You are viewing a plain text version of this content. The canonical link for it is here.
Posted to commits@creadur.apache.org by po...@apache.org on 2022/08/31 20:37:56 UTC
[creadur-rat] branch master updated (f98bc44c -> 7cc67a86)
This is an automated email from the ASF dual-hosted git repository.
pottlinger pushed a change to branch master
in repository https://gitbox.apache.org/repos/asf/creadur-rat.git
from f98bc44c Merge pull request #78 from michael-o/RAT-309
new 48ce3ad5 Prepare changelog for next release
new 761cda15 Prepare changelog for 0.15 release
new 340827b2 Fix copy-paste error in changelog
new f16275a9 RAT-305,RAT-309: Adapt changelog
new 4e77ef87 Add hint on how to generate a non-SNAPSHOT
new 7cc67a86 RAT-305: Fix changelog for dependabot updates
The 6 revisions listed above as "new" are entirely new to this
repository and will be described in separate emails. The revisions
listed as "add" were already present in the repository and have only
been added to this reference.
Summary of changes:
RELEASE-NOTES.txt | 81 ++++++++++++++-----------------------------------
src/changes/changes.xml | 51 +++++++++++++++++++++++++++----
2 files changed, 67 insertions(+), 65 deletions(-)
[creadur-rat] 01/06: Prepare changelog for next release
Posted by po...@apache.org.
This is an automated email from the ASF dual-hosted git repository.
pottlinger pushed a commit to branch master
in repository https://gitbox.apache.org/repos/asf/creadur-rat.git
commit 48ce3ad577f626a996d510153aab6f94131793a9
Author: P. Ottlinger <po...@apache.org>
AuthorDate: Wed Aug 31 22:10:23 2022 +0200
Prepare changelog for next release
---
src/changes/changes.xml | 5 +++++
1 file changed, 5 insertions(+)
diff --git a/src/changes/changes.xml b/src/changes/changes.xml
index b18e3acf..1f3be4b7 100644
--- a/src/changes/changes.xml
+++ b/src/changes/changes.xml
@@ -52,6 +52,11 @@ The <action> type attribute can be add,update,fix,remove.
</properties>
<body>
+ <!--release version="0.16-SNAPSHOT" date="xxxx-yy-zz" description="Current SNAPSHOT - release to be done">
+ <action issue="RAT-3xx" type="fix" dev="pottlinger" due-to="dependabot">
+ TODO: collect all dependabot updates for release 0.16.
+ </action>
+ -->
<release version="0.15-SNAPSHOT" date="xxxx-yy-zz" description="Current SNAPSHOT - release to be done">
<action issue="RAT-305" type="fix" dev="pottlinger" due-to="dependabot">
TODO: collect all dependabot updates for release 0.15.
[creadur-rat] 02/06: Prepare changelog for 0.15 release
Posted by po...@apache.org.
This is an automated email from the ASF dual-hosted git repository.
pottlinger pushed a commit to branch master
in repository https://gitbox.apache.org/repos/asf/creadur-rat.git
commit 761cda15da20a479c7c0c3e486a7ccb64aebe64d
Author: P. Ottlinger <po...@apache.org>
AuthorDate: Wed Aug 31 22:13:44 2022 +0200
Prepare changelog for 0.15 release
---
src/changes/changes.xml | 2 +-
1 file changed, 1 insertion(+), 1 deletion(-)
diff --git a/src/changes/changes.xml b/src/changes/changes.xml
index 1f3be4b7..53658368 100644
--- a/src/changes/changes.xml
+++ b/src/changes/changes.xml
@@ -57,7 +57,7 @@ The <action> type attribute can be add,update,fix,remove.
TODO: collect all dependabot updates for release 0.16.
</action>
-->
- <release version="0.15-SNAPSHOT" date="xxxx-yy-zz" description="Current SNAPSHOT - release to be done">
+ <release version="0.15" date="2022-08-31" description="This release fixes a warning during site builds and updates various dependencies.">
<action issue="RAT-305" type="fix" dev="pottlinger" due-to="dependabot">
TODO: collect all dependabot updates for release 0.15.
