Haha, it becomes funny :) What if another vulnerability will be discovered a few days later?
сб, 18 дек. 2021 г. в 18:04, Maxim Muzafarov <mmu...@apache.org>: > Folks, > > > I've found that LOG4J2 2.17.0 version is released [1]. According to > the description and risk mitigation [2] it is recommended the version > update. Since the release has not happened yet I think it is possible > to update the dependency in the 2.11.1 release too. > > > WDYT? > > > [1] https://issues.apache.org/jira/browse/LOG4J2-3230 > [2] https://logging.apache.org/log4j/2.x/security.html > > On Fri, 17 Dec 2021 at 14:20, Petr Ivanov <mr.wei...@gmail.com> wrote: > > > > I've dropped GitBox in favour of GitHub — the build [1] has started. > > > > > > [1] > https://ci.ignite.apache.org/buildConfiguration/Releases_ApacheIgniteMain_ReleaseBuild/6329862 > > > > > On 17 Dec 2021, at 13:24, Maxim Muzafarov <mmu...@apache.org> wrote: > > > > > > Petr, > > > > > > Thank you. > > > > > > Yes, I've added changes related to the new release build actions > > > (IGNITE-15678, IGNITE-15677). The ignite-2.12 branch seems to be > > > working fine, however, at the ignite-2.11.1 the error with "too many > > > requests" appears from time to time. Here is an example of such a > > > build [1]. > > > > > > > > > [1] > https://ci.ignite.apache.org/viewLog.html?buildId=6329858&buildTypeId=Releases_ApacheIgniteMain_ReleaseBuild > > > > > > On Fri, 17 Dec 2021 at 13:20, Petr Ivanov <mr.wei...@gmail.com> wrote: > > >> > > >> Concerning Too many requests error, I see the following problem: > > >> > > >> > > >> Your request has been rate limited, as we have detected excessive > usage from your IP or net block: > > >> 15.575 SECONDS OF TIME SPENT OVER 120 SECONDS, MAX ALLOWED IS 15. > > >> Rate-limits are automatic and reset every two minutes. > > >> If you feel this is in error, please contact the Apache > Infrastructure Team at: us...@infra.apache.org. > > >> > > >> > > >> Can someone check with them about it, please? > > >> > > >>> On 17 Dec 2021, at 13:14, Petr Ivanov <mr.wei...@gmail.com> wrote: > > >>> > > >>> Permissions updated. > > >>> > > >>> > > >>>> On 17 Dec 2021, at 13:09, Petr Ivanov <mr.wei...@gmail.com> wrote: > > >>>> > > >>>> Could you please add links to builds that are malfunctioning? > > >>>> As much as I see here [1] and here [2] — the release build changed > to comply with 2.12 changes that are not merged to 2.11.1 > > >>>> > > >>>> > > >>>> [1] > https://ci.ignite.apache.org/buildConfiguration/Releases_ApacheIgniteMain_ReleaseBuild/6329822 > > >>>> [2] > https://ci.ignite.apache.org/buildConfiguration/Releases_ApacheIgniteMain_ReleaseBuild/6329824 > > >>>> > > >>>>> On 17 Dec 2021, at 12:11, Maxim Muzafarov <mmu...@apache.org> > wrote: > > >>>>> > > >>>>> Hello Petr, > > >>>>> > > >>>>> Can you please assist with configuring the Release Teamcity suite > that > > >>>>> has been changed for 2.x a month ago? These changes haven't been > > >>>>> discussed on the dev-list, so I'm not familiar with them. > > >>>>> > > >>>>> I've faced several issues: > > >>>>> - the default role for Apache Ignite 2.x (Release) suite is `Agent > > >>>>> manager`, however, it seems the right value is `Project developer > and > > >>>>> queue manager`. I've looked through the documentation pages and > > >>>>> doesn't get an idea of how it can be changed. > > >>>>> - there was an issue with the > Releases_ApacheIgniteMain_GitBoxIgnite > > >>>>> that throws `429 too many requests` exception each time a new list > of > > >>>>> branches is fetched. I've changed the poll interval to 180 sec > > >>>>> (default value 60 sec), however, this change doesn't look good > from my > > >>>>> side. What should I do here? > > >>>>> > > >>>>> On Thu, 16 Dec 2021 at 22:09, Вячеслав Коптилин > > >>>>> <slava.kopti...