On 2011-10-31, Bear Giles wrote:
> I found a few issues (1330) with Fortify. As anyone who's used it knows the
> vast majority of those are of the "but that's what I intended" variety, but
> there were 180 cases of unclosed resource streams and 354 cases of
> potential denial of service.
> In the
Let's do it later. Release early, release often.
Gary
On Oct 31, 2011, at 17:00, Bear Giles wrote:
> I found a few issues (1330) with Fortify. As anyone who's used it knows the
> vast majority of those are of the "but that's what I intended" variety, but
> there were 180 cases of unclosed resou
Quick followup - I know there's also a school of thought that bad
parameters should be passed to the InputStream and let it throw the
exception since it's the method that actually cares about the values.
Maybe a negative offset will have meaning at some point in the future. So
you can argue that t
I found a few issues (1330) with Fortify. As anyone who's used it knows the
vast majority of those are of the "but that's what I intended" variety, but
there were 180 cases of unclosed resource streams and 354 cases of
potential denial of service.
In the first case we all write
InputStream is =
+1
Looks good on Oracle Java 1.6.0_29 and 1.7.0_01, Maven 3.0.3 on Windows 7
64 bit.
Apache Maven 3.0.3 (r1075438; 2011-02-28 12:31:09-0500)
Maven home: C:\Java\apache-maven-3.0.3\bin\..
Java version: 1.7.0_01, vendor: Oracle Corporation
Java home: C:\Program Files\Java\jdk1.7.0_01\jre
Default lo
Stefan Bodewig wrote:
> Hi all,
>
> compared to RC1 Michael Kuss' name has been fixed and he's been added as
> contributor. A bunch of additional tests increased coverage (still some
> areas are not covered but coverage is better than it has been for any
> prior release). A few plugins have bee
+1
Le 28/10/2011 07:14, Stefan Bodewig a écrit :
Hi all,
compared to RC1 Michael Kuss' name has been fixed and he's been added as
contributor. A bunch of additional tests increased coverage (still some
areas are not covered but coverage is better than it has been for any
prior release). A few
On 2011-10-28, Stefan Bodewig wrote:
> Compress 1.3 RC2 is available for review here:
> http://people.apache.org/~bodewig/compress-1.3-RC2/
> Maven artifacts are here:
>
> https://repository.apache.org/content/repositories/orgapachecommons-111/org/apache/commons/commons-compress/1.3/
Hi all,
compared to RC1 Michael Kuss' name has been fixed and he's been added as
contributor. A bunch of additional tests increased coverage (still some
areas are not covered but coverage is better than it has been for any
prior release). A few plugins have been upgraded.
Compress 1.3 RC2 is
