[GitHub] [roller] snoopdave opened a new pull request, #121: Start Derby from Java so tests can run without Maven

snoopdave opened a new pull request, #121: URL: https://github.com/apache/roller/pull/121 This PR removes the Maven Plugin that was used to start/stop Derby and re-introduces some old code that starts Derby via Java and creates the Roller schema before tests run and stops Derby after they c

[GitHub] [roller] snoopdave merged pull request #121: Start Derby from Java so tests can run without Maven

snoopdave merged PR #121: URL: https://github.com/apache/roller/pull/121 -- This is an automated message from the Apache Git Service. To respond to the message, please log on to GitHub and use the URL above to go to the specific comment. To unsubscribe, e-mail: dev-unsubscr...@roller.apache.o

[GitHub] [roller] dependabot[bot] opened a new pull request, #122: Bump commons-text from 1.9 to 1.10.0 in /app

dependabot[bot] opened a new pull request, #122: URL: https://github.com/apache/roller/pull/122 Bumps commons-text from 1.9 to 1.10.0. [![Dependabot compatibility score](https://dependabot-badges.githubapp.com/badges/compatibility_score?dependency-name=org.apache.commons:commons-t

[GitHub] [roller] mbien commented on pull request #121: Start Derby from Java so tests can run without Maven

mbien commented on PR #121: URL: https://github.com/apache/roller/pull/121#issuecomment-1460973538 the integration tests don't seem to like this change unfortunately -- This is an automated message from the Apache Git Service. To respond to the message, please log on to GitHub and use the

[GitHub] [roller] snoopdave commented on pull request #121: Start Derby from Java so tests can run without Maven

snoopdave commented on PR #121: URL: https://github.com/apache/roller/pull/121#issuecomment-1460991762 > the integration tests don't seem to like this change unfortunately Yep. Thanks. I'm working on a fix for this. -- This is an automated message from the Apache Git Service. To res

[GitHub] [roller] mbien commented on pull request #121: Start Derby from Java so tests can run without Maven

mbien commented on PR #121: URL: https://github.com/apache/roller/pull/121#issuecomment-1460997085 awesome! -- This is an automated message from the Apache Git Service. To respond to the message, please log on to GitHub and use the URL above to go to the specific comment. To unsubscribe,

[GitHub] [roller] snoopdave opened a new pull request, #123: Isolate Lucene API in search.lucene

snoopdave opened a new pull request, #123: URL: https://github.com/apache/roller/pull/123 This PR isolates all usage of the Lucene API in the search.lucene package and adds tests for the SearchResultsModel and SearchResultsFeedModel. This will allow me to experiment with a Solr implementati

[GitHub] [roller] mbien commented on pull request #123: Isolate Lucene API in search.lucene

mbien commented on PR #123: URL: https://github.com/apache/roller/pull/123#issuecomment-1462606710 ohh. This fixed even the integration tests - thanks dave! -- This is an automated message from the Apache Git Service. To respond to the message, please log on to GitHub and use the URL above

[GitHub] [roller] gregh3269 opened a new pull request, #124: Upgrade to struts 6.1.2

gregh3269 opened a new pull request, #124: URL: https://github.com/apache/roller/pull/124 From my testing of the UI this is all it needs to get to the latest version. Were there any failing tests? -- This is an automated message from the Apache Git Service. To respond to the message, ple

[GitHub] [roller] mbien commented on pull request #124: Upgrade to struts 6.1.2

mbien commented on PR #124: URL: https://github.com/apache/roller/pull/124#issuecomment-1480832131 > Were there any failing tests? yes. see CI. Or try starting roller and open the management UI -- This is an automated message from the Apache Git Service. To respond to the message, p

[GitHub] [roller] mbien commented on pull request #119: minor dependency updates + test-summary workflow action

mbien commented on PR #119: URL: https://github.com/apache/roller/pull/119#issuecomment-1480880756 - rebased on top of latest master - refreshed minor dep updates - switched from JDK 19 to 20 since a release happened in the meantime tested locally -- This is an automated messa

[GitHub] [roller] mbien commented on a diff in pull request #119: minor dependency updates + test-summary workflow action

mbien commented on code in PR #119: URL: https://github.com/apache/roller/pull/119#discussion_r1145926223 ## app/pom.xml: ## @@ -39,24 +39,24 @@ limitations under the License. 1.4.7 1.2 1.7.8 -1.10.12 -9.3 +1.10.13 +9.4

