
> org.apache.maven.plugins.gpg.AbstractGpgSigner.generateSignatureForArtifact
> ({*}AbstractGpgSigner.java:203{*})
> *at* org.apache.maven.plugins.gpg.GpgSignAttachedMojo.execute
> ({*}GpgSignAttachedMojo.java:143{*})
> *at* org.apache.maven.plugin.DefaultBuildPluginManager.executeMojo
> ({*}DefaultBuildPluginManager.java:137{*})
> *at* org.apache.maven.lifecycle.internal.MojoExecutor.doExecute2
> ({*}MojoExecutor.java:370{*})
> *at* org.apache.maven.lifecycle.internal.MojoExecutor.doExecute
> ({*}MojoExecutor.java:351{*})
> *at* org.apache.maven.lifecycle.internal.MojoExecutor.execute
> ({*}MojoExecutor.java:215{*})
> *at* org.apache.maven.lifecycle.internal.MojoExecutor.execute
> ({*}MojoExecutor.java:171{*})
> *at* org.apache.maven.lifecycle.internal.MojoExecutor.execute
> ({*}MojoExecutor.java:163{*})
> *at*
> org.apache.maven.lifecycle.internal.LifecycleModuleBuilder.buildProject
> ({*}LifecycleModuleBuilder.java:117{*})
> *at*
> org.apache.maven.lifecycle.internal.LifecycleModuleBuilder.buildProject
> ({*}LifecycleModuleBuilder.java:81{*})
> *at*
> org.apache.maven.lifecycle.internal.builder.singlethreaded.SingleThreadedBuilder.build
> ({*}SingleThreadedBuilder.java:56{*})
> *at* org.apache.maven.lifecycle.internal.LifecycleStarter.execute
> ({*}LifecycleStarter.java:128{*})
> *at* org.apache.maven.DefaultMaven.doExecute ({*}DefaultMaven.java:294{*})
> *at* org.apache.maven.DefaultMaven.doExecute ({*}DefaultMaven.java:192{*})
> *at* org.apache.maven.DefaultMaven.execute ({*}DefaultMaven.java:105{*})
> *at* org.apache.maven.cli.MavenCli.execute ({*}MavenCli.java:960{*})
> ...
--
This message was sent by Atlassian Jira
(v8.20.10#820010)
[GitHub] [maven-gpg-plugin] slachiewicz commented on pull request #19: Bump maven-artifact-transfer from 0.12.0 to 0.13.1
slachiewicz commented on PR #19: URL: https://github.com/apache/maven-gpg-plugin/pull/19#issuecomment-1186526294 @dependabot rebase -- This is an automated message from the Apache Git Service. To respond to the message, please log on to GitHub and use the URL above to go to the specific comment. To unsubscribe, e-mail: issues-unsubscr...@maven.apache.org For queries about this service, please contact Infrastructure at: us...@infra.apache.org
[GitHub] [maven-gpg-plugin] dependabot[bot] commented on pull request #19: Bump maven-artifact-transfer from 0.12.0 to 0.13.1
dependabot[bot] commented on PR #19: URL: https://github.com/apache/maven-gpg-plugin/pull/19#issuecomment-1186526489 Looks like org.apache.maven.shared:maven-artifact-transfer is up-to-date now, so this is no longer needed. -- This is an automated message from the Apache Git Service. To respond to the message, please log on to GitHub and use the URL above to go to the specific comment. To unsubscribe, e-mail: issues-unsubscr...@maven.apache.org For queries about this service, please contact Infrastructure at: us...@infra.apache.org
[GitHub] [maven-gpg-plugin] dependabot[bot] closed pull request #19: Bump maven-artifact-transfer from 0.12.0 to 0.13.1
dependabot[bot] closed pull request #19: Bump maven-artifact-transfer from 0.12.0 to 0.13.1 URL: https://github.com/apache/maven-gpg-plugin/pull/19 -- This is an automated message from the Apache Git Service. To respond to the message, please log on to GitHub and use the URL above to go to the specific comment. To unsubscribe, e-mail: issues-unsubscr...@maven.apache.org For queries about this service, please contact Infrastructure at: us...@infra.apache.org
[GitHub] [maven-gpg-plugin] slachiewicz merged pull request #22: Bump maven-shade-plugin from 3.2.2 to 3.3.0
slachiewicz merged PR #22: URL: https://github.com/apache/maven-gpg-plugin/pull/22 -- This is an automated message from the Apache Git Service. To respond to the message, please log on to GitHub and use the URL above to go to the specific comment. To unsubscribe, e-mail: issues-unsubscr...@maven.apache.org For queries about this service, please contact Infrastructure at: us...@infra.apache.org
[jira] [Commented] (MGPG-86) NullPointerException when gpg executable cannot be found
[
https://issues.apache.org/jira/browse/MGPG-86?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=17567648#comment-17567648
]
Hudson commented on MGPG-86:
Build failed in Jenkins: Maven » Maven TLP » maven-gpg-plugin » master #11
See
https://ci-maven.apache.org/job/Maven/job/maven-box/job/maven-gpg-plugin/job/master/11/
> NullPointerException when gpg executable cannot be found
>
>
> Key: MGPG-86
> URL: https://issues.apache.org/jira/browse/MGPG-86
> Project: Maven GPG Plugin
> Issue Type: Bug
>Affects Versions: 1.5, 1.6, 3.0.1
> Environment: linux, macos
>Reporter: Chas Honton
>Assignee: Sylwester Lachiewicz
>Priority: Major
> Fix For: 3.1.0
>
>
> {noformat}
> [ERROR] Failed to execute goal
> org.apache.maven.plugins:maven-gpg-plugin:3.0.1:sign (sign-artifacts) on
> project git-tag-maven-plugin: Execution sign-artifacts of goal
> org.apache.maven.plugins:maven-gpg-plugin:3.0.1:sign failed.:
> NullPointerException -> [Help 1]
> org.apache.maven.lifecycle.LifecycleExecutionException: Failed to execute
> goal org.apache.maven.plugins:maven-gpg-plugin:3.0.1:sign (sign-artifacts) on
> project git-tag-maven-plugin: Execution sign-artifacts of goal
> org.apache.maven.plugins:maven-gpg-plugin:3.0.1:sign failed.
