[jira] [Commented] (SUREFIRE-2220) SurefireForkChannel#getForkNodeConnectionString() returns invalid URI string if localHost resolves to IPv6 address
[
https://issues.apache.org/jira/browse/SUREFIRE-2220?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=17794939#comment-17794939
]
ASF GitHub Bot commented on SUREFIRE-2220:
--
michael-o closed pull request #697: [SUREFIRE-2220]
SurefireForkChannel#getForkNodeConnectionString() ret…
URL: https://github.com/apache/maven-surefire/pull/697
> SurefireForkChannel#getForkNodeConnectionString() returns invalid URI string
> if localHost resolves to IPv6 address
> --
>
> Key: SUREFIRE-2220
> URL: https://issues.apache.org/jira/browse/SUREFIRE-2220
> Project: Maven Surefire
> Issue Type: Bug
> Components: process forking
>Affects Versions: 3.2.2
>Reporter: Lutz Neugebauer
>Assignee: Michael Osipov
>Priority: Major
> Fix For: 3.2.3
>
>
> [SurefireForkChannel.getForkNodeConnectionString|https://github.com/apache/maven-surefire/blob/2d7675397e884b18d59a596c004e73982368ee7c/maven-surefire-common/src/main/java/org/apache/maven/plugin/surefire/extensions/SurefireForkChannel.java#L114]
> returns invalid URI string if localhost is an IPv6 address literal:
> {code:java}
> public String getForkNodeConnectionString() {
> return "tcp://" + localHost + ":" + localPort + (isBlank(sessionId) ?
> "" : "?sessionId=" + sessionId);
> } {code}
> localHost is initialized from
> [InetSocketAddress.getHostString()|https://docs.oracle.com/en/java/javase/17/docs/api/java.base/java/net/InetSocketAddress.html#getHostString()]
> at
> [SurefireForkChannel.SurefireForkChannel()|https://github.com/apache/maven-surefire/blob/2d7675397e884b18d59a596c004e73982368ee7c/maven-surefire-common/src/main/java/org/apache/maven/plugin/surefire/extensions/SurefireForkChannel.java#L100]
> which may return "... the String form of the address if it doesn't have a
> hostname (it was created using a literal)."
> If an IPv6 address is returned, then the URI computed is something like
> {code:java}
> tcp://0:0:0:0:0:0:0:1:34398?sessionId=... {code}
> instead of required format (cf.
> [URI.URI()|https://docs.oracle.com/en/java/javase/17/docs/api/java.base/java/net/URI.html#%3Cinit%3E(java.lang.String])
> {code:java}
> tcp://[0:0:0:0:0:0:0:1]:34398?sessionId=... {code}
> At my end the incorrect URI seems to cause hanging build, probably when it is
> consumed at
> [SurefireMasterProcessChannelProcessorFactory.connect()|https://github.com/apache/maven-surefire/blob/2d7675397e884b18d59a596c004e73982368ee7c/surefire-booter/src/main/java/org/apache/maven/surefire/booter/spi/SurefireMasterProcessChannelProcessorFactory.java#L74].
--
This message was sent by Atlassian Jira
(v8.20.10#820010)
Re: [PR] [SUREFIRE-2220] SurefireForkChannel#getForkNodeConnectionString() ret… [maven-surefire]
michael-o closed pull request #697: [SUREFIRE-2220] SurefireForkChannel#getForkNodeConnectionString() ret… URL: https://github.com/apache/maven-surefire/pull/697 -- This is an automated message from the Apache Git Service. To respond to the message, please log on to GitHub and use the URL above to go to the specific comment. To unsubscribe, e-mail: issues-unsubscr...@maven.apache.org For queries about this service, please contact Infrastructure at: us...@infra.apache.org
[jira] [Closed] (SUREFIRE-2220) SurefireForkChannel#getForkNodeConnectionString() returns invalid URI string if localHost resolves to IPv6 address
[
https://issues.apache.org/jira/browse/SUREFIRE-2220?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel
]
Michael Osipov closed SUREFIRE-2220.
Resolution: Fixed
Fixed with
[2d6cbc63cb8f0dc34e3556e0c5a629129d2e7d91|https://gitbox.apache.org/repos/asf?p=maven-surefire.git&a=commit&h=2d6cbc63cb8f0dc34e3556e0c5a629129d2e7d91].
> SurefireForkChannel#getForkNodeConnectionString() returns invalid URI string
> if localHost resolves to IPv6 address
> --
>
> Key: SUREFIRE-2220
> URL: https://issues.apache.org/jira/browse/SUREFIRE-2220
> Project: Maven Surefire
> Issue Type: Bug
> Components: process forking
>Affects Versions: 3.2.2
>Reporter: Lutz Neugebauer
>Assignee: Michael Osipov
>Priority: Major
> Fix For: 3.2.3
>
>
> [SurefireForkChannel.getForkNodeConnectionString|https://github.com/apache/maven-surefire/blob/2d7675397e884b18d59a596c004e73982368ee7c/maven-surefire-common/src/main/java/org/apache/maven/plugin/surefire/extensions/SurefireForkChannel.java#L114]
> returns invalid URI string if localhost is an IPv6 address literal:
> {code:java}
> public String getForkNodeConnectionString() {
> return "tcp://" + localHost + ":" + localPort + (isBlank(sessionId) ?