@gmail.com> wrote: > > >>>>>> > > >>>>>> Hi Maxim, > > >>>>>> > > >>>>>> Thanks a lot! > > >>>>>> > > >>>>>>> Check the following links below. > > >>>>>> Looks good to me. > > >>>>>> > > >>>>>> > > >>>>>> чт, 16 дек. 2021 г. в 20:19, Maxim Muzafarov <mmu...@apache.org>: > > >>>>>> > > >>>>>>> Folks, > > >>>>>>> > > >>>>>>> > > >>>>>>> I'm OK with this. Let's go through the fastest way we have. > > >>>>>>> > > >>>>>>> > > >>>>>>> Check the following links below. I'll prepare the vote shortly. > > >>>>>>> > > >>>>>>> Compare branches 2.11 and 2.11.1: > > >>>>>>> > https://github.com/apache/ignite/compare/ignite-2.11...ignite-2.11.1 > > >>>>>>> > > >>>>>>> The release branch: > > >>>>>>> https://github.com/apache/ignite/tree/ignite-2.11.1 > > >>>>>>> > > >>>>>>> JIRA 2.11.1 version: > > >>>>>>> > > >>>>>>> > https://issues.apache.org/jira/issues/?jql=project%20%3D%20IGNITE%20AND%20fixVersion%20%3D%202.11.1 > > >>>>>>> > > >>>>>>> Release notes: > > >>>>>>> > https://github.com/apache/ignite/blob/ignite-2.11.1/RELEASE_NOTES.txt > > >>>>>>> > > >>>>>>> On Thu, 16 Dec 2021 at 19:30, Ilya Kasnacheev < > ilya.kasnach...@gmail.com> > > >>>>>>> wrote: > > >>>>>>>> > > >>>>>>>> Hello! > > >>>>>>>> > > >>>>>>>> I also agree with Stephen. If we wanted to do a stabilization > release we > > >>>>>>>> should unbound it from this urgent fix. > > >>>>>>>> > > >>>>>>>> I wonder why 2.12 is not with us already, given that it was > scheduled to > > >>>>>>> go > > >>>>>>>> out in August. > > >>>>>>>> > > >>>>>>>> Regards, > > >>>>>>>> -- > > >>>>>>>> Ilya Kasnacheev > > >>>>>>>> > > >>>>>>>> > > >>>>>>>> чт, 16 дек. 2021 г. в 19:25, Вячеслав Коптилин < > slava.kopti...@gmail.com > > >>>>>>>> : > > >>>>>>>> > > >>>>>>>>> Hello, > > >>>>>>>>> > > >>>>>>>>>> Given that 2.12 is so close, my preference would be to limit > the > > >>>>>>> scope of > > >>>>>>>>> 2.11.1 to just the log4j update. > > >>>>>>>>> I agree with Stephen. Apache Ignite 2.11.1 is an emergency > release. > > >>>>>>> Using > > >>>>>>>>> log4j 2.16 instead of 2.14 is a quite small change that only > requires a > > >>>>>>>>> "sanity" check and can be quickly released. A wider release > scope > > >>>>>>> requires > > >>>>>>>>> full testing, IMHO. > > >>>>>>>>> > > >>>>>>>>> Thanks, > > >>>>>>>>> S. > > >>>>>>>>> > > >>>>>>>>> > > >>>>>>>>> чт, 16 дек. 2021 г. в 16:03, Maxim Muzafarov < > mmu...@apache.org>: > > >>>>>>>>> > > >>>>>>>>>> I think it is completely possible to move vote/release dates > > >>>>>>>>>> significantly forward with keeping the scope. I will take a > look at > > >>>>>>>>>> the list of fixed bugs more narrowly and exclude some of them > that > > >>>>>>>>>> require additional verification. > > >>>>>>>>>> > > >>>>>>>>>> On Thu, 16 Dec 2021 at 15:55, Stephen Darlington > > >>>>>>>>>> <stephen.darling...@gridgain.com> wrote: > > >>>>>>>>>>> > > >>>>>>>>>>> Given that 2.12 is so close, my preference would be to limit > the > > >>>>>>> scope > > >>>>>>>>>> of 2.11.1 to just the log4j update. Would that help bring the > > >>>>>>>>> vote/release > > >>>>>>>>>> date forward? > > >>>>>>>>>>> > > >>>>>>>>>>>> On 16 Dec 2021, at 12:44, Maxim Muzafarov < > mmu...