> at org.apache.maven.lifecycle.internal.MojoExecutor.doExecute
> (MojoExecutor.java:306)
> at org.apache.maven.lifecycle.internal.MojoExecutor.execute
> (MojoExecutor.java:211)
> at org.apache.maven.lifecycle.internal.MojoExecutor.execute
> (MojoExecutor.java:165)
> at org.apache.maven.lifecycle.internal.MojoExecutor.execute
> (MojoExecutor.java:157)
> at
> org.apache.maven.lifecycle.internal.LifecycleModuleBuilder.buildProject
> (LifecycleModuleBuilder.java:121)
> at
> org.apache.maven.lifecycle.internal.LifecycleModuleBuilder.buildProject
> (LifecycleModuleBuilder.java:81)
> at
> org.apache.maven.lifecycle.internal.builder.singlethreaded.SingleThreadedBuilder.build
> (SingleThreadedBuilder.java:56)
> at org.apache.maven.lifecycle.internal.LifecycleStarter.execute
> (LifecycleStarter.java:127)
> at org.apache.maven.DefaultMaven.doExecute (DefaultMaven.java:294)
> at org.apache.maven.DefaultMaven.doExecute (DefaultMaven.java:192)
> at org.apache.maven.DefaultMaven.execute (DefaultMaven.java:105)
> at org.apache.maven.cli.MavenCli.execute (MavenCli.java:960)
> at org.apache.maven.cli.MavenCli.doMain (MavenCli.java:293)
> at org.apache.maven.cli.MavenCli.main (MavenCli.java:196)
> at jdk.internal.reflect.NativeMethodAccessorImpl.invoke0 (Native Method)
> at jdk.internal.reflect.NativeMethodAccessorImpl.invoke
> (NativeMethodAccessorImpl.java:62)
> at jdk.internal.reflect.DelegatingMethodAccessorImpl.invoke
> (DelegatingMethodAccessorImpl.java:43)
> at java.lang.reflect.Method.invoke (Method.java:566)
> at org.codehaus.plexus.classworlds.launcher.Launcher.launchEnhanced
> (Launcher.java:282)
> at org.codehaus.plexus.classworlds.launcher.Launcher.launch
> (Launcher.java:225)
> at org.codehaus.plexus.classworlds.launcher.Launcher.mainWithExitCode
> (Launcher.java:406)
> at org.codehaus.plexus.classworlds.launcher.Launcher.main
> (Launcher.java:347)
> Caused by: org.apache.maven.plugin.PluginExecutionException: Execution
> sign-artifacts of goal org.apache.maven.plugins:maven-gpg-plugin:3.0.1:sign
> failed.
> at org.apache.maven.plugin.DefaultBuildPluginManager.executeMojo
> (DefaultBuildPluginManager.java:148)
> at org.apache.maven.lifecycle.internal.MojoExecutor.doExecute
> (MojoExecutor.java:301)
> at org.apache.maven.lifecycle.internal.MojoExecutor.execute
> (MojoExecutor.java:211)
> at org.apache.maven.lifecycle.internal.MojoExecutor.execute
> (MojoExecutor.java:165)
> at org.apache.maven.lifecycle.internal.MojoExecutor.execute
> (MojoExecutor.java:157)
> at
> org.apache.maven.lifecycle.internal.LifecycleModuleBuilder.buildProject
> (LifecycleModuleBuilder.java:121)
> at
> org.apache.maven.lifecycle.internal.LifecycleModuleBuilder.buildProject
> (LifecycleModuleBuilder.java:81)
> at
> org.apache.maven.lifecycle.internal.builder.singlethreaded.SingleThreadedBuilder.build
> (SingleThreadedBuilder.java:56)
> at org.apache.maven.lifecycle.internal.LifecycleStarter.execute
> (LifecycleStarter.java:127)
> at org.apache.maven.DefaultMaven.doExecute (DefaultMaven.java:294)
> at org.apache.maven.DefaultMaven.doExecute (DefaultMaven.java:192)
> at org.apache.maven.DefaultMaven.execute (DefaultMaven.java:105)
> at org.apache.maven.cli.MavenCli.execute (MavenCli.java:960)
> at org.apache.maven.cli.MavenCli.doMain (MavenCli.java:293)
> at org.apache.maven.cli.MavenCli.main (MavenCli.java:196
[GitHub] [maven-gpg-plugin] slachiewicz merged pull request #23: Bump maven-invoker from 3.1.0 to 3.2.0
slachiewicz merged PR #23: URL: https://github.com/apache/maven-gpg-plugin/pull/23 -- This is an automated message from the Apache Git Service. To respond to the message, please log on to GitHub and use the URL above to go to the specific comment. To unsubscribe, e-mail: issues-unsubscr...@maven.apache.org For queries about this service, please contact Infrastructure at: us...@infra.apache.org
[GitHub] [maven-gpg-plugin] slachiewicz closed pull request #18: Bump mavenVersion from 3.0 to 3.8.6
slachiewicz closed pull request #18: Bump mavenVersion from 3.0 to 3.8.6 URL: https://github.com/apache/maven-gpg-plugin/pull/18 -- This is an automated message from the Apache Git Service. To respond to the message, please log on to GitHub and use the URL above to go to the specific comment. To unsubscribe, e-mail: issues-unsubscr...@maven.apache.org For queries about this service, please contact Infrastructure at: us...@infra.apache.org
[GitHub] [maven-gpg-plugin] dependabot[bot] commented on pull request #18: Bump mavenVersion from 3.0 to 3.8.6
dependabot[bot] commented on PR #18: URL: https://github.com/apache/maven-gpg-plugin/pull/18#issuecomment-1186527077 OK, I won't notify you again about this release, but will get in touch when a new version is available. You can also ignore all major, minor, or patch releases for a dependency by adding an [`ignore` condition](https://docs.github.com/en/code-security/supply-chain-security/configuration-options-for-dependency-updates#ignore) with the desired `update_types` to your config file. If you change your mind, just re-open this PR and I'll resolve any conflicts on it. -- This is an automated message from the Apache Git Service. To respond to the message, please log on to GitHub and use the URL above to go to the specific comment. To unsubscribe, e-mail: issues-unsubscr...@maven.apache.org For queries about this service, please contact Infrastructure at: us...@infra.apache.org
[GitHub] [maven-gpg-plugin] slachiewicz merged pull request #24: Bump plexus-utils from 3.3.0 to 3.4.2
slachiewicz merged PR #24: URL: https://github.com/apache/maven-gpg-plugin/pull/24 -- This is an automated message from the Apache Git Service. To respond to the message, please log on to GitHub and use the URL above to go to the specific comment. To unsubscribe, e-mail: issues-unsubscr...@maven.apache.org For queries about this service, please contact Infrastructure at: us...@infra.apache.org