> "" : "?sessionId=" + sessionId);
> } {code}
> localHost is initialized from
> [InetSocketAddress.getHostString()|https://docs.oracle.com/en/java/javase/17/docs/api/java.base/java/net/InetSocketAddress.html#getHostString()]
> at
> [SurefireForkChannel.SurefireForkChannel()|https://github.com/apache/maven-surefire/blob/2d7675397e884b18d59a596c004e73982368ee7c/maven-surefire-common/src/main/java/org/apache/maven/plugin/surefire/extensions/SurefireForkChannel.java#L100]
> which may return "... the String form of the address if it doesn't have a
> hostname (it was created using a literal)."
> If an IPv6 address is returned, then the URI computed is something like
> {code:java}
> tcp://0:0:0:0:0:0:0:1:34398?sessionId=... {code}
> instead of required format (cf.
> [URI.URI()|https://docs.oracle.com/en/java/javase/17/docs/api/java.base/java/net/URI.html#%3Cinit%3E(java.lang.String])
> {code:java}
> tcp://[0:0:0:0:0:0:0:1]:34398?sessionId=... {code}
> At my end the incorrect URI seems to cause hanging build, probably when it is
> consumed at
> [SurefireMasterProcessChannelProcessorFactory.connect()|https://github.com/apache/maven-surefire/blob/2d7675397e884b18d59a596c004e73982368ee7c/surefire-booter/src/main/java/org/apache/maven/surefire/booter/spi/SurefireMasterProcessChannelProcessorFactory.java#L74].
--
This message was sent by Atlassian Jira
(v8.20.10#820010)
Re: [PR] Apache Lucene 9.9.0 and other minor dependency bumps [maven-indexer]
cstamas commented on code in PR #337: URL: https://github.com/apache/maven-indexer/pull/337#discussion_r1421392650 ## pom.xml: ## @@ -268,7 +267,7 @@ under the License. org.eclipse.jetty jetty-webapp -9.4.51.v20230217 +9.4.53.v20231009 Review Comment: TODO for myself: we should move off EOLd Jetty, probably can lift some code from resolver tests that also did a smooth migration in test used "server" from 9.x to 10.x -- This is an automated message from the Apache Git Service. To respond to the message, please log on to GitHub and use the URL above to go to the specific comment. To unsubscribe, e-mail: issues-unsubscr...@maven.apache.org For queries about this service, please contact Infrastructure at: us...@infra.apache.org
Re: [PR] Apache Lucene 9.9.0 and other minor dependency bumps [maven-indexer]
cstamas commented on code in PR #337: URL: https://github.com/apache/maven-indexer/pull/337#discussion_r1421392520 ## pom.xml: ## @@ -106,9 +105,9 @@ under the License. 0.9.0.M2 6.0.0 -9.8.0 +9.9.0 3.9.5 Review Comment: @mbien could you up this to 3.9.6 please as well? so have it all at once? -- This is an automated message from the Apache Git Service. To respond to the message, please log on to GitHub and use the URL above to go to the specific comment. To unsubscribe, e-mail: issues-unsubscr...@maven.apache.org For queries about this service, please contact Infrastructure at: us...@infra.apache.org
Re: [PR] Bump org.apache.maven.shared:maven-shared-utils from 3.3.4 to 3.4.2 [maven-ear-plugin]
elharo merged PR #102: URL: https://github.com/apache/maven-ear-plugin/pull/102 -- This is an automated message from the Apache Git Service. To respond to the message, please log on to GitHub and use the URL above to go to the specific comment. To unsubscribe, e-mail: issues-unsubscr...@maven.apache.org For queries about this service, please contact Infrastructure at: us...@infra.apache.org
Re: [PR] Bump commons-io:commons-io from 2.11.0 to 2.15.1 [maven-ear-plugin]
elharo merged PR #99: URL: https://github.com/apache/maven-ear-plugin/pull/99 -- This is an automated message from the Apache Git Service. To respond to the message, please log on to GitHub and use the URL above to go to the specific comment. To unsubscribe, e-mail: issues-unsubscr...@maven.apache.org For queries about this service, please contact Infrastructure at: us...@infra.apache.org
Re: [PR] Bump org.codehaus.plexus:plexus-archiver from 4.8.0 to 4.9.0 [maven-ear-plugin]
elharo merged PR #98: URL: https://github.com/apache/maven-ear-plugin/pull/98 -- This is an automated message from the Apache Git Service. To respond to the message, please log on to GitHub and use the URL above to go to the specific comment. To unsubscribe, e-mail: issues-unsubscr...@maven.apache.org For queries about this service, please contact Infrastructure at: us...@infra.apache.org
Re: [PR] Bump org.apache.maven.doxia:doxia-sink-api from 1.11.1 to 1.12.0 [maven-dependency-plugin]
elharo merged PR #353: URL: https://github.com/apache/maven-dependency-plugin/pull/353 -- This is an automated message from the Apache Git Service. To respond to the message, please log on to GitHub and use the URL above to go to the specific comment. To unsubscribe, e-mail: issues-unsubscr...@maven.apache.org For queries about this service, please contact Infrastructure at: us...@infra.apache.org
Re: [PR] Bump commons-io:commons-io from 2.14.0 to 2.15.1 [maven-dependency-plugin]
elharo merged PR #352: URL: https://github.com/apache/maven-dependency-plugin/pull/352 -- This is an automated message from the Apache Git Service. To respond to the message, please log on to GitHub and use the URL above to go to the specific comment. To unsubscribe, e-mail: issues-unsubscr...@maven.apache.org For queries about this service, please contact Infrastructure at: us...@infra.apache.org
Re: [PR] Bump org.jsoup:jsoup from 1.16.2 to 1.17.1 [maven-dependency-plugin]
