https://bz.apache.org/bugzilla/show_bug.cgi?id=62151
Nick Burch <apa...@gagravarr.org> changed: What |Removed |Added ---------------------------------------------------------------------------- Status|NEW |NEEDINFO OS| |All --- Comment #1 from Nick Burch <apa...@gagravarr.org> --- The former we're unlikely to fix - Apache POI has multiple jars which make up the project and allow you to exclude the parts of the project you don't want. Because of design decisions taken by the Java 9 jigsaw team, our only fix is to provide a single uber-jar with everything in. We're discussing that now, but you could easily build your own if you wanted in the mean time The latter I don't know how we can fix. For security reasons, we need to tell the built-in Java XML parser to turn on non-default settings to increase the parsing security. I don't believe that there's a public API for doing that, only the private ones. Are you able to find any Java 9 advice on how to turn on the XML security features with the built-in xml parser using only public calls in Java 9? -- You are receiving this mail because: You are the assignee for the bug. --------------------------------------------------------------------- To unsubscribe, e-mail: dev-unsubscr...@poi.apache.org For additional commands, e-mail: dev-h...@poi.apache.org