[jira] [Created] (MGPG-89) Upgrade parent POM to version 36
Sylwester Lachiewicz created MGPG-89: Summary: Upgrade parent POM to version 36 Key: MGPG-89 URL: https://issues.apache.org/jira/browse/MGPG-89 Project: Maven GPG Plugin Issue Type: Task Reporter: Sylwester Lachiewicz -- This message was sent by Atlassian Jira (v8.20.10#820010)
[jira] [Updated] (MGPG-89) Upgrade parent POM to version 36
[ https://issues.apache.org/jira/browse/MGPG-89?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ] Sylwester Lachiewicz updated MGPG-89: - Fix Version/s: 3.1.0 > Upgrade parent POM to version 36 > > > Key: MGPG-89 > URL: https://issues.apache.org/jira/browse/MGPG-89 > Project: Maven GPG Plugin > Issue Type: Task >Reporter: Sylwester Lachiewicz >Priority: Minor > Fix For: 3.1.0 > > -- This message was sent by Atlassian Jira (v8.20.10#820010)
[GitHub] [maven-dist-tool] dependabot[bot] opened a new pull request, #5: Bump mvnversion from 3.0.5 to 3.3.9
dependabot[bot] opened a new pull request, #5: URL: https://github.com/apache/maven-dist-tool/pull/5 Bumps `mvnversion` from 3.0.5 to 3.3.9. Updates `maven-plugin-api` from 3.0.5 to 3.3.9 Commits https://github.com/apache/maven/commit/bb52d8502b132ec0a5a3f4c09453c07478323dc5";>bb52d85 [maven-release-plugin] prepare release maven-3.3.9 https://github.com/apache/maven/commit/cf2f373ddb38215f7122f743d381ead7e346ed2d";>cf2f373 [MNG-5882] Nonportable shell constructs cause bin/mvn errors on Debian https://github.com/apache/maven/commit/1953284925616e691fb881c5e3fa8fbdd1830385";>1953284 [MNG-5840] A regression had crept in and was missed as the intergration tests... https://github.com/apache/maven/commit/2f7daeff5802174c7b4ff8a4d2ac019b6406d03b";>2f7daef [MNG-5871] refactoring: improved empty urls handling https://github.com/apache/maven/commit/406a46fd83e9b620d34e5f49cc132e06a3a00898";>406a46f [maven-release-plugin] prepare for next development iteration https://github.com/apache/maven/commit/cdd15915eb4b74ccab621e51aff9ada4f455a627";>cdd1591 [maven-release-plugin] prepare release maven-3.3.8 https://github.com/apache/maven/commit/f684761dee739b4ec8a7e6db5a0a6a0b809e66c9";>f684761 Fix for urls being empty in the POM and causing an out of bounds exception https://github.com/apache/maven/commit/508d97ec87526d5e308df0857c21546b4024801f";>508d97e [maven-release-plugin] prepare for next development iteration https://github.com/apache/maven/commit/d48a49b3539e66e073e35cc6a5137a94d16465f2";>d48a49b [maven-release-plugin] prepare release maven-3.3.7 https://github.com/apache/maven/commit/b6c9bee1b60ff8ad142651052fb7729cfd206be3";>b6c9bee [MNG-5915] Upgrade Wagon version to 2.10 Additional commits viewable in https://github.com/apache/maven/compare/maven-3.0.5...maven-3.3.9";>compare view Updates `maven-core` from 3.0.5 to 3.3.9 Commits https://github.com/apache/maven/commit/bb52d8502b132ec0a5a3f4c09453c07478323dc5";>bb52d85 [maven-release-plugin] prepare release maven-3.3.9 https://github.com/apache/maven/commit/cf2f373ddb38215f7122f743d381ead7e346ed2d";>cf2f373 [MNG-5882] Nonportable shell constructs cause bin/mvn errors on Debian https://github.com/apache/maven/commit/1953284925616e691fb881c5e3fa8fbdd1830385";>1953284 [MNG-5840] A regression had crept in and was missed as the intergration tests... https://github.com/apache/maven/commit/2f7daeff5802174c7b4ff8a4d2ac019b6406d03b";>2f7daef [MNG-5871] refactoring: improved empty urls handling https://github.com/apache/maven/commit/406a46fd83e9b620d34e5f49cc132e06a3a00898";>406a46f [maven-release-plugin] prepare for next development iteration https://github.com/apache/maven/commit/cdd15915eb4b74ccab621e51aff9ada4f455a627";>cdd1591 [maven-release-plugin] prepare release maven-3.3.8 https://github.com/apache/maven/commit/f684761dee739b4ec8a7e6db5a0a6a0b809e66c9";>f684761 Fix for urls being empty in the POM and causing an out of bounds exception https://github.com/apache/maven/commit/508d97ec87526d5e308df0857c21546b4024801f";>508d97e [maven-release-plugin] prepare for next development iteration https://github.com/apache/maven/commit/d48a49b3539e66e073e35cc6a5137a94d16465f2";>d48a49b [maven-release-plugin] prepare release maven-3.3.7 https://github.com/apache/maven/commit/b6c9bee1b60ff8ad142651052fb7729cfd206be3";>b6c9bee [MNG-5915] Upgrade Wagon version to 2.10 Additional commits viewable in https://github.com/apache/maven/compare/maven-3.0.5...maven-3.3.9";>compare view Updates `maven-compat` from 3.0.5 to 3.3.9 Commits https://github.com/apache/maven/commit/bb52d8502b132ec0a5a3f4c09453c07478323dc5";>bb52d85 [maven-release-plugin] prepare release maven-3.3.9 https://github.com/apache/maven/commit/cf2f373ddb38215f7122f743d381ead7e346ed2d";>cf2f373 [MNG-5882] Nonportable shell constructs cause bin/mvn errors on Debian https://github.com/apache/maven/commit/1953284925616e691fb881c5e3fa8fbdd1830385";>1953284 [MNG-5840] A regression had crept in and was missed as the intergration tests... https://github.com/apache/maven/commit/2f7daeff5802174c7b4ff8a4d2ac019b6406d03b";>2f7daef [MNG-5871] refactoring: improved empty urls handling https://github.com/apache/maven/commit/406a46fd83e9b620d34e5f49cc132e06a3a00898";>406a46f [maven-release-plugin] prepare for next development iteration https://github.com/apache/maven/commit/cdd15915eb4b74ccab621e51aff9ada4f455a627";>cdd1591 [maven-release-plugin] prepare release maven-3.3.8 https://github.com/apache/maven/commit/f684761dee739b4ec8a7e6db5a0a6a0b809e66c9";>f684761 Fix for urls being empty in the POM and causing an out of bounds exception https://github.com/apache/maven/commit/508d97ec87526d5e308df0857c21546b4024801f";>508d97e [maven-release-plugin] prepare for next development iteration https://github.com/apache/maven/commit/d48a49b3539e
