Snarl notification not always working about maven-notifier HOT 7 CLOSED

I have to read again the Snarl guidelines but this random password using the same application id seems like a bad idea for multiple instances of the same application.

Using a random app-sig could do the trick but what about customisation (I don't have a windows box with Snarl actually to verify) ? You can configure how notification works per application with Snarl ?

Maybe we can register/unregister the application just before/after sending the notification, it will limit the risk of multiple registration and the ctrl-c problem. In the maven-notifier case we only send one notification anyway.

Thanks for the detailed report !

I'll have time to deal with it in two weeks or so.

from maven-notifier.

If you want to test on windows you can always download a VM image here: http://dev.modern.ie/tools/vms/windows/. They are valid for 3 months until windows complain you do not have a valid key and then you need to start from scratch again. They are normally meant to test web applications under different IE versions but you can use them anyway.

Regarding customisation, I don't think we can customise it. I'm new to snarl but I cannot see anything regarding maven. You can customise plugins but I don't know where/how to customise registered applications.

If I understand the password correctly, this is to prevent another application from impersonating you. So hard-coding a password wouldn't work as it is an open source project. What about adding a property in the maven-notifier.properties file to set the password to use? This way it becomes the responsibility of the user to secure his file.

So you wouldn't need to modify the app-sig and you can leave the app registered all the time.

Let me know if you like this idea, I might have time to work on it and submit a PR.

from maven-notifier.

If there is really no way to customize Snarl by application, generating a unique application id per run should not be a big deal. Even if the application is not unregistered (ctrl-c or whatever), Snarl has a garbage collector to remove old registered applications. It seems like a quick win.

Else your proposition is a good way to go. Also I would like to have a default configuration which works without user configuration (so maybe in that case I would remove the generated password).
Note that there is a protection in Snarl where the user is asked to define a global password to grant access to application(s) but when I tried to configure it back at the time, it has never worked.

I'm not at home (without my laptop, that's why I don't have windows vm :p) so I didn't have much time to look at it right now but If you're willing to implement the patch I'll be glad to merge it when I'll be back !

Thanks !

from maven-notifier.

Holidays are over, so I got time to look into it.

There is a way in Snarl to configure how notifications are displayed per application. This is in Snarl Preferences, the Applications tab. So we can't generate a random appsig per Maven launch. It would disable user customization.

So I have implemented your suggestion. By default no application password is set, this is let to user discretion. This is not perfect neither since any "malicious" application could just read the password in maven-notifier.properties but it should be ok for now :)

from maven-notifier.

Fixed in v1.8

from maven-notifier.

Thanks,

Sorry I was on paternity leave so I didn't get a chance to try it before. It seems to fix all the problems I had thanks

from maven-notifier.

Cool !
Thanks again for your time.

from maven-notifier.