You are viewing a plain text version of this content. The canonical link for it is here.
Posted to dev@jena.apache.org by Andy Seaborne <an...@apache.org> on 2020/01/07 13:37:12 UTC
Towards Jena 3.14.0
It's coming up to time to look at Jena 3.14.0. v3.13.1 was 2019-10-11.
I have time between now and January 19th to do a release or to work with
anyone who is interested in performing a release. January 20th and after
is likely to be busy due to new employment.
Andy
== Contributions and notable JIRA
Pavel Mikhailovskii:
JENA-1787: SHACL improvement
JENA-1786: DatasetGraphMonitor exposes unwrapped graphs
JENA-1785: TDB2 bug fix
JENA-1784: CacheSimple doesn't check keys for equality
Ken Treimann:
JENA-1781: Thrift upgrade to 0.13.0 for a CVE.
Georg Schmidt-Dumont:
JENA-1796: Add missing DV for XSD DateTimeStamp data type
Adrian Wilke:
JENA-1792: DCat vocabulary update to DCat2
JENA-1779: Update to Jackson 2.10.1
2.10 has a design change to remove the 2.9.x attack point.
Hopefully, moving to 2.10 will mean the end of recurring CVE's for Jackson.
== JIRA
https://s.apache.org/jena-3.14.0-jira
36 currently.
Re: Towards Jena 3.14.0
Posted by aj...@apache.org.
+1. A smaller bug is better than a bigger bug.
ajs6f
On Sun, Jan 12, 2020, 12:51 PM Andy Seaborne <an...@apache.org> wrote:
> One of those releases ...
>
> JENA-1813 came in and it's a bug.
>
> The proper, comprehensive fix is quite extensive, although it will
> enable optimization in cases currently not handled. That is not
> something I want to rush just before a release.
>
> There is a pragmatic fix suggested in Shawn's report. It fixes the
> reported case. It (probably) isn't complete but more importantly it
> shows there is a better design that does not avoid certain cases that
> happen at the moment
>
> So my proposal is immediate fix for JENA-1813, release 3.14.0
> and fork off JENA-1815 for redesign/rework for a later release.
>
> No query that already works properly in 3.13.1 is affected. Some queries
> that don't work will now work.
>
> Andy
>
> On 07/01/2020 13:57, Aaron Coburn wrote:
> > I will have time to review any release candidates between now and Jan 20.
> >
> > Cheers,
> > Aaron
> >
> > On Tue, 7 Jan 2020 at 08:37, Andy Seaborne <an...@apache.org> wrote:
> >
> >> It's coming up to time to look at Jena 3.14.0. v3.13.1 was 2019-10-11.
> >>
> >> I have time between now and January 19th to do a release or to work with
> >> anyone who is interested in performing a release. January 20th and after
> >> is likely to be busy due to new employment.
> >>
> >> Andy
> >>
> >> == Contributions and notable JIRA
> >>
> >> Pavel Mikhailovskii:
> >> JENA-1787: SHACL improvement
> >> JENA-1786: DatasetGraphMonitor exposes unwrapped graphs
> >> JENA-1785: TDB2 bug fix
> >> JENA-1784: CacheSimple doesn't check keys for equality
> >>
> >> Ken Treimann:
> >> JENA-1781: Thrift upgrade to 0.13.0 for a CVE.
> >>
> >> Georg Schmidt-Dumont:
> >> JENA-1796: Add missing DV for XSD DateTimeStamp data type
> >>
> >> Adrian Wilke:
> >> JENA-1792: DCat vocabulary update to DCat2
> >>
> >>
> >> JENA-1779: Update to Jackson 2.10.1
> >>
> >> 2.10 has a design change to remove the 2.9.x attack point.
> >> Hopefully, moving to 2.10 will mean the end of recurring CVE's for
> Jackson.
> >>
> >> == JIRA
> >>
> >> https://s.apache.org/jena-3.14.0-jira
> >>
> >> 36 currently.
