Softpedia >Windows >Programming >Other Programming Files >Apache Ant >  Changelog

Apache Ant Changelog

What's new in Apache Ant 1.10.14

Aug 21, 2023
  • Ant 1.10.14 contains an important change wherein it no longer uses or sets Java SecurityManager when running on Java versions 18 and higher. This should allow projects to build on Java 18 and higher versions.

New in Apache Ant 1.10.13 (Jan 10, 2023)

  • Mostly a bug fix release, but does contain one important change - Java versions starting Java 18, by default, no longer allow SecurityManager to be set at runtime. Ant (internally) does set SecurityManager at runtime. This caused problems for projects that wanted to build their projects using Ant against Java 18 or higher. This newly released Ant 1.10.13 version fixes that issue (internally) and thus should allow projects to use this version of Ant to build against Java 18 or higher.

New in Apache Ant 1.10.13 (Jan 10, 2023)

  • Ant 1.10.13 is mostly a bug fix release, but does contain one important change - Java versions starting Java 18, by default, no longer allow SecurityManager to be set at runtime. Ant (internally) does set SecurityManager at runtime. This caused problems for projects that wanted to build their projects using Ant against Java 18 or higher. This newly released Ant 1.10.13 version fixes that issue (internally) and thus should allow projects to use this version of Ant to build against Java 18 or higher.

New in Apache Ant 1.10.12 (Oct 19, 2021)

  • Ant 1.10.12 is mainly a bug fix release

New in Apache Ant 1.9.16 / 1.10.11 (Jul 14, 2021)

  • Ant 1.10.11 contains a superset of 1.9.16 - with the exception of a few tasks and features that no longer work with Java8 anyway (like the apt task).
  • Both releases address potential denial of service vulnerabilities:
  • Low: Denial of Service CVE-2021-36373 and CVE-2021-36374.
  • When reading a specially crafted archive an Apache Ant build can be made to allocate large amounts of memory that finally leads to an out of memory error, even for small inputs. This can be used to disrupt builds using Apache Ant.
  • It affects reading (or updating) tar archives as well as archives using the zip format or formats derived from it. Commonly used derived formats from ZIP archives are for instance JAR files and many office files. This was fixed in revision 6594a2d.
  • These issues are similar to CVE-2021-35517 and CVE-2021-36090 present in Apache Commons Compress which has been detected by OSS Fuzz.
  • Affects: up to 1.9.15 / 1.10.10. Versions prior to 1.4 are not affected, versions prior to 1.9.0 are not affected when reading tar archives.

New in Apache Ant 1.10.10 (Apr 19, 2021)

  • Ant 1.10.10 contains numerous bugfixes and some enhancements.

New in Apache Ant 1.10.9 (Sep 30, 2020)

  • Ant 1.10.9 contains a bugfixes and support for using GraalVM JavaScript inside the script family of tasks and types.
  • It also addresses an insecure temporary file vulnerability vulnerability, see the security report for details.

New in Apache Ant 1.9.15 / 1.10.8 (May 13, 2020)

  • Both releases address a insecure temporary file vulnerability vulnerability.
  • Fixed in Apache Ant 1.10.8:
  • Medium: insecure temporary file vulnerability CVE-2020-1945
  • Apache Ant uses the default temporary directory identified by the Java system property java.io.tmpdir for several tasks and may thus leak sensitive information. The fixcrlf and replaceregexp tasks also copy files from the temporary directory back into the build tree allowing an attacker to inject modified source files into the build process.
  • Mitigation: Ant users of versions 1.1 to 1.9.14 and 1.10.0 to 1.10.7 should set the java.io.tmpdir system property to point to a directory only readable and writable by the current user prior to running Ant.
  • Users of versions 1.9.15 and 1.10.8 can use the Ant property ant.tmpfile instead. Users of Ant 1.10.8 can rely on Ant protecting the temporary files if the underlying filesystem allows it, but we still recommend using a private temporary directory instead.
  • This was fixed in revisions 9c1f4d905da59bf446570ac28df5b68a37281f35, 041b058c7bf10a94d56db3ca9dba38cf90ab9943 and a8645a151bc706259fb1789ef587d05482d98612.
  • This was first reported to the Security Team on 29 January 2020 and made public on 13 May 2020. Affects: until 1.10.7

New in Apache Ant 1.10.7 (Sep 5, 2019)

  • Ant 1.10.7 is mainly a bug fix release with few minor enhancements. This release includes a major regression fix, which prevented the previous 1.10.6 release to be unusable on Java 8 runtimes.