</action>
[creadur-rat] 03/06: Fix copy-paste error in changelog
Posted by po...@apache.org.
This is an automated email from the ASF dual-hosted git repository.
pottlinger pushed a commit to branch master
in repository https://gitbox.apache.org/repos/asf/creadur-rat.git
commit 340827b250496684359d1b37aa4c915405e5d4de
Author: P. Ottlinger <po...@apache.org>
AuthorDate: Wed Aug 31 22:20:45 2022 +0200
Fix copy-paste error in changelog
---
src/changes/changes.xml | 2 +-
1 file changed, 1 insertion(+), 1 deletion(-)
diff --git a/src/changes/changes.xml b/src/changes/changes.xml
index 53658368..6400832c 100644
--- a/src/changes/changes.xml
+++ b/src/changes/changes.xml
@@ -73,7 +73,7 @@ The <action> type attribute can be add,update,fix,remove.
<action issue="RAT-310" type="update" dev="pottlinger">
Fix deprecation warnings in tests. Use hamcrest's annotations instead of ones from JUnit.
</action>
- <action issue="RAT-307" type="fix" dev="pottlinger" due-to="dependabot">
+ <action issue="RAT-307" type="fix" dev="pottlinger">
Update to focal (Ubuntu 20.04) on Travis to circumvent build errors and be able to use more modern JDK versions. Deprecate openJDK8 build with focal as it is not supported on Travis.
</action>
</release>
[creadur-rat] 04/06: RAT-305,RAT-309: Adapt changelog
Posted by po...@apache.org.
This is an automated email from the ASF dual-hosted git repository.
pottlinger pushed a commit to branch master
in repository https://gitbox.apache.org/repos/asf/creadur-rat.git
commit f16275a93a5971871e15188aa20eeef1190ceaee
Author: P. Ottlinger <po...@apache.org>
AuthorDate: Wed Aug 31 22:33:53 2022 +0200
RAT-305,RAT-309: Adapt changelog
---
src/changes/changes.xml | 41 +++++++++++++++++++++++++++++++++++++----
1 file changed, 37 insertions(+), 4 deletions(-)
diff --git a/src/changes/changes.xml b/src/changes/changes.xml
index 6400832c..64c709b2 100644
--- a/src/changes/changes.xml
+++ b/src/changes/changes.xml
@@ -53,15 +53,48 @@ The <action> type attribute can be add,update,fix,remove.
<body>
<!--release version="0.16-SNAPSHOT" date="xxxx-yy-zz" description="Current SNAPSHOT - release to be done">
- <action issue="RAT-3xx" type="fix" dev="pottlinger" due-to="dependabot">
+ <action issue="RAT-3xx" type="update" dev="pottlinger" due-to="dependabot">
TODO: collect all dependabot updates for release 0.16.
</action>
-->
<release version="0.15" date="2022-08-31" description="This release fixes a warning during site builds and updates various dependencies.">
- <action issue="RAT-305" type="fix" dev="pottlinger" due-to="dependabot">
- TODO: collect all dependabot updates for release 0.15.
