[ANN] Apache Ant 1.9.12 and 1.10.4 Released

classic Classic list List threaded Threaded
2 messages Options
Reply | Threaded
Open this post in threaded view
|

[ANN] Apache Ant 1.9.12 and 1.10.4 Released

Stefan Bodewig
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

The Apache Ant Team is pleased to announce the releases of Apache Ant
1.9.12 and 1.10.4.

Apache Ant is a Java library and command-line tool that helps building
software.

The Apache Ant team currently maintains two lines of development. The
1.9.x releases require Java5 at runtime and 1.10.x requires Java8 at
runtime. Both lines are based off of Ant 1.9.7 and the 1.9.x releases
are mostly bug fix releases while additional new features are developed
for 1.10.x. We recommend using 1.10.4 unless you are required to use
versions of Java prior to Java8 during the build process.

Ant 1.10.4 contains a superset of 1.9.12 - with the exception of a few
tasks and features that no longer work with Java8 anyway (like the apt
task).

Both releases are mostly bug fix releases with a few new features
being added. In both releases the untar, unjar and unzip will no
longer extract entries whose names would make the created files be
placed outside of the destination directory by default. This is based
on a recommendation by the Snyk Security Research Team.

Source and binary distributions are available for download from the
Apache Ant download site:

http://ant.apache.org/bindownload.cgi
http://ant.apache.org/srcdownload.cgi

When downloading, please verify signatures using the KEYS file available
at the above location when downloading the release.

Changes in 1.10.4 include:
==========================

Changes that could break older environments:
- -------------------------------------------

 * <unzip>, <unjar> and <untar> will no longer extract entries whose
   names would make the created files be placed outside of the
   destination directory anymore by default. A new attribute
   allowFilesToEscapeDest can be used to override the behavior.
   Another special case is when stripAbsolutePathSpec is false (which
   no longer is the default) and the entry's name starts with a
   (back)slash and allowFilesToEscapeDest hasn't been specified
   explicitly, in this case the file may be created outside of the
   dest directory as well.
   In addition stripAbsolutePathSpec is now true by default.
   Based on a recommendation by the Snyk Security Research Team.

Fixed bugs:
- -----------

 * Delay the class initialization of the test classes until they are
   passed to JUnit. This way we can avoid that failing static initializers
   from non-test classes are reported as error when the 'skipNonTests' option
   is 'true'.
   Bugzilla Report 60062

 * The junit task when used with includeantruntime="no" was incorrectly
   printing a warning about multiple versions of ant detected in path

 * <cab> died with a NullPointerException since Ant 1.10.2.
   Bugzilla Report 62335

 * The <depend> task would fail with
   "java.lang.ClassFormatError: Invalid Constant Pool entry Type 19" while
   parsing a module-info.class. The task is compatible with
   Java bytecode version 53 now.
   Bug reported by Simon IJskes https://issues.apache.org/jira/browse/NETBEANS-781

 * Default and SecureInputHandler will now raise an error when then
   end of the input stream (usually System.in or System.console) are
   reached before a valid input has been read.

 * junitreport does not list testsuites that fail to start any tests
   because of an exception inside the all-tests and alltests-errors frames.
   Bugzilla Report 62443

Other changes:
- --------------

 * AntAssert is deprecated, assertThat from JUnit 4.4+, Hamcrest matchers and/or
   ExpectedException rule provide equivalent functionality

 * PumpStreamHandler now explicitly verifies the streams for output
   and error are not null and will throw an exception if they
   are. This way creating a PumpStreamHandler will fail early as
   opposed to some obscure errors later when closing streams or
   finishing threads might fail.
   Bugzilla Report 62148

 * <property> has a new attribute runtime which can be used to set
   properties with values taken as snapshots from the
   availableProcessors, freeMemory, maxMemory and totalMemory methods
   of the Java Runtime class.

