Re: [VOTE] Release Apache Maven Reporting Impl version 4.0.0-M10

+1 niedz., 1 paź 2023, 21:47 użytkownik Tamás Cservenák napisał: > +1 > > On Sun, Oct 1, 2023, 20:19 Michael Osipov wrote: > > > Hi, > > > > IMPORTANT: Requires Doxia Sitetools 2.0.0-M12 vote/staging repo! > > > > we solved 3 issues: > > > > > https://issues.apache.org/jira/secure/ReleaseNote.j

Re: [VOTE] Release Apache Maven Doxia Sitetools version 2.0.0-M12

+1 niedz., 1 paź 2023, 21:47 użytkownik Tamás Cservenák napisał: > +1 > > On Sun, Oct 1, 2023, 20:03 Michael Osipov wrote: > > > Hi, > > > > we solved 5 issues: > > > > > https://issues.apache.org/jira/secure/ReleaseNote.jspa?projectId=12317320&version=12353413 > > > > There are still a couple

[RESULT] [VOTE] Release Apache Maven Artifact Plugin version 3.5.0

Hi, The vote has passed with the following result: +1 : Sylwester Lachiewicz, Tamás Cservenák, Michael Osipov, Hervé Boutemy PMC quorum reached I will promote the source release zip file to Apache distribution area and the artifacts to the central repo. -

Fwd: Re: [VOTE] Release Apache Maven Artifact Plugin version 3.5.0

was intended to the list :) -- Message transmis -- Objet : Re: [VOTE] Release Apache Maven Artifact Plugin version 3.5.0 Date : samedi 30 septembre 2023, 18:45:51 CEST De : Michael Osipov À : Hervé Boutemy Am 2023-09-29 um 08:00 schrieb Hervé Boutemy: > Hi, > > We solved 6 i

Re: [VOTE] Release Apache Maven 3.9.5

+1 (works on tested projects and aligned with discussions) Le lun. 2 oct. 2023 à 00:32, Gary Gregory a écrit : > Understood and thank you for the clarification. Seeing the original in a > VOTE thread gave it top much attention IMO. > > Gary > > On Sun, Oct 1, 2023, 4:13 PM Tamás Cservenák wrote

Re: [VOTE] Release Apache Maven 3.9.5

Understood and thank you for the clarification. Seeing the original in a VOTE thread gave it top much attention IMO. Gary On Sun, Oct 1, 2023, 4:13 PM Tamás Cservenák wrote: > Howdy, > > Yes, I agree. > > To rephrase, i meant more like "our focus should be Maven4", meaning, that > IMHO we shoul

Re: [VOTE] Release Apache Maven 3.9.5

Howdy, Yes, I agree. To rephrase, i meant more like "our focus should be Maven4", meaning, that IMHO we should not push new features into 3 anymore (similarly in resolver, all the new features like HTTP/2 are "parked" for resolver 2 [to be used with Maven 4]). I did not say "no more 3.x releases"

Re: [VOTE] Release Apache Maven 3.9.5

>From the peanut gallery, it feels odd to call anything 3.x in maintenance mode when there is not a 4.0. Gary On Sun, Oct 1, 2023, 3:08 PM Tamás Cservenák wrote: > Howdy, > > Note: This release completes the main goals of Maven 3.9.x lineage, among > others moving to Java 8 and transition to la

Re: [VOTE] Release Apache Maven Reporting Impl version 4.0.0-M10

+1 On Sun, Oct 1, 2023, 20:19 Michael Osipov wrote: > Hi, > > IMPORTANT: Requires Doxia Sitetools 2.0.0-M12 vote/staging repo! > > we solved 3 issues: > > https://issues.apache.org/jira/secure/ReleaseNote.jspa?projectId=12317922&version=12353492 > > There are no issues left in JIRA: > > https://

Re: [VOTE] Release Apache Maven Doxia Sitetools version 2.0.0-M12

+1 On Sun, Oct 1, 2023, 20:03 Michael Osipov wrote: > Hi, > > we solved 5 issues: > > https://issues.apache.org/jira/secure/ReleaseNote.jspa?projectId=12317320&version=12353413 > > There are still a couple of issues left in JIRA: > > https://issues.apache.org/jira/issues/?jql=project%20%3D%20123

Re: [VOTE] Release Apache Maven 3.9.5

Am 2023-10-01 um 21:07 schrieb Tamás Cservenák: Howdy, Note: This release completes the main goals of Maven 3.9.x lineage, among others moving to Java 8 and transition to latest Resolver 1.9.x features (new robust transports, local repository locking, provided checksums, remote repository filter

[VOTE] Release Apache Maven 3.9.5

Howdy, Note: This release completes the main goals of Maven 3.9.x lineage, among others moving to Java 8 and transition to latest Resolver 1.9.x features (new robust transports, local repository locking, provided checksums, remote repository filtering and more). Maven Resolver 1.9.x lineage is alr

[VOTE] Release Apache Maven Reporting Impl version 4.0.0-M10

Hi, IMPORTANT: Requires Doxia Sitetools 2.0.0-M12 vote/staging repo! we solved 3 issues: https://issues.apache.org/jira/secure/ReleaseNote.jspa?projectId=12317922&version=12353492 There are no issues left in JIRA: https://issues.apache.org/jira/issues/?jql=project%20%3D%20MSHARED%20AND%20resolu

[VOTE] Release Apache Maven Doxia Sitetools version 2.0.0-M12

Hi, we solved 5 issues: https://issues.apache.org/jira/secure/ReleaseNote.jspa?projectId=12317320&version=12353413 There are still a couple of issues left in JIRA: https://issues.apache.org/jira/issues/?jql=project%20%3D%2012317320%20AND%20status%20%3D%20Open Staging repo: https://repository.ap

Re: verifying signatures, PGP or ... (was Re: [VOTE] Release Apache Maven Artifact Plugin version 3.5.0)

1. I suspect dependabot doesn't work with this. Does it? Is this worth giving up dependabot for? 2. What's the threat model? As best I can make out, someone would have to compromise the dependencies in the local .m2/repo since anything downloaded comes over https and is already signature checked.