Versions Compared

Old Version 6

changes.mady.by.user Henri Mikkonen

Saved on

compared with

New Version 7

changes.mady.by.user Ian Young

Saved on

Key

  • This line was added.
  • This line was removed.
  • Formatting was changed.

...

  • Jira Legacy
    serverSystem JIRA
    serverIdf52c7d31-6eab-3f0e-93c3-231b5754d506
    keyJOIDC-82

    • It feels that we should simply disable the wiring of the secret expiration configuration and note it in the documentation

  • Jira Legacy
    serverSystem JIRA
    serverIdf52c7d31-6eab-3f0e-93c3-231b5754d506
    keyJOIDC-76

    • I didn’t find a better way for “configuring” the ServletContextInitializer than via system properties

      • Flag for disabling the class:

        • -Dnet.shibboleth.idp.plugin.oidc.op.servlet.RegisterFilterServletContextInitializer=disabled

      • Space-separated list for the url-mappings of the filter:

        • "-Dnet.shibboleth.idp.plugin.oidc.op.servlet.RegisterFilterServletContextInitializer.mappings=/profile/oauth2/* /profile/oidc/*"

  • Jira Legacy
    serverSystem JIRA
    serverIdf52c7d31-6eab-3f0e-93c3-231b5754d506
    keyJOIDC-21

    • CLI can handle HTTP-Basic auth - needed if the authenticated-flag is enabled in the admin flow config

    • The flow now uses FetchThroughMetadataCache

  • Jira Legacy
    serverSystem JIRA
    serverIdf52c7d31-6eab-3f0e-93c3-231b5754d506
    keyJOIDC-61

    • Configuration of additional server-side policies now simplified

Ian

  • Working on a dependency pass for 4.2.

  • Had held this until the enforcer was up and running.

    • Ran into some holes in my dependency qualification workflow from that, now reorganised.

    • May move this into the build containers at some point.

  • Lost more than a week on a medical issue (I’m fine for now, but it’s time-consuming).

  • As Tom points out, Maven 5.8.5 is out:

    • https://issues.apache.org/jira/secure/ReleaseNote.jspa?projectId=12316922&version=12351105

    • Doesn’t seem to have anything we actually need.

    • Adopting by bumping minimum version would require all dev machines, CI machines and build containers to be updated.

    • If we do want to make it the minimum for 4.2, we need to start on that stuff NOW. Inclined to make it optional (by ignoring it).

    • It has some plugin dependency requirements that I may pick up anyway, depending on whether their keys are known.

  • Dependencies with new keys (deferred until resolved, working on these with Rod):

    • rhino, jcommander, janino, hibernate

  • Big bumps (suggest ignoring these):

    • Mockito (new APIs in major version)

    • Checkstyle (may do an 8.x update, but both 9.x and 10.x exist now… also, interaction with Eclipse)

  • Little bumps (still to be pulled in):

    • Some Maven plugins.

    • The ones Rod is key hunting for.

    • Maybe Checkstyle.

  • Coming back to the 5.x conversion now that Spring Framework 6.0.0-M3 is out. Spring Webflow still the sticking point.

John

Marvin

Phil

Rod

  • m2 checking on by default

    • Is this the correct default?

    • -P central-disabled is no more

  • java-mvn-enforcer releases

    • -data 1.0.2

  • Did the releases from docker with an ssh tunnel.

    • Are we good to turn off external access?

  • The bug in maven which required us to turn off checksum checking on our repos has been fixed.

...