git.net

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: [ANN] Apache Ant 1.9.12 and 1.10.4 Released


Thank you for running this release, Stefan.

-Jaikiran


On 22/06/18 9:09 PM, Stefan Bodewig wrote:
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

The Apache Ant Team is pleased to announce the releases of Apache Ant
1.9.12 and 1.10.4.

Apache Ant is a Java library and command-line tool that helps building
software.

The Apache Ant team currently maintains two lines of development. The
1.9.x releases require Java5 at runtime and 1.10.x requires Java8 at
runtime. Both lines are based off of Ant 1.9.7 and the 1.9.x releases
are mostly bug fix releases while additional new features are developed
for 1.10.x. We recommend using 1.10.4 unless you are required to use
versions of Java prior to Java8 during the build process.

Ant 1.10.4 contains a superset of 1.9.12 - with the exception of a few
tasks and features that no longer work with Java8 anyway (like the apt
task).

Both releases are mostly bug fix releases with a few new features
being added. In both releases the untar, unjar and unzip will no
longer extract entries whose names would make the created files be
placed outside of the destination directory by default. This is based
on a recommendation by the Snyk Security Research Team.

Source and binary distributions are available for download from the
Apache Ant download site:

http://ant.apache.org/bindownload.cgi
http://ant.apache.org/srcdownload.cgi

When downloading, please verify signatures using the KEYS file available
at the above location when downloading the release.

Changes in 1.10.4 include:
==========================

Changes that could break older environments:
- -------------------------------------------

  * <unzip>, <unjar> and <untar> will no longer extract entries whose
    names would make the created files be placed outside of the
    destination directory anymore by default. A new attribute
    allowFilesToEscapeDest can be used to override the behavior.
    Another special case is when stripAbsolutePathSpec is false (which
    no longer is the default) and the entry's name starts with a
    (back)slash and allowFilesToEscapeDest hasn't been specified
    explicitly, in this case the file may be created outside of the
    dest directory as well.
    In addition stripAbsolutePathSpec is now true by default.
    Based on a recommendation by the Snyk Security Research Team.

Fixed bugs:
- -----------

  * Delay the class initialization of the test classes until they are
    passed to JUnit. This way we can avoid that failing static initializers
    from non-test classes are reported as error when the 'skipNonTests' option
    is 'true'.
    Bugzilla Report 60062

  * The junit task when used with includeantruntime="no" was incorrectly
    printing a warning about multiple versions of ant detected in path

  * <cab> died with a NullPointerException since Ant 1.10.2.
    Bugzilla Report 62335

  * The <depend> task would fail with
    "java.lang.ClassFormatError: Invalid Constant Pool entry Type 19" while
    parsing a module-info.class. The task is compatible with
    Java bytecode version 53 now.
    Bug reported by Simon IJskes https://issues.apache.org/jira/browse/NETBEANS-781

  * Default and SecureInputHandler will now raise an error when then
    end of the input stream (usually System.in or System.console) are
    reached before a valid input has been read.

  * junitreport does not list testsuites that fail to start any tests
    because of an exception inside the all-tests and alltests-errors frames.
    Bugzilla Report 62443

Other changes:
- --------------

  * AntAssert is deprecated, assertThat from JUnit 4.4+, Hamcrest matchers and/or
    ExpectedException rule provide equivalent functionality

  * PumpStreamHandler now explicitly verifies the streams for output
    and error are not null and will throw an exception if they
    are. This way creating a PumpStreamHandler will fail early as
    opposed to some obscure errors later when closing streams or
    finishing threads might fail.
    Bugzilla Report 62148

  * <property> has a new attribute runtime which can be used to set
    properties with values taken as snapshots from the
    availableProcessors, freeMemory, maxMemory and totalMemory methods
    of the Java Runtime class.

  * linecontains filter now has a new "matchAny" attribute which when
    set to "true" allows any (instead of all) of the user-specified
    strings to be present in the line.
    Bugzilla Report 62313

  * <resourcelist> has a new basedir attribute that can be used to
    resolve relative names and provides a root for the FileResources
    generated.
    Bugzilla Report 62379

  * The <includesfile> and <excludesfile> nested elements of
    <patternset> and <fileset> now support an encoding attribute that
    can be used to specify the file's encoding.
    Bugzilla Report 62379

  * New file selectors, posixGroup and posixPermissions, are available.
    The new selectors and related ownedBy selector have "followSymlinks"
    attribute that defaults to "true" for consistency.
    Bugzilla Report 22370

  * The junitlauncher task now has a "printSummary" attribute which when
    set to "true" will print the test execution summary to System.out.

Changes in 1.9.12 include:
==========================

Changes that could break older environments:
- -------------------------------------------

  * <unzip>, <unjar> and <untar> will no longer extract entries whose
    names would make the created files be placed outside of the
    destination directory anymore by default. A new attribute
    allowFilesToEscapeDest can be used to override the behavior.
    Another special case is when stripAbsolutePathSpec is false (which
    no longer is the default) and the entry's name starts with a
    (back)slash and allowFilesToEscapeDest hasn't been specified
    explicitly, in this case the file may be created outside of the
    dest directory as well.
    In addition stripAbsolutePathSpec is now true by default.
    Based on a recommendation by the Snyk Security Research Team.

Fixed bugs:
- -----------

  * Delay the class initialization of the test classes until they are
    passed to JUnit. This way we can avoid that failing static initializers
    from non-test classes are reported as error when the 'skipNonTests' option
    is 'true'.
    Bugzilla Report 60062

  * The junit task when used with includeantruntime="no" was incorrectly
    printing a warning about multiple versions of ant detected in path

  * Default and SecureInputHandler will now raise an error when then
    end of the input stream (usually System.in or System.console) are
    reached before a valid input has been read.

  * junitreport does not list testsuites that fail to start any tests
    because of an exception inside the all-tests and alltests-errors frames.
    Bugzilla Report 62443

Other changes:
- --------------

  * PumpStreamHandler now explicitly verifies the streams for output
    and error are not null and will throw an exception if they
    are. This way creating a PumpStreamHandler will fail early as
    opposed to some obscure errors later when closing streams or
    finishing threads might fail.
    Bugzilla Report 62148

  * <property> has a new attribute runtime which can be used to set
    properties with values taken as snapshots from the
    availableProcessors, freeMemory, maxMemory and totalMemory methods
    of the Java Runtime class.

  * <resourcelist> has a new basedir attribute that can be used to
    resolve relative names and provides a root for the FileResources
    generated.
    Bugzilla Report 62379

  * The <includesfile> and <excludesfile> nested elements of
    <patternset> and <fileset> now support an encoding attribute that
    can be used to specify the file's encoding.
    Bugzilla Report 62379

For complete information on Ant, including instructions
on how to submit bug reports, patches, or suggestions for improvement,
see the Apache Ant website:

http://ant.apache.org/

Stefan Bodewig, on behalf of the Apache Ant community
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1

iEYEARECAAYFAlstGDEACgkQohFa4V9ri3LtGwCffwQJhD6PKZ06vNHCFkyumYuX
EWQAoJrQ1BnVQmg4FVY507woJbhzvVQW
=qV2y
-----END PGP SIGNATURE-----

---------------------------------------------------------------------
To unsubscribe, e-mail: dev-unsubscribe@xxxxxxxxxxxxxx
For additional commands, e-mail: dev-help@xxxxxxxxxxxxxx



---------------------------------------------------------------------
To unsubscribe, e-mail: dev-unsubscribe@xxxxxxxxxxxxxx
For additional commands, e-mail: dev-help@xxxxxxxxxxxxxx