You are viewing a plain text version of this content. The canonical link for it is here.

Posted to dev@tapestry.apache.org by Ulrich Stärk <ul...@spielviel.de> on 2010/11/05 08:49:45 UTC

Fwd: [jira] Created: (INFRA-3151) add servlet filter to nexus to block maven 2.2.0 deploys

FYI

-------- Original Message --------
Subject: [jira] Created: (INFRA-3151) add servlet filter to nexus to block maven 2.2.0 deploys
Date: Wed, 3 Nov 2010 19:37:22 -0400 (EDT)
From: Brian Fox (JIRA) <ji...@apache.org>
Reply-To: infrastructure@apache.org
To: infrastructure-issues@apache.org

add servlet filter to nexus to block maven 2.2.0 deploys
--------------------------------------------------------

                  Key: INFRA-3151
                  URL: https://issues.apache.org/jira/browse/INFRA-3151
              Project: Infrastructure
           Issue Type: Improvement
       Security Level: public (Regular issues)
           Components: Nexus
             Reporter: Brian Fox
             Assignee: Brian Fox


Maven 2.2.0 is known to produce bad checksums and doubles the data upload potentially causing timeouts.

Here's an example user agent we want to block: Apache-Maven/2.2 (Java 1.6.0_16; Linux 
2.6.26-2-amd64) maven-artifact/2.2.0" "-"

This should be blocked from /content for PUTs only.

---------------------------------------------------------------------
To unsubscribe, e-mail: dev-unsubscribe@tapestry.apache.org
For additional commands, e-mail: dev-help@tapestry.apache.org

Re: [jira] Created: (INFRA-3151) add servlet filter to nexus to block maven 2.2.0 deploys

Posted by Andreas Andreou <an...@di.uoa.gr>.

2.2.1 is fine on that regard

On Fri, Nov 5, 2010 at 19:13, Howard Lewis Ship <hl...@gmail.com> wrote:
> I hope 2.2.1 generates proper checksums because upgrading to 3.x was a
> floster cuck for me.
>
> On Fri, Nov 5, 2010 at 12:49 AM, Ulrich Stärk <ul...@spielviel.de> wrote:
>
>> FYI
>>
>> -------- Original Message --------
>> Subject: [jira] Created: (INFRA-3151) add servlet filter to nexus to block
>> maven 2.2.0 deploys
>> Date: Wed, 3 Nov 2010 19:37:22 -0400 (EDT)
>> From: Brian Fox (JIRA) <ji...@apache.org>
>> Reply-To: infrastructure@apache.org
>> To: infrastructure-issues@apache.org
>>
>> add servlet filter to nexus to block maven 2.2.0 deploys
>> --------------------------------------------------------
>>
>>                 Key: INFRA-3151
>>                 URL: https://issues.apache.org/jira/browse/INFRA-3151
>>             Project: Infrastructure
>>          Issue Type: Improvement
>>      Security Level: public (Regular issues)
>>          Components: Nexus
>>            Reporter: Brian Fox
>>            Assignee: Brian Fox
>>
>>
>> Maven 2.2.0 is known to produce bad checksums and doubles the data upload
>> potentially causing timeouts.
>>
>> Here's an example user agent we want to block: Apache-Maven/2.2 (Java
>> 1.6.0_16; Linux 2.6.26-2-amd64) maven-artifact/2.2.0" "-"
>>
>> This should be blocked from /content for PUTs only.
>>
>> ---------------------------------------------------------------------
>> To unsubscribe, e-mail: dev-unsubscribe@tapestry.apache.org
>> For additional commands, e-mail: dev-help@tapestry.apache.org
>>
>>
>
>
> --
> Howard M. Lewis Ship
>
> Creator of Apache Tapestry
>
> The source for Tapestry training, mentoring and support. Contact me to learn
> how I can get you up and productive in Tapestry fast!
>
> (971) 678-5210
> http://howardlewisship.com
>



-- 
Andreas Andreou - andyhot@apache.org - http://blog.andyhot.gr
Tapestry PMC / Tacos developer
Open Source / JEE Consulting

---------------------------------------------------------------------
To unsubscribe, e-mail: dev-unsubscribe@tapestry.apache.org
For additional commands, e-mail: dev-help@tapestry.apache.org

Re: [jira] Created: (INFRA-3151) add servlet filter to nexus to block maven 2.2.0 deploys

Posted by Howard Lewis Ship <hl...@gmail.com>.

