The simrel.build from eclipse-simrel

Consider enabling delete_branch_on_merge

Now that we have support for auto-merge via #103 should we also enable delete_branch_on_merge so that one really has to do nothing else manually if the verification build succeeds?

https://gitlab.eclipse.org/eclipsefdn/helpdesk/-/issues/4156#note_1612521

@jonahgraham @ruspl-afed @akurtakov

Eliminate outdated 3rd party content from SimRel

In order to ensure we can address any problems, e.g., CVEs, that might arise in 3rd party bundles in the future, we need to be prepared to update those dependencies. The following dependencies are not currently part of the restructured Orbit aggregation and need to be investigated to determine where and why these outdated versions are being used:

bndtools.jareditor/7.0.0.202310060912
This is a dependency of PDE that is consumed directly from Maven https://github.com/eclipse-platform/eclipse.platform.releng.aggregator/blob/8aa0d1e1d6a471baad29d26f286b1946e89b8f7c/eclipse.platform.releng.prereqs.sdk/eclipse-sdk-prereqs.target#L605-L622.
It has not been included in Orbit because it has a very-many difficult-to-manage dependencies back to the Eclipse IDE. We can safely assume that PDE will update to newer versions of BND as they become available.
ca.odell.glazedlists/1.9.0.v201303080712 → ca.odell.glazedlists/1.11.0
I've opened the following issues:
- https://gitlab.eclipse.org/eclipse/papyrus/org.eclipse.papyrus-designer/-/issues/14
- eclipse-nattable/nattable#95
com.google.gerrit.common/2.1.5.v201112241444 🚫
eclipse-mylyn/org.eclipse.mylyn#567
#445
com.google.gerrit.prettify/2.1.5.v201112241444 🚫
eclipse-mylyn/org.eclipse.mylyn#567
#445
com.google.gerrit.reviewdb/2.1.5.v201112241444 🚫
eclipse-mylyn/org.eclipse.mylyn#567
#445
com.google.gwt.servlet/2.1.0.v201111291940 🚫
eclipse-mylyn/org.eclipse.mylyn#567
#445
com.google.gwtjsonrpc/1.2.5.v201112241444 🚫
eclipse-mylyn/org.eclipse.mylyn#567
#445
com.google.gwtorm/1.1.4.v201112241444 🚫
eclipse-mylyn/org.eclipse.mylyn#567
#445
com.google.protobuf/2.4.0.v201105131100 🚫
eclipse-jsdt/webtools.jsdt#5
com.mountainminds.eclemma.core/3.1.9.202405260028 ✔
This is just p2 metadata from the eclemma project:
- https://github.com/eclipse-eclemma/eclemma/blob/5c445fe234d36e88eafe31bbd78e829c42ebaedf/org.eclipse.eclemma.feature/p2.inf#L17-L19
configure.logback.classic/2.6.1.20240411-1743 ✔
This is just p2 metadata from the m2e project:
- https://github.com/eclipse-m2e/m2e-core/blob/13c4a91529f9317399bfcb2a84392f1497d71677/org.eclipse.m2e.logback.feature/p2.inf#L8-L9
jakarta.el/4.0.0.v20210105-0527 → jakarta.el-api/4.0.0 | jakarta.el-api/5.0.1
[4.0.0.v20210105-0527] - org.eclipse.jst.web_core.feature.feature.group /3.34.0.v202405180419 - Web Tools Platform
jakarta.servlet/5.0.0.v20210105-0527 → jakarta.servlet-api/5.0.0 → jakarta.servlet-api/6.1.0
[5.0.0.v20210105-0527] - org.eclipse.jst.web_core.feature.feature.group /3.34.0.v202405180419 - Web Tools Platform
5.0.0 - org.eclipse.jst.standard.schemas /1.2.700.v202402030235 - Web Tools Platform
jakarta.servlet.jsp/3.0.0.v20210105-0527 → jakarta.servlet.jsp-api/3.1.1
[3.0.0.v20210105-0527] - org.eclipse.jst.web_core.feature.feature.group /3.34.0.v202405180419 - Web Tools Platform
jakarta.xml.bind/2.3.3.v20201118-1818 → jakarta.xml.bind-api/4.0.2