 * linecontains filter now has a new "matchAny" attribute which when
   set to "true" allows any (instead of all) of the user-specified
   strings to be present in the line.
   Bugzilla Report 62313

 * <resourcelist> has a new basedir attribute that can be used to
   resolve relative names and provides a root for the FileResources
   generated.
   Bugzilla Report 62379

 * The <includesfile> and <excludesfile> nested elements of
   <patternset> and <fileset> now support an encoding attribute that
   can be used to specify the file's encoding.
   Bugzilla Report 62379

 * New file selectors, posixGroup and posixPermissions, are available.
   The new selectors and related ownedBy selector have "followSymlinks"
   attribute that defaults to "true" for consistency.
   Bugzilla Report 22370

 * The junitlauncher task now has a "printSummary" attribute which when
   set to "true" will print the test execution summary to System.out.

Changes in 1.9.12 include:
==========================

Changes that could break older environments:
- -------------------------------------------

 * <unzip>, <unjar> and <untar> will no longer extract entries whose
   names would make the created files be placed outside of the
   destination directory anymore by default. A new attribute
   allowFilesToEscapeDest can be used to override the behavior.
   Another special case is when stripAbsolutePathSpec is false (which
   no longer is the default) and the entry's name starts with a
   (back)slash and allowFilesToEscapeDest hasn't been specified
   explicitly, in this case the file may be created outside of the
   dest directory as well.
   In addition stripAbsolutePathSpec is now true by default.
   Based on a recommendation by the Snyk Security Research Team.

Fixed bugs:
- -----------

 * Delay the class initialization of the test classes until they are
   passed to JUnit. This way we can avoid that failing static initializers
   from non-test classes are reported as error when the 'skipNonTests' option
   is 'true'.
   Bugzilla Report 60062

 * The junit task when used with includeantruntime="no" was incorrectly
   printing a warning about multiple versions of ant detected in path

 * Default and SecureInputHandler will now raise an error when then
   end of the input stream (usually System.in or System.console) are
   reached before a valid input has been read.

 * junitreport does not list testsuites that fail to start any tests
   because of an exception inside the all-tests and alltests-errors frames.
   Bugzilla Report 62443

Other changes:
- --------------

 * PumpStreamHandler now explicitly verifies the streams for output
   and error are not null and will throw an exception if they
   are. This way creating a PumpStreamHandler will fail early as
   opposed to some obscure errors later when closing streams or
   finishing threads might fail.
   Bugzilla Report 62148

 * <property> has a new attribute runtime which can be used to set
   properties with values taken as snapshots from the
   availableProcessors, freeMemory, maxMemory and totalMemory methods
   of the Java Runtime class.

 * <resourcelist> has a new basedir attribute that can be used to
   resolve relative names and provides a root for the FileResources
   generated.
   Bugzilla Report 62379

 * The <includesfile> and <excludesfile> nested elements of
   <patternset> and <fileset> now support an encoding attribute that
   can be used to specify the file's encoding.
   Bugzilla Report 62379

For complete information on Ant, including instructions
on how to submit bug reports, patches, or suggestions for improvement,
see the Apache Ant website:

http://ant.apache.org/

Stefan Bodewig, on behalf of the Apache Ant community
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1

iEYEARECAAYFAlstGDEACgkQohFa4V9ri3LtGwCffwQJhD6PKZ06vNHCFkyumYuX
EWQAoJrQ1BnVQmg4FVY507woJbhzvVQW
=qV2y
-----END PGP SIGNATURE-----

---------------------------------------------------------------------
To unsubscribe, e-mail: [hidden email]
For additional commands, e-mail: [hidden email]

Reply | Threaded
Open this post in threaded view
|

Re: [ANN] Apache Ant 1.9.12 and 1.10.4 Released

Jaikiran Pai
Thank you for running this release, Stefan.