[GitHub] [maven-dist-tool] dependabot[bot] opened a new pull request, #6: Bump maven-plugin-plugin from 3.6.2 to 3.6.4
dependabot[bot] opened a new pull request, #6: URL: https://github.com/apache/maven-dist-tool/pull/6 Bumps [maven-plugin-plugin](https://github.com/apache/maven-plugin-tools) from 3.6.2 to 3.6.4. Commits https://github.com/apache/maven-plugin-tools/commit/33eb6d9df8be0e9cd0ac9b684741382b3d0e0fc7";>33eb6d9 [maven-release-plugin] prepare release maven-plugin-tools-3.6.4 https://github.com/apache/maven-plugin-tools/commit/c8ddcdcb10d342a5a5e2f38245bb569af5730c7c";>c8ddcdc [MPLUGIN-387] Bump Ant to 1.9.16 https://github.com/apache/maven-plugin-tools/commit/f14830dba00667fc661a520557fcdff6a8b0d1ad";>f14830d [MPLUGIN-387] Bump xmlunit to 1.6 https://github.com/apache/maven-plugin-tools/commit/036fdebb5cdbab68d79550cc6a0991f2a96ce4c8";>036fdeb [MPLUGIN-387] Bump plexus-compiler-manager to 2.8.8 https://github.com/apache/maven-plugin-tools/commit/d296e04045026716f1fba5d296a0dd4330cc7f92";>d296e04 [MPLUGIN-387] Switch from fest-assert to AssertJ 2.9.1 https://github.com/apache/maven-plugin-tools/commit/9ff352cc5680fe4e672dd99d0ff9160fc51a1317";>9ff352c [MPLUGIN-387] Bump plexus-archiver to 4.2.5 https://github.com/apache/maven-plugin-tools/commit/f6461047666e7c2dc0103042088825fd6a16a8ab";>f646104 [MPLUGIN-387] Upgrade BeanShell to 2.0b6 https://github.com/apache/maven-plugin-tools/commit/db1803198a77a40917a533e70ece7f066b783bf1";>db18031 [MPLUGIN-387] Bump junit to 4.13.2 https://github.com/apache/maven-plugin-tools/commit/c7ae057613aab21957197f93d33d6c0e2eb55bf8";>c7ae057 Added Dependabot configuration https://github.com/apache/maven-plugin-tools/commit/86d870fbc4a3aa1cd3b8da8a2fde015e5e8dfe43";>86d870f [MPLUGIN-387] Upgrade Doxia/Doxia Tools to 1.11.1 Additional commits viewable in https://github.com/apache/maven-plugin-tools/compare/maven-plugin-tools-3.6.2...maven-plugin-tools-3.6.4";>compare view [](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores) Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting `@dependabot rebase`. [//]: # (dependabot-automerge-start) [//]: # (dependabot-automerge-end) --- Dependabot commands and options You can trigger Dependabot actions by commenting on this PR: - `@dependabot rebase` will rebase this PR - `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it - `@dependabot merge` will merge this PR after your CI passes on it - `@dependabot squash and merge` will squash and merge this PR after your CI passes on it - `@dependabot cancel merge` will cancel a previously requested merge and block automerging - `@dependabot reopen` will reopen this PR if it is closed - `@dependabot close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually - `@dependabot ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself) -- This is an automated message from the Apache Git Service. To respond to the message, please log on to GitHub and use the URL above to go to the specific comment. To unsubscribe, e-mail: issues-unsubscr...@maven.apache.org For queries about this service, please contact Infrastructure at: us...@infra.apache.org
[GitHub] [maven-dist-tool] dependabot[bot] opened a new pull request, #7: Bump maven-reporting-impl from 3.0.0 to 3.1.0
dependabot[bot] opened a new pull request, #7: URL: https://github.com/apache/maven-dist-tool/pull/7 Bumps [maven-reporting-impl](https://github.com/apache/maven-reporting-impl) from 3.0.0 to 3.1.0. Commits https://github.com/apache/maven-reporting-impl/commit/7f2f24fa712e06c07f3249ded7c8b6d04c559d17";>7f2f24f [maven-release-plugin] prepare release maven-reporting-impl-3.1.0 https://github.com/apache/maven-reporting-impl/commit/ddaac1486d58af185b2d065e09616e5704d5dd32";>ddaac14 Update plugins in 'use-as-site-report' IT https://github.com/apache/maven-reporting-impl/commit/6b019596a05295eb4cc32d83fd8d7e169fc4deee";>6b01959 [MSHARED-1028] Upgrade Maven Reporting API to 3.1.0 https://github.com/apache/maven-reporting-impl/commit/b3b09afb4007ca3d76a89508a468f96eff03c804";>b3b09af [MSHARED-1027] Update Doxia to 1.11.1 and Doxia Sitetools to 1.11.1 https://github.com/apache/maven-reporting-impl/commit/6554ad35fb05b17d283e4bdfb81226c1d5e701f0";>6554ad3 Remove old Maven 2 profile https://github.com/apache/maven-reporting-impl/commit/b39d1623a8ef9aea62178ab153b0eb45700582c8";>b39d162 Revert "Prepare for Doxia 2.0.0" https://github.com/apache/maven-reporting-impl/commit/26f9664b4b2542438fa95c9feb229b26d7329e53";>26f9664 Prepare for Doxia 2.0.0 https://github.com/apache/maven-reporting-impl/commit/9050da0e7c2defed851621b62c0160b52716ba11";>9050da0 update CI url https://github.com/apache/maven-reporting-impl/commit/e75769bc8a8a3a7b70c60a489a6c659acc45aff9";>e75769b Bump junit from 4.13 to 4.13.1 https://github.com/apache/maven-reporting-impl/commit/e5b314f649012e587682604eb17214084c046928";>e5b314f Merge pull request https://github-redirect.dependabot.com/apache/maven-reporting-impl/issues/2";>#2 from apache/elharo-patch-1 Additional commits viewable in https://github.com/apache/maven-reporting-impl/compare/maven-reporting-impl-3.0.0...maven-reporting-impl-3.1.0";>compare view [](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores) Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting `@dependabot rebase`. [//]: # (dependabot-automerge-start) [//]: # (dependabot-automerge-end) --- Dependabot commands and options You can trigger Dependabot actions by commenting on this PR: - `@dependabot rebase` will rebase this PR - `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it - `@dependabot merge` will merge this PR after your CI passes on it - `@dependabot squash and merge` will squash and merge this PR after your CI passes on it - `@dependabot cancel merge` will cancel a previously requested merge and block automerging - `@dependabot reopen` will reopen this PR if it is closed - `@dependabot close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually - `@dependabot ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself) -- This is an automated message from the Apache Git Service. To respond to the message, please log on to GitHub and use the URL above to go to the specific comment. To unsubscribe, e-mail: issues-unsubscr...@maven.apache.org For queries about this service, please contact Infrastructure at: us...@infra.apache.org