[2.3.3.v20201118-1818] - org.eclipse.jst.ws.cxf.feature.feature.group /1.1.1200.v202311232240 - Web Tools Platform
[2.3.3.v20201118-1818] - org.eclipse.jst.ws.jaxws.feature.feature.group /1.2.1000.v202311280000 - Web Tools Platform
javax.activation/1.1.0.v201211130549 → jakarta.activation-api/1.2.2
[1.1.0,1.2.0) - javax.mail /1.4.0.v201005080615 - 3rd Party
javax.activation/1.2.2.v20221203-1659 → jakarta.activation-api/1.2.2
1.0.0 - jakarta.xml.bind /2.3.3.v20201118-1818 - 3rd Party
javax.annotation/1.3.5.v20200909-1856 → jakarta.annotation-api/1.3.5
[1.3.5,2.0.0) - org.eclipse.papyrus.infra.ui.fonts /2.0.0.202406051429 - Papyrus
javax.jws/2.0.0.v201005080400 → jakarta.jws-api/2.1.0
[2.0.0.v201005080400] - org.eclipse.jst.ws.cxf.feature.feature.group /1.1.1200.v202311232240 - Web Tools Platform
[2.0.0.v201005080400] - org.eclipse.jst.ws.jaxws.feature.feature.group /1.2.1000.v202311280000 - Web Tools Platform
[2.0.0,2.1.0) - org.eclipse.jst.ws.cxf.core /1.2.0.v202308010145 - Web Tools Platform
[2.0.0,2.1.0) - org.eclipse.jst.ws.cxf.creation.core /1.2.0.v202311232240 - Web Tools Platform
[2.0.0,2.1.0) - org.eclipse.jst.ws.cxf.creation.ui /1.1.0.v202308010145 - Web Tools Platform
javax.mail/1.4.0.v201005080615 → jakarta.mail-api/1.6.7
0.0.0 - org.eclipse.wst.ws_core.feature.feature.group /3.31.0.v202308021509 - Web Tools Platform
javax.persistence/2.2.1.v201807122140 → jakarta.persistence-api/2.2.3
[2.2.1.v201807122140] - org.eclipse.jpt.jpa.feature.feature.group /3.8.0.v202405180120 - Web Tools Platform
javax.wsdl/1.6.2.v201012040545 → javax.wsdl/1.6.3.v20230730-0710
[1.6.2.v201012040545] - org.eclipse.jst.ws.cxf.feature.feature.group /1.1.1200.v202311232240 - Web Tools Platform
[1.6.2.v201012040545] - org.eclipse.jst.ws.jaxws.feature.feature.group /1.2.1000.v202311280000 - Web Tools Platform
javax.xml/1.3.4.v201005080400 🚫 available in the JDK
javax.xml.rpc/1.1.0.v201209140446 → javax.xml.rpc-api/1.1.4
0.0.0 - org.eclipse.wst.ws_core.feature.feature.group /3.31.0.v202308021509 - Web Tools Platform
[1.1.0,2.0.0) - org.eclipse.wst.ws.explorer /1.1.2.v202308010145 - Web Tools Platform
javax.xml.soap/1.2.0.v201005080501 → jakarta.xml.soap-api/1.4.2
[1.2.0,1.3.0) - org.eclipse.wst.ws_core.feature.feature.group /3.31.0.v202308021509 - Web Tools Platform
javax.xml.stream/1.0.1.v201004272200 🚫 available in the JDK
[1.0.1.v201004272200] - org.eclipse.jst.ws.cxf.feature.feature.group /1.1.1200.v202311232240 - Web Tools Platform
[1.0.1.v201004272200] - org.eclipse.jst.ws.jaxws.feature.feature.group /1.2.1000.v202311280000 - Web Tools Platform
javax.xml.ws/2.1.0.v200902101523 → jakarta.xml.ws-api/2.3.3
[2.1.0.v200902101523] - org.eclipse.jst.ws.cxf.feature.feature.group /1.1.1200.v202311232240 - Web Tools Platform
[2.1.0.v200902101523] - org.eclipse.jst.ws.jaxws.feature.feature.group /1.2.1000.v202311280000 - Web Tools Platform
org.apache.bcel/5.2.0.v201005080400 → org.apache.xalan/2.7.2.v20230928-1302
0.0.0 - org.eclipse.wst.xsl.feature.feature.group /1.3.1600.v202405130119 - Web Tools Platform
org.apache.commons.codec/1.14.0.v20221112-0806 → org.apache.commons.commons-codec/1.17.0
0.0.0 - org.eclipse.wst.ws_core.feature.feature.group /3.31.0.v202308021509 - Web Tools Platform
[1.3.0,2.0.0) - org.eclipse.birt.chart.device.extension /4.12.0.v202211281949 - BIRT
