[jira] [Commented] (OFBIZ-11151) Update build.gradle to the latest dependencies
[
https://issues.apache.org/jira/browse/OFBIZ-11151?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel=16909611#comment-16909611
]
Jacques Le Roux commented on OFBIZ-11151:
-
While working on
I thought it's valuable to add this link here
https://lucene.apache.org/solr/guide/8_1/solr-upgrade-notes.html
I checked there is nothing we should worry about OOTB.
Also we can update Guava to v28:
https://mvnrepository.com/artifact/org.apache.solr/solr-core/8.2.0.
Done at revision: 1865336
> Update build.gradle to the latest dependencies
> --
>
> Key: OFBIZ-11151
> URL: https://issues.apache.org/jira/browse/OFBIZ-11151
> Project: OFBiz
> Issue Type: Sub-task
> Components: Gradle
>Affects Versions: Trunk
>Reporter: Jacques Le Roux
>Assignee: Jacques Le Roux
>Priority: Trivial
> Fix For: Upcoming Branch
>
>
> Here is the dependencyUpdates report.txt content:
> {noformat}
>
> : Project Dependency Updates (report to plain text file)
>
> The following dependencies are using the latest release version:
> - apache-xerces:xercesImpl:2.9.1
> - at.bxm.svntools:at.bxm.svntools.gradle.plugin:2.2.1
> -
> com.github.ben-manes.versions:com.github.ben-manes.versions.gradle.plugin:0.22.0
> - com.google.guava:guava:20.0
> - com.google.zxing:core:3.4.0
> - com.googlecode.concurrentlinkedhashmap:concurrentlinkedhashmap-lru:1.4.2
> - com.googlecode.ez-vcard:ez-vcard:0.9.10
> - com.googlecode.libphonenumber:libphonenumber:8.10.16
> - com.ibm.icu:icu4j:64.2
> - com.sun.mail:javax.mail:1.6.2
> - com.thoughtworks.xstream:xstream:1.4.11.1
> - commons-cli:commons-cli:1.4
> - commons-fileupload:commons-fileupload:1.4
> - commons-net:commons-net:3.6
> - commons-validator:commons-validator:1.6
> - de.odysseus.juel:juel-impl:2.2.7
> - de.odysseus.juel:juel-spi:2.2.7
> - io.jsonwebtoken:jjwt:0.9.1
> - javax.el:javax.el-api:3.0.1-b06
> - javax.servlet:javax.servlet-api:4.0.1
> - javax.servlet.jsp:javax.servlet.jsp-api:2.3.3
> - javax.xml.soap:javax.xml.soap-api:1.4.0
> - net.fortuna.ical4j:ical4j:1.0-rc3-atlassian-11
> - net.sf.barcode4j:barcode4j:2.1
> - net.sf.barcode4j:barcode4j-fop-ext:2.1
> - org.apache.ant:ant-junit:1.10.6
> - org.apache.axis2:axis2-kernel:1.7.9
> - org.apache.axis2:axis2-transport-http:1.7.9
> - org.apache.axis2:axis2-transport-local:1.7.9
> - org.apache.commons:commons-collections4:4.4
> - org.apache.commons:commons-csv:1.7
> - org.apache.commons:commons-dbcp2:2.7.0
> - org.apache.commons:commons-text:1.7
> - org.apache.geronimo.components:geronimo-transaction:3.1.4
> - org.apache.geronimo.specs:geronimo-jms_1.1_spec:1.1.1
> - org.apache.httpcomponents:httpclient-cache:4.5.9
> - org.apache.logging.log4j:log4j-1.2-api:2.12.1
> - org.apache.logging.log4j:log4j-api:2.12.1
> - org.apache.logging.log4j:log4j-core:2.12.1
> - org.apache.logging.log4j:log4j-jul:2.12.1
> - org.apache.logging.log4j:log4j-slf4j-impl:2.12.1
> - org.apache.lucene:lucene-analyzers-common:8.2.0
> - org.apache.lucene:lucene-core:8.2.0
> - org.apache.lucene:lucene-queryparser:8.2.0
> - org.apache.poi:poi:4.1.0
> - org.apache.poi:poi-excelant:4.1.0
> - org.apache.poi:poi-ooxml:4.1.0
> - org.apache.poi:poi-ooxml-schemas:4.1.0
> - org.apache.poi:poi-scratchpad:4.1.0
> - org.apache.shiro:shiro-core:1.4.1
