Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

[MNG-7441] 3.8.x Update version of logback #708

Merged
merged 1 commit into from
Apr 8, 2022
Merged

[MNG-7441] 3.8.x Update version of logback #708

merged 1 commit into from
Apr 8, 2022

Conversation

cstamas
Copy link
Member

@cstamas cstamas commented Apr 7, 2022

This issue is fluke, as logback is actually optional
dependency, but still, to cut reports like these from
root, let's do this update.

https://issues.apache.org/jira/browse/MNG-7441

@cstamas
[MNG-7441] Update version of loback
6ff1ce2 
This issue is fluke, as logback is actually optional
dependency, but still, to cut reports like these from
root, let's do this update.
@cstamas cstamas self-assigned this Apr 7, 2022
@cstamas cstamas changed the title [MNG-7441] Update version of loback [MNG-7441] 3.8.x Update version of loback Apr 7, 2022
@bmarwell bmarwell changed the title [MNG-7441] 3.8.x Update version of loback [MNG-7441] 3.8.x Update version of logback Apr 7, 2022
bmarwell
bmarwell approved these changes Apr 7, 2022
View reviewed changes
Copy link
Contributor

@bmarwell bmarwell left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

LGTM.

This is good because it will silence security scanners. While this dependency is optional, it might actually ship with Maven. It does not do so at the moment (slf4j-simple will ship with maven if I am not mistaken).
Anyway, +1 for the update.

@michael-o
Copy link
Member

Nice waste of time for bogus as you have said ;-)

@cstamas
Copy link
Member Author

cstamas commented Apr 7, 2022
edited
Loading

Any idea why Jenkins failed this build? Since the change of ASF CI build Jenkins is really utterly unreliable.... 😞

@khmarbaise
Copy link
Member

This seemed to be the reason:
[ERROR] Plugin org.apache.maven.plugins:maven-dependency-plugin:3.1.1 or one of its dependencies could not be resolved: Failed to read artifact descriptor for org.apache.maven.plugins:maven-dependency-plugin:jar:3.1.1: Could not transfer artifact org.apache.maven.plugins:maven-dependency-plugin:pom:3.1.1 from/to central (https://repo1.maven.org/maven2): transfer failed for https://repo1.maven.org/maven2/org/apache/maven/plugins/maven-dependency-plugin/3.1.1/maven-dependency-plugin-3.1.1.pom: Received fatal alert: protocol_version -> [Help 1]

@michael-o
Copy link
Member

Java 7?

@khmarbaise
Copy link
Member

Maven 3.8.X ist built also with JDK 7...

https://ci-maven.apache.org/job/Maven/job/maven-box/job/maven/job/maven-3.8.x/

@rmannibucau
Copy link
Contributor

If it is only about LogbackConfiguration it can be done by reflection and the dep dropped, no?

@slawekjaranowski
Copy link
Member

In maven-3.8.x build there is the same errors like:

Caused by: javax.net.ssl.SSLException: Received fatal alert: protocol_version

Root cause (probably), command line executed by verifier :

Exit code was non-zero: 1; command line and log = 
/home/jenkins/jenkins-home/workspace/aven_maven-box_maven_maven-3.8.x/test/core-it-suite/target/apache-maven/bin/mvn --global-settings /home/jenkins/jenkins-home/workspace/aven_maven-box_maven_maven-3.8.x/test/core-it-suite/target/test-classes/settings-remote.xml -e --batch-mode -Dmaven.repo.local=/home/jenkins/jenkins-home/workspace/aven_maven-box_maven_maven-3.8.x/test/it-local-repo install

there is missing property in command line -Dhttps.protocols=TLSv1.2

@cstamas cstamas merged commit 6189b48 into maven-3.8.x Apr 8, 2022
@cstamas cstamas deleted the MNG-7441-update-logback branch April 8, 2022 07:41
gnodet pushed a commit to gnodet/maven that referenced this pull request Apr 12, 2022
@cstamas @gnodet
[MNG-7441] Update version of loback (apache#708)
6959c53 
This issue is fluke, as logback is actually optional
dependency, but still, to cut reports like these from
root, let's do this update.
@gnodet gnodet mentioned this pull request Oct 5, 2022
Merged
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@slawekjaranowski slawekjaranowski slawekjaranowski approved these changes

@bmarwell bmarwell bmarwell approved these changes

@michael-o michael-o Awaiting requested review from michael-o

Assignees

@cstamas cstamas

Labels
None yet
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
6 participants
@cstamas @michael-o @khmarbaise @rmannibucau @slawekjaranowski @bmarwell