You are viewing a plain text version of this content. The canonical link for it is here.
Posted to dev@turbine.apache.org by Georg Kallidis <ge...@cedis.fu-berlin.de> on 2021/10/18 10:35:30 UTC
[VOTE] RC Fulcrum Security 2.1.0 based on staged repository
Hi Turbine Dev community,
a new release candidate for the Turbine Fulcrum Security component version
2.1.0 has been prepared and is open for voting!
Artifacts:
https://repository.apache.org/content/repositories/orgapacheturbine-1068
Tag: fulcrum-security-2.1.0-candidate
git clone https://github.com/apache/turbine-fulcrum-security.git
cd turbine-fulcrum-security
git checkout fulcrum-security-2.1.0-candidate
N.B. you are in detached head mode, as you have no branch to work on.
This release contains the following updates:
- Update to Turbine parent v9
- Module Torque: use by default Turbinegroup not TurbineRole from
generated doSelectJoinTurbine* method, as this will be used as key in
lookup in acl roleSets.
- Add groupSet to interface to TurbineAccessControlList
- Add transient avalon logger to TurbineAccessControlList constructor
- Use model manager to fetch global group (model manager should be set
always)
- Add Torque 5.0 schemata
- Java Dependency updates: Update to commons-dbcp2 2.9.0 (Torque)
Keys: https://dist.apache.org/repos/dist/release/turbine/KEYS
Please verify this release candidate carefully, give feedback or/and vote
with
[ ] +1 release it
[ ] +0 go ahead I don't care
[ ] -1 no, do not release it because
Have fun!
Best regards, Georg
Re: [VOTE] RC Fulcrum Security 2.1.0 based on staged repository
Posted by Thomas Vandahl <tv...@apache.org>.
> Am 18.10.2021 um 12:35 schrieb Georg Kallidis <georg.kallidis@cedis.fu-berlin.de <ma...@cedis.fu-berlin.de>>:
>
> [X] +1 release it
> [ ] +0 go ahead I don't care
> [ ] -1 no, do not release it because
Artifacts and sigs are ok.
Build runs fine with
Apache Maven 3.5.2 (138edd61fd100ec658bfa2d307c43b76940a5d7d; 2017-10-18T09:58:13+02:00)
Java version: 1.8.0_241, vendor: Oracle Corporation
Java home: /Library/Java/JavaVirtualMachines/jdk1.8.0_241.jdk/Contents/Home/jre
Default locale: de_DE, platform encoding: UTF-8
OS name: "mac os x", version: "10.16", arch: "x86_64", family: "mac"
I found problems executing the dependency-check-maven plugin, obviously because download from nvd.nist.gov <http://nvd.nist.gov/> is currently not possible. Please consider putting this into a separate profile.
Bye, Thomas
[RESULT][VOTE] RC Fulcrum Security 2.1.0 based on staged repository
Posted by Georg Kallidis <ge...@cedis.fu-berlin.de>.
Hi Turbine Developers,
I am announcing the result of the vote:
Casted votes are:
+1 Georg Kallidis
+1 Jeffery Painter
+1 Thomas Vandahl
The vote is with three binding votes and the RC could be promoted to
become a release.
I'll update the distribution channels and repositories soon.
Thanks to all the voters!
Best regards,
Georg
Von: "Georg Kallidis" <ge...@cedis.fu-berlin.de>
An: "Turbine Developers List" <de...@turbine.apache.org>
Datum: 18.10.2021 12:36
Betreff: [VOTE] RC Fulcrum Security 2.1.0 based on staged
repository
Hi Turbine Dev community,
a new release candidate for the Turbine Fulcrum Security component version
2.1.0 has been prepared and is open for voting!
Artifacts:
https://repository.apache.org/content/repositories/orgapacheturbine-1068
Tag: fulcrum-security-2.1.0-candidate
git clone https://github.com/apache/turbine-fulcrum-security.git
cd turbine-fulcrum-security
git checkout fulcrum-security-2.1.0-candidate
N.B. you are in detached head mode, as you have no branch to work on.
