You are viewing a plain text version of this content. The canonical link for it is here.
Posted to announce@apache.org by Stefan Bodewig <bo...@apache.org> on 2018/06/22 15:39:40 UTC
[ANN] Apache Ant 1.9.12 and 1.10.4 Released
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
The Apache Ant Team is pleased to announce the releases of Apache Ant
1.9.12 and 1.10.4.
Apache Ant is a Java library and command-line tool that helps building
software.
The Apache Ant team currently maintains two lines of development. The
1.9.x releases require Java5 at runtime and 1.10.x requires Java8 at
runtime. Both lines are based off of Ant 1.9.7 and the 1.9.x releases
are mostly bug fix releases while additional new features are developed
for 1.10.x. We recommend using 1.10.4 unless you are required to use
versions of Java prior to Java8 during the build process.
Ant 1.10.4 contains a superset of 1.9.12 - with the exception of a few
tasks and features that no longer work with Java8 anyway (like the apt
task).
Both releases are mostly bug fix releases with a few new features
being added. In both releases the untar, unjar and unzip will no
longer extract entries whose names would make the created files be
placed outside of the destination directory by default. This is based
on a recommendation by the Snyk Security Research Team.
Source and binary distributions are available for download from the
Apache Ant download site:
http://ant.apache.org/bindownload.cgi
http://ant.apache.org/srcdownload.cgi
When downloading, please verify signatures using the KEYS file available
at the above location when downloading the release.
Changes in 1.10.4 include:
==========================
Changes that could break older environments:
- -------------------------------------------
* <unzip>, <unjar> and <untar> will no longer extract entries whose
names would make the created files be placed outside of the
destination directory anymore by default. A new attribute
allowFilesToEscapeDest can be used to override the behavior.
Another special case is when stripAbsolutePathSpec is false (which
no longer is the default) and the entry's name starts with a
(back)slash and allowFilesToEscapeDest hasn't been specified
explicitly, in this case the file may be created outside of the
dest directory as well.
In addition stripAbsolutePathSpec is now true by default.
Based on a recommendation by the Snyk Security Research Team.
Fixed bugs:
- -----------
* Delay the class initialization of the test classes until they are
passed to JUnit. This way we can avoid that failing static initializers
from non-test classes are reported as error when the 'skipNonTests' option
is 'true'.
Bugzilla Report 60062
* The junit task when used with includeantruntime="no" was incorrectly
printing a warning about multiple versions of ant detected in path
* <cab> died with a NullPointerException since Ant 1.10.2.
Bugzilla Report 62335
* The <depend> task would fail with
"java.lang.ClassFormatError: Invalid Constant Pool entry Type 19" while
parsing a module-info.class. The task is compatible with
Java bytecode version 53 now.
Bug reported by Simon IJskes https://issues.apache.org/jira/browse/NETBEANS-781
* Default and SecureInputHandler will now raise an error when then
end of the input stream (usually System.in or System.console) are
reached before a valid input has been read.
* junitreport does not list testsuites that fail to start any tests
because of an exception inside the all-tests and alltests-errors frames.
Bugzilla Report 62443
Other changes:
- --------------
* AntAssert is deprecated, assertThat from JUnit 4.4+, Hamcrest matchers and/or
ExpectedException rule provide equivalent functionality
* PumpStreamHandler now explicitly verifies the streams for output
and error are not null and will throw an exception if they
are. This way creating a PumpStreamHandler will fail early as
opposed to some obscure errors later when closing streams or
finishing threads might fail.
Bugzilla Report 62148
* <property> has a new attribute runtime which can be used to set
properties with values taken as snapshots from the
availableProcessors, freeMemory, maxMemory and totalMemory methods
of the Java Runtime class.
* linecontains filter now has a new "matchAny" attribute which when
set to "true" allows any (instead of all) of the user-specified
strings to be present in the line.
