[jira] [Commented] (TIKA-4161) Move more dependency versions to properties in 3.x
[
https://issues.apache.org/jira/browse/TIKA-4161?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel=17776587#comment-17776587
]
Maxim Solodovnik commented on TIKA-4161:
[~tallison] please NOTE {{mvn versions:display-property-updates}} only works
for properties mentioned at {{dependencyManagement/pluginManagement}} sections
:)
> Move more dependency versions to properties in 3.x
> --
>
> Key: TIKA-4161
> URL: https://issues.apache.org/jira/browse/TIKA-4161
> Project: Tika
> Issue Type: Task
>Reporter: Tim Allison
>Priority: Minor
>
> As [~solomax] pointed out, {{mvn versions:display-property-updates}} yields
> much cleaner output than does {{mvn versions:display-dependency-updates}}.
> Let's move versions to properties in 3.x.
--
This message was sent by Atlassian Jira
(v8.20.10#820010)
[jira] [Commented] (TIKA-4139) Tika modules are not JPMS friendly
[
https://issues.apache.org/jira/browse/TIKA-4139?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel=17772450#comment-17772450
]
Maxim Solodovnik commented on TIKA-4139:
I can see no more Tika related errors anymore
Thanks for the quick fix! :)
> Tika modules are not JPMS friendly
> --
>
> Key: TIKA-4139
> URL: https://issues.apache.org/jira/browse/TIKA-4139
> Project: Tika
> Issue Type: Improvement
>Affects Versions: 2.9.0
>Reporter: Maxim Solodovnik
>Priority: Major
> Fix For: 3.0.0-BETA
>
>
> Hello,
> Tika-3 has some major changes, let's add some more :)
> Recently I got following warning while trying to use Tika in JPMS web
> application:
> {code}
> [INFO] --- compiler:3.11.0:compile (default-compile) @ openmeetings-util ---
> [WARNING] Can't extract module name from
> tika-parsers-standard-package-2.9.0.jar: tika.parsers.standard.package:
> Invalid module name: 'package' is not a Java identifier
> {code}
> I've checked {code}main{code} branch and find no {{module-info.java}} and
> {{Automatic-Module-Name}} also doesn't set.
> Maybe {{Automatic-Module-Name}} can be added to Tika modules?
--
This message was sent by Atlassian Jira
(v8.20.10#820010)
[jira] [Commented] (TIKA-4139) Tika modules are not JPMS friendly
[
https://issues.apache.org/jira/browse/TIKA-4139?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel=17770286#comment-17770286
]
Maxim Solodovnik commented on TIKA-4139:
Done TIKA-4147 :)
> Tika modules are not JPMS friendly
> --
>
> Key: TIKA-4139
> URL: https://issues.apache.org/jira/browse/TIKA-4139
> Project: Tika
> Issue Type: Improvement
>Affects Versions: 2.9.0
>Reporter: Maxim Solodovnik
>Priority: Major
> Fix For: 3.0.0-BETA
>
>
> Hello,
> Tika-3 has some major changes, let's add some more :)
> Recently I got following warning while trying to use Tika in JPMS web
> application:
> {code}
> [INFO] --- compiler:3.11.0:compile (default-compile) @ openmeetings-util ---
> [WARNING] Can't extract module name from
> tika-parsers-standard-package-2.9.0.jar: tika.parsers.standard.package:
> Invalid module name: 'package' is not a Java identifier
> {code}
> I've checked {code}main{code} branch and find no {{module-info.java}} and
> {{Automatic-Module-Name}} also doesn't set.
> Maybe {{Automatic-Module-Name}} can be added to Tika modules?
--
This message was sent by Atlassian Jira
(v8.20.10#820010)
[jira] [Commented] (TIKA-4139) Tika modules are not JPMS friendly
[
https://issues.apache.org/jira/browse/TIKA-4139?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel=17769876#comment-17769876
]
Maxim Solodovnik commented on TIKA-4139:
{quote}Any recs for detecting modules missing these and/or failing the build
for missing module names?{quote}
I'm not aware of such :(
Maybe I can write some bash script ... :)
I'm afraid I found one more issue with JPMS:
I'm having {{src/main/resources/org/apache/tika/mime/custom-mimetypes.xml}} (As
recommended here https://tika.apache.org/2.6.0/parser_guide.html)
But this immediately introduces {{org.apache.tika.mime}} package in our jar
(which is conflicting with same package in Tika ... :((( )
Maybe it worth to create some alternative way to implement this?
Like
* Something like MimeTypesFactory.CUSTOM_MIMES_SYS_PROP but pointing to
resource on classpath?
* Extendable static Map at MimeTypesFactory?
* Some sort of Service Locator?
