Skip to content

Commit

Permalink
Merge branch 'master' into pgpainless
Browse files Browse the repository at this point in the history
  • Loading branch information
dwalluck authored Mar 29, 2024
2 parents bcf9966 + 890e443 commit bc1ca89
Show file tree
Hide file tree
Showing 16 changed files with 189 additions and 25 deletions.
6 changes: 3 additions & 3 deletions .github/workflows/maven.yml
Original file line number Diff line number Diff line change
Expand Up @@ -12,14 +12,14 @@ jobs:
runs-on: ubuntu-latest
strategy:
matrix:
java: [ '8', '11', '17' ]
java: [ '11', '17', '21' ]

name: Java ${{ matrix.java }}

steps:
- uses: actions/checkout@v3
- uses: actions/checkout@v4
- name: Set up JDK java
uses: actions/setup-java@v3
uses: actions/setup-java@v4
with:
java-version: ${{ matrix.java }}
distribution: 'temurin'
Expand Down
93 changes: 93 additions & 0 deletions CODE_OF_CONDUCT.md
Original file line number Diff line number Diff line change
@@ -0,0 +1,93 @@
# Community Code of Conduct

**Version 2.0
January 1, 2023**

## Our Pledge

In the interest of fostering an open and welcoming environment, we as community members, contributors, Committers[^1], and Project Leads (collectively "Contributors") pledge to make participation in our projects and our community a harassment-free and inclusive experience for everyone.

This Community Code of Conduct ("Code") outlines our behavior expectations as members of our community in all Eclipse Foundation activities, both offline and online. It is not intended to govern scenarios or behaviors outside of the scope of Eclipse Foundation activities. Nor is it intended to replace or supersede the protections offered to all our community members under the law. Please follow both the spirit and letter of this Code and encourage other Contributors to follow these principles into our work. Failure to read or acknowledge this Code does not excuse a Contributor from compliance with the Code.

## Our Standards

Examples of behavior that contribute to creating a positive and professional environment include:

- Using welcoming and inclusive language;
- Actively encouraging all voices;
- Helping others bring their perspectives and listening actively. If you find yourself dominating a discussion, it is especially important to encourage other voices to join in;
- Being respectful of differing viewpoints and experiences;
- Gracefully accepting constructive criticism;
- Focusing on what is best for the community;
- Showing empathy towards other community members;
- Being direct but professional; and
- Leading by example by holding yourself and others accountable

Examples of unacceptable behavior by Contributors include:

- The use of sexualized language or imagery;
- Unwelcome sexual attention or advances;
- Trolling, insulting/derogatory comments, and personal or political attacks;
- Public or private harassment, repeated harassment;
- Publishing others' private information, such as a physical or electronic address, without explicit permission;
- Violent threats or language directed against another person;
- Sexist, racist, or otherwise discriminatory jokes and language;
- Posting sexually explicit or violent material;
- Sharing private content, such as emails sent privately or non-publicly, or unlogged forums such as IRC channel history;
- Personal insults, especially those using racist or sexist terms;
- Excessive or unnecessary profanity;
- Advocating for, or encouraging, any of the above behavior; and
- Other conduct which could reasonably be considered inappropriate in a professional setting

## Our Responsibilities

With the support of the Eclipse Foundation employees, consultants, officers, and directors (collectively, the "Staff"), Committers, and Project Leads, the Eclipse Foundation Conduct Committee (the "Conduct Committee") is responsible for clarifying the standards of acceptable behavior. The Conduct Committee takes appropriate and fair corrective action in response to any instances of unacceptable behavior.

## Scope

This Code applies within all Project, Working Group, and Interest Group spaces and communication channels of the Eclipse Foundation (collectively, "Eclipse spaces"), within any Eclipse-organized event or meeting, and in public spaces when an individual is representing an Eclipse Foundation Project, Working Group, Interest Group, or their communities. Examples of representing a Project or community include posting via an official social media account, personal accounts, or acting as an appointed representative at an online or offline event. Representation of Projects, Working Groups, and Interest Groups may be further defined and clarified by Committers, Project Leads, or the Staff.