elharo merged PR #350: URL: https://github.com/apache/maven-dependency-plugin/pull/350 -- This is an automated message from the Apache Git Service. To respond to the message, please log on to GitHub and use the URL above to go to the specific comment. To unsubscribe, e-mail: issues-unsubscr...@maven.apache.org For queries about this service, please contact Infrastructure at: us...@infra.apache.org
[PR] Bump org.apache.maven:maven-core from 3.2.5 to 3.8.1 [maven-dependency-plugin]
dependabot[bot] opened a new pull request, #355: URL: https://github.com/apache/maven-dependency-plugin/pull/355 Bumps [org.apache.maven:maven-core](https://github.com/apache/maven) from 3.2.5 to 3.8.1. Commits https://github.com/apache/maven/commit/05c21c65bdfed0f71a2f2ada8b84da59348c4c5d";>05c21c6 [maven-release-plugin] prepare release maven-3.8.1 https://github.com/apache/maven/commit/d295dc362fe7d7b189b4976a5742a17362eb51a1";>d295dc3 [MNG-7128] keep blocked attribute from mirrors in artifact repositories https://github.com/apache/maven/commit/a46906806a31edb462b935e380a657b6efde6231";>a469068 next version in branch 3.8.x is 3.8.1-SNAPSHOT https://github.com/apache/maven/commit/dad8a3e1c55f34b7949945bc622f26447ddbf4f9";>dad8a3e [maven-release-plugin] prepare for next development iteration https://github.com/apache/maven/commit/6aa1f4acf5d6323e9aa08b763cb9933dc96749b9";>6aa1f4a [maven-release-plugin] prepare release maven-3.8.0 https://github.com/apache/maven/commit/907d53ad3264718f66ff15e1363d76b07dd0c05f";>907d53a [MNG-7118] block HTTP repositories by default https://github.com/apache/maven/commit/899465aeec03753ea91e15a79579eab76369c016";>899465a [MNG-7117] add support for blocked mirror https://github.com/apache/maven/commit/fa79cb22e456cc65522b5bab8c4240fe08c5775f";>fa79cb2 [MNG-7116] add support for mirrorOf external:http:* https://github.com/apache/maven/commit/e5f6634e17362387282b3867c9b23d4b54fea871";>e5f6634 use Maven Resolver 1.6.2 https://github.com/apache/maven/commit/09f77da9b0c39848fe763bdd4a392151eec0d8c3";>09f77da [MNG-7119] Upgrade Maven Wagon to 3.4.3 Additional commits viewable in https://github.com/apache/maven/compare/maven-3.2.5...maven-3.8.1";>compare view [](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores) Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting `@dependabot rebase`. [//]: # (dependabot-automerge-start) [//]: # (dependabot-automerge-end) --- Dependabot commands and options You can trigger Dependabot actions by commenting on this PR: - `@dependabot rebase` will rebase this PR - `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it - `@dependabot merge` will merge this PR after your CI passes on it - `@dependabot squash and merge` will squash and merge this PR after your CI passes on it - `@dependabot cancel merge` will cancel a previously requested merge and block automerging - `@dependabot reopen` will reopen this PR if it is closed - `@dependabot close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually - `@dependabot show ignore conditions` will show all of the ignore conditions of the specified dependency - `@dependabot ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself) You can disable automated security fix PRs for this repo from the [Security Alerts page](https://github.com/apache/maven-dependency-plugin/network/alerts). -- This is an automated message from the Apache Git Service. To respond to the message, please log on to GitHub and use the URL above to go to the specific comment. To unsubscribe, e-mail: issues-unsubscr...@maven.apache.org For queries about this service, please contact Infrastructure at: us...@infra.apache.org
[PR] Bump org.apache.maven:maven-compat from 3.2.5 to 3.8.1 [maven-dependency-plugin]
dependabot[bot] opened a new pull request, #356: URL: https://github.com/apache/maven-dependency-plugin/pull/356 Bumps [org.apache.maven:maven-compat](https://github.com/apache/maven) from 3.2.5 to 3.8.1. Commits https://github.com/apache/maven/commit/05c21c65bdfed0f71a2f2ada8b84da59348c4c5d";>05c21c6 [maven-release-plugin] prepare release maven-3.8.1 https://github.com/apache/maven/commit/d295dc362fe7d7b189b4976a5742a17362eb51a1";>d295dc3 [MNG-7128] keep blocked attribute from mirrors in artifact repositories https://github.com/apache/maven/commit/a46906806a31edb462b935e380a657b6efde6231";>a469068 next version in branch 3.8.x is 3.8.1-SNAPSHOT https://github.com/apache/maven/commit/dad8a3e1c55f34b7949945bc622f26447ddbf4f9";>dad8a3e [maven-release-plugin] prepare for next development iteration https://github.com/apache/maven/commit/6aa1f4acf5d6323e9aa08b763cb9933dc96749b9";>6aa1f4a [maven-release-plugin] prepare release maven-3.8.0 https://github.com/apache/maven/commit/907d53ad3264718f66ff15e1363d76b07dd0c05f";>907d53a [MNG-7118] block HTTP repositories by default https://github.com/apache/maven/commit/899465aeec03753ea91e15a79579eab76369c016";>899465a [MNG-7117] add support for blocked mirror https://github.com/apache/maven/commit/fa79cb22e456cc65522b5bab8c4240fe08c5775f";>fa79cb2 [MNG-7116] add support for mirrorOf external:http:* https://github.com/apache/maven/commit/e5f6634e17362387282b3867c9b23d4b54fea871";>e5f6634 use Maven Resolver 1.6.2 https://github.com/apache/maven/commit/09f77da9b0c39848fe763bdd4a392151eec0d8c3";>09f77da [MNG-7119] Upgrade Maven Wagon to 3.4.3 Additional commits viewable in https://github.com/apache/maven/compare/maven-3.2.5...maven-3.8.1";>compare