Apache Maven Assembly Plugin v 3.2.0 released

New version of an Assembly Plugin for Apache Maven has been released
28 August 2017   1316

New version of Assembly Plugin for Apache Maven has been released.

What is Apache Maven?

Apache Maven is a software project management and comprehension tool. Based on the concept of a project object model (POM), Maven can manage a project's build, reporting and documentation from a central piece of information. 

Maven addresses two aspects of building software: first, it describes how software is built, and second, it describes its dependencies. Contrary to preceding tools like Apache Ant, it uses conventions for the build procedure, and only exceptions need to be written down. An XML file describes the software project being built, its dependencies on other external modules and components, the build order, directories, and required plug-ins. It comes with pre-defined targets for performing certain well-defined tasks such as compilation of code and its packaging.

Maven dynamically downloads Java libraries and Maven plug-ins from one or more repositories such as the Maven 2 Central Repository, and stores them in a local cache.[4] This local cache of downloaded artifacts can also be updated with artifacts created by local projects. Public repositories can also be updated.

Maven can also be used to build and manage projects written in C#, Ruby, Scala, and other languages. The Maven project is hosted by the Apache Software Foundation, where it was formerly part of the Jakarta Project.

What is Asembly Plugin for Apache Maven?

The Assembly Plugin for Maven is primarily intended to allow users to aggregate the project output along with its dependencies, modules, site documentation, and other files into a single distributable archive.

Your project can build distribution "assemblies" easily, using one of the convenient, prefabricated assembly descriptors. These descriptors handle many common operations, such as packaging a project's artifact along with generated documentation into a single zip archive. Alternatively, your project can provide its own descriptor and assume a much higher level of control over how dependencies, modules, file-sets, and individual files are packaged in the assembly.

Learn more at official website.

New Vulnerability to be Found in Google+

Due to this vulnerability it was possible to obtain private information of 52.5 million accounts
11 December 2018   107

Google decided to close the social network Google+ not in August 2019, but in April. The reason was another vulnerability in the API, due to which it was possible to obtain private information of 52.5 million accounts. The company plans to close the social network API until mid-March 2019.

By December 10, 2018, the following error information was published:

  • Third-party applications requesting access to profile data, because of the bug in the API, received permission to view information, even if it is hidden by privacy settings;
  • the names of users, their email addresses, information about occupation, age and other confidential information were at risk;
  • passwords, financial data and national identification numbers have not been compromised;
  • the company has no evidence that anyone has exploited the vulnerability;
  • the error was fixed within 6 days: from November 7 to November 13, 2018.
  • Google said it sends notifications to all users affected by the bug.

The previous data leak of Google+ users occurred in October 2018. Then about 500 thousand accounts were compromised. The attackers could get the names, email addresses, age, gender and occupation of users.