Most PRs merged and all conflicts fixed #44
Conversation
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
git-svn-id: https://svn.apache.org/repos/asf/tomcat/maven-plugin/branches/tc8.x@1612437 13f79535-47bb-0310-9956-ffa450edef68
git-svn-id: https://svn.apache.org/repos/asf/tomcat/maven-plugin/branches/tc8.x@1612464 13f79535-47bb-0310-9956-ffa450edef68
git-svn-id: https://svn.apache.org/repos/asf/tomcat/maven-plugin/branches/tc8.x@1612479 13f79535-47bb-0310-9956-ffa450edef68
git-svn-id: https://svn.apache.org/repos/asf/tomcat/maven-plugin/branches/tc8.x@1617630 13f79535-47bb-0310-9956-ffa450edef68
git-svn-id: https://svn.apache.org/repos/asf/tomcat/maven-plugin/branches/tc8.x@1617631 13f79535-47bb-0310-9956-ffa450edef68
git-svn-id: https://svn.apache.org/repos/asf/tomcat/maven-plugin/branches/tc8.x@1617632 13f79535-47bb-0310-9956-ffa450edef68
git-svn-id: https://svn.apache.org/repos/asf/tomcat/maven-plugin/branches/tc8.x@1618085 13f79535-47bb-0310-9956-ffa450edef68
2. Fix: access_log.* files excluded from apache-rat-plugin configuration. These are generated during Tomcat run and should not be checked. git-svn-id: https://svn.apache.org/repos/asf/tomcat/maven-plugin/branches/tc8.x@1618789 13f79535-47bb-0310-9956-ffa450edef68
git-svn-id: https://svn.apache.org/repos/asf/tomcat/maven-plugin/branches/tc8.x@1618790 13f79535-47bb-0310-9956-ffa450edef68
git-svn-id: https://svn.apache.org/repos/asf/tomcat/maven-plugin/branches/tc8.x@1618791 13f79535-47bb-0310-9956-ffa450edef68
git-svn-id: https://svn.apache.org/repos/asf/tomcat/maven-plugin/branches/tc8.x@1621660 13f79535-47bb-0310-9956-ffa450edef68
git-svn-id: https://svn.apache.org/repos/asf/tomcat/maven-plugin/branches/tc8.x@1626940 13f79535-47bb-0310-9956-ffa450edef68
git-svn-id: https://svn.apache.org/repos/asf/tomcat/maven-plugin/branches/tc8.x@1626941 13f79535-47bb-0310-9956-ffa450edef68
git-svn-id: https://svn.apache.org/repos/asf/tomcat/maven-plugin/branches/tc8.x@1626942 13f79535-47bb-0310-9956-ffa450edef68
git-svn-id: https://svn.apache.org/repos/asf/tomcat/maven-plugin/branches/tc8.x@1628591 13f79535-47bb-0310-9956-ffa450edef68
git-svn-id: https://svn.apache.org/repos/asf/tomcat/maven-plugin/branches/tc8.x@1628592 13f79535-47bb-0310-9956-ffa450edef68
git-svn-id: https://svn.apache.org/repos/asf/tomcat/maven-plugin/branches/tc8.x@1628603 13f79535-47bb-0310-9956-ffa450edef68
git-svn-id: https://svn.apache.org/repos/asf/tomcat/maven-plugin/branches/tc8.x@1628864 13f79535-47bb-0310-9956-ffa450edef68
git-svn-id: https://svn.apache.org/repos/asf/tomcat/maven-plugin/branches/tc8.x@1628865 13f79535-47bb-0310-9956-ffa450edef68
git-svn-id: https://svn.apache.org/repos/asf/tomcat/maven-plugin/branches/tc8.x@1628866 13f79535-47bb-0310-9956-ffa450edef68
git-svn-id: https://svn.apache.org/repos/asf/tomcat/maven-plugin/branches/tc8.x@1628961 13f79535-47bb-0310-9956-ffa450edef68
…t is to fix tomcat8 support git-svn-id: https://svn.apache.org/repos/asf/tomcat/maven-plugin/branches/tc8.x@1629553 13f79535-47bb-0310-9956-ffa450edef68
git-svn-id: https://svn.apache.org/repos/asf/tomcat/maven-plugin/branches/tc8.x@1655215 13f79535-47bb-0310-9956-ffa450edef68
fixed apache#21 git-svn-id: https://svn.apache.org/repos/asf/tomcat/maven-plugin/branches/tc8.x@1730787 13f79535-47bb-0310-9956-ffa450edef68
Signed-off-by: olivier lamy <[email protected]> git-svn-id: https://svn.apache.org/repos/asf/tomcat/maven-plugin/branches/tc8.x@1730788 13f79535-47bb-0310-9956-ffa450edef68
Need to set to correct value (true | false) as it was implemented in version 2.0. Otherwise you would set always just an option "clientAuth"
Tomcat is headless. It’s a pain on macOS if this isn’t set.
This fixes a bug where conflicting files in jars would be loaded instead of the same file in the module’s build directory.