## Enforcement

Instances of abusive, harassing, or otherwise unacceptable behavior may be reported by contacting the Conduct Committee via [email protected]. All complaints will be reviewed and investigated and will result in a response that is deemed necessary and appropriate to the circumstances. Without the explicit consent of the reporter, the Conduct Committee is obligated to maintain confidentiality with regard to the reporter of an incident. The Conduct Committee is further obligated to ensure that the respondent is provided with sufficient information about the complaint to reply. If such details cannot be provided while maintaining confidentiality, the Conduct Committee will take the respondent‘s inability to provide a defense into account in its deliberations and decisions. Further details of enforcement guidelines may be posted separately.

Staff, Committers and Project Leads have the right to report, remove, edit, or reject comments, commits, code, wiki edits, issues, and other contributions that are not aligned to this Code, or to block temporarily or permanently any Contributor for other behaviors that they deem inappropriate, threatening, offensive, or harmful. Any such actions will be reported to the Conduct Committee for transparency and record keeping.

Any Staff (including officers and directors of the Eclipse Foundation), Committers, Project Leads, or Conduct Committee members who are the subject of a complaint to the Conduct Committee will be recused from the process of resolving any such complaint.

## Responsibility

The responsibility for administering this Code rests with the Conduct Committee, with oversight by the Executive Director and the Board of Directors. For additional information on the Conduct Committee and its process, please write to <[email protected]>.

## Investigation of Potential Code Violations

All conflict is not bad as a healthy debate may sometimes be necessary to push us to do our best. It is, however, unacceptable to be disrespectful or offensive, or violate this Code. If you see someone engaging in objectionable behavior violating this Code, we encourage you to address the behavior directly with those involved. If for some reason, you are unable to resolve the matter or feel uncomfortable doing so, or if the behavior is threatening or harassing, please report it following the procedure laid out below.

Reports should be directed to <[email protected]>. It is the Conduct Committee’s role to receive and address reported violations of this Code and to ensure a fair and speedy resolution.

The Eclipse Foundation takes all reports of potential Code violations seriously and is committed to confidentiality and a full investigation of all allegations. The identity of the reporter will be omitted from the details of the report supplied to the accused. Contributors who are being investigated for a potential Code violation will have an opportunity to be heard prior to any final determination. Those found to have violated the Code can seek reconsideration of the violation and disciplinary action decisions. Every effort will be made to have all matters disposed of within 60 days of the receipt of the complaint.

## Actions
Contributors who do not follow this Code in good faith may face temporary or permanent repercussions as determined by the Conduct Committee.

This Code does not address all conduct. It works in conjunction with our [Communication Channel Guidelines](https://www.eclipse.org/org/documents/communication-channel-guidelines/), [Social Media Guidelines](https://www.eclipse.org/org/documents/social_media_guidelines.php), [Bylaws](https://www.eclipse.org/org/documents/eclipse-foundation-be-bylaws-en.pdf), and [Internal Rules](https://www.eclipse.org/org/documents/ef-be-internal-rules.pdf) which set out additional protections for, and obligations of, all contributors. The Foundation has additional policies that provide further guidance on other matters.

It’s impossible to spell out every possible scenario that might be deemed a violation of this Code. Instead, we rely on one another’s good judgment to uphold a high standard of integrity within all Eclipse Spaces. Sometimes, identifying the right thing to do isn’t an easy call. In such a scenario, raise the issue as early as possible.

## No Retaliation

The Eclipse community relies upon and values the help of Contributors who identify potential problems that may need to be addressed within an Eclipse Space. Any retaliation against a Contributor who raises an issue honestly is a violation of this Code. That a Contributor has raised a concern honestly or participated in an investigation, cannot be the basis for any adverse action, including threats, harassment, or discrimination. If you work with someone who has raised a concern or provided information in an investigation, you should continue to treat the person with courtesy and respect. If you believe someone has retaliated against you, report the matter as described by this Code. Honest reporting does not mean that you have to be right when you raise a concern; you just have to believe that the information you are providing is accurate.