+ <action issue="RAT-305" type="update" dev="pottlinger" due-to="dependabot">
+ Update maven-project-info-reports-plugin from 3.3.0 to 3.4.1
</action>
- <action issue="RAT-309" type="fix" dev="pottlinger" due-to="Michael Osipov">
+ <action issue="RAT-305" type="update" dev="pottlinger" due-to="dependabot">
+ Update maven-javadoc-plugin from 3.4.0 to 3.4.1
+ </action>
+ <action issue="RAT-305" type="update" dev="pottlinger" due-to="dependabot">
+ Update maven-jxr-plugin from 3.2.0 to 3.3.0
+ </action>
+ <action issue="RAT-305" type="update" dev="pottlinger" due-to="dependabot">
+ Update animal-sniffer-maven-plugin from 1.21 to 1.22
+ </action>
+ <action issue="RAT-305" type="update" dev="pottlinger" due-to="dependabot">
+ Update maven-site-plugin from 3.12.0 to 3.12.1
+ </action>
+ <action issue="RAT-305" type="update" dev="pottlinger" due-to="dependabot">
+ Update maven-pmd-plugin from 3.16.0 to 3.18.0
+ </action>
+ <action issue="RAT-305" type="update" dev="pottlinger" due-to="dependabot">
+ Update mockito-core from 4.6.0 to 4.7.0
+ </action>
+ <action issue="RAT-305" type="update" dev="pottlinger" due-to="dependabot">
+ Update extra-enforcer-rules from 1.5.1 to 1.6.1
+ </action>
+ <action issue="RAT-305" type="update" dev="pottlinger" due-to="dependabot">
+ Update Apache parent pom from 26 to 27
+ </action>
+ <action issue="RAT-305" type="update" dev="pottlinger" due-to="dependabot">
+ Update wagon-ssh from 3.5.1 to 3.5.2
+ </action>
+ <action issue="RAT-305" type="update" dev="pottlinger" due-to="dependabot">
+ Update maven-enforcer-plugin from 3.0.0 to 3.1.0
+ </action>
+ <action issue="RAT-305" type="update" dev="pottlinger" due-to="dependabot">
+ Update actions/setup-java from 3.3.0 to 3.4.1
+ </action>
+ <action issue="RAT-309" type="fix" dev="pottlinger" due-to="Michael Osipov, Gary Gregory">
Site builds could not be generated properly due to API changes: solution was to upgrade Maven Reporting API to 3.1.1 and use details of Maven Reporting Implementation 3.2.0 in RAT's Mojo hierarchy.
</action>
<action issue="RAT-309" type="fix" dev="pottlinger">
[creadur-rat] 05/06: Add hint on how to generate a non-SNAPSHOT
Posted by po...@apache.org.
This is an automated email from the ASF dual-hosted git repository.
pottlinger pushed a commit to branch master
in repository https://gitbox.apache.org/repos/asf/creadur-rat.git
commit 4e77ef874a8f7fee59844b50a22a1b58cc8e4469
Author: P. Ottlinger <po...@apache.org>
AuthorDate: Wed Aug 31 22:35:43 2022 +0200
Add hint on how to generate a non-SNAPSHOT
---
src/changes/changes.xml | 3 ++-
1 file changed, 2 insertions(+), 1 deletion(-)
diff --git a/src/changes/changes.xml b/src/changes/changes.xml
index 64c709b2..f8af86cc 100644
--- a/src/changes/changes.xml
+++ b/src/changes/changes.xml
@@ -32,7 +32,8 @@ To generate the release notes from this file:
mvn changes:announcement-generate -Prelease-notes [-Dchanges.version=nn]
then tweak the formatting if necessary
-and commit
+and commit.
+Run with changes.version-parameter in order to not generate a SNAPSHOT changelog
The <action> type attribute can be add,update,fix,remove.
[creadur-rat] 06/06: RAT-305: Fix changelog for dependabot updates
Posted by po...@apache.org.
This is an automated email from the ASF dual-hosted git repository.
pottlinger pushed a commit to branch master
in repository https://gitbox.apache.org/repos/asf/creadur-rat.git
commit 7cc67a86e206818326ccbfdb13e18af460657c3c
Author: P. Ottlinger <po...@apache.org>
AuthorDate: Wed Aug 31 22:37:51 2022 +0200
RAT-305: Fix changelog for dependabot updates
---
RELEASE-NOTES.txt | 81 ++++++++++++++-----------------------------------
src/changes/changes.xml | 24 +++++++--------
2 files changed, 34 insertions(+), 71 deletions(-)
diff --git a/RELEASE-NOTES.txt b/RELEASE-NOTES.txt
index 47cb0386..b1d93d6b 100644
--- a/RELEASE-NOTES.txt
+++ b/RELEASE-NOTES.txt
@@ -1,7 +1,7 @@
- Apache Creadur Rat 0.14
+ Apache Creadur Rat 0.15
RELEASE NOTES
-The Apache Creadur Rat team is pleased to announce the release of Apache Creadur Rat 0.14
+The Apache Creadur Rat team is pleased to announce the release of Apache Creadur Rat 0.15
Apache Rat is a release audit tool. It improves accuracy and efficiency when checking
releases. It is heuristic in nature: making guesses about possible problems. It
@@ -15,67 +15,30 @@ Note that binary compatibility is not guaranteed between 0.x releases.