I meant  fluster cuck   ... okay, I meant cluster fuck, but I was trying to
be diplomatic.

On Sat, Nov 6, 2010 at 3:39 AM, Massimo Lusetti <ml...@gmail.com> wrote:

> On Fri, Nov 5, 2010 at 6:13 PM, Howard Lewis Ship <hl...@gmail.com>
> wrote:
>
> > I hope 2.2.1 generates proper checksums because upgrading to 3.x was a
> > floster cuck for me.
>
> Oh... BTW what is a "floster cuck" ;) ...
>
> --
> Massimo
> http://meridio.blogspot.com
>
> ---------------------------------------------------------------------
> To unsubscribe, e-mail: dev-unsubscribe@tapestry.apache.org
> For additional commands, e-mail: dev-help@tapestry.apache.org
>
>

-- 
Howard M. Lewis Ship

Creator of Apache Tapestry

The source for Tapestry training, mentoring and support. Contact me to learn
how I can get you up and productive in Tapestry fast!

(971) 678-5210
http://howardlewisship.com

Re: [jira] Created: (INFRA-3151) add servlet filter to nexus to block maven 2.2.0 deploys

Posted by Massimo Lusetti <ml...@gmail.com>.

On Fri, Nov 5, 2010 at 6:13 PM, Howard Lewis Ship <hl...@gmail.com> wrote:

> I hope 2.2.1 generates proper checksums because upgrading to 3.x was a
> floster cuck for me.

Oh... BTW what is a "floster cuck" ;) ...

-- 
Massimo
http://meridio.blogspot.com

---------------------------------------------------------------------
To unsubscribe, e-mail: dev-unsubscribe@tapestry.apache.org
For additional commands, e-mail: dev-help@tapestry.apache.org

Re: [jira] Created: (INFRA-3151) add servlet filter to nexus to block maven 2.2.0 deploys

Posted by Howard Lewis Ship <hl...@gmail.com>.

I hope 2.2.1 generates proper checksums because upgrading to 3.x was a
floster cuck for me.

On Fri, Nov 5, 2010 at 12:49 AM, Ulrich Stärk <ul...@spielviel.de> wrote:

> FYI
>
> -------- Original Message --------
> Subject: [jira] Created: (INFRA-3151) add servlet filter to nexus to block
> maven 2.2.0 deploys
> Date: Wed, 3 Nov 2010 19:37:22 -0400 (EDT)
> From: Brian Fox (JIRA) <ji...@apache.org>
> Reply-To: infrastructure@apache.org
> To: infrastructure-issues@apache.org
>
> add servlet filter to nexus to block maven 2.2.0 deploys
> --------------------------------------------------------
>
>                 Key: INFRA-3151
>                 URL: https://issues.apache.org/jira/browse/INFRA-3151
>             Project: Infrastructure
>          Issue Type: Improvement
>      Security Level: public (Regular issues)
>          Components: Nexus
>            Reporter: Brian Fox
>            Assignee: Brian Fox
>
>
> Maven 2.2.0 is known to produce bad checksums and doubles the data upload
> potentially causing timeouts.
>
> Here's an example user agent we want to block: Apache-Maven/2.2 (Java
> 1.6.0_16; Linux 2.6.26-2-amd64) maven-artifact/2.2.0" "-"
>
> This should be blocked from /content for PUTs only.
>
> ---------------------------------------------------------------------
> To unsubscribe, e-mail: dev-unsubscribe@tapestry.apache.org
> For additional commands, e-mail: dev-help@tapestry.apache.org
>
>


-- 
Howard M. Lewis Ship

Creator of Apache Tapestry

The source for Tapestry training, mentoring and support. Contact me to learn
how I can get you up and productive in Tapestry fast!

(971) 678-5210
http://howardlewisship.com