-Jaikiran


On 22/06/18 9:09 PM, Stefan Bodewig wrote:

> -----BEGIN PGP SIGNED MESSAGE-----
> Hash: SHA1
>
> The Apache Ant Team is pleased to announce the releases of Apache Ant
> 1.9.12 and 1.10.4.
>
> Apache Ant is a Java library and command-line tool that helps building
> software.
>
> The Apache Ant team currently maintains two lines of development. The
> 1.9.x releases require Java5 at runtime and 1.10.x requires Java8 at
> runtime. Both lines are based off of Ant 1.9.7 and the 1.9.x releases
> are mostly bug fix releases while additional new features are developed
> for 1.10.x. We recommend using 1.10.4 unless you are required to use
> versions of Java prior to Java8 during the build process.
>
> Ant 1.10.4 contains a superset of 1.9.12 - with the exception of a few
> tasks and features that no longer work with Java8 anyway (like the apt
> task).
>
> Both releases are mostly bug fix releases with a few new features
> being added. In both releases the untar, unjar and unzip will no
> longer extract entries whose names would make the created files be
> placed outside of the destination directory by default. This is based
> on a recommendation by the Snyk Security Research Team.
>
> Source and binary distributions are available for download from the
> Apache Ant download site:
>
> http://ant.apache.org/bindownload.cgi
> http://ant.apache.org/srcdownload.cgi
>
> When downloading, please verify signatures using the KEYS file available
> at the above location when downloading the release.
>
> Changes in 1.10.4 include:
> ==========================
>
> Changes that could break older environments:
> - -------------------------------------------
>
>   * <unzip>, <unjar> and <untar> will no longer extract entries whose
>     names would make the created files be placed outside of the
>     destination directory anymore by default. A new attribute
>     allowFilesToEscapeDest can be used to override the behavior.
>     Another special case is when stripAbsolutePathSpec is false (which
>     no longer is the default) and the entry's name starts with a
>     (back)slash and allowFilesToEscapeDest hasn't been specified
>     explicitly, in this case the file may be created outside of the
>     dest directory as well.
>     In addition stripAbsolutePathSpec is now true by default.
>     Based on a recommendation by the Snyk Security Research Team.
>
> Fixed bugs:
> - -----------
>
>   * Delay the class initialization of the test classes until they are
>     passed to JUnit. This way we can avoid that failing static initializers
>     from non-test classes are reported as error when the 'skipNonTests' option
>     is 'true'.
>     Bugzilla Report 60062
>
>   * The junit task when used with includeantruntime="no" was incorrectly
>     printing a warning about multiple versions of ant detected in path
>
>   * <cab> died with a NullPointerException since Ant 1.10.2.
>     Bugzilla Report 62335
>
>   * The <depend> task would fail with
>     "java.lang.ClassFormatError: Invalid Constant Pool entry Type 19" while
>     parsing a module-info.class. The task is compatible with
>     Java bytecode version 53 now.
>     Bug reported by Simon IJskes https://issues.apache.org/jira/browse/NETBEANS-781
>
>   * Default and SecureInputHandler will now raise an error when then
>     end of the input stream (usually System.in or System.console) are
>     reached before a valid input has been read.
>
>   * junitreport does not list testsuites that fail to start any tests
>     because of an exception inside the all-tests and alltests-errors frames.
>     Bugzilla Report 62443
>
> Other changes:
> - --------------
>
>   * AntAssert is deprecated, assertThat from JUnit 4.4+, Hamcrest matchers and/or
>     ExpectedException rule provide equivalent functionality
>
>   * PumpStreamHandler now explicitly verifies the streams for output
>     and error are not null and will throw an exception if they
>     are. This way creating a PumpStreamHandler will fail early as
>     opposed to some obscure errors later when closing streams or
>     finishing threads might fail.
>     Bugzilla Report 62148
>
>   * <property> has a new attribute runtime which can be used to set
>     properties with values taken as snapshots from the
>     availableProcessors, freeMemory, maxMemory and totalMemory methods
>     of the Java Runtime class.
>
>   * linecontains filter now has a new "matchAny" attribute which when
