You are viewing a plain text version of this content. The canonical link for it is here.
Posted to user@commons.apache.org by Gary Gregory <ga...@gmail.com> on 2018/03/13 19:20:53 UTC
Re: [VALIDATOR] Update of packages used by Validator?
I just updated in svn trunk the dependency Apache Commons BeanUtils from
1.9.2 to 1.9.3.
My hope is to see the community:
- Release Apache Commons Release Maven Pplugin 1.1 (this one is DONE :-)
- Release Apache Commons Parent 45 (referencing Apache Commons Release
plugin 1.1)
- Release other Apache Commons components like Validator.
Gary
On Wed, Feb 14, 2018 at 2:11 PM, Jon Champlin <jo...@gmail.com>
wrote:
> We have an internal product that we use that includes the
> commons-validator package from the central Maven repository and when
> running a third-party library scanner (Black Duck) on the jar file it
> flagged commons-beanutils and commons-collections as having security
> vulnerabilities. I was wondering if there were plans in the near future to
> release a new version of commons-validator that had the latest version of
> compile dependencies for commons-beanutils, commons-collections and
> commons-digester?
>
Re: [VALIDATOR] Update of packages used by Validator?
Posted by Gilles <gi...@harfang.homelinux.org>.
On Tue, 13 Mar 2018 15:51:39 -0400, Rob Tompkins wrote:
>> On Mar 13, 2018, at 3:48 PM, Gary Gregory <ga...@gmail.com>
>> wrote:
>>
>>> On Tue, Mar 13, 2018 at 1:47 PM, Rob Tompkins <ch...@gmail.com>
>>> wrote:
>>> [...]
>>>
>>> My plan is to test run commons-parent 45 on the next release. I’m
>>> indifferent over whether it’s Commons Text or Commons Validator. Is
>>> there a
>>> preference?
>>>
>>
>> Selfishly, I have a need for new Commons Text sooner rather than
>> later.
>
> Ok. I’ll try to do both fairly quickly. It shouldn’t be too bad as
> the work to release is now smaller.
Hi Rob.
Sorry for further hijacking the thread but... you do know that
[RNG] is in the queue, don't you? ;-)
Regards,
Gilles
> [...]
---------------------------------------------------------------------
To unsubscribe, e-mail: dev-unsubscribe@commons.apache.org
For additional commands, e-mail: dev-help@commons.apache.org
Re: [VALIDATOR] Update of packages used by Validator?
Posted by Rob Tompkins <ch...@gmail.com>.
> On Mar 13, 2018, at 3:48 PM, Gary Gregory <ga...@gmail.com> wrote:
>
>> On Tue, Mar 13, 2018 at 1:47 PM, Rob Tompkins <ch...@gmail.com> wrote:
>>
>>
>>
>>> On Mar 13, 2018, at 3:20 PM, Gary Gregory <ga...@gmail.com>
>> wrote:
>>>
>>> I just updated in svn trunk the dependency Apache Commons BeanUtils from
>>> 1.9.2 to 1.9.3.
>>>
>>> My hope is to see the community:
>>>
>>> - Release Apache Commons Release Maven Pplugin 1.1 (this one is DONE :-)
>>> - Release Apache Commons Parent 45 (referencing Apache Commons Release
>>> plugin 1.1)
>>> - Release other Apache Commons components like Validator.
>>
>> My plan is to test run commons-parent 45 on the next release. I’m
>> indifferent over whether it’s Commons Text or Commons Validator. Is there a
>> preference?
>>
>
> Selfishly, I have a need for new Commons Text sooner rather than later.
Ok. I’ll try to do both fairly quickly. It shouldn’t be too bad as the work to release is now smaller.
-Rob
>
> Gary
>
>
>>
>> -Rob
>>
>>>
>>> Gary
>>>
>>>
>>> On Wed, Feb 14, 2018 at 2:11 PM, Jon Champlin <jo...@gmail.com>
>>> wrote:
>>>
>>>> We have an internal product that we use that includes the
>>>> commons-validator package from the central Maven repository and when
>>>> running a third-party library scanner (Black Duck) on the jar file it
>>>> flagged commons-beanutils and commons-collections as having security
>>>> vulnerabilities. I was wondering if there were plans in the near
>> future to
>>>> release a new version of commons-validator that had the latest version
>> of
>>>> compile dependencies for commons-beanutils, commons-collections and
>>>> commons-digester?
