[jira] [Commented] (TIKA-4135) Remove xerces from Tika 3.x/main branch?

ASF GitHub Bot (Jira) Tue, 26 Sep 2023 07:24:09 -0700


    [ 
https://issues.apache.org/jira/browse/TIKA-4135?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=17769209#comment-17769209
 ]


ASF GitHub Bot commented on TIKA-4135:
--------------------------------------

tballison merged PR #1360:
URL: https://github.com/apache/tika/pull/1360




> Remove xerces from Tika 3.x/main branch?
> ----------------------------------------
>
>                 Key: TIKA-4135
>                 URL: https://issues.apache.org/jira/browse/TIKA-4135
>             Project: Tika
>          Issue Type: Wish
>            Reporter: Tim Allison
>            Priority: Major
>
> We've gotten requests over the years to get rid of xerces.  Should we do that 
> in 3.x/main?
> The one nice thing about including it is that it offers some consistency 
> across java versions and platforms.  This can help with securing the parsers 
> (against xxe, etc).  This can also make debugging easier.
> However, as people have pointed out, the xerces project appears to be in 
> security-fix-only mode.
> WDYT?



--
This message was sent by Atlassian Jira
(v8.20.10#820010)

[jira] [Commented] (TIKA-4135) Remove xerces from Tika 3.x/main branch?

Reply via email to