[GitHub] [roller] mbien commented on pull request #119: minor dependency updates + test-summary workflow action

mbien commented on PR #119: URL: https://github.com/apache/roller/pull/119#issuecomment-1480884171 all green. @snoopdave approved via dev list -> merging -- This is an automated message from the Apache Git Service. To respond to the message, please log on to GitHub and use the URL above to

[GitHub] [roller] mbien merged pull request #119: minor dependency updates + test-summary workflow action

mbien merged PR #119: URL: https://github.com/apache/roller/pull/119 -- This is an automated message from the Apache Git Service. To respond to the message, please log on to GitHub and use the URL above to go to the specific comment. To unsubscribe, e-mail: dev-unsubscr...@roller.apache.org

[GitHub] [roller] gregh3269 commented on pull request #124: Upgrade to struts 6.1.2

gregh3269 commented on PR #124: URL: https://github.com/apache/roller/pull/124#issuecomment-1480909793 Checking the page the id has extra underscores. I will check if this is intentional. -- This is an automated message from the Apache Git Service. To respond to the message, plea

[GitHub] [roller] mbien commented on pull request #124: Upgrade to struts 6.1.2

mbien commented on PR #124: URL: https://github.com/apache/roller/pull/124#issuecomment-1480915374 i wouldn't recommend to skip so many major versions at once, this rarely works. The very next minor release already causes problems. migration guide https://cwiki.apache.org/confluence/di

[GitHub] [roller] gregh3269 commented on pull request #124: Upgrade to struts 6.1.2

gregh3269 commented on PR #124: URL: https://github.com/apache/roller/pull/124#issuecomment-148108 Your are probably right here. Looking into this more, I did not realise the dependency soup with the bootstrap plugin. Plugin v5.00 uses bootstrap v5.2.0 where roller is using v3.4.1.

[GitHub] [roller] gregh3269 closed pull request #124: Upgrade to struts 6.1.2

gregh3269 closed pull request #124: Upgrade to struts 6.1.2 URL: https://github.com/apache/roller/pull/124 -- This is an automated message from the Apache Git Service. To respond to the message, please log on to GitHub and use the URL above to go to the specific comment. To unsubscribe, e-mai

[GitHub] [roller] gregh3269 commented on pull request #124: Upgrade to struts 6.1.2

gregh3269 commented on PR #124: URL: https://github.com/apache/roller/pull/124#issuecomment-1493876478 Looking more into this there does not seem much of a lifeboat wrt the plugin. The general consensus is it is not possible upgrade this version of bootstrap (no surprise) . Seems a lot of

[GitHub] [roller] mbien commented on pull request #124: Upgrade to struts 6.1.2

mbien commented on PR #124: URL: https://github.com/apache/roller/pull/124#issuecomment-1494635543 you are saying that struts 2.5.30+ is not compatible with the bootstrap (plugin) version roller uses at the moment? I assumed it might have something to do with the double evaluation fix which

[GitHub] [roller] gregh3269 commented on pull request #124: Upgrade to struts 6.1.2

gregh3269 commented on PR #124: URL: https://github.com/apache/roller/pull/124#issuecomment-1495450849 Yes. The plugin needs some updates. If you compare branches you can see what's needed. Relatively simple in comparison to redoing bootstrap. -- This is an automated message from the

[GitHub] [roller] snoopdave merged pull request #123: Isolate Lucene API in search.lucene

snoopdave merged PR #123: URL: https://github.com/apache/roller/pull/123 -- This is an automated message from the Apache Git Service. To respond to the message, please log on to GitHub and use the URL above to go to the specific comment. To unsubscribe, e-mail: dev-unsubscr...@roller.apache.o

[GitHub] [roller] dependabot[bot] commented on pull request #122: Bump commons-text from 1.9 to 1.10.0 in /app

dependabot[bot] commented on PR #122: URL: https://github.com/apache/roller/pull/122#issuecomment-1571139628 OK, I won't notify you again about this release, but will get in touch when a new version is available. If you'd rather skip all updates until the next major or minor version, let me

[GitHub] [roller] mbien closed pull request #122: Bump commons-text from 1.9 to 1.10.0 in /app

mbien closed pull request #122: Bump commons-text from 1.9 to 1.10.0 in /app URL: https://github.com/apache/roller/pull/122 -- This is an automated message from the Apache Git Service. To respond to the message, please log on to GitHub and use the URL above to go to the specific comment. To u

