[security-dev] [PicketLink] - Version 2.5.0.Beta3 Released

Pedro Igor Silva psilva at redhat.com
Wed May 29 13:17:23 EDT 2013


What about JBoss Nexus ? Can we at least fix there ?

----- Original Message -----
From: "Pete Muir" <pmuir at redhat.com>
To: "Anil Saldhana" <Anil.Saldhana at redhat.com>
Cc: security-dev at lists.jboss.org
Sent: Wednesday, May 29, 2013 12:19:55 PM
Subject: Re: [security-dev] [PicketLink] - Version 2.5.0.Beta3 Released

This can't be "fixed" in Maven Central, once an artefact is there, it is there.

All we can do is ameliorate the problem via education.

We do provide BOMs which specify a version of PicketLink to use, and recommend people always use the BOM, and don't specify the version directly. We also recommend not using version ranges. Finally, we need to be very clear on the project site about which versions to use.

On 28 May 2013, at 15:16, Anil Saldhana <Anil.Saldhana at redhat.com> wrote:

> Hi Josef,
>   I think we will have to get it fixed in Maven central.
> 
> Regards,
> Anil
> 
> On 05/28/2013 06:05 AM, Josef Cacek wrote:
>> Hi *,
>> 
>>  how will we solve the "version hell" in Maven repositories?
>> 
>> When the users search PicketLink in the Central for instance, they see  5.0.0-2013Jan16 as the latest.
>> 
>> http://search.maven.org/#search%7Cga%7C1%7Cpicketlink-parent
>> 
>> Similar problems come if an user specifies a version range in a Maven dependency:
>> 
>> <dependency>
>> 	<groupId>org.picketlink</groupId>
>> 	<artifactId>picketlink-idm-impl</artifactId>
>> 	<version>[2.5,)</version>
>> </dependency>
>> 
>> Best regards,
>> 
>> -- josef
>> Too brief? Here's why! http://emailcharter.org
>> 
>> ----- Original Message -----
>>> From: "Pedro Igor Silva" <psilva at redhat.com>
>>> To: security-dev at lists.jboss.org
>>> Sent: Monday, May 20, 2013 8:35:18 PM
>>> Subject: [security-dev] [PicketLink] - Version 2.5.0.Beta3 Released
>>> 
>>> Hi All,
>>> 
>>>     Today we released PicketLink 2.5.0.Beta3. For now on, PicketLink versions
>>>     will follow the v2.5.x series, as discussed in this list.
>>> 
>>>     Documentation can be obtained from:
>>> 
>>>         http://docs.jboss.org/picketlink/3/latest
>>> 
>>>     Issues for this version:
>>> 
>>>         https://issues.jboss.org/secure/ReleaseNote.jspa?projectId=12310923&version=12321695
>>> 
>>> Regards.
>>> Pedro Igor
> _______________________________________________
> security-dev mailing list
> security-dev at lists.jboss.org
> https://lists.jboss.org/mailman/listinfo/security-dev


_______________________________________________
security-dev mailing list
security-dev at lists.jboss.org
https://lists.jboss.org/mailman/listinfo/security-dev


More information about the security-dev mailing list