[JBoss JIRA] (SHRINKRES-198) maven.util.FileUtil contains System.out.println
by Karel Piwko (JIRA)
[ https://issues.jboss.org/browse/SHRINKRES-198?page=com.atlassian.jira.plu... ]
Karel Piwko commented on SHRINKRES-198:
---------------------------------------
[~quintesse] if you mean 2.2.0-unstable, e.g. 2.2.0-alpha-3 or 2.2.0-beta-1 or 2.2.0 (final)? At this moment we do not plan 2.1.2 release, we are rather working on stabilizing Gradle related API and bringing 2.2.0 to beta level soonish.
> maven.util.FileUtil contains System.out.println
> -----------------------------------------------
>
> Key: SHRINKRES-198
> URL: https://issues.jboss.org/browse/SHRINKRES-198
> Project: ShrinkWrap Resolvers
> Issue Type: Bug
> Security Level: Public(Everyone can see)
> Components: impl-maven
> Affects Versions: 2.1.1
> Reporter: Tako Schotanus
> Assignee: Karel Piwko
> Priority: Minor
> Fix For: 2.2.0-alpha-3
>
>
> Don't know if it needs more explanation than the title, but the code in org/jboss/shrinkwrap/resolver/impl/maven/util/FileUtil.java contains a call to System.out.println() which definitely shouldn't be there.
> NB: I put the priority to "minor" although really it's quite annoying and definitely not suitable for us in a production environment!
--
This message was sent by Atlassian JIRA
(v6.3.1#6329)
9 years, 8 months
[JBoss JIRA] (SHRINKRES-198) maven.util.FileUtil contains System.out.println
by Tako Schotanus (JIRA)
[ https://issues.jboss.org/browse/SHRINKRES-198?page=com.atlassian.jira.plu... ]
Tako Schotanus commented on SHRINKRES-198:
------------------------------------------
Thanks for the quick fix!
Just a question, when do you think 2.2.0 will be released? Would it be possible to fix this as well in the not-yet-released 2.1.2 if 2.2.0 will still take a while?
> maven.util.FileUtil contains System.out.println
> -----------------------------------------------
>
> Key: SHRINKRES-198
> URL: https://issues.jboss.org/browse/SHRINKRES-198
> Project: ShrinkWrap Resolvers
> Issue Type: Bug
> Security Level: Public(Everyone can see)
> Components: impl-maven
> Affects Versions: 2.1.1
> Reporter: Tako Schotanus
> Assignee: Karel Piwko
> Priority: Minor
> Fix For: 2.2.0-alpha-3
>
>
> Don't know if it needs more explanation than the title, but the code in org/jboss/shrinkwrap/resolver/impl/maven/util/FileUtil.java contains a call to System.out.println() which definitely shouldn't be there.
> NB: I put the priority to "minor" although really it's quite annoying and definitely not suitable for us in a production environment!
--
This message was sent by Atlassian JIRA
(v6.3.1#6329)
9 years, 8 months
[JBoss JIRA] (SHRINKRES-198) maven.util.FileUtil contains System.out.println
by Karel Piwko (JIRA)
[ https://issues.jboss.org/browse/SHRINKRES-198?page=com.atlassian.jira.plu... ]
Karel Piwko updated SHRINKRES-198:
----------------------------------
Fix Version/s: 2.2.0-alpha-3
> maven.util.FileUtil contains System.out.println
> -----------------------------------------------
>
> Key: SHRINKRES-198
> URL: https://issues.jboss.org/browse/SHRINKRES-198
> Project: ShrinkWrap Resolvers
> Issue Type: Bug
> Security Level: Public(Everyone can see)
> Components: impl-maven
> Affects Versions: 2.1.1
> Reporter: Tako Schotanus
> Priority: Minor
> Fix For: 2.2.0-alpha-3
>
>
> Don't know if it needs more explanation than the title, but the code in org/jboss/shrinkwrap/resolver/impl/maven/util/FileUtil.java contains a call to System.out.println() which definitely shouldn't be there.
> NB: I put the priority to "minor" although really it's quite annoying and definitely not suitable for us in a production environment!