[GitHub] [roller] dependabot[bot] opened a new pull request, #125: Bump struts2-core from 2.5.29 to 2.5.31 in /app

dependabot[bot] opened a new pull request, #125: URL: https://github.com/apache/roller/pull/125 Bumps [struts2-core](https://github.com/apache/struts) from 2.5.29 to 2.5.31. Release notes Sourced from https://github.com/apache/struts/releases";>struts2-core's releases. Strut

[GitHub] [roller] dependabot[bot] commented on pull request #117: Bump struts2-core from 2.5.29 to 2.5.30 in /app

dependabot[bot] commented on PR #117: URL: https://github.com/apache/roller/pull/117#issuecomment-1591925941 Superseded by #125. -- This is an automated message from the Apache Git Service. To respond to the message, please log on to GitHub and use the URL above to go to the specific comme

[GitHub] [roller] dependabot[bot] closed pull request #117: Bump struts2-core from 2.5.29 to 2.5.30 in /app

dependabot[bot] closed pull request #117: Bump struts2-core from 2.5.29 to 2.5.30 in /app URL: https://github.com/apache/roller/pull/117 -- This is an automated message from the Apache Git Service. To respond to the message, please log on to GitHub and use the URL above to go to the specific

[GitHub] [roller] mbien opened a new pull request, #126: Dependency updates (JDK 21 compatibility)

mbien opened a new pull request, #126: URL: https://github.com/apache/roller/pull/126 Mostly minor dependency updates which should allow roller to run on the upcoming JDK 21. The only major update was guice, guice 6.x and 7.x are nearly identical taken from doc: > The Guice 6.

[GitHub] [roller] snoopdave commented on pull request #127: Some field validation CSP updates

snoopdave commented on PR #127: URL: https://github.com/apache/roller/pull/127#issuecomment-1616180051 Dang! I did not see this PR -- This is an automated message from the Apache Git Service. To respond to the message, please log on to GitHub and use the URL above to go to the specific com

[GitHub] [roller] snoopdave opened a new pull request, #128: Santize some inputs and clarify docs

snoopdave opened a new pull request, #128: URL: https://github.com/apache/roller/pull/128 (no comment) -- This is an automated message from the Apache Git Service. To respond to the message, please log on to GitHub and use the URL above to go to the specific comment. To unsubscribe, e-mai

[GitHub] [roller] snoopdave merged pull request #127: Some field validation CSP updates

snoopdave merged PR #127: URL: https://github.com/apache/roller/pull/127 -- This is an automated message from the Apache Git Service. To respond to the message, please log on to GitHub and use the URL above to go to the specific comment. To unsubscribe, e-mail: dev-unsubscr...@roller.apache.o

[GitHub] [roller] mbien commented on pull request #126: Dependency updates (JDK 21 compatibility)

mbien commented on PR #126: URL: https://github.com/apache/roller/pull/126#issuecomment-1617021818 @snoopdave thanks for taking a look -> merging -- This is an automated message from the Apache Git Service. To respond to the message, please log on to GitHub and use the URL above to go to t

[GitHub] [roller] mbien merged pull request #126: Dependency updates (JDK 21 compatibility)

mbien merged PR #126: URL: https://github.com/apache/roller/pull/126 -- This is an automated message from the Apache Git Service. To respond to the message, please log on to GitHub and use the URL above to go to the specific comment. To unsubscribe, e-mail: dev-unsubscr...@roller.apache.org

[GitHub] [roller] snoopdave merged pull request #128: Santize some inputs and clarify docs

snoopdave merged PR #128: URL: https://github.com/apache/roller/pull/128 -- This is an automated message from the Apache Git Service. To respond to the message, please log on to GitHub and use the URL above to go to the specific comment. To unsubscribe, e-mail: dev-unsubscr...@roller.apache.o

[GitHub] [roller] snoopdave commented on pull request #128: Santize some inputs and clarify docs

snoopdave commented on PR #128: URL: https://github.com/apache/roller/pull/128#issuecomment-1627611638 @mbien thanks for the review -- This is an automated message from the Apache Git Service. To respond to the message, please log on to GitHub and use the URL above to go to the specific co