This release contains the following updates:
- Update to Turbine parent v9
- Module Torque: use by default Turbinegroup not TurbineRole from
generated doSelectJoinTurbine* method, as this will be used as key in
lookup in acl roleSets.
- Add groupSet to interface to TurbineAccessControlList
- Add transient avalon logger to TurbineAccessControlList constructor
- Use model manager to fetch global group (model manager should be set
always)
- Add Torque 5.0 schemata
- Java Dependency updates: Update to commons-dbcp2 2.9.0 (Torque)
Keys: https://dist.apache.org/repos/dist/release/turbine/KEYS
Please verify this release candidate carefully, give feedback or/and vote
with
[ ] +1 release it
[ ] +0 go ahead I don't care
[ ] -1 no, do not release it because
Have fun!
Best regards, Georg
Re: [VOTE] RC Fulcrum Security 2.1.0 based on staged repository
Posted by Georg Kallidis <ge...@cedis.fu-berlin.de>.
[ x ] +1 release it
- Georg
Von: "Georg Kallidis" <ge...@cedis.fu-berlin.de>
An: "Turbine Developers List" <de...@turbine.apache.org>
Datum: 18.10.2021 12:36
Betreff: [VOTE] RC Fulcrum Security 2.1.0 based on staged
repository
Hi Turbine Dev community,
a new release candidate for the Turbine Fulcrum Security component version
2.1.0 has been prepared and is open for voting!
Artifacts:
https://repository.apache.org/content/repositories/orgapacheturbine-1068
Tag: fulcrum-security-2.1.0-candidate
git clone https://github.com/apache/turbine-fulcrum-security.git
cd turbine-fulcrum-security
git checkout fulcrum-security-2.1.0-candidate
N.B. you are in detached head mode, as you have no branch to work on.
This release contains the following updates:
- Update to Turbine parent v9
- Module Torque: use by default Turbinegroup not TurbineRole from
generated doSelectJoinTurbine* method, as this will be used as key in
lookup in acl roleSets.
- Add groupSet to interface to TurbineAccessControlList
- Add transient avalon logger to TurbineAccessControlList constructor
- Use model manager to fetch global group (model manager should be set
always)
- Add Torque 5.0 schemata
- Java Dependency updates: Update to commons-dbcp2 2.9.0 (Torque)
Keys: https://dist.apache.org/repos/dist/release/turbine/KEYS
Please verify this release candidate carefully, give feedback or/and vote
with
[ ] +1 release it
[ ] +0 go ahead I don't care
[ ] -1 no, do not release it because
Have fun!
Best regards, Georg
Re: Re: [VOTE] RC Fulcrum Security 2.1.0 based on staged repository
Posted by Georg Kallidis <ge...@cedis.fu-berlin.de>.
Hi Jeff,
yes, thanks for pointing to that! IMO the site could be (and has to be)
adapted after (and before) a release.
As far as I know we do not keep a versioned site documentation for Fulcrum
components (while Turbine core has some major site versioning - in this
case more care should be taken to get the site correct before a release,
but read below about an alternative).
I have seen some Apache projects keeping only one site, but with different
(versioned) javadocs - we might follow this path, this is not a bad idea
IMO. What do you think ? This would require some (small) effort, probably
an INFRA ticket, as asf-site building allows only one (site) branch per
repo.
Should we establish an automatic site build process (e.g. with a jenkins
script - without versioning)? Then site building would happen anyway
(independent from releases) at any time (if triggered by a commit).
I would suggest, that anyone from the PMC or any Turbine committer should
try it and is welcome to come up here in the list with a suggestion (or
provide a TRB JIRA ticket).
Of course, currently any build after (before) a release will show the
version as a SNAPSHOT version in the header. We might remove it, as we
have the "changes", which would be more robist with different javadoc
versions or it might be sufficient to just think of "version" as "the last
version".
