[jira] [Created] (TENTACLES-19) Get rid of old velocity version and gain the ability to update to the latest ASF parent pom v32

Philipp Ottlinger (Jira) Sat, 27 Apr 2024 14:50:04 -0700

Philipp Ottlinger created TENTACLES-19:
------------------------------------------


             Summary: Get rid of old velocity version and gain the ability to 
update to the latest ASF parent pom v32
                 Key: TENTACLES-19
                 URL: https://issues.apache.org/jira/browse/TENTACLES-19
             Project: Apache Tentacles
          Issue Type: Improvement
            Reporter: Philipp Ottlinger
            Assignee: Philipp Ottlinger


Tentacles uses an older velocity within itself, that contains a security issue 
CVE-2020-13936 / GHSA Id: GHSA-59j4-wjwp-mw9m
https://github.com/advisories/GHSA-59j4-wjwp-mw9m

This version uses commons-lang v2.x, which causes an issue while updating to 
the latest ASF v32 parent pom, as it introduces commons-lang3 by default, which 
results in an build error:

Caused by: org.apache.maven.plugin.PluginContainerException: A required class 
was missing while executing 
org.apache.maven.plugins:maven-jar-plugin:3.4.0:jar: 
org/apache/commons/io/file/attribute/FileTimes




--
This message was sent by Atlassian Jira
(v8.20.10#820010)

[jira] [Created] (TENTACLES-19) Get rid of old velocity version and gain the ability to update to the latest ASF parent pom v32

Reply via email to