[1.3.0,2.0.0) - org.eclipse.birt.chart.device.swt /4.12.0.v202211281949 - BIRT
[1.2.0,2.0.0) - org.eclipse.wst.ws.explorer /1.1.2.v202308010145 - Web Tools Platform
[1.2.0,2.0.0) - org.eclipse.wst.ws.parser /1.1.0.v202308012257 - Web Tools Platform
[1.2.0,2.0.0) - org.eclipse.wst.wsi /1.1.501.v202308010145 - Web Tools Platform
PRs:
- eclipse-webservices/webservices#4
- https://github.com/eclipse-sourceediting/sourceediting/pull/11u
- eclipse-servertools/servertools#8
org.apache.commons.collections/3.2.2.v201511171945 → org.apache.commons.collections/3.2.2
[3.2.2.v201511171945] - org.eclipse.jpt.jpa.feature.feature.group /3.8.0.v202405180120 - Web Tools Platform
org.apache.commons.io/2.8.0.v20210415-0900 → org.apache.commons.commons-io/2.16.1
[2.6.0,3.0.0) - org.eclipse.papyrus.infra.tools /4.2.0.202406051429 - Papyrus
0.0.0 - org.eclipse.php.composer.ui /8.2.0.202311292129 - PDT
0.0.0 - org.eclipse.php.phpunit /8.2.0.202311292129 - PDT
PRs:
- eclipse-pdt/pdt#280
Appears to come from https://download.eclipse.org/mylyn/updates/release/4.3.0
org.apache.commons.jxpath/1.3.0.v200911051830 → org.apache.commons.jxpath/1.3.0
Orbit provides this direct-from-maven version which is used by the Plaform:
- https://repo1.maven.org/maven2/commons-jxpath/commons-jxpath/1.3/
Unfortunately Modisco has this feature include from an old Orbit repository
- [1.3.0.v200911051830] - org.eclipse.modisco.infrastructure.feature.feature.group /1.5.4.v20240304-1105
- https://git.eclipse.org/r/c/modisco/org.eclipse.modisco/+/207294
Must explicitly exclude the old version from e(fx)
- #444
org.apache.commons.lang/2.6.0.v201404270220 → org.apache.commons.lang/2.6.0
[2.6.0.v201404270220] - org.eclipse.jpt.jpa.feature.feature.group /3.8.0.v202405180120 - Web Tools Platform
org.apache.commons.logging/1.2.0.v20180409-1502 → org.apache.commons.logging/1.2.0 | org.apache.commons.commons-logging/1.3.3
[1.2.0,2.0.0) - org.eclipse.ecf.remoteservice.rest.feature.feature.group /1.0.303.v20240405-1603 - ECF
[1.2.0.v20180409-1502] - org.eclipse.net4j.util.feature.group /4.23.0.v20240605-1049 - EMF CDO
1.0.4 - org.eclipse.wst.ws_core.feature.feature.group /3.31.0.v202308021509 - Web Tools Platform
1.0.4 - org.eclipse.wst.xsl.feature.feature.group /1.3.1600.v202405130119 - Web Tools Platform
1.0.4 - org.eclipse.epp.mpc.core /1.10.3.v20240221-1216 - EPP Marketplace Client
0.0.0 - org.eclipse.php.composer.api /8.2.0.202311292129 - PDT
0.0.0 - org.eclipse.php.composer.core /8.2.0.202311292129 - PDT
-[1.0.4,2.0.0) - org.eclipse.wst.server.preview /1.3.0.v202311130434 - Web Tools Platform
0.0.0 - org.eclipse.wst.wsi /1.1.501.v202308010145 - Web Tools Platform
-1.0.4 - org.eclipse.wst.xsl.jaxp.debug /1.1.100.v202202230212 - Web Tools Platform
PRs:
- eclipse-webservices/webservices#4
- eclipse-sourceediting/sourceediting#11
- eclipse-servertools/servertools#8
org.apache.commons.net/3.2.0.v201305141515 → org.apache.commons.commons-net/3.11.1
[3.2.0.v201305141515] - org.eclipse.rse.ftp.feature.group /4.5.600.202401151828 - TM: RSE
2.0.0 - org.eclipse.rse.ftp.feature.group /4.5.600.202401151828 - TM: RSE
[3.2.0.v201305141515] - org.eclipse.rse.telnet.feature.group /4.5.600.202401151828 - TM: RSE
[1.4.1,4.0.0) - org.eclipse.rse.connectorservice.telnet /4.5.600.202401151652 - TM: RSE