Bugzilla Report 62313
* <resourcelist> has a new basedir attribute that can be used to
resolve relative names and provides a root for the FileResources
generated.
Bugzilla Report 62379
* The <includesfile> and <excludesfile> nested elements of
<patternset> and <fileset> now support an encoding attribute that
can be used to specify the file's encoding.
Bugzilla Report 62379
* New file selectors, posixGroup and posixPermissions, are available.
The new selectors and related ownedBy selector have "followSymlinks"
attribute that defaults to "true" for consistency.
Bugzilla Report 22370
* The junitlauncher task now has a "printSummary" attribute which when
set to "true" will print the test execution summary to System.out.
Changes in 1.9.12 include:
==========================
Changes that could break older environments:
- -------------------------------------------
* <unzip>, <unjar> and <untar> will no longer extract entries whose
names would make the created files be placed outside of the
destination directory anymore by default. A new attribute
allowFilesToEscapeDest can be used to override the behavior.
Another special case is when stripAbsolutePathSpec is false (which
no longer is the default) and the entry's name starts with a
(back)slash and allowFilesToEscapeDest hasn't been specified
explicitly, in this case the file may be created outside of the
dest directory as well.
In addition stripAbsolutePathSpec is now true by default.
Based on a recommendation by the Snyk Security Research Team.
Fixed bugs:
- -----------
* Delay the class initialization of the test classes until they are
passed to JUnit. This way we can avoid that failing static initializers
from non-test classes are reported as error when the 'skipNonTests' option
is 'true'.
Bugzilla Report 60062
* The junit task when used with includeantruntime="no" was incorrectly
printing a warning about multiple versions of ant detected in path
* Default and SecureInputHandler will now raise an error when then
end of the input stream (usually System.in or System.console) are
reached before a valid input has been read.
* junitreport does not list testsuites that fail to start any tests
because of an exception inside the all-tests and alltests-errors frames.
Bugzilla Report 62443
Other changes:
- --------------
* PumpStreamHandler now explicitly verifies the streams for output
and error are not null and will throw an exception if they
are. This way creating a PumpStreamHandler will fail early as
opposed to some obscure errors later when closing streams or
finishing threads might fail.
Bugzilla Report 62148
* <property> has a new attribute runtime which can be used to set
properties with values taken as snapshots from the
availableProcessors, freeMemory, maxMemory and totalMemory methods
of the Java Runtime class.
* <resourcelist> has a new basedir attribute that can be used to
resolve relative names and provides a root for the FileResources
generated.
Bugzilla Report 62379
* The <includesfile> and <excludesfile> nested elements of
<patternset> and <fileset> now support an encoding attribute that
can be used to specify the file's encoding.
Bugzilla Report 62379
For complete information on Ant, including instructions
on how to submit bug reports, patches, or suggestions for improvement,
see the Apache Ant website:
http://ant.apache.org/
Stefan Bodewig, on behalf of the Apache Ant community
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1
iEYEARECAAYFAlstGDEACgkQohFa4V9ri3LtGwCffwQJhD6PKZ06vNHCFkyumYuX
EWQAoJrQ1BnVQmg4FVY507woJbhzvVQW
=qV2y
-----END PGP SIGNATURE-----
Re: [ANN] Apache Ant 1.9.12 and 1.10.4 Released
Posted by Jaikiran Pai <ja...@gmail.com>.
Thank you for running this release, Stefan.
-Jaikiran
On 22/06/18 9:09 PM, Stefan Bodewig wrote:
> -----BEGIN PGP SIGNED MESSAGE-----
> Hash: SHA1
>
> The Apache Ant Team is pleased to announce the releases of Apache Ant
> 1.9.12 and 1.10.4.
>
> Apache Ant is a Java library and command-line tool that helps building
> software.
>
> The Apache Ant team currently maintains two lines of development. The
> 1.9.x releases require Java5 at runtime and 1.10.x requires Java8 at
> runtime. Both lines are based off of Ant 1.9.7 and the 1.9.x releases
> are mostly bug fix releases while additional new features are developed
> for 1.10.x. We recommend using 1.10.4 unless you are required to use
> versions of Java prior to Java8 during the build process.