--
This message was sent by Atlassian JIRA
(v6.3.1#6329)
9 years, 8 months
[JBoss JIRA] (SHRINKRES-198) maven.util.FileUtil contains System.out.println
by Tako Schotanus (JIRA)
Tako Schotanus created SHRINKRES-198:
----------------------------------------
Summary: maven.util.FileUtil contains System.out.println
Key: SHRINKRES-198
URL: https://issues.jboss.org/browse/SHRINKRES-198
Project: ShrinkWrap Resolvers
Issue Type: Bug
Security Level: Public (Everyone can see)
Components: impl-maven
Affects Versions: 2.1.1
Reporter: Tako Schotanus
Priority: Minor
Don't know if it needs more explanation than the title, but the code in org/jboss/shrinkwrap/resolver/impl/maven/util/FileUtil.java contains a call to System.out.println() which definitely shouldn't be there.
NB: I put the priority to "minor" although really it's quite annoying and definitely not suitable for us in a production environment!
--
This message was sent by Atlassian JIRA
(v6.3.1#6329)
9 years, 8 months
[JBoss JIRA] (SHRINKRES-146) Encrypted password support forces presence of settings-security.xml
by Rafał Gała (JIRA)
[ https://issues.jboss.org/browse/SHRINKRES-146?page=com.atlassian.jira.plu... ]
Rafał Gała edited comment on SHRINKRES-146 at 9/2/14 2:18 AM:
--------------------------------------------------------------
After a few hours of investigation I finally found something :) The problem is actually with decrypting the password, not curly brackets.
When I run Maven, I set MAVEN_OPTS variable to *-Dsettings.security=%M2_HOME%\conf\settings-security.xml*, so when ShrinkWrap resolves artifacts it should look for that file where the parameter points to, instead of looking in .m2 directory in user's home directory, but it does not work. It seems that ShrinkWrap ignores this parameter.
Passing *-Dorg.apache.maven.security-settings=%M2_HOME%\conf\settings-security.xml* parameter to Maven seems to solve the problem.
was (Author: wujaszek):
After a few hours of investigation I finally found something :) The problem is actually with decrypting the password, not the curly brackets.
When I run Maven, I set MAVEN_OPTS variable to *-Dsettings.security=%M2_HOME%\conf\settings-security.xml*, so when ShrinkWrap resolves artifacts it should look for that file where the parameter points to, instead of looking in .m2 directory in user's home directory, but it does not work. It seems that ShrinkWrap ignores this parameter.
Passing *-Dorg.apache.maven.security-settings=%M2_HOME%\conf\settings-security.xml* parameter to Maven seems to solve the problem.
> Encrypted password support forces presence of settings-security.xml
> -------------------------------------------------------------------
>
> Key: SHRINKRES-146
> URL: https://issues.jboss.org/browse/SHRINKRES-146
> Project: ShrinkWrap Resolvers
> Issue Type: Bug
> Security Level: Public(Everyone can see)
> Affects Versions: 2.0.0-beta-4, 2.0.0
> Reporter: Falko M.
> Assignee: Andrew Rubinger
>
> This problem is caused by SHRINKRES-38 "Support encrypted passwords for password protected repositories".
> As soon {{MavenSettingsBuilder}} finds passwords in the settings file, it apprently assumes that they are encrypted with the master password which is defined in {{settings-security.xml}}. When the file cannot be found an exception is thrown:
> {code}
> org.jboss.shrinkwrap.resolver.api.InvalidConfigurationFileException: Unable to get security configuration from C:\Users\U115417\.m2\settings-security.xml. Please define path to the settings-security.xml file via -Dorg.apache.maven.security-settings, or put it the the default location defined by Maven.
