continuum-dev mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Brett Porter <br...@apache.org>
Subject Re: Patching javadocs
Date Mon, 24 Jun 2013 07:12:33 GMT
Hi Brent,

That Maven command would be if you were generating for a particular release, from the main
Continuum tree.

If you are adjusting site-publish using the fix tool, you just need to check in the results.

It sounds like there's some work going on in Maven land to do some prevention of bad Javadoc
being published in the future.

Cheers,
Brett

On 23/06/2013, at 1:58 AM, Brent Atkinson <batkinson@apache.org> wrote:

> Greetings,
> 
> I have some time to patch frame injection vulnerability in the project
> javadocs. Since this is the first time publishing the docs, I'd like
> someone to verify the process for me. From
> http://continuum.apache.org/development/publishing-site.html it appears
> that I:
> 
>  * check out the source under
> http://svn.apache.org/repos/asf/continuum/site-publish
>  * patch the docs
>  * run "mvn site site:stage scm-publish:publish-scm"
> 
> That should update the existing docs.
> 
> How should we ensure new docs don't get published with the vulnerability?
> Would that be something we'd do with enforcer and require versions?
> 
> Brent

--
Brett Porter
brett@apache.org
http://brettporter.wordpress.com/
http://au.linkedin.com/in/brettporter
http://twitter.com/brettporter






Mime
View raw message