>
> Ant 1.10.4 contains a superset of 1.9.12 - with the exception of a few
> tasks and features that no longer work with Java8 anyway (like the apt
> task).
>
> Both releases are mostly bug fix releases with a few new features
> being added. In both releases the untar, unjar and unzip will no
> longer extract entries whose names would make the created files be
> placed outside of the destination directory by default. This is based
> on a recommendation by the Snyk Security Research Team.
>
> Source and binary distributions are available for download from the
> Apache Ant download site:
>
> http://ant.apache.org/bindownload.cgi
> http://ant.apache.org/srcdownload.cgi
>
> When downloading, please verify signatures using the KEYS file available
> at the above location when downloading the release.
>
> Changes in 1.10.4 include:
> ==========================
>
> Changes that could break older environments:
> - -------------------------------------------
>
> * <unzip>, <unjar> and <untar> will no longer extract entries whose
> names would make the created files be placed outside of the
> destination directory anymore by default. A new attribute
> allowFilesToEscapeDest can be used to override the behavior.
> Another special case is when stripAbsolutePathSpec is false (which
> no longer is the default) and the entry's name starts with a
> (back)slash and allowFilesToEscapeDest hasn't been specified
> explicitly, in this case the file may be created outside of the
> dest directory as well.
> In addition stripAbsolutePathSpec is now true by default.
> Based on a recommendation by the Snyk Security Research Team.
>
> Fixed bugs:
> - -----------
>
> * Delay the class initialization of the test classes until they are
> passed to JUnit. This way we can avoid that failing static initializers
> from non-test classes are reported as error when the 'skipNonTests' option
> is 'true'.
> Bugzilla Report 60062
>
> * The junit task when used with includeantruntime="no" was incorrectly
> printing a warning about multiple versions of ant detected in path
>
> * <cab> died with a NullPointerException since Ant 1.10.2.
> Bugzilla Report 62335
>
> * The <depend> task would fail with
> "java.lang.ClassFormatError: Invalid Constant Pool entry Type 19" while
> parsing a module-info.class. The task is compatible with
> Java bytecode version 53 now.
> Bug reported by Simon IJskes https://issues.apache.org/jira/browse/NETBEANS-781
>
> * Default and SecureInputHandler will now raise an error when then
> end of the input stream (usually System.in or System.console) are
> reached before a valid input has been read.
>
> * junitreport does not list testsuites that fail to start any tests
> because of an exception inside the all-tests and alltests-errors frames.
> Bugzilla Report 62443
>
> Other changes:
> - --------------
>
> * AntAssert is deprecated, assertThat from JUnit 4.4+, Hamcrest matchers and/or
> ExpectedException rule provide equivalent functionality
>
> * PumpStreamHandler now explicitly verifies the streams for output
> and error are not null and will throw an exception if they
> are. This way creating a PumpStreamHandler will fail early as
> opposed to some obscure errors later when closing streams or
> finishing threads might fail.
> Bugzilla Report 62148
>
> * <property> has a new attribute runtime which can be used to set
> properties with values taken as snapshots from the
> availableProcessors, freeMemory, maxMemory and totalMemory methods
> of the Java Runtime class.
>
> * linecontains filter now has a new "matchAny" attribute which when
> set to "true" allows any (instead of all) of the user-specified
> strings to be present in the line.
> Bugzilla Report 62313
>
> * <resourcelist> has a new basedir attribute that can be used to
> resolve relative names and provides a root for the FileResources
> generated.
> Bugzilla Report 62379
>
> * The <includesfile> and <excludesfile> nested elements of
> <patternset> and <fileset> now support an encoding attribute that
> can be used to specify the file's encoding.
> Bugzilla Report 62379
>
> * New file selectors, posixGroup and posixPermissions, are available.
