It is probably easier to do a backport of maven-shared-utils with the 
vulnerability fix.

Robert
On 27-6-2021 00:48:00, Michael Osipov <micha...@apache.org> wrote:
Folks,

I have now back ported a lot of issues to maven-3.8.x which aren't
related to resume, producer/consumer, etc. Many are just an output of
Resolver update, no code changes in Maven itself.

The following are open now:
1. MNG-7034: waiting for a backport from gnodet@ since my humble try did
not work
2. Without MNG-6965 I see MNG-7115 constantly.
3. Jansi/maven-shared-utils upgrade:
> https://issues.apache.org/jira/issues/?jql=project%20%3D%2012316922%20AND%20fixVersion%20%3D%2012349448%20%20AND%20(summary%20~%20jansi%20OR%20text%20~%20jansi)%20and%20issuekey%20not%20in%20(MNG-6915%2CMNG-7087%2CMNG-6914)%20ORDER%20BY%20priority%20DESC%2C%20key%20ASC
Looks like a lot, but most are fixed by Jansi upgrade.

Anyone wants to help out with Jansi?

I see no further issues from master worth/possible back porting to
maven-3.8.x. It we can resolve those from above, I'd start a release in
July.

Michael

---------------------------------------------------------------------
To unsubscribe, e-mail: dev-unsubscr...@maven.apache.org
For additional commands, e-mail: dev-h...@maven.apache.org

Reply via email to