> I think we need a different approach, IMO: We only want to allow the
> Pack200 tests to fail on Java >= 14. For that, please create a Maven
> profile in the POM that excludes those tests on JAva >= 14. This will allow
> all us to detect problem in all the other tests.
>
+1
I have pushed a PR on
Hi All,
You may have noticed (or nor) that GitHub has a Security [1] tab for our
repositories. On this tab, you can define a Security Policy.[2] in a
SECURITY.md (just like we have a README.md).
I would like to fill this in with the same text we now have here:
https://commons.apache.org/security.
+1 this is a fantastic idea Gary.
On 8/22/2020 9:26 AM, Gary Gregory wrote:
Hi All,
You may have noticed (or nor) that GitHub has a Security [1] tab for our
repositories. On this tab, you can define a Security Policy.[2] in a
SECURITY.md (just like we have a README.md).
I would like to fill th
Actually, maybe our build plugin can generate this page like it generates
others like README.md...
Gary
On Sat, Aug 22, 2020 at 9:26 AM Gary Gregory wrote:
> Hi All,
>
> You may have noticed (or nor) that GitHub has a Security [1] tab for our
> repositories. On this tab, you can define a Securi
Here is a first cut:
https://github.com/apache/commons-io/security/policy
This is pretty much a copy of https://commons.apache.org/security.html with
an extra link, a spelling fix, and slightly different formatting.
Gary
On Sat, Aug 22, 2020 at 9:32 AM Gary Gregory wrote:
> Actually, maybe o
Hi.
2020-08-22 15:26 UTC+02:00, Gary Gregory :
> Hi All,
>
> You may have noticed (or nor) that GitHub has a Security [1] tab for our
> repositories. On this tab, you can define a Security Policy.[2] in a
> SECURITY.md (just like we have a README.md).
>
> I would like to fill this in with the same
Two items: (1) security is different because, well, it seems obvious to me
that anything security related should be as accessible as possible as
opposed to going through an extra hoop and (2) making/keeping our GitHub
presence a first class citizen in how we put a face on the project.
Gary
On Sat
The Apache Commons Team is pleased to announce the availability of
Apache Commons JCS 3.0
Apache Commons JCS is a distributed, versatile caching system.
This has been a major overhaul of JCS with many adjustments for JDK 8+,
better concurrency and logging.
Commons JCS 3.0 requires Java 8 or late
2020-08-22 16:40 UTC+02:00, Gary Gregory :
> Two items: (1) security is different
from what?
> because, well, it seems obvious to me
> that anything security related should be as accessible as possible as
> opposed to going through an extra hoop
YMMV, but IMHO the (unique) "source of truth" is o
I don’t see any harm having more documentation. It’s kinda like the apple
philosophy of trying to make every thing that someone would think of doing on a
computer, actually work like they think it would…right? The more intuitive we
can make things the better we will end up being, I would think.
2020-08-22 16:02 UTC+02:00, Gary Gregory :
> Here is a first cut:
>
> https://github.com/apache/commons-io/security/policy
And here is my suggestion:
https://github.com/apache/commons-rng/security/policy
YMMV,
Gilles
> [...]
--
On Sat, 22 Aug 2020 at 17:13, Gilles Sadowski wrote:
>
> 2020-08-22 16:02 UTC+02:00, Gary Gregory :
> > Here is a first cut:
> >
> > https://github.com/apache/commons-io/security/policy
Why does IO have links to Known Vulnerabilities for Compress,
Collections etc, but not IO?
> And here is my su
On Sat, Aug 22, 2020 at 4:50 PM sebb wrote:
> On Sat, 22 Aug 2020 at 17:13, Gilles Sadowski
> wrote:
> >
> > 2020-08-22 16:02 UTC+02:00, Gary Gregory :
> > > Here is a first cut:
> > >
> > > https://github.com/apache/commons-io/security/policy
>
> Why does IO have links to Known Vulnerabilities
Hi all,
I intent on creating a release candidate for Commons Crypto soon.
I pushed a snapshot today which contains native binaries for Windows 32 and
64, Linux 32 and 64, Mac 64, and ARM and ARM HF.
Please help testing these on whatever platforms you may have access to.
Gary
On Sat, 22 Aug 2020 at 23:45, Gary Gregory wrote:
>
> On Sat, Aug 22, 2020 at 4:50 PM sebb wrote:
>
> > On Sat, 22 Aug 2020 at 17:13, Gilles Sadowski
> > wrote:
> > >
> > > 2020-08-22 16:02 UTC+02:00, Gary Gregory :
> > > > Here is a first cut:
> > > >
> > > > https://github.com/apache/commons-i
Might be easier to have a simpler page with the link as Gilles suggested.
But +1 to the the idea of showing users in GitHub too how to report security
issues.
Bruno
On Sunday, 23 August 2020, 4:13:10 am NZST, Gilles Sadowski
wrote:
2020-08-22 16:02 UTC+02:00, Gary Gregory :
> Her
Hi Gary,
I might be able to test on Win64 and Linux64 this week. You mentioned
snapshots… what is the easiest way to test them? Run some code using the code
of the snapshots, or perhaps run the build+tests from a tag/commit?
Cheers
Bruno
On Sunday, 23 August 2020, 11:49:21 am NZST, Gary
on the snapshot's release. sorry for the typo
Xeno Amess 于2020年8月23日周日 下午2:44写道:
> > what is the easiest way to test them? Run some code using the code of
> the snapshots, or perhaps run the build+tests from a tag/commit?
> How about fork its tests to a new repo, and import the original codes a
> what is the easiest way to test them? Run some code using the code of
the snapshots, or perhaps run the build+tests from a tag/commit?
How about fork its tests to a new repo, and import the original codes as a
maven dependency, run the tests on the snapshot's source?
Bruno P. Kinoshita 于2020年8
19 matches
Mail list logo