[GitHub] [roller] dependabot[bot] opened a new pull request, #129: Bump spring-security-config from 5.8.3 to 5.8.5 in /app

dependabot[bot] opened a new pull request, #129: URL: https://github.com/apache/roller/pull/129 Bumps [spring-security-config](https://github.com/spring-projects/spring-security) from 5.8.3 to 5.8.5. Release notes Sourced from https://github.com/spring-projects/spring-security/rel

[GitHub] [roller] snoopdave opened a new pull request, #130: Remove unnecessary Solr dependency.

snoopdave opened a new pull request, #130: URL: https://github.com/apache/roller/pull/130 (no comment) -- This is an automated message from the Apache Git Service. To respond to the message, please log on to GitHub and use the URL above to go to the specific comment. To unsubscribe, e-mai

[GitHub] [roller] snoopdave merged pull request #130: Remove unnecessary Solr dependency.

snoopdave merged PR #130: URL: https://github.com/apache/roller/pull/130 -- This is an automated message from the Apache Git Service. To respond to the message, please log on to GitHub and use the URL above to go to the specific comment. To unsubscribe, e-mail: dev-unsubscr...@roller.apache.o

[GitHub] [roller] snoopdave opened a new pull request, #131: Add a Jetty event listener to start Derby when Roller is run via mvn jetty:run

snoopdave opened a new pull request, #131: URL: https://github.com/apache/roller/pull/131 This PR fixes a regression caused by switching Roller from using the Maven `btmatthews` `inmemdb` plugin and instead starting Derby by calling the embedded Derby server API directly (which works when t

[GitHub] [roller] snoopdave merged pull request #131: Add a Jetty event listener to start Derby when Roller is run via mvn jetty:run

snoopdave merged PR #131: URL: https://github.com/apache/roller/pull/131 -- This is an automated message from the Apache Git Service. To respond to the message, please log on to GitHub and use the URL above to go to the specific comment. To unsubscribe, e-mail: dev-unsubscr...@roller.apache.o

[GitHub] [roller] mbien commented on pull request #131: Add a Jetty event listener to start Derby when Roller is run via mvn jetty:run

mbien commented on PR #131: URL: https://github.com/apache/roller/pull/131#issuecomment-1741612770 unfortunately this breaks the integration tests :( -- This is an automated message from the Apache Git Service. To respond to the message, please log on to GitHub and use the URL above to go

[GitHub] [roller] snoopdave commented on pull request #131: Add a Jetty event listener to start Derby when Roller is run via mvn jetty:run

snoopdave commented on PR #131: URL: https://github.com/apache/roller/pull/131#issuecomment-1741629661 Bummer. I'll take another look over the weekend. I thought I had fixed the IT tests, except for the jdk21 run. -- This is an automated message from the Apache Git Service. To respond to

[GitHub] [roller] mbien commented on pull request #131: Add a Jetty event listener to start Derby when Roller is run via mvn jetty:run

mbien commented on PR #131: URL: https://github.com/apache/roller/pull/131#issuecomment-1741642924 @snoopdave oh you are right - I looked at the wrong workflow run! All good, my mistake. the jdk 21 run is easy to fix. its just the setup action requesting an early access build - i can

[PR] Update JDK 21ea to 21ga in github actions. [roller]

mbien opened a new pull request, #132: URL: https://github.com/apache/roller/pull/132 this should fix the build -- This is an automated message from the Apache Git Service. To respond to the message, please log on to GitHub and use the URL above to go to the specific comment. To unsubscri

Re: [PR] Update JDK 21ea to 21ga in github actions. [roller]

mbien commented on PR #132: URL: https://github.com/apache/roller/pull/132#issuecomment-1750360937 all green -> merging -- This is an automated message from the Apache Git Service. To respond to the message, please log on to GitHub and use the URL above to go to the specific comment. To u

Re: [PR] Update JDK 21ea to 21ga in github actions. [roller]

mbien merged PR #132: URL: https://github.com/apache/roller/pull/132 -- This is an automated message from the Apache Git Service. To respond to the message, please log on to GitHub and use the URL above to go to the specific comment. To unsubscribe, e-mail: dev-unsubscr...@roller.apache.org

[PR] Feature [roller]

sig-hugues opened a new pull request, #133: URL: https://github.com/apache/roller/pull/133 (no comment) -- This is an automated message from the Apache Git Service. To respond to the message, please log on to GitHub and use the URL above to go to the specific comment. To unsubscribe, e-ma