view [](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores) Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting `@dependabot rebase`. [//]: # (dependabot-automerge-start) [//]: # (dependabot-automerge-end) --- Dependabot commands and options You can trigger Dependabot actions by commenting on this PR: - `@dependabot rebase` will rebase this PR - `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it - `@dependabot merge` will merge this PR after your CI passes on it - `@dependabot squash and merge` will squash and merge this PR after your CI passes on it - `@dependabot cancel merge` will cancel a previously requested merge and block automerging - `@dependabot reopen` will reopen this PR if it is closed - `@dependabot close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually - `@dependabot show ignore conditions` will show all of the ignore conditions of the specified dependency - `@dependabot ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself) You can disable automated security fix PRs for this repo from the [Security Alerts page](https://github.com/apache/maven-dependency-plugin/network/alerts). -- This is an automated message from the Apache Git Service. To respond to the message, please log on to GitHub and use the URL above to go to the specific comment. To unsubscribe, e-mail: issues-unsubscr...@maven.apache.org For queries about this service, please contact Infrastructure at: us...@infra.apache.org
[PR] Bump ch.qos.logback:logback-classic from 1.2.3 to 1.2.13 in /src/it/projects/mdep-204-go-offline-resolve-intermodule/module-2 [maven-dependency-plugin]
dependabot[bot] opened a new pull request, #354: URL: https://github.com/apache/maven-dependency-plugin/pull/354 Bumps [ch.qos.logback:logback-classic](https://github.com/qos-ch/logback) from 1.2.3 to 1.2.13. Commits https://github.com/qos-ch/logback/commit/2648b9e7fbb47426c89b9c93b411c07484e8f277";>2648b9e prepare release 1.2.13 https://github.com/qos-ch/logback/commit/bb095154be011267b64e37a1d401546e7cc2b7c3";>bb09515 fix CVE-2023-6378 https://github.com/qos-ch/logback/commit/45732949bfb845df04cbe65292cf48aaa090cb1d";>4573294 start work on 1.2.13-SNAPSHOT https://github.com/qos-ch/logback/commit/a388193052c298ca87cc64192319df723288c6ab";>a388193 Merge branch 'branch_1.2.x' of github.com:qos-ch/logback into branch_1.2.x https://github.com/qos-ch/logback/commit/de44dc422bc3da1d7808283851324d960b492d4d";>de44dc4 prepare release 1.2.12 https://github.com/qos-ch/logback/commit/ca0cf172f680308938515b8a5d69348759ee947c";>ca0cf17 Merge pull request https://redirect.github.com/qos-ch/logback/issues/532";>#532 from joakime/fix-jetty-requestlog https://github.com/qos-ch/logback/commit/e31609b1980b9ba986344aae3cab7275fa2b4935";>e31609b removed unused files https://github.com/qos-ch/logback/commit/21e29efb284766f386781175b2ba18585b690154";>21e29ef Merge pull request https://redirect.github.com/qos-ch/logback/issues/567";>#567 from spliffone/LOGBACK-1633 https://github.com/qos-ch/logback/commit/e869000e1d5901e6aa6f46cc6575ee2137f15b69";>e869000 fix: published POM file contain the wrong scm URL https://github.com/qos-ch/logback/commit/009ea46cb81a015f2ca312bde6e823581b93b37a";>009ea46 version for next dev cycle Additional commits viewable in https://github.com/qos-ch/logback/compare/v_1.2.3...v_1.2.13";>compare view [](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores) Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting `@dependabot rebase`. [//]: # (dependabot-automerge-start) [//]: # (dependabot-automerge-end) --- Dependabot commands and options You can trigger Dependabot actions by commenting on this PR: - `@dependabot rebase` will rebase this PR - `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it - `@dependabot merge` will merge this PR after your CI passes on it - `@dependabot squash and merge` will squash and merge this PR after your CI passes on it - `@dependabot cancel merge` will cancel a previously requested merge and block automerging - `@dependabot reopen` will reopen this PR if it is closed - `@dependabot close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually - `@dependabot show ignore conditions` will show all of the ignore conditions of the specified dependency - `@dependabot ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself) You can disable automated security fix PRs for this repo from the [Security Alerts page](https://github.com/apache/maven-dependency-plugin/network/alerts). -- This is an automated message from the Apache Git Service. To respond to the message, please log on to GitHub and use the URL above to go to the specific comment. To unsubscribe, e-mail: issues-unsubscr...@maven.apache.org For queries about this service, please contact Infrastructure at: us...@infra.apache.org
Re: [PR] Bump org.apache.maven:maven-core from 3.2.5 to 3.8.1 [maven-dependency-plugin]
elharo closed pull request #355: Bump org.apache.maven:maven-core from 3.2.5 to 3.8.1 URL: https://github.com/apache/maven-dependency-plugin/pull/355 -- This is an automated message from the Apache Git Service. To respond to the message, please log on to GitHub and use the URL above to go to the specific comment. To unsubscribe, e-mail: issues-unsubscr...@maven.apache.org For queries about this service, please contact Infrastructure at: us...@infra.apache.org