[GitHub] [maven-dist-tool] dependabot[bot] opened a new pull request, #8: Bump maven-project-info-reports-plugin from 3.1.1 to 3.4.0
dependabot[bot] opened a new pull request, #8: URL: https://github.com/apache/maven-dist-tool/pull/8 Bumps [maven-project-info-reports-plugin](https://github.com/apache/maven-project-info-reports-plugin) from 3.1.1 to 3.4.0. Commits https://github.com/apache/maven-project-info-reports-plugin/commit/85082c4989caa0119a36c26f81af9374c544a1e0";>85082c4 [maven-release-plugin] prepare release maven-project-info-reports-plugin-3.4.0 https://github.com/apache/maven-project-info-reports-plugin/commit/90f65c278974570de088b2bb58852a001739cea8";>90f65c2 [MPIR-422] Stop overriding AbstractMavenReport#execute() https://github.com/apache/maven-project-info-reports-plugin/commit/91d0efec3c94f1ad4f58913b5060a0237c66b3c0";>91d0efe [MPIR-421] Make all ITs with site.xml use an explicit skin https://github.com/apache/maven-project-info-reports-plugin/commit/384637630e36619ade5a8999ea01dc006b125058";>3846376 [MPIR-420] Uprade dependencies https://github.com/apache/maven-project-info-reports-plugin/commit/eeb81c8660fabecc5465b5ba514402737933f55c";>eeb81c8 [MPIR-407] Provide a way to map license names https://github.com/apache/maven-project-info-reports-plugin/commit/9430070ae3545ea15dff9cbcce649de33b89260e";>9430070 [MPIR-418] Add some i18n properties for zh_CH completely https://github.com/apache/maven-project-info-reports-plugin/commit/1c669e756fd33b115736347a795aadd87d9767f3";>1c669e7 [maven-release-plugin] prepare for next development iteration https://github.com/apache/maven-project-info-reports-plugin/commit/563a0b261722719f9bf6ead946f3d5e30ef611c8";>563a0b2 [maven-release-plugin] prepare release maven-project-info-reports-plugin-3.3.0 https://github.com/apache/maven-project-info-reports-plugin/commit/9549763fbbdea2ee504412b06c2df1d14c25cb4a";>9549763 [MPIR-416] Upgrade maven-dependency-tree to 3.1.0 https://github.com/apache/maven-project-info-reports-plugin/commit/eab4f24d5cfc44aa91f62bde51e5f8001b36334f";>eab4f24 [MPIR-417] Upgrade Parent to 36 Additional commits viewable in https://github.com/apache/maven-project-info-reports-plugin/compare/maven-project-info-reports-plugin-3.1.1...maven-project-info-reports-plugin-3.4.0";>compare view [](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores) Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting `@dependabot rebase`. [//]: # (dependabot-automerge-start) [//]: # (dependabot-automerge-end) --- Dependabot commands and options You can trigger Dependabot actions by commenting on this PR: - `@dependabot rebase` will rebase this PR - `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it - `@dependabot merge` will merge this PR after your CI passes on it - `@dependabot squash and merge` will squash and merge this PR after your CI passes on it - `@dependabot cancel merge` will cancel a previously requested merge and block automerging - `@dependabot reopen` will reopen this PR if it is closed - `@dependabot close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually - `@dependabot ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself) -- This is an automated message from the Apache Git Service. To respond to the message, please log on to GitHub and use the URL above to go to the specific comment. To unsubscribe, e-mail: issues-unsubscr...@maven.apache.org For queries about this service, please contact Infrastructure at: us...@infra.apache.org
[GitHub] [maven-dist-tool] dependabot[bot] opened a new pull request, #9: Bump jsoup from 1.13.1 to 1.15.2
dependabot[bot] opened a new pull request, #9: URL: https://github.com/apache/maven-dist-tool/pull/9 Bumps [jsoup](https://github.com/jhy/jsoup) from 1.13.1 to 1.15.2. Release notes Sourced from https://github.com/jhy/jsoup/releases";>jsoup's releases. jsoup 1.15.2 is out now with a bunch of https://jsoup.org/news/release-1.15.2";>improvements and bug fixes. jsoup 1.15.1 is out now with a bunch of https://jsoup.org/news/release-1.15.1";>improvements and bug fixes. jsoup 1.14.3 jsoup 1.14.3 is out now, adding native XPath selector support, improved \ support, and also includes a bunch of bug fixes, improvements, and performance enhancements. See the https://jsoup.org/news/release-1.14.3";>release announcement for the full changelog. jsoup 1.14.2 Caught by the fuzz! jsoup 1.14.2 is out now, and includes a set of parser bug fixes and improvements for handling rough HTML and XML, as identified by the Jazzer JVM fuzzer. This release also includes other fixes and improvements. See the https://jsoup.org/news/release-1.14.2";>release announcement for the full changelog. jsoup 1.14.1 jsoup 1.14.1 is out now, with simple request session management, increased parse robustness, and a ton of other improvements, speed-ups, and bug fixes. See the full https://jsoup.org/news/release-1.14.1";>announcement for all the details on what's changed. Changelog Sourced from https://github.com/jhy/jsoup/blob/master/CHANGES";>jsoup's changelog. jsoup changelog Release 1.15.3 [PENDING] Improvement: the Cleaner will preserve the source position of cleaned elements, if source tracking is enabled in the original parse. *** Release 1.15.2 [2022-Jul-04] Improvement: added the ability to track the position (line, column, index) in the original input source from where a given node was parsed. Accessible via