Re: [PR] Feature [roller]

sig-hugues closed pull request #133: Feature URL: https://github.com/apache/roller/pull/133 -- This is an automated message from the Apache Git Service. To respond to the message, please log on to GitHub and use the URL above to go to the specific comment. To unsubscribe, e-mail: dev-unsubscr

[PR] Validate tz [roller]

snoopdave opened a new pull request, #134: URL: https://github.com/apache/roller/pull/134 Add some input validations and prepare for next release which will be 6.1.3. -- This is an automated message from the Apache Git Service. To respond to the message, please log on to GitHub and use the

[PR] Dependency updates and some compiler warning cleanup in tests [roller]

mbien opened a new pull request, #135: URL: https://github.com/apache/roller/pull/135 - update project dependencies - selenium tests don't need an external geckodriver anymore - update setup-java, checkout and upload-artifact github actions - fixed rawtype compiler warnings in tests

Re: [PR] Dependency updates and some compiler warning cleanup in tests [roller]

mbien commented on code in PR #135: URL: https://github.com/apache/roller/pull/135#discussion_r1477177509 ## app/pom.xml: ## @@ -264,7 +267,7 @@ limitations under the License. org.webjars jquery -3.6.4 +3.7.1 Review Co

Re: [PR] Dependency updates and some compiler warning cleanup in tests [roller]

mbien commented on code in PR #135: URL: https://github.com/apache/roller/pull/135#discussion_r1477177726 ## .github/workflows/main.yml: ## @@ -59,7 +59,7 @@ jobs: - name: Run Integration Tests run: | cd it-selenium - mvn -V -ntp -Dwebdriver.g

Re: [PR] Dependency updates and some compiler warning cleanup in tests [roller]

snoopdave commented on code in PR #135: URL: https://github.com/apache/roller/pull/135#discussion_r1477439660 ## app/pom.xml: ## @@ -264,7 +267,7 @@ limitations under the License. org.webjars jquery -3.6.4 +3.7.1 Revie

Re: [PR] Dependency updates and some compiler warning cleanup in tests [roller]

snoopdave commented on code in PR #135: URL: https://github.com/apache/roller/pull/135#discussion_r1477439681 ## .github/workflows/main.yml: ## @@ -59,7 +59,7 @@ jobs: - name: Run Integration Tests run: | cd it-selenium - mvn -V -ntp -Dwebdriv

Re: [PR] Dependency updates and some compiler warning cleanup in tests [roller]

mbien commented on code in PR #135: URL: https://github.com/apache/roller/pull/135#discussion_r1477447801 ## app/src/main/webapp/WEB-INF/jsps/tiles/head.jsp: ## @@ -5,7 +5,7 @@ You can override it with your own file via WEB-INF/tiles-def.xml <%@ include file="/WEB-INF/jsps/ta

Re: [PR] Dependency updates and some compiler warning cleanup in tests [roller]

mbien commented on code in PR #135: URL: https://github.com/apache/roller/pull/135#discussion_r1477447903 ## app/pom.xml: ## @@ -264,7 +267,7 @@ limitations under the License. org.webjars jquery -3.6.4 +3.7.1 Review Co

Re: [PR] Dependency updates and some compiler warning cleanup in tests [roller]

snoopdave commented on code in PR #135: URL: https://github.com/apache/roller/pull/135#discussion_r1477473510 ## app/src/main/webapp/WEB-INF/jsps/tiles/head.jsp: ## @@ -5,7 +5,7 @@ You can override it with your own file via WEB-INF/tiles-def.xml <%@ include file="/WEB-INF/jsp

Re: [PR] Dependency updates and some compiler warning cleanup in tests [roller]

mbien merged PR #135: URL: https://github.com/apache/roller/pull/135 -- This is an automated message from the Apache Git Service. To respond to the message, please log on to GitHub and use the URL above to go to the specific comment. To unsubscribe, e-mail: dev-unsubscr...@roller.apache.org

Re: [PR] Validate tz [roller]

mbien commented on code in PR #134: URL: https://github.com/apache/roller/pull/134#discussion_r1477694217 ## app/src/main/java/org/apache/roller/weblogger/pojos/WeblogBookmarkFolder.java: ## @@ -188,4 +189,9 @@ public List retrieveBookmarks() throws WebloggerException {