* something better than above? :)))
Shall I create new JIRA?
> Tika modules are not JPMS friendly
> --
>
> Key: TIKA-4139
> URL: https://issues.apache.org/jira/browse/TIKA-4139
> Project: Tika
> Issue Type: Improvement
>Affects Versions: 2.9.0
>Reporter: Maxim Solodovnik
>Priority: Major
> Fix For: 3.0.0-BETA
>
>
> Hello,
> Tika-3 has some major changes, let's add some more :)
> Recently I got following warning while trying to use Tika in JPMS web
> application:
> {code}
> [INFO] --- compiler:3.11.0:compile (default-compile) @ openmeetings-util ---
> [WARNING] Can't extract module name from
> tika-parsers-standard-package-2.9.0.jar: tika.parsers.standard.package:
> Invalid module name: 'package' is not a Java identifier
> {code}
> I've checked {code}main{code} branch and find no {{module-info.java}} and
> {{Automatic-Module-Name}} also doesn't set.
> Maybe {{Automatic-Module-Name}} can be added to Tika modules?
--
This message was sent by Atlassian Jira
(v8.20.10#820010)
[jira] [Commented] (TIKA-4143) Consider adding alternative to fat jar artifacts
[ https://issues.apache.org/jira/browse/TIKA-4143?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel=17769674#comment-17769674 ] Maxim Solodovnik commented on TIKA-4143: Maybe it can be BOM? :) > Consider adding alternative to fat jar artifacts > > > Key: TIKA-4143 > URL: https://issues.apache.org/jira/browse/TIKA-4143 > Project: Tika > Issue Type: Task >Reporter: Tim Allison >Priority: Major > > With jpms, it feels like shading is not a great option. > I'm not proposing getting rid of fat jars in 3.x. I'm only proposing > offering thin-jar options in addition to our usual shaded fat jars. > I'm opening this ticket to discuss options for packaging tika-app, > tika-server and possibly other components in non-fat jars. > For app and server, we could put dependencies in the lib/ directory next to > the main jar and add "lib" to the classpath of the main jar? Then zip the > main jar and lib directory for distribution? > Other recommendations? -- This message was sent by Atlassian Jira (v8.20.10#820010)
[jira] [Created] (TIKA-4139) Tika modules are not JPMS friendly
Maxim Solodovnik created TIKA-4139:
--
Summary: Tika modules are not JPMS friendly
Key: TIKA-4139
URL: https://issues.apache.org/jira/browse/TIKA-4139
Project: Tika
Issue Type: Improvement
Affects Versions: 2.9.0
Reporter: Maxim Solodovnik
Fix For: 3.0.0-BETA
Hello,
Tika-3 has some major changes, let's add some more :)
Recently I got following warning while trying to use Tika in JPMS web
application:
{code}
[INFO] --- compiler:3.11.0:compile (default-compile) @ openmeetings-util ---
[WARNING] Can't extract module name from
tika-parsers-standard-package-2.9.0.jar: tika.parsers.standard.package: Invalid
module name: 'package' is not a Java identifier
{code}
I've checked {code}main{code} branch and find no {{module-info.java}} and
{{Automatic-Module-Name}} also doesn't set.
Maybe {{Automatic-Module-Name}} can be added to Tika modules?
--
This message was sent by Atlassian Jira
(v8.20.10#820010)
[jira] [Commented] (TIKA-3948) Migrate to jakarta in Tika 3.x
[ https://issues.apache.org/jira/browse/TIKA-3948?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel=17765627#comment-17765627 ] Maxim Solodovnik commented on TIKA-3948: Time to release? ;) > Migrate to jakarta in Tika 3.x > -- > > Key: TIKA-3948 > URL: https://issues.apache.org/jira/browse/TIKA-3948 > Project: Tika > Issue Type: Task >Reporter: Tim Allison >Priority: Major > Labels: tika-3x > -- This message was sent by Atlassian Jira (v8.20.10#820010)
[jira] [Commented] (TIKA-3948) Migrate to jakarta in Tika 3.x