Apache Rat is developed by the Apache Creadur project, a language and build
agnostic home for software distribution comprehension and audit tools.
-This release contains dependency updates, bugfixes and many improvements apart from infrastructure updates at ASF.
+This release fixes a warning during site builds and updates various dependencies.
Changes in this version include:
-New features:
-o RAT-288: Adapt logging output to be more compliant with future Maven versions as debug is deprecated and verbose is the recommended way to go. Thanks to Michael Osipov.
-o RAT-297: Update maven-reporting-api from 3.0 to 3.1.0 and remove usage of deprecated Sink API. Thanks to Michael Osipov.
-o RAT-289: Enable dependabot integration - write access is forbidden, but email alerts and pull requests should be ok.
-o RAT-279: Migrate vom Travis CI.org to Travis-ci.com.
-o RAT-271: Move all Creadur projects to new Jenkins infrastructure at ASF and migrate from Subversion to Gitbox/Github. Please update your repository URLs and use the new default branch master in all projects.
-o RAT-270: Change default behaviour to output erroneous files to console. Can be disabled by setting rat.consoleOutput to false.
-o RAT-266: Add .factorypath to Eclipse-default exclusions. Thanks to Michael Osipov.
-o RAT-254: Properly finish move to gitbox/github, get rid of SVN references and adapt main branch to master and fix all Jenkins build jobs for RAT.
-o RAT-244: Update compiler level to 1.7 to allow building with more recent JDKs. Update plugins and dependencies to more modern versions to fix security issues (CVE-warnings).
-o RAT-212: Add alternative https URLs in Apache License, Version 2.0 to allow automatic recognition as valid ASF2.0. Thanks to Niels Basjes.
-o RAT-250: Update to latest available and compatible Apache ANT 1.9.14 to get bugfixes.
-o INFRA-17348: SCM repository has been moved from svn.apache.org (Subversion) to gitbox.apache.org (Git)
-
Fixed Bugs:
-o RAT-290: Update maven-jxr-plugin from 2.5 to 3.2.0. Thanks to dependabot.
-o RAT-290: Update maven-antrun-plugin from 3.0.0 to 3.1.1. Thanks to dependabot.
-o RAT-290: Update github actions/checkout from 2 to 3. Thanks to dependabot.
-o RAT-290: Update github actions/setup-java from 2.5.0 to 3.3.0. Thanks to dependabot.
-o RAT-290: Update maven-pmd-plugin from 3.14.0 to 3.16.0. Thanks to dependabot.
-o RAT-290: Update maven-javadoc-plugin from 3.3.1 to 3.4.0. Thanks to dependabot.
-o RAT-290: Update maven-compiler-plugin from 3.8.1 to 3.10.1. Thanks to dependabot.
-o RAT-290: Update wagon-ssh from 3.5.0 to 3.5.1. Thanks to dependabot.
-o RAT-290: Update maven-site-plugin from 3.9.1 to 3.12.0. Thanks to dependabot.
-o RAT-290: Update maven-project-info-reports-plugin from 3.1.1 to 3.3.0. Thanks to dependabot.
-o RAT-290: Update mockito-core from 3.11.2 to 4.6.0. Thanks to dependabot.
-o RAT-290: Update ASF parent from 23 to 26. Thanks to dependabot.
-o RAT-273: Some tests were based on the assumption, that the value of file.encoding
- can be changed on runtime. (Won't work nowadays, beginning with Java 16.)
- Removed this assumption in favour of a proper surefire configuration.
-o RAT-273: Workaround for an incompatibility in the java.io.LineNumberReader, which is
- being replaced by the org.apache.rat.header.LineNumberReader.
-o RAT-290: Update animal-sniffer-maven-plugin from 1.20 to 1.21. Thanks to Jin Xu/Xeno Amess.
-o RAT-296: Use Github Actions for matrix builds on Windows and ubuntu with JDK 8,11,12,13,14,15. Simplify Travis integration to avoid dockerhub-related build failures.