> at org.jboss.shrinkwrap.resolver.impl.maven.internal.decrypt.MavenSecurityDispatcher.getMaster(MavenSecurityDispatcher.java:171)
> at org.jboss.shrinkwrap.resolver.impl.maven.internal.decrypt.MavenSecurityDispatcher.decrypt(MavenSecurityDispatcher.java:96)
> at org.jboss.shrinkwrap.resolver.impl.maven.internal.decrypt.MavenSettingsDecrypter.decrypt(MavenSettingsDecrypter.java:92)
> at org.jboss.shrinkwrap.resolver.impl.maven.internal.decrypt.MavenSettingsDecrypter.decrypt(MavenSettingsDecrypter.java:60)
> at org.jboss.shrinkwrap.resolver.impl.maven.bootstrap.MavenSettingsBuilder.decryptPasswords(MavenSettingsBuilder.java:223)
> at org.jboss.shrinkwrap.resolver.impl.maven.bootstrap.MavenSettingsBuilder.buildSettings(MavenSettingsBuilder.java:186)
> at org.jboss.shrinkwrap.resolver.impl.maven.bootstrap.MavenSettingsBuilder.buildDefaultSettings(MavenSettingsBuilder.java:113)
> at org.jboss.shrinkwrap.resolver.impl.maven.MavenWorkingSessionImpl.<init>(MavenWorkingSessionImpl.java:123)
> at org.jboss.shrinkwrap.resolver.impl.maven.MavenResolverSystemImpl.<init>(MavenResolverSystemImpl.java:43)
> ... 80 more
> {code}
> This is not correct as passwords can be defined without encryption and in this case no {{settings-security.xml}} file is needed.
> As we use server-side hashed passwords (without client-side encryption), this is a deal breaker for our project as you cannot work around this problem by just creating an empty file or a dummy password.
--
This message was sent by Atlassian JIRA
(v6.3.1#6329)
9 years, 8 months
[JBoss JIRA] (SHRINKRES-146) Encrypted password support forces presence of settings-security.xml
by Rafał Gała (JIRA)
[ https://issues.jboss.org/browse/SHRINKRES-146?page=com.atlassian.jira.plu... ]
Rafał Gała commented on SHRINKRES-146:
--------------------------------------
After a few hours of investigation I finally found something :) The problem is actually with decrypting the password, not the curly brackets.
When I run Maven, I set MAVEN_OPTS variable to *-Dsettings.security=%M2_HOME%\conf\settings-security.xml*, so when ShrinkWrap resolves artifacts it should look for that file where the parameter points to, instead of looking in .m2 directory in user's home directory, but it does not work. It seems that ShrinkWrap ignores this parameter.
Passing *-Dorg.apache.maven.security-settings=%M2_HOME%\conf\settings-security.xml* parameter to Maven seems to solve the problem.
> Encrypted password support forces presence of settings-security.xml
> -------------------------------------------------------------------
>
> Key: SHRINKRES-146
> URL: https://issues.jboss.org/browse/SHRINKRES-146
> Project: ShrinkWrap Resolvers
> Issue Type: Bug
> Security Level: Public(Everyone can see)
> Affects Versions: 2.0.0-beta-4, 2.0.0
> Reporter: Falko M.
> Assignee: Andrew Rubinger
>
> This problem is caused by SHRINKRES-38 "Support encrypted passwords for password protected repositories".
> As soon {{MavenSettingsBuilder}} finds passwords in the settings file, it apprently assumes that they are encrypted with the master password which is defined in {{settings-security.xml}}. When the file cannot be found an exception is thrown:
> {code}
> org.jboss.shrinkwrap.resolver.api.InvalidConfigurationFileException: Unable to get security configuration from C:\Users\U115417\.m2\settings-security.xml. Please define path to the settings-security.xml file via -Dorg.apache.maven.security-settings, or put it the the default location defined by Maven.
> at org.jboss.shrinkwrap.resolver.impl.maven.internal.decrypt.MavenSecurityDispatcher.getMaster(MavenSecurityDispatcher.java:171)
> at org.jboss.shrinkwrap.resolver.impl.maven.internal.decrypt.MavenSecurityDispatcher.decrypt(MavenSecurityDispatcher.java:96)
> at org.jboss.shrinkwrap.resolver.impl.maven.internal.decrypt.MavenSettingsDecrypter.decrypt(MavenSettingsDecrypter.java:92)
> at org.jboss.shrinkwrap.resolver.impl.maven.internal.decrypt.MavenSettingsDecrypter.decrypt(MavenSettingsDecrypter.java:60)
> at org.jboss.shrinkwrap.resolver.impl.maven.bootstrap.MavenSettingsBuilder.decryptPasswords(MavenSettingsBuilder.java:223)
> at org.jboss.shrinkwrap.resolver.impl.maven.bootstrap.MavenSettingsBuilder.buildSettings(MavenSettingsBuilder.java:186)
> at org.jboss.shrinkwrap.resolver.impl.maven.bootstrap.MavenSettingsBuilder.buildDefaultSettings(MavenSettingsBuilder.java:113)
> at org.jboss.shrinkwrap.resolver.impl.maven.MavenWorkingSessionImpl.<init>(MavenWorkingSessionImpl.java:123)
> at org.jboss.shrinkwrap.resolver.impl.maven.MavenResolverSystemImpl.<init>(MavenResolverSystemImpl.java:43)
> ... 80 more
> {code}
> This is not correct as passwords can be defined without encryption and in this case no {{settings-security.xml}} file is needed.