[ https://issues.apache.org/jira/browse/TIKA-3948?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel=17765619#comment-17765619 ] Maxim Solodovnik commented on TIKA-3948: [~tallison] I've also noticed the SNAPSHOT is very old and not working I wrote about it here: https://lists.apache.org/thread/5y5wjhjy2kjjfmhyp6jz1komg4fhnjv4 > Migrate to jakarta in Tika 3.x > -- > > Key: TIKA-3948 > URL: https://issues.apache.org/jira/browse/TIKA-3948 > Project: Tika > Issue Type: Task >Reporter: Tim Allison >Priority: Major > Labels: tika-3x > -- This message was sent by Atlassian Jira (v8.20.10#820010)
[jira] [Commented] (TIKA-3948) Migrate to jakarta in Tika 3.x
[ https://issues.apache.org/jira/browse/TIKA-3948?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel=17764939#comment-17764939 ] Maxim Solodovnik commented on TIKA-3948: > Spring 6 requires Java 17 so that won't work unless we go big and go straight > to 17... CXF4 depends on Spring6 (optional dependency) https://mvnrepository.com/artifact/org.apache.cxf/cxf-core/4.0.2 I'll try to create PR this week :) [~tallison] What is the best way to test nothing is broken? > Migrate to jakarta in Tika 3.x > -- > > Key: TIKA-3948 > URL: https://issues.apache.org/jira/browse/TIKA-3948 > Project: Tika > Issue Type: Task >Reporter: Tim Allison >Priority: Major > Labels: tika-3x > -- This message was sent by Atlassian Jira (v8.20.10#820010)
[jira] [Comment Edited] (TIKA-3948) Require Java 11 in 3.x
[
https://issues.apache.org/jira/browse/TIKA-3948?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel=17758637#comment-17758637
]
Maxim Solodovnik edited comment on TIKA-3948 at 8/25/23 2:32 AM:
-
Sorry for delay :(
Did quick check:
check {{javax}} in result of {{mvn dependency:tree}}
Direct dependencies
{{bcmail-jdk18on -> bcjmail-jdk18on}}
{{jaxb-runtime2 -> jaxb-runtime4}}
{{spring5 -> spring6}}
{{javax.annotation:javax.annotation-api ->
jakarta.annotation:jakarta.annotation-api}}
{{javax.ws.rs:javax.ws.rs-api -> jakarta.ws.rs:jakarta.ws.rs-api}}
{{javax.inject:javax.inject -> jakarta.inject:jakarta.inject-api}}
{{javax.activation:activation -> jakarta.activation:jakarta.activation-api}}
Transitive dependencies
{{javax.annotation:javax.annotation-api ->
jakarta.annotation:jakarta.annotation-api}}
{{javax.inject:javax.inject -> jakarta.inject:jakarta.inject-api}}
{{javax.servlet:javax.servlet-api -> jakarta.servlet:jakarta.servlet-api}}
{{javax.ws.rs:javax.ws.rs-api -> jakarta.ws.rs:jakarta.ws.rs-api}}
{{javax.validation:validation-api -> jakarta.validation:jakarta.validation-api}}
Grep sources using: {{find . -name *.java | while read JAVA; do grep -H javax
$JAVA; done}}
{{javax.xml.transform -> jakarta.xml.transform}}
{{javax.ws.rs -> jakarta.ws.rs}}
Not sure if this list complete or not :)
Shall I create PR with above changes? :)
was (Author: solomax):
Sorry for delay :(
Did quick check:
check {{javax}} in result of {{mvn dependency:tree}}
Direct dependencies
{{bcmail-jdk18on -> bcjmail-jdk18on}}
{{jaxb-runtime2 -> jaxb-runtime4}}
{{javax.annotation:javax.annotation-api ->
jakarta.annotation:jakarta.annotation-api}}
{{javax.ws.rs:javax.ws.rs-api -> jakarta.ws.rs:jakarta.ws.rs-api}}
{{javax.inject:javax.inject -> jakarta.inject:jakarta.inject-api}}
{{javax.activation:activation -> jakarta.activation:jakarta.activation-api}}
Transitive dependencies
{{javax.annotation:javax.annotation-api ->
jakarta.annotation:jakarta.annotation-api}}
{{javax.inject:javax.inject -> jakarta.inject:jakarta.inject-api}}
{{javax.servlet:javax.servlet-api -> jakarta.servlet:jakarta.servlet-api}}
{{javax.ws.rs:javax.ws.rs-api -> jakarta.ws.rs:jakarta.ws.rs-api}}
{{javax.validation:validation-api -> jakarta.validation:jakarta.validation-api}}
Grep sources using: {{find . -name *.java | while read JAVA; do grep -H javax
$JAVA; done}}
{{javax.xml.transform -> jakarta.xml.transform}}
{{javax.ws.rs -> jakarta.ws.rs}}
Not sure if this list complete or not :)
Shall I create PR with above changes? :)
> Require Java 11 in 3.x
> --
>
> Key: TIKA-3948
> URL: https://issues.apache.org/jira/browse/TIKA-3948
> Project: Tika
> Issue Type: Task
>Reporter: Tim Allison
