[
https://issues.apache.org/jira/browse/OFBIZ-12919?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=17821321#comment-17821321
]
ASF subversion and git services commented on OFBIZ-12919:
---------------------------------------------------------
Commit 7af04a8473a498af01fbf28739e14d48b91351cf in ofbiz-framework's branch
refs/heads/trunk from Jacques Le Roux
[ https://gitbox.apache.org/repos/asf?p=ofbiz-framework.git;h=7af04a8473 ]
Improved: Remove deprecated unused code (OFBIZ-12919)
A part of XslTransform class code was marked as deprecated with OFBIZ-6274,
ie at least 8 years ago. I confirm this part is not used at all.
I did not spot it by chance. This was bring to my attention by codeQL as a
possible XXE. Even if in our case it's impossible since we don't use this code.
Semantic code analysis engine like codeQL are not able to discover that,
would be far too long anyway. Whatever, it's good to get rid of it now.
> Remove deprecated unused code
> -----------------------------
>
> Key: OFBIZ-12919
> URL: https://issues.apache.org/jira/browse/OFBIZ-12919
> Project: OFBiz
> Issue Type: Improvement
> Components: framework/base
> Affects Versions: Upcoming Branch
> Reporter: Jacques Le Roux
> Assignee: Jacques Le Roux
> Priority: Trivial
> Fix For: Upcoming Branch
>
>
> It's about XslTransform.java. A part of its code was marked as deprecated
> with OFBIZ-6274, ie at least 8 years ago. I confirm this part is not used at
> all.
> I did not spot it by chance. This was bring to my attention by codeQL as a
> possible XXE. Even if in our case it's impossible since we don't use this
> code. Semantic code analysis engine like codeQL are not able to discover
> that, would be far too long anyway. Whatever, it's good to get rid of it now.
--
This message was sent by Atlassian Jira
(v8.20.10#820010)