-o RAT-274: Update to latest Apache Ant 1.10.12.
-o RAT-291: Fix links to Travis builds for all creadur projects.
-o RAT-290: Update maven-dependency-plugin from 3.1.1 to 3.2.0. Thanks to dependabot.
-o RAT-290: Update plexus-utils from 3.0.21 to 3.4.1. Thanks to dependabot.
-o RAT-290: Update commons-cli from 1.4 to 1.5.0. Thanks to dependabot.
-o RAT-290: Update maven-plugin-annotation and maven-plugin-plugin from 3.6.1 to 3.6.2. Thanks to dependabot.
-o RAT-275: Update to doxia 1.11.1 in order to get CVE-2020-13956-httpclient problem fixes in doxia.
-o RAT-283: Update plugin versions and dependencies in order to run properly with Java8 as minimal compiler level.
-o RAT-286: Update to maven-plugin-plugin v3.6.1 in order to circumvent error during maven site builds.
-o RAT-285: Update to latest Apache Ant 1.10.11 in order to fix issues related to dependency commons-compress in Ant itself.
-o RAT-207: Properly report thread-safeness to Maven. Thanks to Xavier Dury.
-o RAT-281: Update to latest Commons IO to fix CVE-2021-29425 (Moderate severity).
-o RAT-274: Update to latest Apache Ant 1.10.10.
-o RAT-277: Update to junit 4.13.1 to fix CVE-2020-15250.
-o RAT-158: Update to new ASF parent 23 in order to get rid of doxia version management that generated warnings.
-o RAT-274: Update to latest Apache Ant 1.10.9 to fix CVE-2020-11979. Update to JDK8 as minimal version/compiler version.
-o RAT-269: Update to latest Apache Ant to fix CVE-2020-1945.
-o RAT-268: Allow handling of pom-file-only projects by not assuming that all modules are in directories. Thanks to Robert Scholte.
-o RAT-267: Report ignored lines from exclusion file to stderr instead of std to not generate erroneous JSON. Thanks to Fabio Utzig.
-o RAT-262: Treat JSON data as binary to avoid reports of missing licenses.
-o RAT-260: Change to docker image when building on Travis to avoid JDK version mixup in traditional build setup. Thanks to Kamil BreguĊa.
-o RAT-258: Update to latest commons-compress to fix CVE-2019-12402.
-o RAT-257: Adapt help text for CLI usage of RAT.
+o RAT-309: Site builds could not be generated properly due to API changes: solution was to upgrade Maven Reporting API to 3.1.1 and use details of Maven Reporting Implementation 3.2.0 in RAT's Mojo hierarchy. Thanks to Michael Osipov, Gary Gregory.
+o RAT-309: Updated internal data structures from deprecated ArrayStack to JDK's ArrayDeque.
+o RAT-306: Add note about hierarchy of changelogs in RAT project structure when publishing the project webpage.
+o RAT-307: Update to focal (Ubuntu 20.04) on Travis to circumvent build errors and be able to use more modern JDK versions. Deprecate openJDK8 build with focal as it is not supported on Travis.
+
+Changes:
+o RAT-305: Update maven-project-info-reports-plugin from 3.3.0 to 3.4.1. Thanks to dependabot.
+o RAT-305: Update maven-javadoc-plugin from 3.4.0 to 3.4.1. Thanks to dependabot.
+o RAT-305: Update maven-jxr-plugin from 3.2.0 to 3.3.0. Thanks to dependabot.
+o RAT-305: Update animal-sniffer-maven-plugin from 1.21 to 1.22. Thanks to dependabot.
+o RAT-305: Update maven-site-plugin from 3.12.0 to 3.12.1. Thanks to dependabot.
+o RAT-305: Update maven-pmd-plugin from 3.16.0 to 3.18.0. Thanks to dependabot.
+o RAT-305: Update mockito-core from 4.6.0 to 4.7.0. Thanks to dependabot.
+o RAT-305: Update extra-enforcer-rules from 1.5.1 to 1.6.1. Thanks to dependabot.
+o RAT-305: Update Apache parent pom from 26 to 27. Thanks to dependabot.
