Piotr P. Karwasz
Piotr P. Karwasz
It's fixed in 0.8.19.
@bodewig, I understand the reluctance of adding yet another component with external dependencies to maintain, but I believe this should be a low maintenance listener. If you consider adding it...
This would be just a marketing problem: Log4j2 Core's vulnerabilities never affected the Log4j2 API as well as Logback's vulnerabilities never affected SLF4J. In the case of a new CVE...
> We are maintaining things we accepted more than twentytwo years ago (`` anyone :-) ) just to give a perspective on what maintenance involves. @bodewig, I perfectly understand the...
@Marcono1234, Yes, they are unrelated, but you probably want to submit a PR against the current stable release `release-2.x`. The `master` branch is for the unreleased 3.x series.
`./mvnw site` also succeeded locally.
The main point of this change are: * Dependabot stops looking at upgrades of the most common Maven plugins, * the builds are reproducible.
The difference in the dependency list before and after this change is minimal: * the transitive dependency `javax.inject` was before forced in the `provided` scope. It is now in the...
@carterkozak, you are certainly not late in the game, since the game hasn't started yet. I provided a non-invasive and non-optimized implementation, because personally I don't believe in the feature's...
Hi @kristofarkas, I would appreciate if you could add some tests to prevent a regression in the future. I imagine we would like to check these three cases: * a...