Re: [PR] Bump org.apache.maven:maven-core from 3.2.5 to 3.8.1 [maven-dependency-plugin]
dependabot[bot] commented on PR #355: URL: https://github.com/apache/maven-dependency-plugin/pull/355#issuecomment-1848425749 OK, I won't notify you again about this release, but will get in touch when a new version is available. If you'd rather skip all updates until the next major or minor version, let me know by commenting `@dependabot ignore this major version` or `@dependabot ignore this minor version`. You can also ignore all major, minor, or patch releases for a dependency by adding an [`ignore` condition](https://docs.github.com/en/code-security/supply-chain-security/configuration-options-for-dependency-updates#ignore) with the desired `update_types` to your config file. If you change your mind, just re-open this PR and I'll resolve any conflicts on it. -- This is an automated message from the Apache Git Service. To respond to the message, please log on to GitHub and use the URL above to go to the specific comment. To unsubscribe, e-mail: issues-unsubscr...@maven.apache.org For queries about this service, please contact Infrastructure at: us...@infra.apache.org
Re: [PR] Bump org.codehaus.plexus:plexus-archiver from 4.8.0 to 4.9.0 [maven-dependency-plugin]
elharo merged PR #348: URL: https://github.com/apache/maven-dependency-plugin/pull/348 -- This is an automated message from the Apache Git Service. To respond to the message, please log on to GitHub and use the URL above to go to the specific comment. To unsubscribe, e-mail: issues-unsubscr...@maven.apache.org For queries about this service, please contact Infrastructure at: us...@infra.apache.org
Re: [PR] Bump commons-io:commons-io from 2.14.0 to 2.15.1 [maven-dependency-analyzer]
elharo merged PR #100: URL: https://github.com/apache/maven-dependency-analyzer/pull/100 -- This is an automated message from the Apache Git Service. To respond to the message, please log on to GitHub and use the URL above to go to the specific comment. To unsubscribe, e-mail: issues-unsubscr...@maven.apache.org For queries about this service, please contact Infrastructure at: us...@infra.apache.org
Re: [PR] Bump org.apache.commons:commons-text from 1.10.0 to 1.11.0 [maven-shared-utils]
elharo merged PR #169: URL: https://github.com/apache/maven-shared-utils/pull/169 -- This is an automated message from the Apache Git Service. To respond to the message, please log on to GitHub and use the URL above to go to the specific comment. To unsubscribe, e-mail: issues-unsubscr...@maven.apache.org For queries about this service, please contact Infrastructure at: us...@infra.apache.org
Re: [PR] Bump org.apache.maven.shared:maven-shared-components from 39 to 41 [maven-shared-utils]
elharo merged PR #168: URL: https://github.com/apache/maven-shared-utils/pull/168 -- This is an automated message from the Apache Git Service. To respond to the message, please log on to GitHub and use the URL above to go to the specific comment. To unsubscribe, e-mail: issues-unsubscr...@maven.apache.org For queries about this service, please contact Infrastructure at: us...@infra.apache.org
Re: [PR] Bump commons-io:commons-io from 2.13.0 to 2.15.1 [maven-shared-utils]
elharo commented on PR #170: URL: https://github.com/apache/maven-shared-utils/pull/170#issuecomment-1848429667 Error: Failures: Error: XmlStreamReaderTest.testEncodingAttribute:168->checkXmlContent:62->checkXmlContent:74 expected: but was: -- This is an automated message from the Apache Git Service. To respond to the message, please log on to GitHub and use the URL above to go to the specific comment. To unsubscribe, e-mail: issues-unsubscr...@maven.apache.org For queries about this service, please contact Infrastructure at: us...@infra.apache.org
[jira] [Updated] (MRESOLVER-391) Scope mediation improvements
[ https://issues.apache.org/jira/browse/MRESOLVER-391?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ] Tamas Cservenak updated MRESOLVER-391: -- Fix Version/s: (was: 2.0.0) > Scope mediation improvements > > > Key: MRESOLVER-391 > URL: https://issues.apache.org/jira/browse/MRESOLVER-391 > Project: Maven Resolver > Issue Type: Bug > Components: Resolver >Reporter: Tamas Cservenak >Priority: Major > > Original issue description was: "As per MNG-5988: if an artifact in "test" > scope is found nearer, but in scope "compile" is found deeper in graph, the > "test" scope wins. This at runtime may lead to CNFEx." > This is completely wrong premise, and it contains following false assumptions: > * The "test" classpath is superset of "runtime" classpath. Is not. > * (derived from that above) To get "runtime" classpath collect via resolver > "test" classpath and cherry-pick non-"test" (or filter out "test") scoped > nodes. This is not how it works. > * A collected graph can contain both, "test" and "runtime" classpath (implied > with "test scope wins but at runtime..."). There is no "production part" of > "test" graph. Graph is this or that, not both, should not be assumed > "overlapping". > When one asks resolver to collect (or resolve), resolver will perform based > on input. And the result is either this or that, but not both. In fact, the > collected "dirty tree" (graph) cannot even represent both "test" or "runtime" > at the same time! > The reproducers in this issue are actually precise examples showing why it is > impossible. > Hence, this issue should be more like a "discussion" to decide what is right > behavior of resolver in these cases, as for sure there are some edge cases > (like silent version bump from 1.x to 2.x), but still, it does happen per > user instruction (who authors POM), and Resolver does not want to delve into > "compatibility calculation" space, where it can decide is a change > "compatible" or not (like semver and alike). -- This message was sent by Atlassian Jira (v8.20.10#820010)