False reporting, especially when intended to retaliate or exclude, is itself a violation of this Code and will not be accepted or tolerated.

Everyone is encouraged to ask questions about this Code. Your feedback is welcome, and you will get a response within three business days. Write to <[email protected]>.

## Amendments

The Eclipse Foundation Board of Directors may amend this Code from time to time and may vary the procedures it sets out where appropriate in a particular case.

### Attribution

This Code was inspired by the [Contributor Covenant](https://www.contributor-covenant.org/), version 1.4, available [here](https://www.contributor-covenant.org/version/1/4/code-of-conduct/).

[^1]: Capitalized terms used herein without definition shall have the meanings assigned to them in the Bylaws.
7 changes: 7 additions & 0 deletions DEPENDENCIES
Original file line number Diff line number Diff line change
@@ -0,0 +1,7 @@
maven/mavencentral/com.google.guava/guava/31.1-jre, Apache-2.0, approved, clearlydefined
maven/mavencentral/org.apache.commons/commons-compress/1.21, Apache-2.0 AND BSD-3-Clause AND bzip2-1.0.6 AND LicenseRef-Public-Domain, approved, CQ23710
maven/mavencentral/org.bouncycastle/bcpg-jdk18on/1.71, Apache-2.0, approved, #3326
maven/mavencentral/org.bouncycastle/bcprov-jdk18on/1.71, MIT, approved, #3475
maven/mavencentral/org.eclipse.packager/packager-core/0.19.1-SNAPSHOT, EPL-2.0, approved, technology.packager
maven/mavencentral/org.slf4j/slf4j-api/1.7.36, MIT, approved, CQ13368
maven/mavencentral/org.tukaani/xz/1.9, LicenseRef-Public-Domain, approved, CQ23498
2 changes: 2 additions & 0 deletions NOTICE.md
Original file line number Diff line number Diff line change
Expand Up @@ -21,6 +21,8 @@ listed source code repository logs.

## Third-party Content

See: [DEPENDENCIES](DEPENDENCIES)

## Trademarks

Eclipse Packager is a trademark of the Eclipse Foundation.
Expand Down
49 changes: 49 additions & 0 deletions SECURITY.md
Original file line number Diff line number Diff line change
@@ -0,0 +1,49 @@
<!--- https://www.eclipse.org/security/ --->
_ISO 27005 defines vulnerability as:
"A weakness of an asset or group of assets that can be exploited by one or more threats."_

## The Eclipse Security Team

The Eclipse Security Team provides help and advice to Eclipse projects
on vulnerability issues and is the first point of contact
for handling security vulnerabilities.
Members of the Security Team are committers on Eclipse Projects
and members of the Eclipse Architecture Council.

Contact the [Eclipse Security Team](mailto:[email protected]).

**Note that, as a matter of policy, the security team does not open attachments.**

## Reporting a Security Vulnerability

Vulnerabilities can be reported either via email to the Eclipse Security Team
or directly with a project via the Eclipse Foundation's Bugzilla instance.

The general security mailing list address is [email protected].
Members of the Eclipse Security Team will receive messages sent to this address.
This address should be used only for reporting undisclosed vulnerabilities;
regular issue reports and questions unrelated to vulnerabilities in Eclipse software
will be ignored.
Note that this email address is not encrypted.

The community is also encouraged to report vulnerabilities using the
[Eclipse Foundation's Bugzilla instance](https://bugs.eclipse.org/bugs/enter_bug.cgi?product=Community&component=Vulnerability%20Reports&keywords=security&groups=Security_Advisories).
Note that you will require an Eclipse Foundation account to create an issue report,
but by doing so you will be able to participate directly in the resolution of the issue.

Issue reports related to vulnerabilities must be marked as "committers-only",
either automatically by clicking the provided link, by the reporter,
or by a committer during the triage process.
Note that issues marked "committers-only" are visible to all Eclipse committers.
By default, a "committers-only" issue is also accessible to the reporter
and individuals explicitly indicated in the "cc" list.

