jira-importer commented on issue #696: URL: https://github.com/apache/maven-javadoc-plugin/issues/696#issuecomment-2957346701
**[Uwe Schindler](https://issues.apache.org/jira/secure/ViewProfile.jspa?name=thetaphi)** commented Attached is my quick fix thats directly included into the javadoc maven Mojo. The abstract base class calls an additional patcher class directly after invoking Javadoc shell command. The patching code is in a separate class at the moment. It has almost nothing to do anymore with Oracle's original fix. It uses FileUtils and StringUtils and DirectoryScanner from Plexus to do all patching, respecting the output charset of the javadoc ran before. The only part that was taken from Oracle's file was the "patch data" (the script data to replace). As this script data is in every published Javadoc file I assume it is public domain. At least the license of the Javascript code is **not** the same like the Oracle patch tool, because it is string data only. I was not able to add a test, but from what I see after running tests: - If I run (mvn test) using a vulnerable JDK, the files are patched correctly (see test output directory) and the tests display a corresponding log line - If I run with JDK 1.7.0u25, the patches are not applied and no additional log lines appear when running tests. I hope this patch may function as a start of integrating this into Maven's main javadoc plugin. I am no Maven developer (I love Ant too much), but hopefully the code is fine! -- This is an automated message from the Apache Git Service. To respond to the message, please log on to GitHub and use the URL above to go to the specific comment. To unsubscribe, e-mail: [email protected] For queries about this service, please contact Infrastructure at: [email protected]