[1.4.1,4.0.0) - org.eclipse.rse.services.files.ftp /4.5.600.202401151652 - TM: RSE
[2.0.0,4.0.0) - org.eclipse.rse.services.telnet /4.5.600.202401151652 - TM: RSE
[1.4.1,4.0.0) - org.eclipse.rse.subsystems.files.ftp /4.5.600.202401151652 - TM: RSE
PR:
- https://git.eclipse.org/c/tm/org.eclipse.tm.git/commit/?id=4c983325f3d0b75f9afd32a250ec0946ea79a5ef
org.apache.httpcomponents.httpcore/4.4.16.v20221207-1049 → org.apache.httpcomponents.httpcore/4.4.16
Appears to come from https://download.eclipse.org/mylyn/updates/release/4.3.0
https://github.com/eclipse-simrel/simrel.build/pull/446/files
org.apache.xml.serializer/2.7.1.v201005080400 → org.apache.xml.serializer/2.7.2.v20230928-1302
[2.7.1.v201005080400] - org.eclipse.wst.xml_core.feature.feature.group /3.34.0.v202405130132 - Web Tools Platform
0.0.0 - org.eclipse.wst.xsl.feature.feature.group /1.3.1600.v202405130119 - Web Tools Platform
[2.7.0,2.8.0) - org.eclipse.wst.xsl.xalan /1.1.100.v202301080401 - Web Tools Platform
org.eclipse.m2e.maven.runtime/3.9.700.20240602-2313 ✔
This is produced and actively maintained by m2e:
- https://github.com/eclipse-m2e/m2e-core/tree/13c4a91529f9317399bfcb2a84392f1497d71677/org.eclipse.m2e.maven.runtime
org.glassfish.hk2.osgi-resource-locator/2.5.0.v20161103-1916 → org.glassfish.hk2.osgi-resource-locator/1.0.3
The 1.0.3 version in Orbit is actually newer than the 2.5.0.x version:
- eclipse-mylyn/org.eclipse.mylyn#569
- https://repo1.maven.org/maven2/org/glassfish/hk2/osgi-resource-locator/
org.gradle.toolingapi/8.1.1.v20240115-1636 ✔
This appears to be based on checked-in jars located here:
- https://github.com/eclipse/buildship/tree/master/org.gradle.toolingapi
This is probably fine because buildship can update this, though I've asked about that.
- eclipse/buildship#1308
org.h2/1.3.168.v201212121212
[1.3.168.v201212121212] - org.eclipse.net4j.db.h2.feature.group /4.5.5.v20240605-1049 - EMF CDO
Potential replacement available as OSGi bundle:
- https://repo1.maven.org/maven2/com/h2database/h2/
org.jboss.tools.maven.jaxrs/1.6.1.20231024-1618 ✔
This is merely content metadata with no corresponding artifact contributed by m2e-wtp.
org.jboss.tools.maven.jpa/1.6.1.20231024-1618 ✔
This is merely content metadata with no corresponding artifact contributed by m2e-wtp.
org.jboss.tools.maven.jsf/1.6.1.20231024-1618 ✔
This is merely content metadata with no corresponding artifact contributed by m2e-wtp.
org.jivesoftware.smack/3.4.0.v20231021-2050 ✔
This is project content from ECF:
- https://github.com/eclipse/ecf/tree/master/protocols/bundles/org.jivesoftware.smack
org.maven.ide.eclipse.wtp/1.6.1.20231024-1618 ✔
This is merely content metadata with no corresponding artifact contributed by m2e-wtp.
org.mozilla.javascript/1.7.10.v20190430-1943 → org.mozilla.rhino/1.7.15
[1.7.10.v20190430-1943] - org.eclipse.wst.jsdt.feature.feature.group /2.4.500.v202307190318 - Web Tools Platform
1.7.4 - org.eclipse.birt.core /4.12.0.v202211281949 - BIRT
1.7.5 - org.eclipse.wst.jsdt.debug.rhino.debugger /1.1.0.v202307190318 - Web Tools Platform
Update to org.eclipse.wst.jsdt.debug.rhino.debugger /1.1.0.v202307190318 blocked by this issue:
- eclipse-jsdt/webtools.jsdt#2
Update needed for org.eclipse.birt.core /4.12.0.v202211281949 which is contributed by MAT

