dependabot[bot] opened a new pull request #46:
URL: https://github.com/apache/maven-site-plugin/pull/46
Bumps `mavenVersion` from 3.0.5 to 3.8.1.
Updates `maven-artifact` from 3.0.5 to 3.8.1
Commits
https://github.com/apache/maven/commit/05c21c65bdfed0f71a2f2ada8b84da59348c4
I agree, maven does not need to concern itself with branches as long as it
stays fairly forward drop-in compatible.
Having said that, things like changing the policy for handling http might not
be that drop-in, but on the other hand it’s just a config option and does not
require complicated (pl
More than likely you will get whatever the next version number happens to be. I
can’t think of a case where Maven needed to go back and patch a prior release.
That could happen however, if Maven was modified to require Java 11 to run and
a security fix had to be applied to the last version supp
The Apache Maven team is pleased to announce the release of the Apache Maven
3.8.1
Apache Maven is a software project management and comprehension tool. Based on
the concept
of a project object model (POM), Maven can manage a project's build, reporting
and documentation
from a central piece of
Le dim. 4 avr. 2021 à 14:10, Robert Scholte a écrit :
> To me all releases can contain security fixes.
> Depending on the risk of the CVE we can decide to do a release with only
> those fixes (see Maven 3.0.5 and 3.8.1)
>
I get that but it does not help users to pick versions and to get any
stab
Hi,
The vote has passed with the following result:
+1 : Mark Derricutt, Maarten Mulders, Enrico Olivelli, Romain Manni-Bucau,
Arnaud Héritier, Hervé BOUTEMY, Robert Scholte, Olivier Lamy
PMC quorum: reached
I will continue the release process.
On 30-3-2021 22:58:56, Robert Scholte wrote:
Hi,
To me all releases can contain security fixes.
Depending on the risk of the CVE we can decide to do a release with only those
fixes (see Maven 3.0.5 and 3.8.1)
Robert
On 4-4-2021 12:14:39, Romain Manni-Bucau wrote:
Le dim. 4 avr. 2021 à 12:09, Robert Scholte a écrit :
> I doubt we can or shoul
Le dim. 4 avr. 2021 à 12:09, Robert Scholte a écrit :
> I doubt we can or should make any promises, only intentions.
> If we would have it, I wonder if it cover our choice to skip 3.7.0.
> To me we need to keep that flexibility.
>
> I want to reverse the approach: what could users expect as diffe
I doubt we can or should make any promises, only intentions.
If we would have it, I wonder if it cover our choice to skip 3.7.0.
To me we need to keep that flexibility.
I want to reverse the approach: what could users expect as differences between
version x and y.
For Maven shouldn't be more com
Hi Elliotte,
My goal is to write what we can promise and users can rely on to work.
If we can only promise any major release will get all security fixes
whatever are the minor/patch versions, be it.
I just want what we do to be explicit.
Hervé proposed to reference history page of website, it can
10 matches
Mail list logo