Node.sourceRange() and Element.endSourceRange(). https://github-redirect.dependabot.com/jhy/jsoup/pull/1790";>jhy/jsoup#1790 Improvement: added Element.firstElementChild(), Element.lastElementChild(), Node.firstChild(), Node.lastChild(), as convenient accessors to those child nodes and elements. Improvement: added Element.expectFirst(cssQuery), which is just like Element.selectFirst(), but instead of returning a null if there is no match, will throw an IllegalArgumentException. This is useful if you want to simply abort processing if an expected match is not found. Improvement: when pretty-printing HTML, doctypes are emitted on a newline if there is a preceding comment. https://github-redirect.dependabot.com/jhy/jsoup/pull/1664";>jhy/jsoup#1664 Improvement: when pretty-printing, trim the leading and trailing spaces of textnodes in block tags when possible, so that they are indented correctly. https://github-redirect.dependabot.com/jhy/jsoup/issues/1798";>jhy/jsoup#1798 Improvement: in Element#selectXpath(), disable namespace awareness. This makes it possible to always select elements by their simple local name, regardless of whether an xmlns attribute was set. https://github-redirect.dependabot.com/jhy/jsoup/issues/1801";>jhy/jsoup#1801 Bugfix: when using the readToByteBuffer method, such as in Connection.Response.body(), if the document has not already been parsed and must be read fully, and there is any maximum buffer size being applied, only the default internal buffer size is read. https://github-redirect.dependabot.com/jhy/jsoup/issues/1774";>jhy/jsoup#1774 Bugfix: when serializing HTML, newlines in elements descending from a pre tag were incorrectly skipped. That caused what should have been preformatted output to instead be a run of text. https://github-redirect.dependabot.com/jhy/jsoup/issues/1776";>jhy/jsoup#1776 Bugfix: when pretty-print serializing HTML, newlines separating phrasing content (e.g. a tag within a tag would be incorrectly skipped, instead of normalized to a space. Additionally, improved space normalization between other end of line occurences, and whitespace handling after a closing https://github-redirect.dependabot.com/jhy/jsoup/issues/1787";>jhy/jsoup#1787 *** Release 1.15.1 [2022-May-15] Change: removed previously deprecated methods and classes (including org.jsoup.safety.Whitelist; use org.jsoup.safety.Safelist instead). Improvement: when converting jsoup Documents to W3C Documents in W3CDom, preserve HTML valid attribute names if the input document is using the HTML syntax. (Previously, would always coerce using the more restrictive XML syntax.) https://github-redirect.dependabot.com/jhy/jsoup/pull/1648";>jhy/jsoup#1648 ... (truncated) Commits https://github.com/jhy/jsoup/commit/d9566b5340487cd319660b553af11b60f5c8060a";>d9566b5 [maven-rele
[GitHub] [maven-dist-tool] dependabot[bot] commented on pull request #4: Bump jsoup from 1.13.1 to 1.14.2
dependabot[bot] commented on PR #4: URL: https://github.com/apache/maven-dist-tool/pull/4#issuecomment-1186534464 Superseded by #9. -- This is an automated message from the Apache Git Service. To respond to the message, please log on to GitHub and use the URL above to go to the specific comment. To unsubscribe, e-mail: issues-unsubscr...@maven.apache.org For queries about this service, please contact Infrastructure at: us...@infra.apache.org
[GitHub] [maven-dist-tool] dependabot[bot] closed pull request #4: Bump jsoup from 1.13.1 to 1.14.2
dependabot[bot] closed pull request #4: Bump jsoup from 1.13.1 to 1.14.2 URL: https://github.com/apache/maven-dist-tool/pull/4 -- This is an automated message from the Apache Git Service. To respond to the message, please log on to GitHub and use the URL above to go to the specific comment. To unsubscribe, e-mail: issues-unsubscr...@maven.apache.org For queries about this service, please contact Infrastructure at: us...@infra.apache.org
[GitHub] [maven-dist-tool] slachiewicz closed pull request #5: Bump mvnversion from 3.0.5 to 3.3.9
slachiewicz closed pull request #5: Bump mvnversion from 3.0.5 to 3.3.9 URL: https://github.com/apache/maven-dist-tool/pull/5 -- This is an automated message from the Apache Git Service. To respond to the message, please log on to GitHub and use the URL above to go to the specific comment. To unsubscribe, e-mail: issues-unsubscr...@maven.apache.org For queries about this service, please contact Infrastructure at: us...@infra.apache.org
[GitHub] [maven-dist-tool] dependabot[bot] commented on pull request #5: Bump mvnversion from 3.0.5 to 3.3.9
dependabot[bot] commented on PR #5: URL: https://github.com/apache/maven-dist-tool/pull/5#issuecomment-1186536296 OK, I won't notify you again about this release, but will get in touch when a new version is available. You can also ignore all major, minor, or patch releases for a dependency by adding an [`ignore` condition](https://docs.github.com/en/code-security/supply-chain-security/configuration-options-for-dependency-updates#ignore) with the desired `update_types` to your config file. If you change your mind, just re-open this PR and I'll resolve any conflicts on it. -- This is an automated message from the Apache Git Service. To respond to the message, please log on to GitHub and use the URL above to go to the specific comment. To unsubscribe, e-mail: issues-unsubscr...@maven.apache.org For queries about this service, please contact Infrastructure at: us...@infra.apache.org
[GitHub] [maven-dist-tool] slachiewicz closed pull request #6: Bump maven-plugin-plugin from 3.6.2 to 3.6.4
slachiewicz closed pull request #6: Bump maven-plugin-plugin from 3.6.2 to 3.6.4 URL: https://github.com/apache/maven-dist-tool/pull/6 -- This is an automated message from the Apache Git Service. To respond to the message, please log on to GitHub and use the URL above to go to the specific comment. To unsubscribe, e-mail: issues-unsubscr...@maven.apache.org For queries about this service, please contact Infrastructure at: us...@infra.apache.org
