Huho, I was too fast on this. Currently the Gradle "ofbizSecure" tasks depends
on the notsoserial-1.0-SNAPSHOT.jar
So this would need more work and w/o answers from them I suspect they will not
publish the jar.
Now it's a serious security but not OOTB. So I see 2 possibilities.
1. Ask the ASF for a derogation (after all it's a Java issue not an OFBiz one)
2. Do what I said before AND change the Gradle "ofbizSecure" tasks
Opinions?
Jacques
Le 07/09/2016 à 14:01, Jacques Le Roux a écrit :
Yes I see no problems with that. I just need to add directions for users
before. I'll then remove the jars... very soon...
Jacques
Le 07/09/2016 à 13:09, Jacopo Cappellato a écrit :
Jacques, any news from notsoserial?
If not, I think we can proceed by (temporarily) removing the jars until
they will publish the jar.
Regards,
Jacopo
On Sat, Aug 20, 2016 at 11:12 AM, Jacques Le Roux <
jacques.le.r...@les7arts.com> wrote:
Yes that's what I proposed also, I will try that before the worse solution
as Taher called them, would you help?
Jacques
Le 20/08/2016 à 08:32, Pierre Smits a écrit :
Hi Jacques,
Why not try to convince the people behind notsoserial to have them push
the
library to maven central and/or jpublish? In stead of this community doing
the work?
Best regards,
Pierre Smits
ORRTIZ.COM <http://www.orrtiz.com>
OFBiz based solutions & services
OFBiz Extensions Marketplace
http://oem.ofbizci.net/oci-2/