>Priority: Major
> Labels: tika-3x
>
--
This message was sent by Atlassian Jira
(v8.20.10#820010)
[jira] [Commented] (TIKA-3948) Require Java 11 in 3.x
[
https://issues.apache.org/jira/browse/TIKA-3948?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel=17758637#comment-17758637
]
Maxim Solodovnik commented on TIKA-3948:
Sorry for delay :(
Did quick check:
check {{javax}} in result of {{mvn dependency:tree}}
Direct dependencies
{{bcmail-jdk18on -> bcjmail-jdk18on}}
{{jaxb-runtime2 -> jaxb-runtime4}}
{{javax.annotation:javax.annotation-api ->
jakarta.annotation:jakarta.annotation-api}}
{{javax.ws.rs:javax.ws.rs-api -> jakarta.ws.rs:jakarta.ws.rs-api}}
{{javax.inject:javax.inject -> jakarta.inject:jakarta.inject-api}}
{{javax.activation:activation -> jakarta.activation:jakarta.activation-api}}
Transitive dependencies
{{javax.annotation:javax.annotation-api ->
jakarta.annotation:jakarta.annotation-api}}
{{javax.inject:javax.inject -> jakarta.inject:jakarta.inject-api}}
{{javax.servlet:javax.servlet-api -> jakarta.servlet:jakarta.servlet-api}}
{{javax.ws.rs:javax.ws.rs-api -> jakarta.ws.rs:jakarta.ws.rs-api}}
{{javax.validation:validation-api -> jakarta.validation:jakarta.validation-api}}
Grep sources using: {{find . -name *.java | while read JAVA; do grep -H javax
$JAVA; done}}
{{javax.xml.transform -> jakarta.xml.transform}}
{{javax.ws.rs -> jakarta.ws.rs}}
Not sure if this list complete or not :)
Shall I create PR with above changes? :)
> Require Java 11 in 3.x
> --
>
> Key: TIKA-3948
> URL: https://issues.apache.org/jira/browse/TIKA-3948
> Project: Tika
> Issue Type: Task
>Reporter: Tim Allison
>Priority: Major
> Labels: tika-3x
>
--
This message was sent by Atlassian Jira
(v8.20.10#820010)
[jira] [Commented] (TIKA-3948) Require Java 11 in 3.x
[ https://issues.apache.org/jira/browse/TIKA-3948?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel=17748379#comment-17748379 ] Maxim Solodovnik commented on TIKA-3948: Understood :( Maybe you have some sort of plan of what need to be done? Maybe I'll find time to create PR (not familiar with Tika source code ...) and maybe this PR will worth to be release as SNAPSHOT :) > Require Java 11 in 3.x > -- > > Key: TIKA-3948 > URL: https://issues.apache.org/jira/browse/TIKA-3948 > Project: Tika > Issue Type: Task >Reporter: Tim Allison >Priority: Major > Labels: tika-3x > -- This message was sent by Atlassian Jira (v8.20.10#820010)
[jira] [Commented] (TIKA-3948) Require Java 11 in 3.x
[ https://issues.apache.org/jira/browse/TIKA-3948?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel=17747903#comment-17747903 ] Maxim Solodovnik commented on TIKA-3948: [~tallison] any ETA for this? :) > Require Java 11 in 3.x > -- > > Key: TIKA-3948 > URL: https://issues.apache.org/jira/browse/TIKA-3948 > Project: Tika > Issue Type: Task >Reporter: Tim Allison >Priority: Major > Labels: tika-3x > -- This message was sent by Atlassian Jira (v8.20.10#820010)
[jira] [Created] (TIKA-2801) Tika includes 2 vulnerable components
Maxim Solodovnik created TIKA-2801:
--
Summary: Tika includes 2 vulnerable components
Key: TIKA-2801
URL: https://issues.apache.org/jira/browse/TIKA-2801
Project: Tika
Issue Type: Task
Components: parser
Affects Versions: 1.20
Reporter: Maxim Solodovnik
Maven audit plugin reports 2 vulnerable components:
com.google.guava:guava:jar:17.0:compile
* [CVE-2018-10237] Deserialization of Untrusted Data (5.9);
https://ossindex.sonatype.org/vuln/24585a7f-eb6b-4d8d-a2a9-a6f16cc7c1d0
com.google.protobuf:protobuf-java:jar:2.5.0:compile
* [CVE-2015-5237] Improper Restriction of Operations within the Bounds of a
Memory Buffer (8.8);
https://ossindex.sonatype.org/vuln/d47d20ab-eb2a-4cfd-8064-bbf6283649cb
Maybe it worth to add {{audit}} plugin to the build/release?
{{mvn org.sonatype.ossindex.maven:ossindex-maven-plugin:audit -f pom.xml}}
--
This message was sent by Atlassian JIRA
(v7.6.3#76005)