[GitHub] [maven-dist-tool] dependabot[bot] commented on pull request #6: Bump maven-plugin-plugin from 3.6.2 to 3.6.4
dependabot[bot] commented on PR #6: URL: https://github.com/apache/maven-dist-tool/pull/6#issuecomment-1186536348 OK, I won't notify you again about this release, but will get in touch when a new version is available. If you'd rather skip all updates until the next major or minor version, let me know by commenting `@dependabot ignore this major version` or `@dependabot ignore this minor version`. You can also ignore all major, minor, or patch releases for a dependency by adding an [`ignore` condition](https://docs.github.com/en/code-security/supply-chain-security/configuration-options-for-dependency-updates#ignore) with the desired `update_types` to your config file. If you change your mind, just re-open this PR and I'll resolve any conflicts on it. -- This is an automated message from the Apache Git Service. To respond to the message, please log on to GitHub and use the URL above to go to the specific comment. To unsubscribe, e-mail: issues-unsubscr...@maven.apache.org For queries about this service, please contact Infrastructure at: us...@infra.apache.org
[GitHub] [maven-dist-tool] slachiewicz closed pull request #7: Bump maven-reporting-impl from 3.0.0 to 3.1.0
slachiewicz closed pull request #7: Bump maven-reporting-impl from 3.0.0 to 3.1.0 URL: https://github.com/apache/maven-dist-tool/pull/7 -- This is an automated message from the Apache Git Service. To respond to the message, please log on to GitHub and use the URL above to go to the specific comment. To unsubscribe, e-mail: issues-unsubscr...@maven.apache.org For queries about this service, please contact Infrastructure at: us...@infra.apache.org
[GitHub] [maven-dist-tool] dependabot[bot] commented on pull request #7: Bump maven-reporting-impl from 3.0.0 to 3.1.0
dependabot[bot] commented on PR #7: URL: https://github.com/apache/maven-dist-tool/pull/7#issuecomment-1186536402 OK, I won't notify you again about this release, but will get in touch when a new version is available. If you'd rather skip all updates until the next major or minor version, let me know by commenting `@dependabot ignore this major version` or `@dependabot ignore this minor version`. You can also ignore all major, minor, or patch releases for a dependency by adding an [`ignore` condition](https://docs.github.com/en/code-security/supply-chain-security/configuration-options-for-dependency-updates#ignore) with the desired `update_types` to your config file. If you change your mind, just re-open this PR and I'll resolve any conflicts on it. -- This is an automated message from the Apache Git Service. To respond to the message, please log on to GitHub and use the URL above to go to the specific comment. To unsubscribe, e-mail: issues-unsubscr...@maven.apache.org For queries about this service, please contact Infrastructure at: us...@infra.apache.org
[GitHub] [maven-dist-tool] slachiewicz closed pull request #8: Bump maven-project-info-reports-plugin from 3.1.1 to 3.4.0
slachiewicz closed pull request #8: Bump maven-project-info-reports-plugin from 3.1.1 to 3.4.0 URL: https://github.com/apache/maven-dist-tool/pull/8 -- This is an automated message from the Apache Git Service. To respond to the message, please log on to GitHub and use the URL above to go to the specific comment. To unsubscribe, e-mail: issues-unsubscr...@maven.apache.org For queries about this service, please contact Infrastructure at: us...@infra.apache.org
[GitHub] [maven-dist-tool] dependabot[bot] commented on pull request #8: Bump maven-project-info-reports-plugin from 3.1.1 to 3.4.0
dependabot[bot] commented on PR #8: URL: https://github.com/apache/maven-dist-tool/pull/8#issuecomment-1186536435 OK, I won't notify you again about this release, but will get in touch when a new version is available. If you'd rather skip all updates until the next major or minor version, let me know by commenting `@dependabot ignore this major version` or `@dependabot ignore this minor version`. You can also ignore all major, minor, or patch releases for a dependency by adding an [`ignore` condition](https://docs.github.com/en/code-security/supply-chain-security/configuration-options-for-dependency-updates#ignore) with the desired `update_types` to your config file. If you change your mind, just re-open this PR and I'll resolve any conflicts on it. -- This is an automated message from the Apache Git Service. To respond to the message, please log on to GitHub and use the URL above to go to the specific comment. To unsubscribe, e-mail: issues-unsubscr...@maven.apache.org For queries about this service, please contact Infrastructure at: us...@infra.apache.org
[GitHub] [maven-gpg-plugin] slachiewicz closed pull request #21: Bump maven-plugins from 34 to 36
slachiewicz closed pull request #21: Bump maven-plugins from 34 to 36 URL: https://github.com/apache/maven-gpg-plugin/pull/21 -- This is an automated message from the Apache Git Service. To respond to the message, please log on to GitHub and use the URL above to go to the specific comment. To unsubscribe, e-mail: issues-unsubscr...@maven.apache.org For queries about this service, please contact Infrastructure at: us...@infra.apache.org
[GitHub] [maven-gpg-plugin] dependabot[bot] commented on pull request #21: Bump maven-plugins from 34 to 36