New in Apache Ant 1.10.6 (May 9, 2019)

  • Ant 1.10.6 consists several bug fixes as well as enhancements, including, but not limited to:
  • junitlauncher task now supports fork mode, to launch the tests in a forked JVM.
  • New tasks jmod and link have been introduced to support jmod and jlink tools of JDK 9+.

New in Apache Ant 1.9.12 / 1.10.4 (Jun 22, 2018)

  • Both releases are mostly bug fix releases with a few new features being added. In both releases the untar, unjar and unzip will no longer extract entries whose names would make the created files be placed outside of the destination directory by default. This is based on a recommendation by the Snyk Security Research Team.

New in Apache Ant 1.9.11 / 1.10.3 (Mar 28, 2018)

  • The Apache Ant team currently maintains two lines of development. The 1.9.x releases require Java5 at runtime and 1.10.x requires Java8 at runtime. Both lines are based off of Ant 1.9.7 and the 1.9.x releases are mostly bug fix releases while additional new features are developed for 1.10.x. We recommend using 1.10.x unless you are required to use versions of Java prior to Java8 during the build process.
  • Ant 1.10.3 contains a superset of 1.9.11 - with the exception of a few tasks and features that no longer work with Java8 anyway (like the apt task).
  • Both releases are mostly bug fix releases with a few new features being added. Ant 1.10.2 introduced a number of regressions that are now fixed in 1.10.3.
  • Ant 1.10.3 introduces initial support for JUnit5 in the form of the junitlauncher task. The new task is fully functional but currently lacks a few features like forking a new JVM for tests which will be added in upcoming releases.

New in Apache Ant 1.9.10 / 1.10.2 (Feb 7, 2018)

  • The Apache Ant team currently maintains two lines of development. The 1.9.x releases require Java5 at runtime and 1.10.x requires Java8 at runtime. Both lines are based off of Ant 1.9.7 and the 1.9.x releases are mostly bug fix releases while additional new features are developed for 1.10.x. We recommend using 1.10.x unless you are required to use versions of Java prior to Java8 during the build process.
  • Ant 1.10.2 contains a superset of 1.9.10 - with the exception of a few tasks and features that no longer work with Java8 anyway (like the apt task).
  • Both releases are mostly bug fix releases with a few new features being added. A new javaversion condition can be used to detect the version of the JVM running Ant.
  • The log4j listener has been deprecated as log4j 1.x is no longer actively developed and we've made sure the listener works when using the log4j2 logging bridge. In 1.10.2 the imaging tasks have been deprecated as JAI doesn't seem to work with Java9 anymore.

New in Apache Ant 1.9.9 / 1.10.1 (Feb 6, 2017)

  • The 1.9.x releases require Java5 at runtime and 1.10.x requires Java8 at runtime. Both lines are based off of Ant 1.9.7 and the 1.9.x releases are mostly bug fix releases while additional new features are developed for 1.10.x. We recommend using 1.10.x unless you are required to use versions of Java prior to Java8 during the build process.
  • Ant 1.10.1 contains a superset of 1.9.9 - with the exception of a few tasks and features that no longer work with Java8 anyway (like the apt task).
  • The new releases revert a change to 1.9.8 and 1.10.0 that broke Eclipse integration and also fixes the ant wrapper script for Solaris 10. In addition 1.10.1 adds tasks and types that support XZ compression with the help of the XZ for Java library.

New in Apache Ant 1.9.8 / 1.10.0 (Jan 1, 2017)

  • The Apache Ant team currently maintains two lines of development. The 1.9.x releases require Java5 at runtime and 1.10.x requires Java8 at runtime. Both lines are based off of Ant 1.9.7 and the 1.9.x releases are mostly bug fix releases while additional new features are developed for 1.10.x. We recommend using 1.10.x unless you are required to use versions of Java prior to Java8 during the build process.
  • Ant 1.10.0 contains a superset of 1.9.8 - with the exception of a few tasks and features that no longer work with Java8 anyway (like the apt task).
  • The new releases fix the ant wrapper script for Solaris and HP/UX, contain important changes for the Java9 support as well as numerous bug fixes. New implementations of native2ascii and javah have been added as well as support for javac's -h and --release switches.