> As we use server-side hashed passwords (without client-side encryption), this is a deal breaker for our project as you cannot work around this problem by just creating an empty file or a dummy password.
--
This message was sent by Atlassian JIRA
(v6.3.1#6329)
9 years, 8 months
[JBoss JIRA] (SHRINKRES-146) Encrypted password support forces presence of settings-security.xml
by Karel Piwko (JIRA)
[ https://issues.jboss.org/browse/SHRINKRES-146?page=com.atlassian.jira.plu... ]
Karel Piwko commented on SHRINKRES-146:
---------------------------------------
What do you mean by ShrinkWrap fail? Do you have stack trace handy?
There is a test:
https://github.com/shrinkwrap/resolver/blob/master/impl-maven/src/test/ja...
Here is settings.xml
https://github.com/shrinkwrap/resolver/blob/master/impl-maven/src/test/re...
Everything is passing fine.
> Encrypted password support forces presence of settings-security.xml
> -------------------------------------------------------------------
>
> Key: SHRINKRES-146
> URL: https://issues.jboss.org/browse/SHRINKRES-146
> Project: ShrinkWrap Resolvers
> Issue Type: Bug
> Security Level: Public(Everyone can see)
> Affects Versions: 2.0.0-beta-4, 2.0.0
> Reporter: Falko M.
> Assignee: Andrew Rubinger
>
> This problem is caused by SHRINKRES-38 "Support encrypted passwords for password protected repositories".
> As soon {{MavenSettingsBuilder}} finds passwords in the settings file, it apprently assumes that they are encrypted with the master password which is defined in {{settings-security.xml}}. When the file cannot be found an exception is thrown:
> {code}
> org.jboss.shrinkwrap.resolver.api.InvalidConfigurationFileException: Unable to get security configuration from C:\Users\U115417\.m2\settings-security.xml. Please define path to the settings-security.xml file via -Dorg.apache.maven.security-settings, or put it the the default location defined by Maven.
> at org.jboss.shrinkwrap.resolver.impl.maven.internal.decrypt.MavenSecurityDispatcher.getMaster(MavenSecurityDispatcher.java:171)
> at org.jboss.shrinkwrap.resolver.impl.maven.internal.decrypt.MavenSecurityDispatcher.decrypt(MavenSecurityDispatcher.java:96)
> at org.jboss.shrinkwrap.resolver.impl.maven.internal.decrypt.MavenSettingsDecrypter.decrypt(MavenSettingsDecrypter.java:92)
> at org.jboss.shrinkwrap.resolver.impl.maven.internal.decrypt.MavenSettingsDecrypter.decrypt(MavenSettingsDecrypter.java:60)
> at org.jboss.shrinkwrap.resolver.impl.maven.bootstrap.MavenSettingsBuilder.decryptPasswords(MavenSettingsBuilder.java:223)
> at org.jboss.shrinkwrap.resolver.impl.maven.bootstrap.MavenSettingsBuilder.buildSettings(MavenSettingsBuilder.java:186)
> at org.jboss.shrinkwrap.resolver.impl.maven.bootstrap.MavenSettingsBuilder.buildDefaultSettings(MavenSettingsBuilder.java:113)
> at org.jboss.shrinkwrap.resolver.impl.maven.MavenWorkingSessionImpl.<init>(MavenWorkingSessionImpl.java:123)
> at org.jboss.shrinkwrap.resolver.impl.maven.MavenResolverSystemImpl.<init>(MavenResolverSystemImpl.java:43)
> ... 80 more
> {code}
> This is not correct as passwords can be defined without encryption and in this case no {{settings-security.xml}} file is needed.
> As we use server-side hashed passwords (without client-side encryption), this is a deal breaker for our project as you cannot work around this problem by just creating an empty file or a dummy password.
--
This message was sent by Atlassian JIRA
(v6.3.1#6329)
9 years, 8 months