dependabot[bot] commented on PR #21: URL: https://github.com/apache/maven-gpg-plugin/pull/21#issuecomment-1186540214 OK, I won't notify you again about this release, but will get in touch when a new version is available. If you'd rather skip all updates until the next major or minor version, let me know by commenting `@dependabot ignore this major version` or `@dependabot ignore this minor version`. You can also ignore all major, minor, or patch releases for a dependency by adding an [`ignore` condition](https://docs.github.com/en/code-security/supply-chain-security/configuration-options-for-dependency-updates#ignore) with the desired `update_types` to your config file. If you change your mind, just re-open this PR and I'll resolve any conflicts on it. -- This is an automated message from the Apache Git Service. To respond to the message, please log on to GitHub and use the URL above to go to the specific comment. To unsubscribe, e-mail: issues-unsubscr...@maven.apache.org For queries about this service, please contact Infrastructure at: us...@infra.apache.org
[GitHub] [maven-gpg-plugin] slachiewicz closed pull request #20: Bump maven-resolver-util from 1.4.1 to 1.8.1
slachiewicz closed pull request #20: Bump maven-resolver-util from 1.4.1 to 1.8.1 URL: https://github.com/apache/maven-gpg-plugin/pull/20 -- This is an automated message from the Apache Git Service. To respond to the message, please log on to GitHub and use the URL above to go to the specific comment. To unsubscribe, e-mail: issues-unsubscr...@maven.apache.org For queries about this service, please contact Infrastructure at: us...@infra.apache.org
[GitHub] [maven-gpg-plugin] dependabot[bot] commented on pull request #20: Bump maven-resolver-util from 1.4.1 to 1.8.1
dependabot[bot] commented on PR #20: URL: https://github.com/apache/maven-gpg-plugin/pull/20#issuecomment-1186540274 OK, I won't notify you again about this release, but will get in touch when a new version is available. If you'd rather skip all updates until the next major or minor version, let me know by commenting `@dependabot ignore this major version` or `@dependabot ignore this minor version`. You can also ignore all major, minor, or patch releases for a dependency by adding an [`ignore` condition](https://docs.github.com/en/code-security/supply-chain-security/configuration-options-for-dependency-updates#ignore) with the desired `update_types` to your config file. If you change your mind, just re-open this PR and I'll resolve any conflicts on it. -- This is an automated message from the Apache Git Service. To respond to the message, please log on to GitHub and use the URL above to go to the specific comment. To unsubscribe, e-mail: issues-unsubscr...@maven.apache.org For queries about this service, please contact Infrastructure at: us...@infra.apache.org
[jira] [Closed] (MGPG-89) Upgrade parent POM to version 36
[ https://issues.apache.org/jira/browse/MGPG-89?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ] Sylwester Lachiewicz closed MGPG-89. Resolution: Fixed > Upgrade parent POM to version 36 > > > Key: MGPG-89 > URL: https://issues.apache.org/jira/browse/MGPG-89 > Project: Maven GPG Plugin > Issue Type: Task >Reporter: Sylwester Lachiewicz >Priority: Minor > Fix For: 3.1.0 > > -- This message was sent by Atlassian Jira (v8.20.10#820010)
[GitHub] [maven-scm] kwin commented on pull request #153: [SCM-945] Update to JGit 5.13.1 leveraging Apache Mina SSHD
kwin commented on PR #153: URL: https://github.com/apache/maven-scm/pull/153#issuecomment-1186541689 > I mean that you can now supply an expliclt key which wasn't supported by now This is not part of this PR either. I will provide one for that separately. -- This is an automated message from the Apache Git Service. To respond to the message, please log on to GitHub and use the URL above to go to the specific comment. To unsubscribe, e-mail: issues-unsubscr...@maven.apache.org For queries about this service, please contact Infrastructure at: us...@infra.apache.org
[jira] [Commented] (MGPG-89) Upgrade parent POM to version 36
[ https://issues.apache.org/jira/browse/MGPG-89?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=17567661#comment-17567661 ] Hudson commented on MGPG-89: Build succeeded in Jenkins: Maven » Maven TLP » maven-gpg-plugin » master #15 See https://ci-maven.apache.org/job/Maven/job/maven-box/job/maven-gpg-plugin/job/master/15/ > Upgrade parent POM to version 36 > > > Key: MGPG-89 > URL: https://issues.apache.org/jira/browse/MGPG-89 > Project: Maven GPG Plugin > Issue Type: Task >Reporter: Sylwester Lachiewicz >Priority: Minor > Fix For: 3.1.0 > > -- This message was sent by Atlassian Jira (v8.20.10#820010)
[jira] [Commented] (SCM-945) Support OpenSSH private keys with maven-scm-provider-jgit
[
https://issues.apache.org/jira/browse/SCM-945?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=17567659#comment-17567659
]
ASF GitHub Bot commented on SCM-945:
kwin commented on PR #153:
URL: https://github.com/apache/maven-scm/pull/153#issuecomment-1186541689
> I mean that you can now supply an expliclt key which wasn't supported by
now
This is not part of this PR either. I will provide one for that separately.
> Support OpenSSH private keys with maven-scm-provider-jgit
> -
>
> Key: SCM-945
> URL: https://issues.apache.org/jira/browse/SCM-945
> Project: Maven SCM
> Issue Type: Bug
> Components: maven-scm-provider-jgit
>Affects Versions: 1.11.2
>Reporter: Konrad Windszus
>Assignee: Michael Osipov
>Priority: Major
>
> For SSH based authentication with private keys in the OpenSSH format the
> following error is being emitted: {{invalid privatekey: ...}}
> This is due to the use of JGit 4.5.4
> (https://github.com/apache/maven-scm/blob/c5eb2c187568809e0dc0ea9ac83031f1dcb5ad1a/maven-scm-providers/maven-scm-providers-git/maven-scm-provider-jgit/pom.xml#L53)
> which used JSch which lacks support for those private keys. JGit 5.2 comes
> with a new SSH implementation
> (https://bugs.eclipse.org/bugs/show_bug.cgi?id=520927) and should by that
> also support OpenSSH private keys.
--
This message was sent by Atlassian Jira
(v8.20.10#820010)