New in Apache Ant 1.9.7 (Apr 12, 2016)

  • Ant 1.9.7 contains several bug fixes and improvements compared to Ant 1.9.6.

New in Apache Ant 1.9.6 (Jul 11, 2015)

  • Ant 1.9.6 fixes a regression in the zip package introduced with Ant 1.9.5.

New in Apache Ant 1.9.5 (Jun 4, 2015)

  • Ant 1.9.5 contains several bug fixes and improvements compared to Ant 1.9.4, most importantly bug in the family of tasks and types.

New in Apache Ant 1.9.4 (May 6, 2014)

  • Ant 1.9.4 contains several bug fixes and improvements compared to Ant 1.9.3, including the initial support for Java 1.9, the possibility to run JUnit tests in multiple threads (when they are forked) and the refactoring of Ant's own test suite which is now based on JUnit 4.

New in Apache Ant 1.9.3 (Dec 30, 2013)

  • Ant 1.9.3 contains several bug fixes and improvements compared to Ant 1.9.2. The main point of the release is a fix of the speed of the exec task.

New in Apache Ant 1.9.2 (Jul 13, 2013)

  • Ant 1.9.2's javadoc task provides a workaround for the recently patched frame injection vulnerability of the javadoc tool found in Oracle JDKs prior to Java 7u25 known as CVE-2013-1571. The task will now post-process the generated files and remove the vulnerability if detected.
  • In addition some interoperability patches to the tar and zip classes have been applied.

New in Apache Ant 1.9.1 (May 23, 2013)

  • New if and unless XML namespaces available on all tasks and nested elements
  • Zip64 extensions are disabled by default
  • Loading of external dependencies fixed in JUnit tasks
  • JUnitreport default stylesheets now compatible with JDK 1.7
  • Recommending to upgrade to jsch 0.1.50 for users of the ssh/scp tasks under Java 1.7
  • Other fixes and improvements documented in WHATSNEW

New in Apache Ant 1.9.0 (Mar 11, 2013)

  • Java 1.5 is now required
  • support for @Ignore annotation in JUnit 4 testcases
  • the zip, bzip2 and tar tasks are improved
  • removal of the Perforce Ant tasks; users of these tasks can use the tasks supplied by Perforce Inc. instead, which contain more functionality and connect natively to the Perforce servers
  • numerous bug fixes and improvements as documented in Bugzilla and in the release notes

New in Apache Ant 1.8.4 (May 25, 2012)

  • Ant 1.8.4 fixes a denial of service flaw in the task present in any version of Ant since Ant 1.5.

New in Apache Ant 1.8.2 (Dec 28, 2010)

  • performance improvements in directory scanning
  • XSLT task honors classpath again (bugrep 49271)
  • distinction between core tasks and optional tasks is abolished
  • numerous bug fixes and improvements as documented in Bugzilla and in WHATSNEW

New in Apache Ant 1.8.1 (May 8, 2010)