+o RAT-305: Update wagon-ssh from 3.5.1 to 3.5.2. Thanks to dependabot.
+o RAT-305: Update maven-enforcer-plugin from 3.0.0 to 3.1.0. Thanks to dependabot.
+o RAT-305: Update actions/setup-java from 3.3.0 to 3.4.1. Thanks to dependabot.
+o RAT-310: Fix deprecation warnings in tests. Use hamcrest's annotations instead of ones from JUnit.
Historical list of changes: https://creadur.apache.org/rat/changes-report.html
diff --git a/src/changes/changes.xml b/src/changes/changes.xml
index f8af86cc..acc3b06a 100644
--- a/src/changes/changes.xml
+++ b/src/changes/changes.xml
@@ -60,40 +60,40 @@ The <action> type attribute can be add,update,fix,remove.
-->
<release version="0.15" date="2022-08-31" description="This release fixes a warning during site builds and updates various dependencies.">
<action issue="RAT-305" type="update" dev="pottlinger" due-to="dependabot">
- Update maven-project-info-reports-plugin from 3.3.0 to 3.4.1
+ Update maven-project-info-reports-plugin from 3.3.0 to 3.4.1.
</action>
<action issue="RAT-305" type="update" dev="pottlinger" due-to="dependabot">
- Update maven-javadoc-plugin from 3.4.0 to 3.4.1
+ Update maven-javadoc-plugin from 3.4.0 to 3.4.1.
</action>
<action issue="RAT-305" type="update" dev="pottlinger" due-to="dependabot">
- Update maven-jxr-plugin from 3.2.0 to 3.3.0
+ Update maven-jxr-plugin from 3.2.0 to 3.3.0.
</action>
<action issue="RAT-305" type="update" dev="pottlinger" due-to="dependabot">
- Update animal-sniffer-maven-plugin from 1.21 to 1.22
+ Update animal-sniffer-maven-plugin from 1.21 to 1.22.
</action>
<action issue="RAT-305" type="update" dev="pottlinger" due-to="dependabot">
- Update maven-site-plugin from 3.12.0 to 3.12.1
+ Update maven-site-plugin from 3.12.0 to 3.12.1.
</action>
<action issue="RAT-305" type="update" dev="pottlinger" due-to="dependabot">
- Update maven-pmd-plugin from 3.16.0 to 3.18.0
+ Update maven-pmd-plugin from 3.16.0 to 3.18.0.
</action>
<action issue="RAT-305" type="update" dev="pottlinger" due-to="dependabot">
- Update mockito-core from 4.6.0 to 4.7.0
+ Update mockito-core from 4.6.0 to 4.7.0.
</action>
<action issue="RAT-305" type="update" dev="pottlinger" due-to="dependabot">
- Update extra-enforcer-rules from 1.5.1 to 1.6.1
+ Update extra-enforcer-rules from 1.5.1 to 1.6.1.
</action>
<action issue="RAT-305" type="update" dev="pottlinger" due-to="dependabot">
- Update Apache parent pom from 26 to 27
+ Update Apache parent pom from 26 to 27.
</action>
<action issue="RAT-305" type="update" dev="pottlinger" due-to="dependabot">
- Update wagon-ssh from 3.5.1 to 3.5.2
+ Update wagon-ssh from 3.5.1 to 3.5.2.
</action>
<action issue="RAT-305" type="update" dev="pottlinger" due-to="dependabot">
- Update maven-enforcer-plugin from 3.0.0 to 3.1.0
+ Update maven-enforcer-plugin from 3.0.0 to 3.1.0.
</action>
<action issue="RAT-305" type="update" dev="pottlinger" due-to="dependabot">
- Update actions/setup-java from 3.3.0 to 3.4.1
+ Update actions/setup-java from 3.3.0 to 3.4.1.
</action>
<action issue="RAT-309" type="fix" dev="pottlinger" due-to="Michael Osipov, Gary Gregory">
Site builds could not be generated properly due to API changes: solution was to upgrade Maven Reporting API to 3.1.1 and use details of Maven Reporting Implementation 3.2.0 in RAT's Mojo hierarchy.