@apache.org> > > >>>>>>> wrote: > > >>>>>>>>>>>> > > >>>>>>>>>>>> Dear Ignite Community! > > >>>>>>>>>>>> > > >>>>>>>>>>>> I suggest preparing the Apache Ignite 2.11.1 release and I > want > > >>>>>>> to > > >>>>>>>>>>>> propose myself to be the release manager of the minor > release. > > >>>>>>>>>>>> > > >>>>>>>>>>>> > > >>>>>>>>>>>> * RELEASE TIMELINE * > > >>>>>>>>>>>> > > >>>>>>>>>>>> Scope Freeze: December 16, 2021 > > >>>>>>>>>>>> Code Freeze: December 16, 2021 > > >>>>>>>>>>>> Voting Date: December 21, 2021 > > >>>>>>>>>>>> Release Date: December 24, 2021 > > >>>>>>>>>>>> > > >>>>>>>>>>>> > > >>>>>>>>>>>> * RELEASE SCOPE * > > >>>>>>>>>>>> > > >>>>>>>>>>>> LOG4J dependency update > > >>>>>>>>>>>> https://issues.apache.org/jira/browse/IGNITE-16101 > > >>>>>>>>>>>> https://issues.apache.org/jira/browse/IGNITE-16127 > > >>>>>>>>>>>> > > >>>>>>>>>>>> B+Tree Corrupted exception when using a key extracted from a > > >>>>>>>>>> BinaryObject > > >>>>>>>>>>>> https://issues.apache.org/jira/browse/IGNITE-12911 > > >>>>>>>>>>>> > > >>>>>>>>>>>> Regression: Ignite node crash(CorruptedTreeException: > B+Tree is > > >>>>>>>>>> corrupted) > > >>>>>>>>>>>> https://issues.apache.org/jira/browse/IGNITE-15943 > > >>>>>>>>>>>> > > >>>>>>>>>>>> .NET: ClientFailoverSocket sets logger too late, resulting > in > > >>>>>>> null > > >>>>>>>>>>>> loggers downstream > > >>>>>>>>>>>> https://issues.apache.org/jira/browse/IGNITE-14776 > > >>>>>>>>>>>> > > >>>>>>>>>>>> The iterator of the ClientCacheQueryCursor can be closed > during > > >>>>>>>>>> serialization. > > >>>>>>>>>>>> https://issues.apache.org/jira/browse/IGNITE-15346 > > >>>>>>>>>>>> > > >>>>>>>>>>>> Possible owners desync when a node is restarted while > rebalancing > > >>>>>>>>> with > > >>>>>>>>>>>> enabled persistence > > >>>>>>>>>>>> https://issues.apache.org/jira/browse/IGNITE-15315 > > >>>>>>>>>>>> > > >>>>>>>>>>>> Thin client: Tx can fail if there are concurrent tx > rollbacks by > > >>>>>>>>>> timeout > > >>>>>>>>>>>> https://issues.apache.org/jira/browse/IGNITE-15732 > > >>>>>>>>>>>> > > >>>>>>>>>>>> AssertionError: Unexpected rebalance on rebalanced cluster > > >>>>>>>>>>>> https://issues.apache.org/jira/browse/IGNITE-15033 > > >>>>>>>>>>>> > > >>>>>>>>>>>> JmxMetricExporterSpi throws assertion error on a filtered > metric > > >>>>>>>>>> unregister > > >>>>>>>>>>>> https://issues.apache.org/jira/browse/IGNITE-15252 > > >>>>>>>>>>>> > > >>>>>>>>>>>> ClassNotFoundException on an attempt to invoke service > method > > >>>>>>> from > > >>>>>>>>>>>> Java ThinClient after a cluster failover > > >>>>>>>>>>>> https://issues.apache.org/jira/browse/IGNITE-15256 > > >>>>>>>>>>>> > > >>>>>>>>>>>> NullPointerException on an attempt to create a Java > ThinClient > > >>>>>>> with > > >>>>>>>>>>>> BinaryConfiguration > > >>>>>>>>>>>> https://issues.apache.org/jira/browse/IGNITE-15138 > > >>>>>>>>>>>> > > >>>>>>>>>>>> Java thin client: Type name is not cached on client-side for > > >>>>>>>>>>>> OptimizerMarshaller types > > >>>>>>>>>>>> https://issues.apache.org/jira/browse/IGNITE-15924 > > >>>>>>>>>>>> > > >>>>>>>>>>>> select count * returns multiple rows > > >>>>>>>>>>>> https://issues.apache.org/jira/browse/IGNITE-14120 > > >>>>>>>>>>>> > > >>>>>>>>>>>> Fix StackOverflowError in case if an exception is > suppressed with > > >>>>>>>>>> itself > > >>>>>>>>>>>> https://issues.apache.org/jira/browse/IGNITE-15716 > > >>>>>>>>>>>> > > >>>>>>>>>>>> > > >>>>>>>>>>>> WDYT? > > >>>>>>>>>>> > > >>>>>>>>>>> > > >>>>>>>>>> > > >>>>>>>>> > > >>>>>>> > > >>>> > > >>> > > >> > > > -- Sincerely yours, Ivan Daschinskiy