> >>
> >>
> >
>
Re: Towards Jena 3.14.0
Posted by Andy Seaborne <an...@apache.org>.
One of those releases ...
JENA-1813 came in and it's a bug.
The proper, comprehensive fix is quite extensive, although it will
enable optimization in cases currently not handled. That is not
something I want to rush just before a release.
There is a pragmatic fix suggested in Shawn's report. It fixes the
reported case. It (probably) isn't complete but more importantly it
shows there is a better design that does not avoid certain cases that
happen at the moment
So my proposal is immediate fix for JENA-1813, release 3.14.0
and fork off JENA-1815 for redesign/rework for a later release.
No query that already works properly in 3.13.1 is affected. Some queries
that don't work will now work.
Andy
On 07/01/2020 13:57, Aaron Coburn wrote:
> I will have time to review any release candidates between now and Jan 20.
>
> Cheers,
> Aaron
>
> On Tue, 7 Jan 2020 at 08:37, Andy Seaborne <an...@apache.org> wrote:
>
>> It's coming up to time to look at Jena 3.14.0. v3.13.1 was 2019-10-11.
>>
>> I have time between now and January 19th to do a release or to work with
>> anyone who is interested in performing a release. January 20th and after
>> is likely to be busy due to new employment.
>>
>> Andy
>>
>> == Contributions and notable JIRA
>>
>> Pavel Mikhailovskii:
>> JENA-1787: SHACL improvement
>> JENA-1786: DatasetGraphMonitor exposes unwrapped graphs
>> JENA-1785: TDB2 bug fix
>> JENA-1784: CacheSimple doesn't check keys for equality
>>
>> Ken Treimann:
>> JENA-1781: Thrift upgrade to 0.13.0 for a CVE.
>>
>> Georg Schmidt-Dumont:
>> JENA-1796: Add missing DV for XSD DateTimeStamp data type
>>
>> Adrian Wilke:
>> JENA-1792: DCat vocabulary update to DCat2
>>
>>
>> JENA-1779: Update to Jackson 2.10.1
>>
>> 2.10 has a design change to remove the 2.9.x attack point.
>> Hopefully, moving to 2.10 will mean the end of recurring CVE's for Jackson.
>>
>> == JIRA
>>
>> https://s.apache.org/jena-3.14.0-jira
>>
>> 36 currently.
>>
>>
>
Re: Towards Jena 3.14.0
Posted by Aaron Coburn <ac...@apache.org>.
I will have time to review any release candidates between now and Jan 20.
Cheers,
Aaron
On Tue, 7 Jan 2020 at 08:37, Andy Seaborne <an...@apache.org> wrote:
> It's coming up to time to look at Jena 3.14.0. v3.13.1 was 2019-10-11.
>
> I have time between now and January 19th to do a release or to work with
> anyone who is interested in performing a release. January 20th and after
> is likely to be busy due to new employment.
>
> Andy
>
> == Contributions and notable JIRA
>
> Pavel Mikhailovskii:
> JENA-1787: SHACL improvement
> JENA-1786: DatasetGraphMonitor exposes unwrapped graphs
> JENA-1785: TDB2 bug fix
> JENA-1784: CacheSimple doesn't check keys for equality
>
> Ken Treimann:
> JENA-1781: Thrift upgrade to 0.13.0 for a CVE.
>
> Georg Schmidt-Dumont:
> JENA-1796: Add missing DV for XSD DateTimeStamp data type
>
> Adrian Wilke:
> JENA-1792: DCat vocabulary update to DCat2
>
>
> JENA-1779: Update to Jackson 2.10.1
>
> 2.10 has a design change to remove the 2.9.x attack point.
> Hopefully, moving to 2.10 will mean the end of recurring CVE's for Jackson.
>
> == JIRA
>
> https://s.apache.org/jena-3.14.0-jira
>
> 36 currently.
>
>