Improvements to Tomcat 9 support
Bumps [plexus-utils](https://github.com/sonatype/plexus-utils) from 3.0.15 to 3.0.16. - [Release notes](https://github.com/sonatype/plexus-utils/releases) - [Commits](sonatype/plexus-utils@plexus-utils-3.0.15...plexus-utils-3.0.16) --- updated-dependencies: - dependency-name: org.codehaus.plexus:plexus-utils dependency-type: direct:production ... Signed-off-by: dependabot[bot] <[email protected]>
This fixes either Temporary Directory Hijacking, or Temporary Directory Local Information Disclosure. Weakness: CWE-379: Creation of Temporary File in Directory with Insecure Permissions Severity: High CVSSS: 7.3 Detection: CodeQL & OpenRewrite (https://public.moderne.io/recipes/org.openrewrite.java.security.UseFilesCreateTempDirectory) Reported-by: Jonathan Leitschuh <[email protected]> Signed-off-by: Jonathan Leitschuh <[email protected]> Bug-tracker: JLLeitschuh/security-research#10 Co-authored-by: Moderne <[email protected]>
This fixes temporary file information disclosure vulnerability due to the use of the vulnerable `File.createTempFile()` method. The vulnerability is fixed by using the `Files.createTempFile()` method which sets the correct posix permissions. Weakness: CWE-377: Insecure Temporary File Severity: Medium CVSSS: 5.5 Detection: CodeQL & OpenRewrite (https://public.moderne.io/recipes/org.openrewrite.java.security.SecureTempFileCreation) Reported-by: Jonathan Leitschuh <[email protected]> Signed-off-by: Jonathan Leitschuh <[email protected]> Bug-tracker: JLLeitschuh/security-research#18 Co-authored-by: Moderne <[email protected]>
Bumps [org.codehaus.plexus:plexus-archiver](https://github.com/codehaus-plexus/plexus-archiver) from 2.1.1 to 4.8.0. - [Release notes](https://github.com/codehaus-plexus/plexus-archiver/releases) - [Changelog](https://github.com/codehaus-plexus/plexus-archiver/blob/master/ReleaseNotes.md) - [Commits](https://github.com/codehaus-plexus/plexus-archiver/commits/plexus-archiver-4.8.0) --- updated-dependencies: - dependency-name: org.codehaus.plexus:plexus-archiver dependency-type: direct:production ... Signed-off-by: dependabot[bot] <[email protected]>
Initial support for Tomact9 - tc9.x
Exit if Tomcat fails to start
Exit if Tomcat fails to start
Some aggregator or IT modules do not have any own class files but only tests. This did lead to a startup failure in later tc7 versions Credits to struberg
…maven-plugin into trunk # Conflicts: # common-tomcat-maven-plugin/src/main/java/org/apache/tomcat/maven/common/run/ClassLoaderEntriesCalculatorResult.java # pom.xml # tomcat-maven-archetype/src/main/resources/archetype-resources/__rootArtifactId__-webapp/pom.xml # tomcat-maven-plugin-it/src/main/resources/tomcat-run-multi-config/pom.xml # tomcat8-maven-plugin/src/main/java/org/apache/tomcat/maven/plugin/tomcat8/AbstractCatalinaMojo.java # tomcat8-maven-plugin/src/main/java/org/apache/tomcat/maven/plugin/tomcat8/AbstractTomcat8Mojo.java # tomcat8-maven-plugin/src/main/java/org/apache/tomcat/maven/plugin/tomcat8/AbstractWarCatalinaMojo.java # tomcat8-maven-plugin/src/main/java/org/apache/tomcat/maven/plugin/tomcat8/deploy/AbstractDeployMojo.java # tomcat8-maven-plugin/src/main/java/org/apache/tomcat/maven/plugin/tomcat8/deploy/DeployMojo.java # tomcat8-maven-plugin/src/main/java/org/apache/tomcat/maven/plugin/tomcat8/run/AbstractExecWarMojo.java # tomcat8-maven-plugin/src/main/java/org/apache/tomcat/maven/plugin/tomcat8/run/AbstractRunMojo.java # tomcat8-maven-plugin/src/main/java/org/apache/tomcat/maven/plugin/tomcat8/run/AbstractRunWarMojo.java # tomcat8-maven-plugin/src/main/java/org/apache/tomcat/maven/plugin/tomcat8/run/RunMojo.java # tomcat8-maven-plugin/src/main/java/org/apache/tomcat/maven/plugin/tomcat8/run/RunWarMojo.java # tomcat8-war-runner/src/main/java/org/apache/tomcat/maven/runner/PasswordUtil.java # tomcat8-war-runner/src/main/java/org/apache/tomcat/maven/runner/Tomcat8Runner.java
…maven-plugin into trunk # Conflicts: # pom.xml
…components-httpclient-4.3.6' into trunk
…maven-plugin into trunk # Conflicts: # tomcat6-maven-plugin/src/main/java/org/apache/tomcat/maven/plugin/tomcat6/AbstractI18NTomcat6Mojo.java
…maven-plugin into trunk # Conflicts: # pom.xml
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
10 participants
Add this suggestion to a batch that can be applied as a single commit.
This suggestion is invalid because no changes were made to the code.
Suggestions cannot be applied while the pull request is closed.
Suggestions cannot be applied while viewing a subset of changes.
Only one suggestion per line can be applied in a batch.
Add this suggestion to a batch that can be applied as a single commit.
Applying suggestions on deleted lines is not supported.
You must change the existing code in this line in order to create a valid suggestion.
Outdated suggestions cannot be applied.
This suggestion has been applied or marked resolved.
Suggestions cannot be applied from pending reviews.
Suggestions cannot be applied on multi-line comments.
Suggestions cannot be applied while the pull request is queued to merge.
Suggestion cannot be applied right now. Please check back later.
I need both Tomcat 7 and 9 because of some internal old apps (some are in 7 and some are in 9).
I am currently testing it.