> The new selectors and related ownedBy selector have "followSymlinks"
> attribute that defaults to "true" for consistency.
> Bugzilla Report 22370
>
> * The junitlauncher task now has a "printSummary" attribute which when
> set to "true" will print the test execution summary to System.out.
>
> Changes in 1.9.12 include:
> ==========================
>
> Changes that could break older environments:
> - -------------------------------------------
>
> * <unzip>, <unjar> and <untar> will no longer extract entries whose
> names would make the created files be placed outside of the
> destination directory anymore by default. A new attribute
> allowFilesToEscapeDest can be used to override the behavior.
> Another special case is when stripAbsolutePathSpec is false (which
> no longer is the default) and the entry's name starts with a
> (back)slash and allowFilesToEscapeDest hasn't been specified
> explicitly, in this case the file may be created outside of the
> dest directory as well.
> In addition stripAbsolutePathSpec is now true by default.
> Based on a recommendation by the Snyk Security Research Team.
>
> Fixed bugs:
> - -----------
>
> * Delay the class initialization of the test classes until they are
> passed to JUnit. This way we can avoid that failing static initializers
> from non-test classes are reported as error when the 'skipNonTests' option
> is 'true'.
> Bugzilla Report 60062
>
> * The junit task when used with includeantruntime="no" was incorrectly
> printing a warning about multiple versions of ant detected in path
>
> * Default and SecureInputHandler will now raise an error when then
> end of the input stream (usually System.in or System.console) are
> reached before a valid input has been read.
>
> * junitreport does not list testsuites that fail to start any tests
> because of an exception inside the all-tests and alltests-errors frames.
> Bugzilla Report 62443
>
> Other changes:
> - --------------
>
> * PumpStreamHandler now explicitly verifies the streams for output
> and error are not null and will throw an exception if they
> are. This way creating a PumpStreamHandler will fail early as
> opposed to some obscure errors later when closing streams or
> finishing threads might fail.
> Bugzilla Report 62148
>
> * <property> has a new attribute runtime which can be used to set
> properties with values taken as snapshots from the
> availableProcessors, freeMemory, maxMemory and totalMemory methods
> of the Java Runtime class.
>
> * <resourcelist> has a new basedir attribute that can be used to
> resolve relative names and provides a root for the FileResources
> generated.
> Bugzilla Report 62379
>
> * The <includesfile> and <excludesfile> nested elements of
> <patternset> and <fileset> now support an encoding attribute that
> can be used to specify the file's encoding.
> Bugzilla Report 62379
>
> For complete information on Ant, including instructions
> on how to submit bug reports, patches, or suggestions for improvement,
> see the Apache Ant website:
>
> http://ant.apache.org/
>
> Stefan Bodewig, on behalf of the Apache Ant community
> -----BEGIN PGP SIGNATURE-----
> Version: GnuPG v1
>
> iEYEARECAAYFAlstGDEACgkQohFa4V9ri3LtGwCffwQJhD6PKZ06vNHCFkyumYuX
> EWQAoJrQ1BnVQmg4FVY507woJbhzvVQW
> =qV2y
> -----END PGP SIGNATURE-----
>
> ---------------------------------------------------------------------
> To unsubscribe, e-mail: dev-unsubscribe@ant.apache.org
> For additional commands, e-mail: dev-help@ant.apache.org
>
---------------------------------------------------------------------
To unsubscribe, e-mail: user-unsubscribe@ant.apache.org
For additional commands, e-mail: user-help@ant.apache.org
Re: [ANN] Apache Ant 1.9.12 and 1.10.4 Released
Posted by Jaikiran Pai <ja...@gmail.com>.
Thank you for running this release, Stefan.
-Jaikiran
On 22/06/18 9:09 PM, Stefan Bodewig wrote:
> -----BEGIN PGP SIGNED MESSAGE-----
> Hash: SHA1
>
> The Apache Ant Team is pleased to announce the releases of Apache Ant
> 1.9.12 and 1.10.4.