Re: [PR] [MRESOLVER-335] Proposal for better errors [maven-resolver]
cstamas commented on PR #386: URL: https://github.com/apache/maven-resolver/pull/386#issuecomment-1848597549 Reworked it and is much simpler change (and is even backward compat, so no tampering with japicm needed) -- This is an automated message from the Apache Git Service. To respond to the message, please log on to GitHub and use the URL above to go to the specific comment. To unsubscribe, e-mail: issues-unsubscr...@maven.apache.org For queries about this service, please contact Infrastructure at: us...@infra.apache.org
[jira] [Commented] (MRESOLVER-335) Better resolver errors for Artifact Not Found
[
https://issues.apache.org/jira/browse/MRESOLVER-335?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=17794979#comment-17794979
]
ASF GitHub Bot commented on MRESOLVER-335:
--
cstamas commented on PR #386:
URL: https://github.com/apache/maven-resolver/pull/386#issuecomment-1848597549
Reworked it and is much simpler change (and is even backward compat, so no
tampering with japicm needed)
> Better resolver errors for Artifact Not Found
> -
>
> Key: MRESOLVER-335
> URL: https://issues.apache.org/jira/browse/MRESOLVER-335
> Project: Maven Resolver
> Issue Type: Improvement
> Components: Resolver
>Reporter: Slawomir Jaranowski
>Priority: Major
> Fix For: 2.0.0
>
>
> When we have many remote repositories only first
> {{ArtifactNotFoundException}} is returned, all checks for other repositories
> are hidden.
> When we have errors for many artifacts in one request - list of problematic
> artifacts is present in message and only first exception for one artifact.
> Next case is with remote repository filtering, checks for remote repository
> according to filtering also produce {{ArtifactNotFoundException}}, this is
> done at the beginning so exception is first on list.
> In logs and exception we have:
> {code}
> Downloading from my-mirror:
> https://artifactory.../artifactory/remote-repos/org/apache/commons/commons-lang3/4.4.4/commons-lang3-4.4.4.pom
> [WARNING] The POM for org.apache.commons:commons-lang3:jar:4.4.4 is missing,
> no dependency information available
> Downloading from my-mirror:
> https://artifactory.../artifactory/remote-repos/org/apache/commons/commons-lang3/4.4.4/commons-lang3-4.4.4.jar
> [ERROR] Failed to execute goal on project maven-3.9: Could not resolve
> dependencies for project org.test:maven-3.9:jar:1.0.0-SNAPSHOT: Prefix org
> NOT allowed from mayrepo (https://artifactory.../artifactory/myrepo/,
> default, releases+snapshots)
> {code}
> As we see artefact was not found in {{my-mirror}}, but in error report we
> have information about not allowed prefixes - it can be confusing
--
This message was sent by Atlassian Jira
(v8.20.10#820010)
Re: [PR] Apache Lucene 9.9.0 and other minor dependency bumps [maven-indexer]
mbien commented on code in PR #337: URL: https://github.com/apache/maven-indexer/pull/337#discussion_r1421508426 ## pom.xml: ## @@ -106,9 +105,9 @@ under the License. 0.9.0.M2 6.0.0 -9.8.0 +9.9.0 3.9.5 Review Comment: roger, will update and force push in a sec ## pom.xml: ## @@ -268,7 +267,7 @@ under the License. org.eclipse.jetty jetty-webapp -9.4.51.v20230217 +9.4.53.v20231009 Review Comment: yep. the only reason I didn't change is because I know from running my old blog on a rapsi, that Jetty 10.x changed quite a few tings internally (module system etc and even some property names of the plugin) which can break logging for example. So I didn't want to blindly bump the major version without knowing the usages very well. -- This is an automated message from the Apache Git Service. To respond to the message, please log on to GitHub and use the URL above to go to the specific comment. To unsubscribe, e-mail: issues-unsubscr...@maven.apache.org For queries about this service, please contact Infrastructure at: us...@infra.apache.org
Re: [PR] [MRELEASE-1109] Snapshot detection and support for versions like `${revision}${sha1}${changelist}` [maven-release]
michael-o commented on code in PR #202:
URL: https://github.com/apache/maven-release/pull/202#discussion_r1421564124
##
maven-release-manager/src/main/java/org/apache/maven/shared/release/transform/jdom2/JDomModel.java:
##
@@ -198,7 +199,17 @@ public void setVersion(String version) {
AbstractRewritePomsPhase.extractPropertyFromExpression(versionElement.getTextNormalize());
Properties properties = getProperties();
if (properties != null) {
-properties.computeIfPresent(ciFriendlyPropertyName, (k, v)
-> version);
+String sha1 = properties.getProperty("sha1", "");
+String changelist = properties.getProperty("changelist",
"");
+properties.setProperty(
+ciFriendlyPropertyName,
+// assume that everybody follows the example and
properties are simply chained
+version.replaceAll(sha1,
"").replaceAll(changelist, ""));
Review Comment:
I still consider using a regex method wrong here...
--
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.