Re: [PR] Validate tz [roller]

snoopdave commented on code in PR #134: URL: https://github.com/apache/roller/pull/134#discussion_r1479181862 ## app/src/main/java/org/apache/roller/weblogger/pojos/WeblogBookmarkFolder.java: ## @@ -188,4 +189,9 @@ public List retrieveBookmarks() throws WebloggerException {

Re: [PR] Validate tz [roller]

snoopdave merged PR #134: URL: https://github.com/apache/roller/pull/134 -- This is an automated message from the Apache Git Service. To respond to the message, please log on to GitHub and use the URL above to go to the specific comment. To unsubscribe, e-mail: dev-unsubscr...@roller.apache.o

Re: [PR] Your descriptive commit message [roller]

Chris9419 closed pull request #136: Your descriptive commit message URL: https://github.com/apache/roller/pull/136 -- This is an automated message from the Apache Git Service. To respond to the message, please log on to GitHub and use the URL above to go to the specific comment. To unsubscrib

Re: [PR] Deployment Automation [roller]

Chris9419 closed pull request #137: Deployment Automation URL: https://github.com/apache/roller/pull/137 -- This is an automated message from the Apache Git Service. To respond to the message, please log on to GitHub and use the URL above to go to the specific comment. To unsubscribe, e-mail:

[PR] Deployment Automation [roller]

Chris9419 opened a new pull request, #137: URL: https://github.com/apache/roller/pull/137 ### Summary This pull request adds the following deployment scripts and configurations: - `Vagrantfile` for setting up the development environment - `Dockerfile` for containerizing the appli

Re: [PR] Pingching [roller]

Pingching55 closed pull request #139: Pingching URL: https://github.com/apache/roller/pull/139 -- This is an automated message from the Apache Git Service. To respond to the message, please log on to GitHub and use the URL above to go to the specific comment. To unsubscribe, e-mail: dev-unsub

Re: [PR] Build Automation Enhance [roller]

snoopdave closed pull request #138: Build Automation Enhance URL: https://github.com/apache/roller/pull/138 -- This is an automated message from the Apache Git Service. To respond to the message, please log on to GitHub and use the URL above to go to the specific comment. To unsubscribe, e-ma

Re: [PR] Deployment Automation [roller]

mbien commented on code in PR #137: URL: https://github.com/apache/roller/pull/137#discussion_r1749332782 ## .vagrant/machines/default/virtualbox/private_key: ## @@ -0,0 +1,27 @@ +-BEGIN RSA PRIVATE KEY- Review Comment: agreed, private keys should not be in repos man

[PR] Safer defaults [roller]

snoopdave opened a new pull request, #140: URL: https://github.com/apache/roller/pull/140 Safer defaults for some Roller settings like trust-users and allow-file uploads, plus corresponding docs changes. -- This is an automated message from the Apache Git Service. To respond to the messag

Re: [PR] Safer defaults [roller]

mbien commented on PR #140: URL: https://github.com/apache/roller/pull/140#issuecomment-2350348689 @snoopdave I didn't have time to look into this yet, but it looks like the tests don't like this change. I try to take a look this weekend. -- This is an automated message from the Apache Gi

Re: [PR] Safer defaults [roller]

mbien commented on PR #140: URL: https://github.com/apache/roller/pull/140#issuecomment-2350866488 @snoopdave this one property is all what is needed to make the tests happy again: ```diff diff --git a/app/src/test/java/org/apache/roller/weblogger/business/MediaFileTest.java b/ap

Re: [PR] Safer defaults [roller]

snoopdave commented on PR #140: URL: https://github.com/apache/roller/pull/140#issuecomment-2351031545 I also made some changes with SaltCache so that we can associated salt's with authenticated users. -- This is an automated message from the Apache Git Service. To respond to the message,

Re: [PR] Deployment Automation [roller]

snoopdave closed pull request #137: Deployment Automation URL: https://github.com/apache/roller/pull/137 -- This is an automated message from the Apache Git Service. To respond to the message, please log on to GitHub and use the URL above to go to the specific comment. To unsubscribe, e-mail:

Re: [PR] Deployment Automation [roller]

snoopdave commented on PR #137: URL: https://github.com/apache/roller/pull/137#issuecomment-2365318820 I don't think this is work that we want to merge into Roller. -- This is an automated message from the Apache Git Service. To respond to the message, please log on to GitHub and use the U