>>>>
>>
>> ---------------------------------------------------------------------
>> To unsubscribe, e-mail: user-unsubscribe@commons.apache.org
>> For additional commands, e-mail: user-help@commons.apache.org
>>
>>
---------------------------------------------------------------------
To unsubscribe, e-mail: user-unsubscribe@commons.apache.org
For additional commands, e-mail: user-help@commons.apache.org
Re: [VALIDATOR] Update of packages used by Validator?
Posted by Gary Gregory <ga...@gmail.com>.
On Tue, Mar 13, 2018 at 1:47 PM, Rob Tompkins <ch...@gmail.com> wrote:
>
>
> > On Mar 13, 2018, at 3:20 PM, Gary Gregory <ga...@gmail.com>
> wrote:
> >
> > I just updated in svn trunk the dependency Apache Commons BeanUtils from
> > 1.9.2 to 1.9.3.
> >
> > My hope is to see the community:
> >
> > - Release Apache Commons Release Maven Pplugin 1.1 (this one is DONE :-)
> > - Release Apache Commons Parent 45 (referencing Apache Commons Release
> > plugin 1.1)
> > - Release other Apache Commons components like Validator.
>
> My plan is to test run commons-parent 45 on the next release. I’m
> indifferent over whether it’s Commons Text or Commons Validator. Is there a
> preference?
>
Selfishly, I have a need for new Commons Text sooner rather than later.
Gary
>
> -Rob
>
> >
> > Gary
> >
> >
> > On Wed, Feb 14, 2018 at 2:11 PM, Jon Champlin <jo...@gmail.com>
> > wrote:
> >
> >> We have an internal product that we use that includes the
> >> commons-validator package from the central Maven repository and when
> >> running a third-party library scanner (Black Duck) on the jar file it
> >> flagged commons-beanutils and commons-collections as having security
> >> vulnerabilities. I was wondering if there were plans in the near
> future to
> >> release a new version of commons-validator that had the latest version
> of
> >> compile dependencies for commons-beanutils, commons-collections and
> >> commons-digester?
> >>
>
> ---------------------------------------------------------------------
> To unsubscribe, e-mail: user-unsubscribe@commons.apache.org
> For additional commands, e-mail: user-help@commons.apache.org
>
>
Re: [VALIDATOR] Update of packages used by Validator?
Posted by Rob Tompkins <ch...@gmail.com>.
> On Mar 13, 2018, at 3:20 PM, Gary Gregory <ga...@gmail.com> wrote:
>
> I just updated in svn trunk the dependency Apache Commons BeanUtils from
> 1.9.2 to 1.9.3.
>
> My hope is to see the community:
>
> - Release Apache Commons Release Maven Pplugin 1.1 (this one is DONE :-)
> - Release Apache Commons Parent 45 (referencing Apache Commons Release
> plugin 1.1)
> - Release other Apache Commons components like Validator.
My plan is to test run commons-parent 45 on the next release. I’m indifferent over whether it’s Commons Text or Commons Validator. Is there a preference?
-Rob
>
> Gary
>
>
> On Wed, Feb 14, 2018 at 2:11 PM, Jon Champlin <jo...@gmail.com>
> wrote:
>
>> We have an internal product that we use that includes the
>> commons-validator package from the central Maven repository and when
>> running a third-party library scanner (Black Duck) on the jar file it
>> flagged commons-beanutils and commons-collections as having security
>> vulnerabilities. I was wondering if there were plans in the near future to
>> release a new version of commons-validator that had the latest version of
>> compile dependencies for commons-beanutils, commons-collections and
>> commons-digester?
>>
---------------------------------------------------------------------
To unsubscribe, e-mail: user-unsubscribe@commons.apache.org
For additional commands, e-mail: user-help@commons.apache.org