>
> Apache Ant is a Java library and command-line tool that helps building
> software.
>
> The Apache Ant team currently maintains two lines of development. The
> 1.9.x releases require Java5 at runtime and 1.10.x requires Java8 at
> runtime. Both lines are based off of Ant 1.9.7 and the 1.9.x releases
> are mostly bug fix releases while additional new features are developed
> for 1.10.x. We recommend using 1.10.4 unless you are required to use
> versions of Java prior to Java8 during the build process.
>
> Ant 1.10.4 contains a superset of 1.9.12 - with the exception of a few
> tasks and features that no longer work with Java8 anyway (like the apt
> task).
>
> Both releases are mostly bug fix releases with a few new features
> being added. In both releases the untar, unjar and unzip will no
> longer extract entries whose names would make the created files be
> placed outside of the destination directory by default. This is based
> on a recommendation by the Snyk Security Research Team.
>
> Source and binary distributions are available for download from the
> Apache Ant download site:
>
> http://ant.apache.org/bindownload.cgi
> http://ant.apache.org/srcdownload.cgi
>
> When downloading, please verify signatures using the KEYS file available
> at the above location when downloading the release.
>
> Changes in 1.10.4 include:
> ==========================
>
> Changes that could break older environments:
> - -------------------------------------------
>
> * <unzip>, <unjar> and <untar> will no longer extract entries whose
> names would make the created files be placed outside of the
> destination directory anymore by default. A new attribute
> allowFilesToEscapeDest can be used to override the behavior.
> Another special case is when stripAbsolutePathSpec is false (which
> no longer is the default) and the entry's name starts with a
> (back)slash and allowFilesToEscapeDest hasn't been specified
> explicitly, in this case the file may be created outside of the
> dest directory as well.
> In addition stripAbsolutePathSpec is now true by default.
> Based on a recommendation by the Snyk Security Research Team.
>
> Fixed bugs:
> - -----------
>
> * Delay the class initialization of the test classes until they are
> passed to JUnit. This way we can avoid that failing static initializers
> from non-test classes are reported as error when the 'skipNonTests' option
> is 'true'.
> Bugzilla Report 60062
>
> * The junit task when used with includeantruntime="no" was incorrectly
> printing a warning about multiple versions of ant detected in path
>
> * <cab> died with a NullPointerException since Ant 1.10.2.
> Bugzilla Report 62335
>
> * The <depend> task would fail with
> "java.lang.ClassFormatError: Invalid Constant Pool entry Type 19" while
> parsing a module-info.class. The task is compatible with
> Java bytecode version 53 now.
> Bug reported by Simon IJskes https://issues.apache.org/jira/browse/NETBEANS-781
>
> * Default and SecureInputHandler will now raise an error when then
> end of the input stream (usually System.in or System.console) are
> reached before a valid input has been read.
>
> * junitreport does not list testsuites that fail to start any tests
> because of an exception inside the all-tests and alltests-errors frames.
> Bugzilla Report 62443
>
> Other changes:
> - --------------
>
> * AntAssert is deprecated, assertThat from JUnit 4.4+, Hamcrest matchers and/or
> ExpectedException rule provide equivalent functionality
>
> * PumpStreamHandler now explicitly verifies the streams for output
> and error are not null and will throw an exception if they
> are. This way creating a PumpStreamHandler will fail early as
> opposed to some obscure errors later when closing streams or
> finishing threads might fail.
> Bugzilla Report 62148
>
> * <property> has a new attribute runtime which can be used to set
> properties with values taken as snapshots from the
> availableProcessors, freeMemory, maxMemory and totalMemory methods
> of the Java Runtime class.
>
> * linecontains filter now has a new "matchAny" attribute which when
> set to "true" allows any (instead of all) of the user-specified
> strings to be present in the line.