That is, I think, we do not have a strict site update process until now -
it should be just up-to-date IMO.
Best regards, Georg
BTW, quite some site fixes have still to be done in the new sites, e.g. in
the Turbine and Fulcrum Download/Build sections. As a last remark,
previous major versions are still downloadable for some Fulcrum
components, which is ok in my opinion ..
Von: Jeffery Painter <je...@jivecast.com>
An: dev@turbine.apache.org
Datum: 18.10.2021 22:03
Betreff: Re: [VOTE] RC Fulcrum Security 2.1.0 based on staged
repository
Hi Georg,
I had no problems building after checkout from git. A quick question:
The changes doc does not reflect disabling hibernate. Should that be
included? The "About" page still has Hibernate in the matrix as well as
under security implementations. Not sure if that should be cleaned up
as well (or a note added saying temporarily disabled).
Build environment:
painter@merlin:~/apache/stage/turbine-fulcrum-security$ mvn --version
Apache Maven 3.8.1 (05c21c65bdfed0f71a2f2ada8b84da59348c4c5d)
Maven home: /usr/java/maven
Java version: 1.8.0_281, vendor: Oracle Corporation, runtime:
/usr/java/jdk1.8.0_281/jre
Default locale: en_US, platform encoding: UTF-8
OS name: "linux", version: "5.11.0-37-generic", arch: "amd64", family:
"unix"
Build results:
painter@merlin:~/apache/stage/turbine-fulcrum-security$ mvn clean
compile site
[INFO]
------------------------------------------------------------------------
[INFO] Reactor Summary for Fulcrum Security Master Build 2.1.0:
[INFO]
[INFO] Fulcrum Security Master Build ...................... SUCCESS [
26.429 s]
[INFO] Fulcrum Security API ............................... SUCCESS [
10.236 s]
[INFO] Fulcrum Security Memory Impl ....................... SUCCESS [
17.128 s]
[INFO] Fulcrum Security Torque Impl ....................... SUCCESS [
59.079 s]
[INFO] Fulcrum Security Distribution Build ................ SUCCESS [
0.018 s]
[INFO]
------------------------------------------------------------------------
[INFO] BUILD SUCCESS
[INFO]
------------------------------------------------------------------------
[INFO] Total time: 01:53 min
[INFO] Finished at: 2021-10-18T15:52:59-04:00
[INFO]
------------------------------------------------------------------------
Otherwise:
[X] +1 release it
Thanks!
Jeff
On 10/18/21 6:35 AM, Georg Kallidis wrote:
> Hi Turbine Dev community,
>
>
> a new release candidate for the Turbine Fulcrum Security component
version
> 2.1.0 has been prepared and is open for voting!
>
>
> Artifacts:
>
> https://repository.apache.org/content/repositories/orgapacheturbine-1068
>
>
> Tag: fulcrum-security-2.1.0-candidate
>
> git clone
https://github.com/apache/turbine-fulcrum-security.git
> cd turbine-fulcrum-security
> git checkout fulcrum-security-2.1.0-candidate
>
> N.B. you are in detached head mode, as you have no branch to work on.
>
>
> This release contains the following updates:
>
> - Update to Turbine parent v9
> - Module Torque: use by default Turbinegroup not TurbineRole from
> generated doSelectJoinTurbine* method, as this will be used as key in
> lookup in acl roleSets.
> - Add groupSet to interface to TurbineAccessControlList
> - Add transient avalon logger to TurbineAccessControlList constructor
> - Use model manager to fetch global group (model manager should be set
> always)
> - Add Torque 5.0 schemata
> - Java Dependency updates: Update to commons-dbcp2 2.9.0 (Torque)
>
> Keys: https://dist.apache.org/repos/dist/release/turbine/KEYS
>
>
> Please verify this release candidate carefully, give feedback or/and
vote
> with
>
>
> [ ] +1 release it
> [ ] +0 go ahead I don't care
> [ ] -1 no, do not release it because
>
>
> Have fun!