## Disclosure

Disclosure is initially limited to the reporter and all Eclipse Committers,
but is expanded to include other individuals, and the general public.
The timing and manner of disclosure is governed by the
[Eclipse Security Policy](https://www.eclipse.org/security/policy.php).

Publicly disclosed issues are listed on the
[Disclosed Vulnerabilities Page](https://www.eclipse.org/security/known.php).
2 changes: 1 addition & 1 deletion core/pom.xml
Original file line number Diff line number Diff line change
Expand Up @@ -4,7 +4,7 @@
<parent>
<groupId>org.eclipse.packager</groupId>
<artifactId>packager</artifactId>
<version>0.19.1-SNAPSHOT</version>
<version>0.20.1-SNAPSHOT</version>
</parent>

<artifactId>packager-core</artifactId>
Expand Down
Original file line number Diff line number Diff line change
Expand Up @@ -90,11 +90,13 @@ protected void testInit() throws IOException {
this.signatureGenerator = new PGPSignatureGenerator(new BcPGPContentSignerBuilder(this.privateKey.getPublicKeyPacket().getAlgorithm(), this.digestAlgorithm));
this.signatureGenerator.init(PGPSignature.BINARY_DOCUMENT, this.privateKey);

this.armoredOutput = new ArmoredOutputStream(this.stream);
final ArmoredOutputStream.Builder builder = ArmoredOutputStream.builder();
if (this.version != null) {
this.armoredOutput.setHeader("Version", this.version);
builder.setVersion(this.version);
}

this.armoredOutput = builder.build(this.stream);

if (this.inline) {
this.armoredOutput.beginClearText(this.digestAlgorithm);
}
Expand Down
6 changes: 5 additions & 1 deletion deb/pom.xml
Original file line number Diff line number Diff line change
Expand Up @@ -4,7 +4,7 @@
<parent>
<groupId>org.eclipse.packager</groupId>
<artifactId>packager</artifactId>
<version>0.19.1-SNAPSHOT</version>
<version>0.20.1-SNAPSHOT</version>
</parent>

<artifactId>packager-deb</artifactId>
Expand All @@ -24,6 +24,10 @@
<groupId>org.apache.commons</groupId>
<artifactId>commons-compress</artifactId>
</dependency>
<dependency>
<groupId>commons-codec</groupId>
<artifactId>commons-codec</artifactId>
</dependency>
<dependency>
<groupId>com.google.guava</groupId>
<artifactId>guava</artifactId>
Expand Down
2 changes: 1 addition & 1 deletion deb/src/main/java/org/eclipse/packager/deb/Packages.java
Original file line number Diff line number Diff line change
Expand Up @@ -45,7 +45,7 @@ public static Map<String, String> parseControlFile(final File packageFile) throw
}
try (final TarArchiveInputStream inputStream = new TarArchiveInputStream(new GZIPInputStream(in))) {
TarArchiveEntry te;
while ((te = inputStream.getNextTarEntry()) != null) {
while ((te = inputStream.getNextEntry()) != null) {
String name = te.getName();
if (name.startsWith("./")) {
name = name.substring(2);
Expand Down
Original file line number Diff line number Diff line change
Expand Up @@ -95,7 +95,7 @@ public DebianPackageWriter(final OutputStream stream, final BinaryPackageControl
this.ar.write(this.binaryHeader);
this.ar.closeArchiveEntry();

this.dataTemp = File.createTempFile("data", null);
this.dataTemp = Files.createTempFile("data", null).toFile();

this.dataStream = new TarArchiveOutputStream(new GZIPOutputStream(new FileOutputStream(this.dataTemp)));
this.dataStream.setLongFileMode(TarArchiveOutputStream.LONGFILE_GNU);
Expand Down
Original file line number Diff line number Diff line change
Expand Up @@ -33,8 +33,8 @@ public class BinaryPackageTest {
@SuppressWarnings("deprecation")
@Test
public void test1() throws IOException, InterruptedException {
final File file1 = File.createTempFile("test-1-", ".deb");
final File file2 = File.createTempFile("test-2-", ".deb");
final File file1 = Files.createTempFile("test-1-", ".deb").toFile();
final File file2 = Files.createTempFile("test-2-", ".deb").toFile();