> - org.apache.solr:solr-core:8.2.0
> - org.apache.tika:tika-core:1.22
> - org.apache.tika:tika-parsers:1.22
> - org.apache.tomcat:tomcat-catalina:9.0.22
> - org.apache.tomcat:tomcat-catalina-ha:9.0.22
> - org.apache.tomcat:tomcat-jasper:9.0.22
> - org.apache.tomcat:tomcat-tribes:9.0.22
> - org.apache.tomcat.embed:tomcat-embed-websocket:9.0.22
> - org.apache.xmlgraphics:fop:2.3
> - org.apache.xmlrpc:xmlrpc-client:3.1.3
> - org.apache.xmlrpc:xmlrpc-server:3.1.3
> - org.codeartisans.thirdparties.swing:batik-all:1.8pre-r1084380
> - org.eclipse.birt.runtime:viewservlets:4.5.0
> - org.freemarker:freemarker:2.3.28
> - org.hamcrest:hamcrest:2.1
> - org.hamcrest:hamcrest-library:2.1
> - org.jruby:jruby-complete:9.2.7.0
> - org.jsoup:jsoup:1.12.1
> - org.mockito:mockito-core:3.0.0
> - org.owasp.dependencycheck:org.owasp.dependencycheck.gradle.plugin:5.2.1
> - org.owasp.esapi:esapi:2.2.0.0
> - org.safehaus.jug:jug:2.0.0
> - org.springframework:spring-test:5.1.9.RELEASE
> - org.zapodot:jackson-databind-java-optional:2.6.1
> - oro:oro:2.0.8
> -
> se.patrikerdes.use-latest-versions:se.patrikerdes.use-latest-versions.gradle.plugin:0.2.12
> - wsdl4j:wsdl4j:1.6.3
> The following dependencies exceed the version found at the release revision
> level:
> - com.googlecode.owasp-java-html-sanitizer:owasp-java-html-sanitizer
> [20180219.1 <- 1.1]
>
[jira] [Commented] (OFBIZ-11151) Update build.gradle to the latest dependencies
[
https://issues.apache.org/jira/browse/OFBIZ-11151?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel=16905958#comment-16905958
]
Jacques Le Roux commented on OFBIZ-11151:
-
At revision: 1865017, I removed the last Java code warnings by using
@SuppressWarnings("rawtypes") for the org.owasp.esapi.codecs.Codec. I see no
better solution since we have no access to this code.
> Update build.gradle to the latest dependencies
> --
>
> Key: OFBIZ-11151
> URL: https://issues.apache.org/jira/browse/OFBIZ-11151
> Project: OFBiz
> Issue Type: Sub-task
> Components: Gradle
>Affects Versions: Trunk
>Reporter: Jacques Le Roux
>Assignee: Jacques Le Roux
>Priority: Trivial
> Fix For: Upcoming Branch
>
>
> Here is the dependencyUpdates report.txt content:
> {noformat}
>
> : Project Dependency Updates (report to plain text file)
>
> The following dependencies are using the latest release version:
> - apache-xerces:xercesImpl:2.9.1
> - at.bxm.svntools:at.bxm.svntools.gradle.plugin:2.2.1
> -
> com.github.ben-manes.versions:com.github.ben-manes.versions.gradle.plugin:0.22.0
> - com.google.guava:guava:20.0
> - com.google.zxing:core:3.4.0
> - com.googlecode.concurrentlinkedhashmap:concurrentlinkedhashmap-lru:1.4.2
> - com.googlecode.ez-vcard:ez-vcard:0.9.10
> - com.googlecode.libphonenumber:libphonenumber:8.10.16
> - com.ibm.icu:icu4j:64.2
> - com.sun.mail:javax.mail:1.6.2
> - com.thoughtworks.xstream:xstream:1.4.11.1
> - commons-cli:commons-cli:1.4
> - commons-fileupload:commons-fileupload:1.4
> - commons-net:commons-net:3.6
> - commons-validator:commons-validator:1.6
> - de.odysseus.juel:juel-impl:2.2.7
> - de.odysseus.juel:juel-spi:2.2.7
> - io.jsonwebtoken:jjwt:0.9.1
> - javax.el:javax.el-api:3.0.1-b06
> - javax.servlet:javax.servlet-api:4.0.1
> - javax.servlet.jsp:javax.servlet.jsp-api:2.3.3
> - javax.xml.soap:javax.xml.soap-api:1.4.0
