This vote passes with the following binding +1 votes:
- Gary Gregory
- Henri Biestro
- Rob Tompkins
Gary
On Wed, Dec 6, 2023 at 11:39 PM Rob Tompkins wrote:
>
> +1 all looks good
>
> > On Dec 2, 2023, at 10:26 AM, Gary Gregory wrote:
> >
> > We have fixed a few bugs and added some enhancements
On Wed, Dec 6, 2023 at 11:39 PM Rob Tompkins wrote:
>
> +1 all looks good
>
> > On Dec 2, 2023, at 10:26 AM, Gary Gregory wrote:
> >
> > We have fixed a few bugs and added some enhancements since Apache
> > Commons Validator 1.7 was released, so I would like to release Apache
> > Commons Validato
+1 all looks good
> On Dec 2, 2023, at 10:26 AM, Gary Gregory wrote:
>
> We have fixed a few bugs and added some enhancements since Apache
> Commons Validator 1.7 was released, so I would like to release Apache
> Commons Validator 1.8.0.
>
> Apache Commons Validator 1.8.0 RC1 is available for r
[ +1 ]
Built using: mvn -s "$HOME/.m2/commons-settings.xml" -P jacoco -P japicmp
clean package site
On: Darwin henrib-MBP16 23.1.0 Darwin Kernel Version 23.1.0: Mon Oct 9
21:27:24 PDT 2023; root:xnu-10002.41.9~6/RELEASE_ARM64_T6000 arm64
With: OpenJDK Runtime Environment (Zulu 8.66.0.15-CA-mac
My +1
Gary
On Sat, Dec 2, 2023, 10:26 AM Gary Gregory wrote:
> We have fixed a few bugs and added some enhancements since Apache
> Commons Validator 1.7 was released, so I would like to release Apache
> Commons Validator 1.8.0.
>
> Apache Commons Validator 1.8.0 RC1 is available for review her
The claimed security issue on apache commons appears to be broken.
Possibly they're referring to this:
https://news.apache.org/foundation/entry/apache_commons_statement_to_widespread
which did not have a CVE
On Sun, Dec 3, 2023 at 4:11 PM Piotr P. Karwasz wrote:
>
> Hi Elliotte,
>
> On Sun, 3 Dec
Hi Elliotte,
On Sun, 3 Dec 2023 at 14:13, Elliotte Rusty Harold wrote:
>
> https://issues.apache.org/jira/projects/VALIDATOR/issues/VALIDATOR-390
> and https://issues.apache.org/jira/projects/VALIDATOR/issues/VALIDATOR-357
> are both open dependency upgrades with security implications. If
> they'
We just have no idea how public and protected API are used. Binary
compatibility is easy to understand and check. I think we should keep it
that way.
Gary
On Sun, Dec 3, 2023, 9:23 AM Elliotte Rusty Harold
wrote:
> That is annoying. Unless there are much more major breaking changes
> than FastH
That is annoying. Unless there are much more major breaking changes
than FastHashMap planned for 2.0 in the near future, my inclination
would be to kill it and jump straight to 2.0. But if you want to
release 1.8 now, +0.
On Sun, Dec 3, 2023 at 1:39 PM Gary Gregory wrote:
>
> Hello Elliotte,
>
>
Oops, I got the process wrong: A -1 vote on a release candidate is not a veto.
Gary
On Sun, Dec 3, 2023 at 8:39 AM Gary Gregory wrote:
>
> Hello Elliotte,
>
> As Sebb's comments in VALIDATOR-390 point out, this issue can't be
> fixed in the 1.x line, so your -1 would mean that there can't ever b
Hello Elliotte,
As Sebb's comments in VALIDATOR-390 point out, this issue can't be
fixed in the 1.x line, so your -1 would mean that there can't ever be
a 1.x release again. Or am I missing something?
I am happy to switch master a 2.x line after 1.8.0 is out and break
binary compatibility at that
https://issues.apache.org/jira/projects/VALIDATOR/issues/VALIDATOR-390
and https://issues.apache.org/jira/projects/VALIDATOR/issues/VALIDATOR-357
are both open dependency upgrades with security implications. If
they've already been fixed, then please close the issues.
If they haven't been fixed, I
We have fixed a few bugs and added some enhancements since Apache
Commons Validator 1.7 was released, so I would like to release Apache
Commons Validator 1.8.0.
Apache Commons Validator 1.8.0 RC1 is available for review here:
https://dist.apache.org/repos/dist/dev/commons/validator/1.8.0-RC1
(
13 matches
Mail list logo
