[jira] [Comment Edited] (TIKA-2828) Your project apache/tika is using buggy third-party libraries [WARNING]

Fri, 15 Feb 2019 11:46:29 -0800 


    [ 
https://issues.apache.org/jira/browse/TIKA-2828?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=16769574#comment-16769574
 ] 

Tilman Hausherr edited comment on TIKA-2828 at 2/15/19 7:45 PM:
----------------------------------------------------------------

See also my comment in PDFBOX-4465, it applies to two of the mentioned issues. 
I use the versions plugin locally. Btw it doesn't work well with the build 
plugins, these I check manually from time to time.


was (Author: tilman):
See also my comment in PDFBOX-4457, it applies to two of the mentioned issues. 
I use the versions plugin locally. Btw it doesn't work well with the build 
plugins, these I check manually from time to time.

> Your project apache/tika is using buggy third-party libraries [WARNING]
> -----------------------------------------------------------------------
>
>                 Key: TIKA-2828
>                 URL: https://issues.apache.org/jira/browse/TIKA-2828
>             Project: Tika
>          Issue Type: Bug
>            Reporter: Kaifeng Huang
>            Priority: Major
>
> Hi, there!
>     We are a research team working on third-party library analysis. We have 
> found that some widely-used third-party libraries in your project have 
> major/critical bugs, which will degrade the quality of your project. We 
> highly recommend you to update those libraries to new versions.
>     We have attached the buggy third-party libraries and corresponding jira 
> issue links below for you to have more detailed information.
>       1. commons-codec commons-codec
>       version: 1.11
>       Jira issues:
>       InputStream not closed
>       affectsVersions:1.10,1.11
>       
> https://issues.apache.org/jira/projects/CODEC/issues/CODEC-225?filter=allopenissues
>       2. org.apache.httpcomponents httpclient
>       version: 4.5.6
>       Jira issues:
>       Support relatively new HTTP 308 redirect - RFC7538
>       affectsVersions:3.1 (end of life),4.5.6
>       
> https://issues.apache.org/jira/projects/HTTPCLIENT/issues/HTTPCLIENT-1946?filter=allopenissues
>       3. commons-io commons-io
>       version: 2.6
>       Jira issues:
>       .gitattributes not correctly applied
>       affectsVersions:2.6
>       
> https://issues.apache.org/jira/projects/IO/issues/IO-516?filter=allopenissues
>       FilenameUtils.normalize should verify hostname syntax in UNC path
>       affectsVersions:2.6
>       
> https://issues.apache.org/jira/projects/IO/issues/IO-559?filter=allopenissues
>       Missing Javadoc in FilenameUtils causing Travis-CI build to fail
>       affectsVersions:2.6
>       
> https://issues.apache.org/jira/projects/IO/issues/IO-570?filter=allopenissues
> Sincerely~
> FDU Software Engineering Lab
> Feb 15th, 2019



--
This message was sent by Atlassian JIRA
(v7.6.3#76005)

Reply via email to