The above list was produced by adding validation repositories to both validation sets in simrel.aggr

and specifying to exclude all IUs available from a validation repository:

With this approach, the analysis editors view shows only the subset of 3rd party libraries that do not come from the restructured Orbit aggregation:

SimRel Project Logo

Our creative graphic designers have created the following artwork for the SimRel project's logo:

SimRel_Logo.pdf

Please vote below with a 👍 on your favorites. Note that you can remove a "reaction" by clicking on the "icon".

Provide an official stable "upcomming" repository that includes Milestone builds

I'm currently using in my IDE this updatesite:

https://download.eclipse.org/releases/latest

this results in Eclipse notify me whenever a new release is published and I can update (or wait if I feel its to risky because tomorrow is deadline for my project and I need to fix this one tiny little bug).

On the other hand, the three month cycle is probably a bit long and I generally trust that Eclipse delivers good software already in their milestones and it is good to discover any issue fast.

I therefore like to have an URL like

https://download.eclipse.org/releases/upcomming

that is a composite that behaves like this:

it contains the lastest as a child so of course any release is included
it contains a reference to the latest Milestone of the next release, for example M1/M2/... whenever it becomes avaiable
it contains a reference to the latest RC1/2/...

that way I can get automatic notifications of updates with just one URL, and can decide if I want to install them to give faster feedback, getting new features faster and so on.

Eliminate multiple/old guava versions

The one and only version of guava that should be on the train for 2023-12 is 32.1.3.jre.

There are compelling reasons why this should be the case, including wiring problems, but not the least of which is this CVE:

CVE-2023-2976

There are currently multiple versions for various reasons. The oldest version is pulled in by RCPTT and that project is unable to do the releng work to make the necessary updates. The project must be removed from the train until they do so. GEF 5 is also a problem indirectly by requiring com.google.inject 5.x which requires an older guava. I am working to fix that problem and have it working locally.

Removing RCPTT and updating GEF 5 reveals that a whole whack of projects just aren't paying attention. The following projects currently continue to build against and deliver old dependencies, in each case track by the associated bug/issue:

Acceleo
- https://bugs.eclipse.org/bugs/show_bug.cgi?id=582645
Sirius
- eclipse-sirius/sirius-desktop#167
EMF Compare
- eclipse-emf-compare/emf-compare#14
CDO
- eclipse-cdo/cdo#31
GEF 5
- eclipse/gef#108
RCPTT
- eclipse/org.eclipse.rcptt#7
Buildship
- eclipse/buildship#1280

Content signed with an expired certifcate after the expiration date is considered unsigned

I will edit this description with additional details as they become available.

This issue affects all projects that sign jars, not just SimRel projects.