  • Changes that could break older environments:
  • ant-trax.jar is no longer produced since TrAX is included in JDK 1.4+.
  • Ant no longer ships with Apache Xerces-J or the XML APIs but relies on the Java runtime to provide a parser and matching API versions.
  • The stylebook ant task and the ant-stylebook.jar are removed.
  • Fixed bugs:
  • Tasks that iterate over task or type definitions, references or
  • targets now iterate over copies instead of the live maps to avoid
  • ConcurrentModificationExceptions if another thread changes the
  • maps. Bugzilla Report 48310.
  • The filesmatch condition threw a NullPointerException when
  • comparing text files and the second file contained fewer lines than
  • the first one. Bugzilla Report 48715.
  • Regression: The task would allow multiple
  • META-INF/application.xml files to be added. Bugzilla Report 6836.
  • VectorSet#remove(Object) would fail if the size of the vector equaled its capacity.
  • Regression : ant -diagnostics was returning with exit code 1 Bugzilla Report 48782
  • Fix for exec task sometimes inserts extraneous newlines Bugzilla Report 48746
  • SymlinkTest#testSymbolicLinkUtilsMethods failing on MacOS
  • Bugzilla Report 48785.
  • If 's first resourcecollection child is a , any subsequently added child resourcecollection joins the first. Bugzilla Report 48816.
  • with an invalid URL could trigger an NPE in some JVMs. Bugzilla Report 48833
  • Broken Pipe issue under Ubuntu Linux Bugzilla Report 48789
  • Properties wrongly read from file or not update during read Bugzilla Report 48768
  • AntClassLoader in Ant 1.8.0 has been considerably slower than in
  • 1.7.1 Bugzilla Report 48853
  • ANT_CMD_LINE_ARGS are rippling through lower level Ant usage Bugzilla Report 48876
  • email : IO error sending mail with plain mimetype Bugzilla Report 48932
  • the complete-ant-cmd.pl script failed to create a proper cache of
  • target if "ant -p" failed. Bugzilla Report 48980
  • 's sourcebase attribute was broken. Bugzilla Report 48970
  • 's failonerror didn't work as expected when copying a single
  • element resource collection to a file. Bugzilla Report 49070
  • no longer followed redirects if the redirect URL was relative
  • and not an absolute URL. Bugzilla Report 48972
  • fixed a performance degradation in the code that expands property
  • references. Bugzilla Reports 48961 and 49079
  • was broken on Windows. Bugzilla Report 49090
  • delete failed if the link attribute was a relative path
  • to a link inside the current directory without a leading ".". Bugzilla Report 49137
  • and failed to find the expected strings when waiting for responses and thus always failed. Bugzilla Report 49173
  • Other changes:
  • Project provides new get methods that return copies instead of the live maps of task and type definitions, references and targets.
  • Ant is now more lenient with ZIP extra fields and will be able to read archives that it failed to read in earlier versions. Bugzilla Report 48781.
  • The family of tasks has been sped up for bigger archives. Bugzilla Report 48755.
  • Add removeKeepExtension option to NetRexxC task. Bugzilla Report 48788.
  • Add prefix attribute to loadproperties task.
  • Add resource attribute to length task.
  • PropertyResource will effectively proxy another Resource if ${name} evaluates to a Resource object.
  • Added forcestring attribute to equals condition to force evaluation of Object args as strings; previously only API-level usage of the equals condition allowed Object args, but Ant 1.8.x+ property evaluation may yield values of any type.
  • BuildFileTest.assertPropertyUnset() fails with a slightly more
  • meaningful error message Bugzilla Report 48834
  • will now throw an exception if a test name is empty. This used to manifest itself in unrelated errors like Bugzilla Report 43586.
  • A change that made more reliable on Windows (Bugzilla Report
  • 5003) strongly impacts the performance for commands that execute quickly, like attrib. Basically no single execution of a command could take less than a second on Windows.
  • A few timeouts have been tweaked to allow these commands to finish more quickly but still they will take longer than they did with Ant 1.7.1. Bugzilla Report 48734.
  • Added SimpleBigProjectLogger, intermediate between NoBannerLogger and
  • BigProjectLogger.
  • supports new attributes enablemultiplemappings and cache.
  • Added the augment task to manipulate existing references via Ant's basic
  • introspection mechanisms.

New in Apache Ant 1.8.0 (Mar 19, 2010)

  • Lexically scoped local properties, i.e. properties that are only defined inside a target, sequential block or similar environment.
  • can now import from any file- or URL-providing resource - this includes .
  • Various improvements to the directory scanning code that help with symbolic link cycles (as can be found on MacOS X Java installations for example) and improve scanning performance. For big directory trees the improvement is dramatic.
  • The way developers can extend Ant's property expansion algorithm has been rewritten (breaking the older API) to be easier to use and be more powerful.
  • a new top level element extension-point allows build files to be extended with custom targets more easily
  • At the same time the if and unless attributes have been rewritten to do the expected thing if applied to a property expansion (i.e. if="${foo}" will mean "yes, do it" if ${foo} expands to true, in Ant 1.7.1 it would mean "no" unless a property named "true" existed). This adds "testing conditions" as a new use-case to property expansion.
  • Ant now requires Java 1.4 or later
  • new task include provides an alternative to that should be preferred when you don't want to override any targets

New in Apache Ant 1.7.1 (Dec 5, 2008)

  • Ant 1.7.1 is mainly a bugfix release.
  • Ant 1.7.1 has extended support for Java6 features.
  • Ant 1.7.1 now has support for JavaFX.