Re: [PR] Safer defaults [roller]

snoopdave merged PR #140: URL: https://github.com/apache/roller/pull/140 -- This is an automated message from the Apache Git Service. To respond to the message, please log on to GitHub and use the URL above to go to the specific comment. To unsubscribe, e-mail: dev-unsubscr...@roller.apache.o

Re: [PR] dependency updates [roller]

snoopdave commented on PR #141: URL: https://github.com/apache/roller/pull/141#issuecomment-2375396443 ChatGPT 4o summary based on the diff: # app/pom.xml asm.version: 9.6 -> 9.7 commons-validator.version: 1.8.0 -> 1.9.0 commons-codec.version: 1.16.0 -> 1.17.1 commons-text.

Re: [PR] dependency updates [roller]

mbien merged PR #141: URL: https://github.com/apache/roller/pull/141 -- This is an automated message from the Apache Git Service. To respond to the message, please log on to GitHub and use the URL above to go to the specific comment. To unsubscribe, e-mail: dev-unsubscr...@roller.apache.org

[PR] dependency updates [roller]

mbien opened a new pull request, #141: URL: https://github.com/apache/roller/pull/141 - asm, spring, lucene, logging, apache commons libs - webjars: jquery and jquery-validation - build: junit, selenium and other maven plugins note: spring closed [CVE-2024-38816](https://www.

Re: [PR] Add another calendar tag [roller]

nahsra closed pull request #144: Add another calendar tag URL: https://github.com/apache/roller/pull/144 -- This is an automated message from the Apache Git Service. To respond to the message, please log on to GitHub and use the URL above to go to the specific comment. To unsubscribe, e-mail:

[PR] Add another calendar tag [roller]

nahsra opened a new pull request, #144: URL: https://github.com/apache/roller/pull/144 (no comment) -- This is an automated message from the Apache Git Service. To respond to the message, please log on to GitHub and use the URL above to go to the specific comment. To unsubscribe, e-mail:

Re: [PR] Introduce-xss [roller]

nahsra closed pull request #143: Introduce-xss URL: https://github.com/apache/roller/pull/143 -- This is an automated message from the Apache Git Service. To respond to the message, please log on to GitHub and use the URL above to go to the specific comment. To unsubscribe, e-mail: dev-unsubs

Re: [PR] Dependency updates [roller]

snoopdave commented on PR #149: URL: https://github.com/apache/roller/pull/149#issuecomment-2646648031 @mbien are we good to merge this? I'd like to get it into 6.1.5 rc1 -- This is an automated message from the Apache Git Service. To respond to the message, please log on to GitHub and use

Re: [PR] Dependency updates [roller]

mbien commented on PR #149: URL: https://github.com/apache/roller/pull/149#issuecomment-2646738311 @snoopdave Should be fine - although I haven't deployed it this time around for manually testing. JQuery update is always a bit risky since it probably doesn't have any test coverage. Rest sho

Re: [PR] Dependency updates [roller]

mbien merged PR #149: URL: https://github.com/apache/roller/pull/149 -- This is an automated message from the Apache Git Service. To respond to the message, please log on to GitHub and use the URL above to go to the specific comment. To unsubscribe, e-mail: dev-unsubscr...@roller.apache.org

Re: [PR] Dependency updates [roller]

mbien commented on PR #149: URL: https://github.com/apache/roller/pull/149#issuecomment-2629341514 updated, everything passes on JDK 24 now -- This is an automated message from the Apache Git Service. To respond to the message, please log on to GitHub and use the URL above to go to the spe

Re: [PR] Dependency updates [roller]

mbien commented on PR #149: URL: https://github.com/apache/roller/pull/149#issuecomment-2629290701 > I don't know what you mean about the Mokito thing: "this should resolve itself automatically"? Hi @snoopdave! At some point mockito will release a new version which will bump its depe

Re: [PR] Dependency updates [roller]

mbien commented on PR #149: URL: https://github.com/apache/roller/pull/149#issuecomment-2629292651 ``` mvn eu.maveniverse.maven.plugins:toolbox:gav-tree -Dgav=org.mockito:mockito-core:5.14.1 [INFO] --- toolbox:0.6.1:gav-tree (default-cli) @ standalone-pom --- [INFO] org.mockito:mock

[PR] Dependency updates [roller]

mbien opened a new pull request, #149: URL: https://github.com/apache/roller/pull/149 - only point releases - selenium tests pass on JDK 24 - unit tests would pass on JDK 24 if bytebuddy would be bumped (not done since transitive mockito dependency, this should resolve itself automa