This issue directly related to the problem is already opened:

https://gitlab.eclipse.org/eclipsefdn/helpdesk/-/issues/4662

Here is a (hopefully correct) short list of affected projects:

The signing certificate expired May 21, 2024:

Any content signed with this certificate after that date is considered unsigned, e.g.,

$/c/Program\ Files/Java/jdk-21.0.2+13/bin/jarsigner.exe  -verbose -verify /d/stuff/org.eclipse.e4.ui.dialogs_1.5.0.v20240424-0957.jar

s       4608 Wed Apr 24 22:09:26 CEST 2024 META-INF/MANIFEST.MF
        3961 Wed Apr 24 22:09:26 CEST 2024 META-INF/ECLIPSE_.SF
        9554 Wed Apr 24 22:09:26 CEST 2024 META-INF/ECLIPSE_.RSA
           0 Wed Apr 24 22:09:24 CEST 2024 META-INF/
           0 Wed Apr 24 22:09:24 CEST 2024 org/
           0 Wed Apr 24 22:09:24 CEST 2024 org/eclipse/
           0 Wed Apr 24 22:09:24 CEST 2024 org/eclipse/e4/
           0 Wed Apr 24 22:09:24 CEST 2024 org/eclipse/e4/ui/
           0 Wed Apr 24 22:09:24 CEST 2024 org/eclipse/e4/ui/dialogs/
           0 Wed Apr 24 22:09:24 CEST 2024 org/eclipse/e4/ui/dialogs/filteredtree/
           0 Wed Apr 24 22:09:24 CEST 2024 org/eclipse/e4/ui/dialogs/textbundles/
           0 Wed Apr 24 22:09:24 CEST 2024 org/eclipse/e4/ui/internal/
           0 Wed Apr 24 22:09:24 CEST 2024 org/eclipse/e4/ui/internal/dialogs/
           0 Wed Apr 24 22:09:24 CEST 2024 org/eclipse/e4/ui/internal/dialogs/about/
           0 Wed Apr 24 22:09:24 CEST 2024 icons/
           0 Wed Apr 24 22:09:24 CEST 2024 icons/full/
           0 Wed Apr 24 22:09:24 CEST 2024 icons/full/dtool16/
           0 Wed Apr 24 22:09:24 CEST 2024 icons/full/etool16/
sm      2520 Wed Apr 24 22:09:24 CEST 2024 org/eclipse/e4/ui/dialogs/filteredtree/BasicUIJob.class
sm     13542 Wed Apr 24 22:09:24 CEST 2024 org/eclipse/e4/ui/dialogs/filteredtree/FilteredTree.class
sm      3362 Wed Apr 24 22:09:24 CEST 2024 org/eclipse/e4/ui/dialogs/filteredtree/FilteredTree$NotifyingTreeViewer.class
sm      1397 Wed Apr 24 22:09:24 CEST 2024 org/eclipse/e4/ui/dialogs/filteredtree/FilteredTree$5.class
sm      1199 Wed Apr 24 22:09:24 CEST 2024 org/eclipse/e4/ui/dialogs/filteredtree/FilteredTree$4.class
sm      2604 Wed Apr 24 22:09:24 CEST 2024 org/eclipse/e4/ui/dialogs/filteredtree/FilteredTree$2.class
sm      1270 Wed Apr 24 22:09:24 CEST 2024 org/eclipse/e4/ui/dialogs/filteredtree/FilteredTree$3.class
sm      4743 Wed Apr 24 22:09:24 CEST 2024 org/eclipse/e4/ui/dialogs/filteredtree/FilteredTree$1.class
sm      7594 Wed Apr 24 22:09:24 CEST 2024 org/eclipse/e4/ui/dialogs/filteredtree/PatternFilter.class
sm      1258 Wed Apr 24 22:09:24 CEST 2024 org/eclipse/e4/ui/dialogs/textbundles/E4DialogMessages.class
sm      1663 Wed Apr 24 22:03:14 CEST 2024 org/eclipse/e4/ui/dialogs/textbundles/messages.properties
sm      9637 Wed Apr 24 22:09:24 CEST 2024 org/eclipse/e4/ui/internal/dialogs/about/AboutDialogE4.class
sm      1838 Wed Apr 24 22:09:24 CEST 2024 org/eclipse/e4/ui/internal/dialogs/about/AboutText$1.class
sm     11033 Wed Apr 24 22:09:24 CEST 2024 org/eclipse/e4/ui/internal/dialogs/about/AboutText.class
sm      2222 Wed Apr 24 22:09:24 CEST 2024 org/eclipse/e4/ui/internal/dialogs/about/AboutText$2.class
sm      4111 Wed Apr 24 22:09:24 CEST 2024 org/eclipse/e4/ui/internal/dialogs/about/BrandingProperties.class
sm      2556 Wed Apr 24 22:09:24 CEST 2024 org/eclipse/e4/ui/internal/dialogs/about/HyperlinkExtractor.class
sm       719 Wed Apr 24 22:09:24 CEST 2024 org/eclipse/e4/ui/internal/dialogs/about/HyperlinkRange.class
sm       421 Wed Apr 24 22:09:24 CEST 2024 org/eclipse/e4/ui/internal/dialogs/about/IProductConstants.class
sm      1911 Wed Apr 24 22:09:24 CEST 2024 org/eclipse/e4/ui/internal/dialogs/about/ParsedAbout.class
sm      2617 Wed Apr 24 22:09:24 CEST 2024 org/eclipse/e4/ui/internal/dialogs/about/ProductInformation.class
sm      7441 Wed Apr 24 22:09:24 CEST 2024 org/eclipse/e4/ui/internal/dialogs/about/ProductProperties.class
sm      1084 Wed Apr 24 22:09:24 CEST 2024 org/eclipse/e4/ui/internal/dialogs/about/UnavailableProduct.class
sm       397 Wed Apr 24 22:03:14 CEST 2024 icons/full/dtool16/clear_co.png
sm       755 Wed Apr 24 22:03:14 CEST 2024 icons/full/dtool16/[email protected]
sm       463 Wed Apr 24 22:03:14 CEST 2024 icons/full/etool16/clear_co.png
sm      1015 Wed Apr 24 22:03:14 CEST 2024 icons/full/etool16/[email protected]
sm       214 Wed Apr 24 22:09:24 CEST 2024 .api_description
sm      1460 Wed Apr 24 22:03:14 CEST 2024 about.html
sm       614 Wed Apr 24 22:03:14 CEST 2024 plugin.properties