>     set to "true" allows any (instead of all) of the user-specified
>     strings to be present in the line.
>     Bugzilla Report 62313
>
>   * <resourcelist> has a new basedir attribute that can be used to
>     resolve relative names and provides a root for the FileResources
>     generated.
>     Bugzilla Report 62379
>
>   * The <includesfile> and <excludesfile> nested elements of
>     <patternset> and <fileset> now support an encoding attribute that
>     can be used to specify the file's encoding.
>     Bugzilla Report 62379
>
>   * New file selectors, posixGroup and posixPermissions, are available.
>     The new selectors and related ownedBy selector have "followSymlinks"
>     attribute that defaults to "true" for consistency.
>     Bugzilla Report 22370
>
>   * The junitlauncher task now has a "printSummary" attribute which when
>     set to "true" will print the test execution summary to System.out.
>
> Changes in 1.9.12 include:
> ==========================
>
> Changes that could break older environments:
> - -------------------------------------------
>
>   * <unzip>, <unjar> and <untar> will no longer extract entries whose
>     names would make the created files be placed outside of the
>     destination directory anymore by default. A new attribute
>     allowFilesToEscapeDest can be used to override the behavior.
>     Another special case is when stripAbsolutePathSpec is false (which
>     no longer is the default) and the entry's name starts with a
>     (back)slash and allowFilesToEscapeDest hasn't been specified
>     explicitly, in this case the file may be created outside of the
>     dest directory as well.
>     In addition stripAbsolutePathSpec is now true by default.
>     Based on a recommendation by the Snyk Security Research Team.
>
> Fixed bugs:
> - -----------
>
>   * Delay the class initialization of the test classes until they are
>     passed to JUnit. This way we can avoid that failing static initializers
>     from non-test classes are reported as error when the 'skipNonTests' option
>     is 'true'.
>     Bugzilla Report 60062
>
>   * The junit task when used with includeantruntime="no" was incorrectly
>     printing a warning about multiple versions of ant detected in path
>
>   * Default and SecureInputHandler will now raise an error when then
>     end of the input stream (usually System.in or System.console) are
>     reached before a valid input has been read.
>
>   * junitreport does not list testsuites that fail to start any tests
>     because of an exception inside the all-tests and alltests-errors frames.
>     Bugzilla Report 62443
>
> Other changes:
> - --------------
>
>   * PumpStreamHandler now explicitly verifies the streams for output
>     and error are not null and will throw an exception if they
>     are. This way creating a PumpStreamHandler will fail early as
>     opposed to some obscure errors later when closing streams or
>     finishing threads might fail.
>     Bugzilla Report 62148
>
>   * <property> has a new attribute runtime which can be used to set
>     properties with values taken as snapshots from the
>     availableProcessors, freeMemory, maxMemory and totalMemory methods
>     of the Java Runtime class.
>
>   * <resourcelist> has a new basedir attribute that can be used to
>     resolve relative names and provides a root for the FileResources
>     generated.
>     Bugzilla Report 62379
>
>   * The <includesfile> and <excludesfile> nested elements of
>     <patternset> and <fileset> now support an encoding attribute that
>     can be used to specify the file's encoding.
>     Bugzilla Report 62379
>
> For complete information on Ant, including instructions
> on how to submit bug reports, patches, or suggestions for improvement,
> see the Apache Ant website:
>
> http://ant.apache.org/
>
> Stefan Bodewig, on behalf of the Apache Ant community
> -----BEGIN PGP SIGNATURE-----
> Version: GnuPG v1
>
> iEYEARECAAYFAlstGDEACgkQohFa4V9ri3LtGwCffwQJhD6PKZ06vNHCFkyumYuX
> EWQAoJrQ1BnVQmg4FVY507woJbhzvVQW
> =qV2y
> -----END PGP SIGNATURE-----
>
> ---------------------------------------------------------------------
> To unsubscribe, e-mail: [hidden email]
> For additional commands, e-mail: [hidden email]
>


---------------------------------------------------------------------
To unsubscribe, e-mail: [hidden email]
For additional commands, e-mail: [hidden email]