[
https://issues.apache.org/jira/browse/CXF-8777?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=17625163#comment-17625163
]
srinivasarao sanneboyina edited comment on CXF-8777 at 10/27/22 2:51 PM:
-------------------------------------------------------------------------
How to exclude commons-text:1.9 jar version, since it has security
vulnerability, 1.9 version access has been restricted. I could not exclude it.
can you please suggest?
<plugin>
<groupId>org.apache.cxf</groupId>
<artifactId>cxf-codegen-plugin</artifactId>
<version>3.5.4</version>
<executions>
<execution>
<id>generate-sources</id>
<phase>generate-sources</phase>
<goals>
<goal>wsdl2java</goal>
</goals>
<configuration>
<sourceRoot>${basedir}/target/generated</sourceRoot>
<defaultOptions>
<noAddressBinding>true</noAddressBinding>
<autoNameResolution>true</autoNameResolution>
</defaultOptions>
<wsdlOptions>
<wsdlOption>
<wsdl>${basedir}/src/main/resources/wsdl/ABC.wsdl</wsdl>
<wsdlLocation>classpath:wsdl/ABC.wsdl</wsdlLocation>
</wsdlOption>
</wsdlOptions>
</configuration>
</execution>
</executions>
</plugin>
was (Author: JIRAUSER297564):
How to exclude commons-text:1.9 jar version, since it has security
vulnerability, 1.9 version access has been restricted. I could not exclude it.
can you please suggest?
<plugin>
<groupId>org.apache.cxf</groupId>
<artifactId>cxf-codegen-plugin</artifactId>
<version>${cxf.plugin.codegen.version}</version>
<executions>
<execution>
<id>generate-sources</id>
<phase>generate-sources</phase>
<goals>
<goal>wsdl2java</goal>
</goals>
<configuration>
<sourceRoot>${basedir}/target/generated</sourceRoot>
<defaultOptions>
<noAddressBinding>true</noAddressBinding>
<autoNameResolution>true</autoNameResolution>
</defaultOptions>
<wsdlOptions>
<wsdlOption>
<wsdl>${basedir}/src/main/resources/wsdl/ABC.wsdl</wsdl>
<wsdlLocation>classpath:wsdl/ABC.wsdl</wsdlLocation>
</wsdlOption>
</wsdlOptions>
</configuration>
</execution>
</executions>
</plugin>
> cxf-codegen-plugin : 3.5.4 : commons-text :1.9
> ----------------------------------------------
>
> Key: CXF-8777
> URL: https://issues.apache.org/jira/browse/CXF-8777
> Project: CXF
> Issue Type: Bug
> Components: Build system
> Affects Versions: 3.5.4
> Reporter: srinivasarao sanneboyina
> Assignee: Colm O hEigeartaigh
> Priority: Major
> Fix For: 3.5.5, 3.4.10
>
>
> project uses Commons-text package indirectly as shown in below hierarchy with
> latest versions.
> org.apache.cxf :cxf-codegen-plugin : 3.5.4 (latest)
> |
> org.apache.cxf : cxf-tools-wsdlto-frontend-jaxws:3.54 (latest)
> |
> org.apache.cxf: commons-text : 1.9 (removed from maven repo)
>
> Issue is, exclude of 1.9 does not work as artifact itself does not exist.
> Since all older version jar files (till 1.9) are removed for commons-text,
> Exclude dependency option for 1.9 is not working. It is trying to pull 1.9
> first before exclude.
> Could you please help on the above
--
This message was sent by Atlassian Jira
(v8.20.10#820010)