final Instant now = Instant.now();
final Supplier<Instant> timestampProvider = () -> now;
Expand Down
22 changes: 14 additions & 8 deletions pom.xml
Original file line number Diff line number Diff line change
Expand Up @@ -5,7 +5,7 @@

<groupId>org.eclipse.packager</groupId>
<artifactId>packager</artifactId>
<version>0.19.1-SNAPSHOT</version>
<version>0.20.1-SNAPSHOT</version>
<packaging>pom</packaging>

<name>Eclipse Packager</name>
Expand Down Expand Up @@ -71,15 +71,16 @@
<project.build.sourceEncoding>UTF-8</project.build.sourceEncoding>
<project.reporting.outputEncoding>UTF-8</project.reporting.outputEncoding>

<java.release>8</java.release>
<java.source>1.8</java.source>
<java.release>11</java.release>
<java.source>11</java.source>

<bouncycastle.version>1.73</bouncycastle.version>
<commons-compress.version>1.21</commons-compress.version>
<guava.version>31.1-jre</guava.version>
<bouncycastle.version>1.77</bouncycastle.version>
<commons-compress.version>1.26.0</commons-compress.version>
<commons-codec.version>1.16.1</commons-codec.version>
<guava.version>33.0.0-jre</guava.version>
<junit.jupiter.version>5.8.2</junit.jupiter.version>
<logback.version>1.2.11</logback.version>
<slf4j.version>1.7.36</slf4j.version>
<logback.version>1.5.0</logback.version>
<slf4j.version>2.0.12</slf4j.version>
<xz.version>1.9</xz.version>

<mavenVersion>3.2.5</mavenVersion>
Expand Down Expand Up @@ -133,6 +134,11 @@
<artifactId>commons-compress</artifactId>
<version>${commons-compress.version}</version>
</dependency>
<dependency>
<groupId>commons-codec</groupId>
<artifactId>commons-codec</artifactId>
<version>${commons-codec.version}</version>
</dependency>
<dependency>
<groupId>com.google.guava</groupId>
<artifactId>guava</artifactId>
Expand Down
4 changes: 2 additions & 2 deletions rpm/pom.xml
Original file line number Diff line number Diff line change
Expand Up @@ -4,7 +4,7 @@
<parent>
<groupId>org.eclipse.packager</groupId>
<artifactId>packager</artifactId>
<version>0.19.1-SNAPSHOT</version>
<version>0.20.1-SNAPSHOT</version>
</parent>

<artifactId>packager-rpm</artifactId>
Expand Down Expand Up @@ -53,7 +53,7 @@
<artifactId>junit-jupiter-params</artifactId>
<scope>test</scope>
</dependency>
<!-- show log output during tests using logback as the slfj backend. -->
<!-- show log output during tests using logback as the slf4j backend. -->
<!-- https://mvnrepository.com/artifact/ch.qos.logback/logback-classic -->
<dependency>
<groupId>ch.qos.logback</groupId>
Expand Down
2 changes: 1 addition & 1 deletion rpm/src/main/java/org/eclipse/packager/rpm/app/Dumper.java
Original file line number Diff line number Diff line change
Expand Up @@ -81,7 +81,7 @@ public static void dumpAll(final RpmInputStream in) throws IOException {
if (!SKIP_PAYLOAD) {
final CpioArchiveInputStream cpio = in.getCpioStream();
CpioArchiveEntry entry;
while ((entry = cpio.getNextCPIOEntry()) != null) {
while ((entry = cpio.getNextEntry()) != null) {
dumpEntry(entry);
}
}
Expand Down
Loading

0 comments on commit bc1ca89

Please sign in to comment.