> - net.fortuna.ical4j:ical4j:1.0-rc3-atlassian-11
> - net.sf.barcode4j:barcode4j:2.1
> - net.sf.barcode4j:barcode4j-fop-ext:2.1
> - org.apache.ant:ant-junit:1.10.6
> - org.apache.axis2:axis2-kernel:1.7.9
> - org.apache.axis2:axis2-transport-http:1.7.9
> - org.apache.axis2:axis2-transport-local:1.7.9
> - org.apache.commons:commons-collections4:4.4
> - org.apache.commons:commons-csv:1.7
> - org.apache.commons:commons-dbcp2:2.7.0
> - org.apache.commons:commons-text:1.7
> - org.apache.geronimo.components:geronimo-transaction:3.1.4
> - org.apache.geronimo.specs:geronimo-jms_1.1_spec:1.1.1
> - org.apache.httpcomponents:httpclient-cache:4.5.9
> - org.apache.logging.log4j:log4j-1.2-api:2.12.1
> - org.apache.logging.log4j:log4j-api:2.12.1
> - org.apache.logging.log4j:log4j-core:2.12.1
> - org.apache.logging.log4j:log4j-jul:2.12.1
> - org.apache.logging.log4j:log4j-slf4j-impl:2.12.1
> - org.apache.lucene:lucene-analyzers-common:8.2.0
> - org.apache.lucene:lucene-core:8.2.0
> - org.apache.lucene:lucene-queryparser:8.2.0
> - org.apache.poi:poi:4.1.0
> - org.apache.poi:poi-excelant:4.1.0
> - org.apache.poi:poi-ooxml:4.1.0
> - org.apache.poi:poi-ooxml-schemas:4.1.0
> - org.apache.poi:poi-scratchpad:4.1.0
> - org.apache.shiro:shiro-core:1.4.1
> - org.apache.solr:solr-core:8.2.0
> - org.apache.tika:tika-core:1.22
> - org.apache.tika:tika-parsers:1.22
> - org.apache.tomcat:tomcat-catalina:9.0.22
> - org.apache.tomcat:tomcat-catalina-ha:9.0.22
> - org.apache.tomcat:tomcat-jasper:9.0.22
> - org.apache.tomcat:tomcat-tribes:9.0.22
> - org.apache.tomcat.embed:tomcat-embed-websocket:9.0.22
> - org.apache.xmlgraphics:fop:2.3
> - org.apache.xmlrpc:xmlrpc-client:3.1.3
> - org.apache.xmlrpc:xmlrpc-server:3.1.3
> - org.codeartisans.thirdparties.swing:batik-all:1.8pre-r1084380
> - org.eclipse.birt.runtime:viewservlets:4.5.0
> - org.freemarker:freemarker:2.3.28
> - org.hamcrest:hamcrest:2.1
> - org.hamcrest:hamcrest-library:2.1
> - org.jruby:jruby-complete:9.2.7.0
> - org.jsoup:jsoup:1.12.1
> - org.mockito:mockito-core:3.0.0
> - org.owasp.dependencycheck:org.owasp.dependencycheck.gradle.plugin:5.2.1
> - org.owasp.esapi:esapi:2.2.0.0
> - org.safehaus.jug:jug:2.0.0
> - org.springframework:spring-test:5.1.9.RELEASE
> - org.zapodot:jackson-databind-java-optional:2.6.1
> - oro:oro:2.0.8
> -
> se.patrikerdes.use-latest-versions:se.patrikerdes.use-latest-versions.gradle.plugin:0.2.12
> - wsdl4j:wsdl4j:1.6.3
> The following dependencies exceed the version found at the release revision
> level:
> - com.googlecode.owasp-java-html-sanitizer:owasp-java-html-sanitizer
> [20180219.1 <- 1.1]
> https://github.com/OWASP/java-html-sanitizer
> The following dependencies have later release versions:
> -
[jira] [Commented] (OFBIZ-11151) Update build.gradle to the latest dependencies
[
https://issues.apache.org/jira/browse/OFBIZ-11151?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel=16905291#comment-16905291
]
Jacques Le Roux commented on OFBIZ-11151:
-
For the same or similar reasons than in OFBIZ-10922 I did not update few libs
(see which ones above and refer to OFBIZ-10922 for explanations)
Notes:
* For license reason com.lowagie:itext should never be updated.
* Solr and Lucene have been upgraded and tested, Guava remains the same.
* AsciiDOctor remains the same
Committed revision: 1864973.