>
>
> Best regards, Georg
>
>
>
>
---------------------------------------------------------------------
To unsubscribe, e-mail: dev-unsubscribe@turbine.apache.org
For additional commands, e-mail: dev-help@turbine.apache.org
Re: [VOTE] RC Fulcrum Security 2.1.0 based on staged repository
Posted by Jeffery Painter <je...@jivecast.com>.
Hi Georg,
I had no problems building after checkout from git. A quick question:
The changes doc does not reflect disabling hibernate. Should that be
included? The "About" page still has Hibernate in the matrix as well as
under security implementations. Not sure if that should be cleaned up
as well (or a note added saying temporarily disabled).
Build environment:
painter@merlin:~/apache/stage/turbine-fulcrum-security$ mvn --version
Apache Maven 3.8.1 (05c21c65bdfed0f71a2f2ada8b84da59348c4c5d)
Maven home: /usr/java/maven
Java version: 1.8.0_281, vendor: Oracle Corporation, runtime:
/usr/java/jdk1.8.0_281/jre
Default locale: en_US, platform encoding: UTF-8
OS name: "linux", version: "5.11.0-37-generic", arch: "amd64", family:
"unix"
Build results:
painter@merlin:~/apache/stage/turbine-fulcrum-security$ mvn clean
compile site
[INFO]
------------------------------------------------------------------------
[INFO] Reactor Summary for Fulcrum Security Master Build 2.1.0:
[INFO]
[INFO] Fulcrum Security Master Build ...................... SUCCESS [
26.429 s]
[INFO] Fulcrum Security API ............................... SUCCESS [
10.236 s]
[INFO] Fulcrum Security Memory Impl ....................... SUCCESS [
17.128 s]
[INFO] Fulcrum Security Torque Impl ....................... SUCCESS [
59.079 s]
[INFO] Fulcrum Security Distribution Build ................ SUCCESS [
0.018 s]
[INFO]
------------------------------------------------------------------------
[INFO] BUILD SUCCESS
[INFO]
------------------------------------------------------------------------
[INFO] Total time: 01:53 min
[INFO] Finished at: 2021-10-18T15:52:59-04:00
[INFO]
------------------------------------------------------------------------
Otherwise:
[X] +1 release it
Thanks!
Jeff
On 10/18/21 6:35 AM, Georg Kallidis wrote:
> Hi Turbine Dev community,
>
>
> a new release candidate for the Turbine Fulcrum Security component version
> 2.1.0 has been prepared and is open for voting!
>
>
> Artifacts:
>
> https://repository.apache.org/content/repositories/orgapacheturbine-1068
>
>
> Tag: fulcrum-security-2.1.0-candidate
>
> git clone https://github.com/apache/turbine-fulcrum-security.git
> cd turbine-fulcrum-security
> git checkout fulcrum-security-2.1.0-candidate
>
> N.B. you are in detached head mode, as you have no branch to work on.
>
>
> This release contains the following updates:
>
> - Update to Turbine parent v9
> - Module Torque: use by default Turbinegroup not TurbineRole from
> generated doSelectJoinTurbine* method, as this will be used as key in
> lookup in acl roleSets.
> - Add groupSet to interface to TurbineAccessControlList
> - Add transient avalon logger to TurbineAccessControlList constructor
> - Use model manager to fetch global group (model manager should be set
> always)
> - Add Torque 5.0 schemata
> - Java Dependency updates: Update to commons-dbcp2 2.9.0 (Torque)
>
> Keys: https://dist.apache.org/repos/dist/release/turbine/KEYS
>
>
> Please verify this release candidate carefully, give feedback or/and vote
> with
>
>
> [ ] +1 release it
> [ ] +0 go ahead I don't care
> [ ] -1 no, do not release it because
>
>
> Have fun!
>
>
> Best regards, Georg
>
>
>
>
---------------------------------------------------------------------
To unsubscribe, e-mail: dev-unsubscribe@turbine.apache.org
For additional commands, e-mail: dev-help@turbine.apache.org