To unsubscribe, e-mail: issues-unsubscr...@maven.apache.org
For queries about this service, please contact Infrastructure at:
us...@infra.apache.org
[jira] [Commented] (MRELEASE-1109) update-versions removes the CI-friendly ${revisions}
[
https://issues.apache.org/jira/browse/MRELEASE-1109?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=17794983#comment-17794983
]
ASF GitHub Bot commented on MRELEASE-1109:
--
michael-o commented on code in PR #202:
URL: https://github.com/apache/maven-release/pull/202#discussion_r1421564124
##
maven-release-manager/src/main/java/org/apache/maven/shared/release/transform/jdom2/JDomModel.java:
##
@@ -198,7 +199,17 @@ public void setVersion(String version) {
AbstractRewritePomsPhase.extractPropertyFromExpression(versionElement.getTextNormalize());
Properties properties = getProperties();
if (properties != null) {
-properties.computeIfPresent(ciFriendlyPropertyName, (k, v)
-> version);
+String sha1 = properties.getProperty("sha1", "");
+String changelist = properties.getProperty("changelist",
"");
+properties.setProperty(
+ciFriendlyPropertyName,
+// assume that everybody follows the example and
properties are simply chained
+version.replaceAll(sha1,
"").replaceAll(changelist, ""));
Review Comment:
I still consider using a regex method wrong here...
> update-versions removes the CI-friendly ${revisions}
>
>
> Key: MRELEASE-1109
> URL: https://issues.apache.org/jira/browse/MRELEASE-1109
> Project: Maven Release Plugin
> Issue Type: Bug
> Components: prepare, update-versions
>Affects Versions: 2.5.3, 3.0.0-M7
>Reporter: Marcel Stör
>Assignee: Konrad Windszus
>Priority: Major
> Fix For: next-release
>
>
> Given: a project using CI-friendly versions as per
> [https://maven.apache.org/maven-ci-friendly.html]
> {code:xml}
> ${revision}
> ...
>
> 1.0.0-SNAPSHOT
>
> {code}
> If I run {{mvn release:update-versions}} (with or without
> {{{}-DautoVersionSubmodules=true{}}}) I expect the release plugin to change
> the {{$revision}} property. Instead it blindly replaces
> {{${revision}}} with the hard-coded version set on the CLI.
--
This message was sent by Atlassian Jira
(v8.20.10#820010)
[jira] [Closed] (SUREFIRE-2210) Additional class path ordering broken since 3.2.0
[
https://issues.apache.org/jira/browse/SUREFIRE-2210?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel
]
Michael Osipov closed SUREFIRE-2210.
> Additional class path ordering broken since 3.2.0
> -
>
> Key: SUREFIRE-2210
> URL: https://issues.apache.org/jira/browse/SUREFIRE-2210
> Project: Maven Surefire
> Issue Type: Bug
>Affects Versions: 3.2.1, 3.2.2
>Reporter: David M. Lloyd
>Assignee: Konrad Windszus
>Priority: Critical
> Fix For: 3.2.3
>
>
> Since commit
> [47eb1974ef2fb77c621e5cb0c47ac10ab8f4753d|https://github.com/apache/maven-surefire/commit/47eb1974ef2fb77c621e5cb0c47ac10ab8f4753d]
> ([#667|https://github.com/apache/maven-surefire/pull/667], SUREFIRE-2179),
> the ordering of the {{additionalClasspathElements}} list configuration
> property is no longer preserved. This breaks testing of multi-release JARs,
> where the directories for newer JDKs *must* be strictly ordered *before* the
> directories for older JDKs.
> The problem is likely due to changing the additional class paths collection
> from a `List` to a `Set`, which does not preserve ordering.
> One simple fix could be to change the line {{Set
> additionalClasspathElements = new HashSet<>();}} to construct a
> {{LinkedHashSet}} instead.
> /cc [~kwin] who wrote the original patch back in June.
--
This message was sent by Atlassian Jira
(v8.20.10#820010)
[jira] [Commented] (SUREFIRE-2103) and causing Java heap space issue.