> Bugzilla Report 62313
>
> * <resourcelist> has a new basedir attribute that can be used to
> resolve relative names and provides a root for the FileResources
> generated.
> Bugzilla Report 62379
>
> * The <includesfile> and <excludesfile> nested elements of
> <patternset> and <fileset> now support an encoding attribute that
> can be used to specify the file's encoding.
> Bugzilla Report 62379
>
> * New file selectors, posixGroup and posixPermissions, are available.
> The new selectors and related ownedBy selector have "followSymlinks"
> attribute that defaults to "true" for consistency.
> Bugzilla Report 22370
>
> * The junitlauncher task now has a "printSummary" attribute which when
> set to "true" will print the test execution summary to System.out.
>
> Changes in 1.9.12 include:
> ==========================
>
> Changes that could break older environments:
> - -------------------------------------------
>
> * <unzip>, <unjar> and <untar> will no longer extract entries whose
> names would make the created files be placed outside of the
> destination directory anymore by default. A new attribute
> allowFilesToEscapeDest can be used to override the behavior.
> Another special case is when stripAbsolutePathSpec is false (which
> no longer is the default) and the entry's name starts with a
> (back)slash and allowFilesToEscapeDest hasn't been specified
> explicitly, in this case the file may be created outside of the
> dest directory as well.
> In addition stripAbsolutePathSpec is now true by default.
> Based on a recommendation by the Snyk Security Research Team.
>
> Fixed bugs:
> - -----------
>
> * Delay the class initialization of the test classes until they are
> passed to JUnit. This way we can avoid that failing static initializers
> from non-test classes are reported as error when the 'skipNonTests' option
> is 'true'.
> Bugzilla Report 60062
>
> * The junit task when used with includeantruntime="no" was incorrectly
> printing a warning about multiple versions of ant detected in path
>
> * Default and SecureInputHandler will now raise an error when then
> end of the input stream (usually System.in or System.console) are
> reached before a valid input has been read.
>
> * junitreport does not list testsuites that fail to start any tests
> because of an exception inside the all-tests and alltests-errors frames.
> Bugzilla Report 62443
>
> Other changes:
> - --------------
>
> * PumpStreamHandler now explicitly verifies the streams for output
> and error are not null and will throw an exception if they
> are. This way creating a PumpStreamHandler will fail early as
> opposed to some obscure errors later when closing streams or
> finishing threads might fail.
> Bugzilla Report 62148
>
> * <property> has a new attribute runtime which can be used to set
> properties with values taken as snapshots from the
> availableProcessors, freeMemory, maxMemory and totalMemory methods
> of the Java Runtime class.
>
> * <resourcelist> has a new basedir attribute that can be used to
> resolve relative names and provides a root for the FileResources
> generated.
> Bugzilla Report 62379
>
> * The <includesfile> and <excludesfile> nested elements of
> <patternset> and <fileset> now support an encoding attribute that
> can be used to specify the file's encoding.
> Bugzilla Report 62379
>
> For complete information on Ant, including instructions
> on how to submit bug reports, patches, or suggestions for improvement,
> see the Apache Ant website:
>
> http://ant.apache.org/
>
> Stefan Bodewig, on behalf of the Apache Ant community
> -----BEGIN PGP SIGNATURE-----
> Version: GnuPG v1
>
> iEYEARECAAYFAlstGDEACgkQohFa4V9ri3LtGwCffwQJhD6PKZ06vNHCFkyumYuX
> EWQAoJrQ1BnVQmg4FVY507woJbhzvVQW
> =qV2y
> -----END PGP SIGNATURE-----
>
> ---------------------------------------------------------------------
> To unsubscribe, e-mail: dev-unsubscribe@ant.apache.org
> For additional commands, e-mail: dev-help@ant.apache.org
>
---------------------------------------------------------------------
To unsubscribe, e-mail: dev-unsubscribe@ant.apache.org
For additional commands, e-mail: dev-help@ant.apache.org