[
https://issues.apache.org/jira/browse/TIKA-4135?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=17770550#comment-17770550
]
Tilman Hausherr commented on TIKA-4135:
---------------------------------------
The build fails in Germany:
Running org.apache.tika.parser.TestXMLEntityExpansion
Tests run: 3, Failures: 0, Errors: 1, Skipped: 1, Time elapsed: 3.022 s <<<
FAILURE! -- in org.apache.tika.parser.TestXMLEntityExpansion
org.apache.tika.parser.TestXMLEntityExpansion.testProtectedXML -- Time elapsed:
0.484 s <<< ERROR!
java.lang.RuntimeException: Cause should have mentioned 'entity expansions'
...
Caused by: org.xml.sax.SAXParseException; lineNumber: 1; columnNumber: 1;
JAXP00010001: Der Parser hat mehr als 20 Entityerweiterungen in diesem Dokument
gefunden. Dies ist der von JDK vorgeschriebene Grenzwert.
What didn't help was adding this in the pom.xml of that subproject:
{code}
<plugin>
<groupId>org.apache.maven.plugins</groupId>
<artifactId>maven-surefire-plugin</artifactId>
<configuration>
<systemPropertyVariables>
<user.language>en</user.language>
<user.region>US</user.region>
</systemPropertyVariables>
</configuration>
</plugin>
{code}
> Remove xerces from Tika 3.x/main branch?
> ----------------------------------------
>
> Key: TIKA-4135
> URL: https://issues.apache.org/jira/browse/TIKA-4135
> Project: Tika
> Issue Type: Wish
> Reporter: Tim Allison
> Priority: Major
>
> We've gotten requests over the years to get rid of xerces. Should we do that
> in 3.x/main?
> The one nice thing about including it is that it offers some consistency
> across java versions and platforms. This can help with securing the parsers
> (against xxe, etc). This can also make debugging easier.
> However, as people have pointed out, the xerces project appears to be in
> security-fix-only mode.
> WDYT?
--
This message was sent by Atlassian Jira
(v8.20.10#820010)