[ https://issues.apache.org/jira/browse/SUREFIRE-2103?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=17794984#comment-17794984 ] Michael Osipov commented on SUREFIRE-2103: -- Is this fixed by SUREFIRE-2212? > and causing Java heap space issue. > - > > Key: SUREFIRE-2103 > URL: https://issues.apache.org/jira/browse/SUREFIRE-2103 > Project: Maven Surefire > Issue Type: Bug > Components: Maven Failsafe Plugin >Affects Versions: 3.0.0-M5, 3.0.0-M6 >Reporter: parita jivani >Priority: Critical > > We have Java test projects, which has different integration and UI tests. We > are upgrading failsafe and surefire version from 2.17 to 3.0.0-M5. After > upgrade few projects were failing with Java heap space. After analysing the > issue, we got to know that failsafe reports creation is causing the memory > issue. Failsafe plugin is writing and elements > with log details. In our case, build logs contains huge data of script > execution logs(around >= 1GB). While creating failsafe report, failsafe > plugin is writing entire logs to *.xml report and causing failure due to java > heap space. > > For issue resolution my suggestion is to get some configuration to > unable/disable option for tags would really help. -- This message was sent by Atlassian Jira (v8.20.10#820010)
[jira] [Updated] (MSHARED-1327) Change default value of output directory in AbstractMavenReport
[
https://issues.apache.org/jira/browse/MSHARED-1327?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel
]
Michael Osipov updated MSHARED-1327:
Summary: Change default value of output directory in AbstractMavenReport
(was: Change output directory default in AbstractMavenReport)
> Change default value of output directory in AbstractMavenReport
> ---
>
> Key: MSHARED-1327
> URL: https://issues.apache.org/jira/browse/MSHARED-1327
> Project: Maven Shared Components
> Issue Type: Improvement
> Components: maven-reporting-impl
>Affects Versions: maven-reporting-impl-4.0.0-M11
>Reporter: Alexander Kriegisch
>Assignee: Michael Osipov
>Priority: Major
> Fix For: maven-reporting-impl-4.0.0-M13
>
>
> The output directory should default to {{${project.build.directory}}} instead
> of {{${project.reporting.outputDirectory}}}. Quoting my reasoning from
> https://github.com/apache/maven-jxr/commit/ae81a34ac616bf7e4ea4fa9d4eb09f0979eaccb1#commitcomment-130639906:
> {quote}
> (...) because the latter is simply wrong IMO. For stand-alone mojo execution,
> a plugin should not mess with Maven Site's default directory. Imagine a
> situation in which each module should get its own, self-consistent report
> when called stand-alone, but the site should contain an aggregate with a
> different structure or maybe no report from that plugin at all. The default
> would then pollute the site directory. This is why on the ML I asked you
> ([~michaelo]), if overriding a {{@Parameter}} annotation on a base class
> field by another {{@Parameter}} annotation on a setter in a subclass it is
> the right or canonical way to implement such a default override.
> BTW, like I also said before, Maven Javadoc Plugin, even though it does not
> use the abstract base class, implements the default correctly: build dir for
> stand-alone, report dir in site generation context.
> {quote}
> The javadoc is, BTW, still correct and does not need to be changed: In a site
> generation context, the reporting base directory will be set here
> automatically without any further changes due to:
> {code:java}
> @Override
> public void setReportOutputDirectory(File reportOutputDirectory) {
> this.reportOutputDirectory = reportOutputDirectory;
> this.outputDirectory = reportOutputDirectory;
> }
> {code}
--
This message was sent by Atlassian Jira
(v8.20.10#820010)
[jira] [Created] (MSHARED-1342) Upgrade plugins and components (in ITs)
Michael Osipov created MSHARED-1342: --- Summary: Upgrade plugins and components (in ITs) Key: MSHARED-1342 URL: https://issues.apache.org/jira/browse/MSHARED-1342 Project: Maven Shared Components Issue Type: Dependency upgrade Components: maven-reporting-impl Reporter: Michael Osipov Assignee: Michael Osipov Fix For: maven-reporting-impl-4.0.0-M13 -- This message was sent by Atlassian Jira (v8.20.10#820010)
[jira] [Updated] (MSHARED-1342) Upgrade plugins and components (in ITs)
[ https://issues.apache.org/jira/browse/MSHARED-1342?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ] Michael Osipov updated MSHARED-1342: Description: * Upgrade to Maven Plugin Tools 3.10.2 * Upgrade to Maven Archiver 3.6.1 * Upgrade to Maven Shared Utils 3.4.2 * Upgrade to Maven Install Plugin 3.1.1 * Upgrade to Maven Site Plugin 4.0.0-M12 * Upgrade to Maven Project Info Reports Plugin 3.5.0 > Upgrade plugins and components (in ITs) > --- > > Key: MSHARED-1342 > URL: https://issues.apache.org/jira/browse/MSHARED-1342 > Project: Maven Shared Components > Issue Type: Dependency upgrade > Components: maven-reporting-impl >Reporter: Michael Osipov >Assignee: Michael Osipov >Priority: Major > Fix For: maven-reporting-impl-4.0.0-M13 > > > * Upgrade to Maven Plugin Tools 3.10.2 > * Upgrade to Maven Archiver 3.6.1 > * Upgrade to Maven Shared Utils 3.4.2 > * Upgrade to Maven Install Plugin 3.1.1 > * Upgrade to Maven Site Plugin 4.0.0-M12 > * Upgrade to Maven Project Info Reports Plugin 3.5.0 -- This message was sent by Atlassian Jira (v8.20.10#820010)
[jira] [Closed] (MSHARED-1342) Upgrade plugins and components (in ITs)
[ https://issues.apache.org/jira/browse/MSHARED-1342?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ] Michael Osipov closed MSHARED-1342. --- Resolution: Fixed Fixed with [acc6b6c14a73043a44d450f03747dca06df719cf|https://gitbox.apache.org/repos/asf?p=maven-reporting-impl.git;a=commit;h=acc6b6c14a73043a44d450f03747dca06df719cf]. > Upgrade plugins and components (in ITs) > --- > > Key: MSHARED-1342 > URL: https://issues.apache.org/jira/browse/MSHARED-1342 > Project: Maven Shared Components > Issue Type: Dependency upgrade > Components: maven-reporting-impl >Reporter: Michael Osipov >Assignee: Michael Osipov >Priority: Major > Fix For: maven-reporting-impl-4.0.0-M13 > > > * Upgrade to Maven Plugin Tools 3.10.2 > * Upgrade to Maven Archiver 3.6.1 > * Upgrade to Maven Shared Utils 3.4.2 > * Upgrade to Maven Install Plugin 3.1.1 > * Upgrade to Maven Site Plugin 4.0.0-M12 > * Upgrade to Maven Project Info Reports Plugin 3.5.0 -- This message was sent by Atlassian Jira (v8.20.10#820010)