  s = signature was verified
  m = entry is listed in manifest
  k = at least one certificate was found in keystore

- Signed by "[email protected], CN="Eclipse.org Foundation, Inc.", OU=IT, O="Eclipse.org Foundation, Inc.", L=Ottawa, ST=Ontario, C=CA"
    Digest algorithm: SHA-256
    Signature algorithm: SHA384withRSA, 4096-bit key
  Timestamped by "CN=Symantec SHA256 TimeStamping Signer - G3, OU=Symantec Trust Network, O=Symantec Corporation, C=US" on Mi. Apr. 24 22:09:27 UTC 2024
    Timestamp digest algorithm: SHA-256
    Timestamp signature algorithm: SHA256withRSA, 2048-bit key

jar verified.

Warning:
This jar contains entries whose TSA certificate chain is invalid. Reason: PKIX path building failed: sun.security.provider.certpath.SunCertPathBuilderException: unable to find valid certification path to requested target
POSIX file permission and/or symlink attributes detected. These attributes are ignored when signing and are not protected by the signature.

Re-run with the -verbose and -certs options for more details.

The signer certificate expired on 2024-05-22. However, the JAR will be valid until the timestamp expires on 2029-03-23.

We see SimRel staging is badly affected by this:

Note that some shown with strikeout and some are not. That's because some artifacts were signed by the certificate when it was still valid while others are signed by the certificate after is expired.

Here are JUnit-style test results:

https://ci.eclipse.org/simrel/job/simrel.oomph.repository-analyzer.test/lastCompletedBuild/testReport/

"Mirror tool: Problems resolving provisioning plan" error with latest 2024-06 repo

Apologies if I'm jumping the gun here by targetting the repo at https://download.eclipse.org/staging/2024-06 but I like to test our product against the latest builds so I thought I better report this in case there's a problem.

