The problem occurs at assembly time. gt-app-schema correctly declares its dependency on commons-digester, and gs-app-schema-test runs fine, but the assembly mechanism requires explicit naming of the jars to be included in the plugin. All I have to do is add it to src/release/ext-app-schema.xml and update the readme. Victor has just confirmed that app-schema works once this plugin is added (deployment based on 2.7-SNAPSHOT).
We have seen similar assembly problems with web-cas, so this is not new. The awful truth is that nobody tested RC1 with app-schema. Super catch from Victor (who also provided the working demo of the WMS XSS vulnerability). He has been saving my neck this week. :-) On 03/09/14 13:20, Jody Garnett wrote: > Good catch - but why was this not picked up by maven dependency > analysis? Is app-schema depending on commons-digester and not > advertising that fact? > > Jody Garnett -- Ben Caradoc-Davies <[email protected]> Software Engineer CSIRO Mineral Resources Flagship Australian Resources Research Centre ------------------------------------------------------------------------------ Slashdot TV. Video for Nerds. Stuff that matters. http://tv.slashdot.org/ _______________________________________________ Geoserver-devel mailing list [email protected] https://lists.sourceforge.net/lists/listinfo/geoserver-devel