It was not as easy as it might be seen ;)
> Update build.gradle to the latest dependencies
> --
>
> Key: OFBIZ-11151
> URL: https://issues.apache.org/jira/browse/OFBIZ-11151
> Project: OFBiz
> Issue Type: Sub-task
> Components: Gradle
>Affects Versions: Trunk
>Reporter: Jacques Le Roux
>Priority: Trivial
>
> Here is the dependencyUpdates report.txt content:
> {noformat}
>
> : Project Dependency Updates (report to plain text file)
>
> The following dependencies are using the latest release version:
> - apache-xerces:xercesImpl:2.9.1
> - at.bxm.svntools:at.bxm.svntools.gradle.plugin:2.2.1
> -
> com.github.ben-manes.versions:com.github.ben-manes.versions.gradle.plugin:0.22.0
> - com.google.guava:guava:20.0
> - com.google.zxing:core:3.4.0
> - com.googlecode.concurrentlinkedhashmap:concurrentlinkedhashmap-lru:1.4.2
> - com.googlecode.ez-vcard:ez-vcard:0.9.10
> - com.googlecode.libphonenumber:libphonenumber:8.10.16
> - com.ibm.icu:icu4j:64.2
> - com.sun.mail:javax.mail:1.6.2
> - com.thoughtworks.xstream:xstream:1.4.11.1
> - commons-cli:commons-cli:1.4
> - commons-fileupload:commons-fileupload:1.4
> - commons-net:commons-net:3.6
> - commons-validator:commons-validator:1.6
> - de.odysseus.juel:juel-impl:2.2.7
> - de.odysseus.juel:juel-spi:2.2.7
> - io.jsonwebtoken:jjwt:0.9.1
> - javax.el:javax.el-api:3.0.1-b06
> - javax.servlet:javax.servlet-api:4.0.1
> - javax.servlet.jsp:javax.servlet.jsp-api:2.3.3
> - javax.xml.soap:javax.xml.soap-api:1.4.0
> - net.fortuna.ical4j:ical4j:1.0-rc3-atlassian-11
> - net.sf.barcode4j:barcode4j:2.1
> - net.sf.barcode4j:barcode4j-fop-ext:2.1
> - org.apache.ant:ant-junit:1.10.6
> - org.apache.axis2:axis2-kernel:1.7.9
> - org.apache.axis2:axis2-transport-http:1.7.9
> - org.apache.axis2:axis2-transport-local:1.7.9
> - org.apache.commons:commons-collections4:4.4
> - org.apache.commons:commons-csv:1.7
> - org.apache.commons:commons-dbcp2:2.7.0
> - org.apache.commons:commons-text:1.7
> - org.apache.geronimo.components:geronimo-transaction:3.1.4
> - org.apache.geronimo.specs:geronimo-jms_1.1_spec:1.1.1
> - org.apache.httpcomponents:httpclient-cache:4.5.9
> - org.apache.logging.log4j:log4j-1.2-api:2.12.1
> - org.apache.logging.log4j:log4j-api:2.12.1
> - org.apache.logging.log4j:log4j-core:2.12.1
> - org.apache.logging.log4j:log4j-jul:2.12.1
> - org.apache.logging.log4j:log4j-slf4j-impl:2.12.1
> - org.apache.lucene:lucene-analyzers-common:8.2.0
> - org.apache.lucene:lucene-core:8.2.0
> - org.apache.lucene:lucene-queryparser:8.2.0
> - org.apache.poi:poi:4.1.0
> - org.apache.poi:poi-excelant:4.1.0
> - org.apache.poi:poi-ooxml:4.1.0
> - org.apache.poi:poi-ooxml-schemas:4.1.0
> - org.apache.poi:poi-scratchpad:4.1.0
> - org.apache.shiro:shiro-core:1.4.1
> - org.apache.solr:solr-core:8.2.0
> - org.apache.tika:tika-core:1.22
> - org.apache.tika:tika-parsers:1.22
> - org.apache.tomcat:tomcat-catalina:9.0.22
> - org.apache.tomcat:tomcat-catalina-ha:9.0.22
> - org.apache.tomcat:tomcat-jasper:9.0.22
> - org.apache.tomcat:tomcat-tribes:9.0.22
> - org.apache.tomcat.embed:tomcat-embed-websocket:9.0.22
> - org.apache.xmlgraphics:fop:2.3
> - org.apache.xmlrpc:xmlrpc-client:3.1.3
> - org.apache.xmlrpc:xmlrpc-server:3.1.3
> - org.codeartisans.thirdparties.swing:batik-all:1.8pre-r1084380
> - org.eclipse.birt.runtime:viewservlets:4.5.0
> - org.freemarker:freemarker:2.3.28
> - org.hamcrest:hamcrest:2.1
> - org.hamcrest:hamcrest-library:2.1
> - org.jruby:jruby-complete:9.2.7.0
> - org.jsoup:jsoup:1.12.1
> - org.mockito:mockito-core:3.0.0
> - org.owasp.dependencycheck:org.owasp.dependencycheck.gradle.plugin:5.2.1
> - org.owasp.esapi:esapi:2.2.0.0
> - org.safehaus.jug:jug:2.0.0
> - org.springframework:spring-test:5.1.9.RELEASE
> - org.zapodot:jackson-databind-java-optional:2.6.1
> - oro:oro:2.0.8
> -
> se.patrikerdes.use-latest-versions:se.patrikerdes.use-latest-versions.gradle.plugin:0.2.12
> - wsdl4j:wsdl4j:1.6.3
> The following dependencies exceed the version found at the release revision
> level:
> - com.googlecode.owasp-java-html-sanitizer:owasp-java-html-sanitizer
> [20180219.1 <- 1.1]
>