Our .product file includes the following feature:

<feature id="org.eclipse.ecf.filetransfer.httpclient5.feature"/>

Now when we try to build our product using Tycho (4.0.8) and our pom.xml targetting the staging repo the build is unsuccessful:

[WARNING] Mirror tool: Problems resolving provisioning plan.:
Unable to satisfy dependency from org.eclipse.ecf.filetransfer.httpclient5.feature.feature.group 1.1.702.v20231114-1017 to org.eclipse.equinox.p2.iu; org.eclipse.ecf.provider.filetransfer.httpclient5.win32 [1.1.0.v20230423-0417,1.1.0.v20230423-0417], filter=(osgi.os=win32).
Unable to satisfy dependency from org.eclipse.ecf.filetransfer.httpclient5.feature.feature.group 1.1.702.v20231114-1017 to org.eclipse.equinox.p2.iu; org.apache.httpcomponents.client5.httpclient5-win [5.2.1.v20230802-0847,5.2.1.v20230802-0847], filter=(osgi.os=win32).

and:

[ERROR] Failed to execute goal org.eclipse.tycho:tycho-p2-director-plugin:4.0.7:materialize-products (create-distributions) on project com.archimatetool.editor.product: Installation of product com.archimatetool.editor.product for environment win32/win32/x86_64 failed: Call to p2 director application failed:Cannot complete the install because one or more required items could not be found.: [Software being installed: Archi 5.4.0.202405311403 (com.archimatetool.editor.product 5.4.0.202405311403); Missing requirement for filter properties ~= $0: ECF Apache Httpclient 5 FileTransfer Provider 1.1.702.v20231114-1017 (org.eclipse.ecf.filetransfer.httpclient5.feature.feature.group 1.1.702.v20231114-1017) requires 'org.eclipse.equinox.p2.iu; org.eclipse.ecf.provider.filetransfer.httpclient5.win32 [1.1.0.v20230423-0417,1.1.0.v20230423-0417], filter=(osgi.os=win32)' but it could not be found; Cannot satisfy dependency:: [From: Archi 5.4.0.202405311403 (com.archimatetool.editor.product 5.4.0.202405311403); To: org.eclipse.equinox.p2.iu; org.eclipse.ecf.filetransfer.httpclient5.feature.feature.group [1.1.702.v20231114-1017,1.1.702.v20231114-1017]]].

Create README.md with link to https://github.com/orgs/eclipse-simrel/discussions/3

Without it people looking at the new repo will not find these instructions directly.

bndtools.jareditor/7.0.0.202310060912

FeatureNotFoundException for 'includeSources' in simrel.aggr

Getting error opening simrel.aggr with Aggregator Model Editor after #48.

Using Eclipse IDE 2023-09 with CBI Aggregator Editor 1.0.300 from https://www.eclipse.org/cbi/downloads/aggregatorLatest/

org.eclipse.emf.ecore.xmi.FeatureNotFoundException: Feature 'includeSources' not found. (platform:/resource/org.eclipse.simrel.build/simrel.aggr, 2, 523)
at org.eclipse.emf.ecore.xmi.impl.XMLHandler.reportUnknownFeature(XMLHandler.java:2057)
at org.eclipse.emf.ecore.xmi.impl.XMLHandler.handleUnknownFeature(XMLHandler.java:2021)
at org.eclipse.emf.ecore.xmi.impl.XMIHandler.handleUnknownFeature(XMIHandler.java:172)
at org.eclipse.emf.ecore.xmi.impl.XMLHandler.setAttribValue(XMLHandler.java:2773)

SimRel Oomph setup is broken

Using latest Oomph (1.32.0 Build 418) the SimRel setup doesn't work. After the IDE installs and starts I can see the setup check run briefly, but then nothing further happens.

There is an error log entry that says: The location '/scratch/eclipse/oomph/simrel-main3/git/simrel.github' is not empty but is not a Git repository. and the contents of the mentioned directory are:

$ tree -a $PWD
/scratch/eclipse/oomph/simrel-main3/git/simrel.github
├── .gitignore
├── .project
└── .settings
    └── org.eclipse.core.resources.prefs

1 directory, 3 files

I tried this on a Linux and Windows machine and got the same results.