Struts 1.2.9 Release
Info
- Struts Release Guidelines 2. Signing Releases
3. Apache Mirroring Guidelines
Release Manager
The release manager is Niall Pemberton
Special Issues
This is primarily a maintenance release to fix the following security issues:
Validation always skipped with Globals.CANCEL_KEY |
|
DOS attack, application hack |
|
XSS vulnerability in LookupDispatchAction |
Outstanding Bug Review
ID |
Summary |
Component |
Status |
Multiple classes using deprecated DefinitionsUtil class |
tiles |
Remove deprecations in 1.3.x |
|
Unexpected Tiles recursion on JSP errors? |
tiles |
Needs more investigation -Plan to proceed without this |
|
Struts-beans and tiles handle request.getLocale different |
tiles |
document? - Target 1.3.x |
|
TilesUtilImpl doInclude() should call TilesRequestProcessor doInclude()... but it doesn't |
tiles |
WONTFIX |
|
TagUtils doesn't create XHTML compliant URLs when called from LinkTag when using forwards defined with redirect="true" |
taglib |
fixed |
|
Hanging Fileupload in Large Input JSP |
fileupload |
Can't determine cause - proceed without |
|
duplicate processing instructions when using jspx |
tiles |
Needs more investigation. Plan to proceed without this |
|
Fix Min/Max Length Validator for different line endings |
validator |
Needs Valdiator 1.2.1 release. Target 1.3.x |
|
forwardPattern implementation missing |
action |
Plan to release without this - IMO should be enhancement |
|
Postback form (optional 'action' attribute for html-el:form) is not working |
EL |
Only affects 1.3.x |
|
Postback Forms - Caching and Modules |
taglib |
Only affects 1.3.x |
Preparation Checklist
Description |
Status |
|
1. |
Announce plan to dev@ list; link from roadmap page |
|
2. |
Review/Resolve Outstanding Bugs |
|
3. |
Update Release Notes |
|
4. |
Check Dependencies |
|
5. |
Update to version 1.2.9 build.xml, project.xml |
|
The Commons Preparation Guide is a helpful preparation backgrounder, but Commons uses the "beta/release-candidate/final" process.
Likewise, the HTTPD Release Guidelines is a helpful "overall process" backgrounder, but HTTPD does not use a test-build stage.
Dependency versions for this release:
Dependency |
Version |
Status |
Used In |
Antlr |
2.7.2 |
Released |
Struts Validator |
Commons BeanUtils |
1.7.0 |
Released |
core (ActionServlet, configuration, DynaActionForm) |
Commons Digester |
1.6 |
Released |
core (ActionServlet, configuration) |
Commons FileUpload |
1.0 |
Released |
Struts Upload |
Commons Logging |
1.0.4 |
Released |
core (logging all over) |
Commons Validator |
1.1.4 |
Released |
Struts Validator |
Jakarta Oro |
2.0.7 |
Released |
Commons Validator |
Testing Checklist
Testing Summary
Description |
Completed |
|
1. |
Run Unit Test targets |
|
2. |
Run Cactus Tests (see below) |
|
3. |
Play test bundled applications (TC 5.0.x) |
|
TODO: A Canoo WebTest for the applications would be great!
Cactus Tests
J2SE Version |
Tomcat Version |
Status |
|
1. |
J2SE 1.3.1_04 |
Tomcat 4.1.30 |
|
2. |
J2SE 1.4.2_07 |
Tomcat 4.1.30 |
|
3. |
J2SE 1.3.1_04 |
Tomcat 5.0.28 |
|
4. |
J2SE 1.4.2_07 |
Tomcat 5.0.28 |
|
Test Build Checklist (A)
See also Commons Step-by-Step Guide
Description |
Completed |
|
A1. |
Tag release in svn: STRUTS_1_2_9 (remember to update svn:externals) |
|
A2. |
Check out a clean copy using the tag created in A1 and and run Distribution Target |
|
A3. |
Upload Distribution to cvs.apache.org:/www/cvs.apache.org/dist/struts/v1.2.9 |
|
A4. |
Post release-quality vote on dev@ and user@ lists |
|
Vote (A)
PMC Member |
Quality |
Don Brown |
GA |
Niall Pemberton |
GA |
Martin Cooper |
GA |
If release vote fails, including for a lack of quorum, remove from dist folder.
Point Release Checklist (B)
Description |
Completed |
|||
<ac:structured-macro ac:name="unmigrated-wiki-markup" ac:schema-version="1" ac:macro-id="65278958-b10a-4797-b989-3e4649efd446"><ac:plain-text-body><![CDATA[ |
B1. |
Create Sums and Sign Distributions [2] |
|
]]></ac:plain-text-body></ac:structured-macro> |
B2. |
Request new Bugzilla version level (1.2.9) |
|
||
B3. |
Update "Acquiring" page on website and Test Downloads |
n/a |
Vote (B)
PMC Member |
Quality |
N.B. Voted GA Quality in first vote (see Vote A above)
Voting continues until a GA or "withdraw" vote passes, or there is a subsequent release.
General Availability Checklist (C)
Description |
Completed |
|||
<ac:structured-macro ac:name="unmigrated-wiki-markup" ac:schema-version="1" ac:macro-id="adf47f60-2788-4695-8326-f0d6f9f5a1e1"><ac:plain-text-body><![CDATA[ |
C1. |
Copy Distribution to Mirrored Directories [3] |
|
]]></ac:plain-text-body></ac:structured-macro> |
C2. |
Deploy JAR to Apache Java-Repository |
|
||
C3. |
After 24 hours, update "Acquiring" page on website |
|
||
C4. |
Post an announcement to lists and website |
|