Re: [PR] Dependency updates [roller]

mbien commented on PR #149: URL: https://github.com/apache/roller/pull/149#issuecomment-2629336436 @snoopdave oops i didn't realize that there is already a newer mockito available - will update this PR -- This is an automated message from the Apache Git Service. To respond to the message,

Re: [PR] Dependency updates [roller]

snoopdave commented on PR #149: URL: https://github.com/apache/roller/pull/149#issuecomment-2629123082 Thanks @mbien! This looks good. I don't know what you mean about the Mokito thin: "this should resolve itself automatically"? -- This is an automated message from the Apache Git Service.

Re: [PR] Enhanced Session Management in Apache Roller [roller]

snoopdave merged PR #148: URL: https://github.com/apache/roller/pull/148 -- This is an automated message from the Apache Git Service. To respond to the message, please log on to GitHub and use the URL above to go to the specific comment. To unsubscribe, e-mail: dev-unsubscr...@roller.apache.o

[PR] Fix CVE-2024-53677 [roller]

loganaden opened a new pull request, #145: URL: https://github.com/apache/roller/pull/145 (no comment) -- This is an automated message from the Apache Git Service. To respond to the message, please log on to GitHub and use the URL above to go to the specific comment. To unsubscribe, e-mai

Re: [PR] Roller session improvements [roller]

snoopdave commented on PR #147: URL: https://github.com/apache/roller/pull/147#issuecomment-2603132182 I think this PR has gotten too complicated at I should revert it back to the first commit. -- This is an automated message from the Apache Git Service. To respond to the message, please

Re: [PR] Roller session improvements [roller]

snoopdave closed pull request #147: Roller session improvements URL: https://github.com/apache/roller/pull/147 -- This is an automated message from the Apache Git Service. To respond to the message, please log on to GitHub and use the URL above to go to the specific comment. To unsubscribe, e

[PR] Session management improvements simple [roller]

snoopdave opened a new pull request, #148: URL: https://github.com/apache/roller/pull/148 This PR enhances session security by properly invalidating user sessions when administrators change user attributes. Key Changes * Added RollerSessionManager to track and invalidate sessions

Re: [PR] Roller session improvements [roller]

snoopdave commented on PR #147: URL: https://github.com/apache/roller/pull/147#issuecomment-2603268117 This PR works and might be considered an improvement, but I think this one is a better fix because it involves less changes: https://github.com/apache/roller/pull/148 -- This is an auto

Re: [PR] Session management improvements simple [roller]

snoopdave commented on code in PR #148: URL: https://github.com/apache/roller/pull/148#discussion_r1929885587 ## app/src/main/java/org/apache/roller/weblogger/util/cache/CacheHandlerAdapter.java: ## @@ -0,0 +1,55 @@ +/* + * Licensed to the Apache Software Foundation (ASF) under

Re: [PR] Session management improvements simple [roller]

mbien commented on code in PR #148: URL: https://github.com/apache/roller/pull/148#discussion_r1929879312 ## app/src/main/java/org/apache/roller/weblogger/util/cache/CacheHandlerAdapter.java: ## @@ -0,0 +1,55 @@ +/* + * Licensed to the Apache Software Foundation (ASF) under one

[PR] Bd hugues patch 1 [roller]

bd-hugues opened a new pull request, #146: URL: https://github.com/apache/roller/pull/146 (no comment) -- This is an automated message from the Apache Git Service. To respond to the message, please log on to GitHub and use the URL above to go to the specific comment. To unsubscribe, e-mai

Re: [PR] Bd hugues patch 1 [roller]

bd-hugues closed pull request #146: Bd hugues patch 1 URL: https://github.com/apache/roller/pull/146 -- This is an automated message from the Apache Git Service. To respond to the message, please log on to GitHub and use the URL above to go to the specific comment. To unsubscribe, e-mail: dev

Re: [PR] Fix CVE-2024-53677 [roller]

mbien commented on code in PR #145: URL: https://github.com/apache/roller/pull/145#discussion_r1910463976 ## app/pom.xml: ## @@ -58,7 +58,7 @@ limitations under the License. 2.0.16 5.3.39 5.8.14 -2.5.29 +6.4.0 Review Comment: the

  1   2   >