[jira] [Commented] (OFBIZ-11151) Update build.gradle to the latest dependencies
[ https://issues.apache.org/jira/browse/OFBIZ-11151?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel=16909611#comment-16909611 ] Jacques Le Roux commented on OFBIZ-11151: - While working on I thought it's valuable to add this link here https://lucene.apache.org/solr/guide/8_1/solr-upgrade-notes.html I checked there is nothing we should worry about OOTB. Also we can update Guava to v28: https://mvnrepository.com/artifact/org.apache.solr/solr-core/8.2.0. Done at revision: 1865336 > Update build.gradle to the latest dependencies > -- > > Key: OFBIZ-11151 > URL: https://issues.apache.org/jira/browse/OFBIZ-11151 > Project: OFBiz > Issue Type: Sub-task > Components: Gradle >Affects Versions: Trunk >Reporter: Jacques Le Roux >Assignee: Jacques Le Roux >Priority: Trivial > Fix For: Upcoming Branch > > > Here is the dependencyUpdates report.txt content: > {noformat} > > : Project Dependency Updates (report to plain text file) > > The following dependencies are using the latest release version: > - apache-xerces:xercesImpl:2.9.1 > - at.bxm.svntools:at.bxm.svntools.gradle.plugin:2.2.1 > - > com.github.ben-manes.versions:com.github.ben-manes.versions.gradle.plugin:0.22.0 > - com.google.guava:guava:20.0 > - com.google.zxing:core:3.4.0 > - com.googlecode.concurrentlinkedhashmap:concurrentlinkedhashmap-lru:1.4.2 > - com.googlecode.ez-vcard:ez-vcard:0.9.10 > - com.googlecode.libphonenumber:libphonenumber:8.10.16 > - com.ibm.icu:icu4j:64.2 > - com.sun.mail:javax.mail:1.6.2 > - com.thoughtworks.xstream:xstream:1.4.11.1 > - commons-cli:commons-cli:1.4 > - commons-fileupload:commons-fileupload:1.4 > - commons-net:commons-net:3.6 > - commons-validator:commons-validator:1.6 > - de.odysseus.juel:juel-impl:2.2.7 > - de.odysseus.juel:juel-spi:2.2.7 > - io.jsonwebtoken:jjwt:0.9.1 > - javax.el:javax.el-api:3.0.1-b06 > - javax.servlet:javax.servlet-api:4.0.1 > - javax.servlet.jsp:javax.servlet.jsp-api:2.3.3 > - javax.xml.soap:javax.xml.soap-api:1.4.0 > - net.fortuna.ical4j:ical4j:1.0-rc3-atlassian-11 > - net.sf.barcode4j:barcode4j:2.1 > - net.sf.barcode4j:barcode4j-fop-ext:2.1 > - org.apache.ant:ant-junit:1.10.6 > - org.apache.axis2:axis2-kernel:1.7.9 > - org.apache.axis2:axis2-transport-http:1.7.9 > - org.apache.axis2:axis2-transport-local:1.7.9 > - org.apache.commons:commons-collections4:4.4 > - org.apache.commons:commons-csv:1.7 > - org.apache.commons:commons-dbcp2:2.7.0 > - org.apache.commons:commons-text:1.7 > - org.apache.geronimo.components:geronimo-transaction:3.1.4 > - org.apache.geronimo.specs:geronimo-jms_1.1_spec:1.1.1 > - org.apache.httpcomponents:httpclient-cache:4.5.9 > - org.apache.logging.log4j:log4j-1.2-api:2.12.1 > - org.apache.logging.log4j:log4j-api:2.12.1 > - org.apache.logging.log4j:log4j-core:2.12.1 > - org.apache.logging.log4j:log4j-jul:2.12.1 > - org.apache.logging.log4j:log4j-slf4j-impl:2.12.1 > - org.apache.lucene:lucene-analyzers-common:8.2.0 > - org.apache.lucene:lucene-core:8.2.0 > - org.apache.lucene:lucene-queryparser:8.2.0 > - org.apache.poi:poi:4.1.0 > - org.apache.poi:poi-excelant:4.1.0 > - org.apache.poi:poi-ooxml:4.1.0 > - org.apache.poi:poi-ooxml-schemas:4.1.0 > - org.apache.poi:poi-scratchpad:4.1.0 > - org.apache.shiro:shiro-core:1.4.1 > - org.apache.solr:solr-core:8.2.0 > - org.apache.tika:tika-core:1.22 > - org.apache.tika:tika-parsers:1.22 > - org.apache.tomcat:tomcat-catalina:9.0.22 > - org.apache.tomcat:tomcat-catalina-ha:9.0.22 > - org.apache.tomcat:tomcat-jasper:9.0.22 > - org.apache.tomcat:tomcat-tribes:9.0.22 > - org.apache.tomcat.embed:tomcat-embed-websocket:9.0.22 > - org.apache.xmlgraphics:fop:2.3 > - org.apache.xmlrpc:xmlrpc-client:3.1.3 > - org.apache.xmlrpc:xmlrpc-server:3.1.3 > - org.codeartisans.thirdparties.swing:batik-all:1.8pre-r1084380 > - org.eclipse.birt.runtime:viewservlets:4.5.0 > - org.freemarker:freemarker:2.3.28 > - org.hamcrest:hamcrest:2.1 > - org.hamcrest:hamcrest-library:2.1 > - org.jruby:jruby-complete:9.2.7.0 > - org.jsoup:jsoup:1.12.1 > - org.mockito:mockito-core:3.0.0 > - org.owasp.dependencycheck:org.owasp.dependencycheck.gradle.plugin:5.2.1 > - org.owasp.esapi:esapi:2.2.0.0 > - org.safehaus.jug:jug:2.0.0 > - org.springframework:spring-test:5.1.9.RELEASE > - org.zapodot:jackson-databind-java-optional:2.6.1 > - oro:oro:2.0.8 > - > se.patrikerdes.use-latest-versions:se.patrikerdes.use-latest-versions.gradle.plugin:0.2.12 > - wsdl4j:wsdl4j:1.6.3 > The following dependencies exceed the version found at the release revision > level: > - com.googlecode.owasp-java-html-sanitizer:owasp-java-html-sanitizer > [20180219.1 <- 1.1] >
[jira] [Commented] (OFBIZ-11151) Update build.gradle to the latest dependencies
[ https://issues.apache.org/jira/browse/OFBIZ-11151?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel=16905958#comment-16905958 ] Jacques Le Roux commented on OFBIZ-11151: - At revision: 1865017, I removed the last Java code warnings by using @SuppressWarnings("rawtypes") for the org.owasp.esapi.codecs.Codec. I see no better solution since we have no access to this code. > Update build.gradle to the latest dependencies > -- > > Key: OFBIZ-11151 > URL: https://issues.apache.org/jira/browse/OFBIZ-11151 > Project: OFBiz > Issue Type: Sub-task > Components: Gradle >Affects Versions: Trunk >Reporter: Jacques Le Roux >Assignee: Jacques Le Roux >Priority: Trivial > Fix For: Upcoming Branch > > > Here is the dependencyUpdates report.txt content: > {noformat} > > : Project Dependency Updates (report to plain text file) > > The following dependencies are using the latest release version: > - apache-xerces:xercesImpl:2.9.1 > - at.bxm.svntools:at.bxm.svntools.gradle.plugin:2.2.1 > - > com.github.ben-manes.versions:com.github.ben-manes.versions.gradle.plugin:0.22.0 > - com.google.guava:guava:20.0 > - com.google.zxing:core:3.4.0 > - com.googlecode.concurrentlinkedhashmap:concurrentlinkedhashmap-lru:1.4.2 > - com.googlecode.ez-vcard:ez-vcard:0.9.10 > - com.googlecode.libphonenumber:libphonenumber:8.10.16 > - com.ibm.icu:icu4j:64.2 > - com.sun.mail:javax.mail:1.6.2 > - com.thoughtworks.xstream:xstream:1.4.11.1 > - commons-cli:commons-cli:1.4 > - commons-fileupload:commons-fileupload:1.4 > - commons-net:commons-net:3.6 > - commons-validator:commons-validator:1.6 > - de.odysseus.juel:juel-impl:2.2.7 > - de.odysseus.juel:juel-spi:2.2.7 > - io.jsonwebtoken:jjwt:0.9.1 > - javax.el:javax.el-api:3.0.1-b06 > - javax.servlet:javax.servlet-api:4.0.1 > - javax.servlet.jsp:javax.servlet.jsp-api:2.3.3 > - javax.xml.soap:javax.xml.soap-api:1.4.0 > - net.fortuna.ical4j:ical4j:1.0-rc3-atlassian-11 > - net.sf.barcode4j:barcode4j:2.1 > - net.sf.barcode4j:barcode4j-fop-ext:2.1 > - org.apache.ant:ant-junit:1.10.6 > - org.apache.axis2:axis2-kernel:1.7.9 > - org.apache.axis2:axis2-transport-http:1.7.9 > - org.apache.axis2:axis2-transport-local:1.7.9 > - org.apache.commons:commons-collections4:4.4 > - org.apache.commons:commons-csv:1.7 > - org.apache.commons:commons-dbcp2:2.7.0 > - org.apache.commons:commons-text:1.7 > - org.apache.geronimo.components:geronimo-transaction:3.1.4 > - org.apache.geronimo.specs:geronimo-jms_1.1_spec:1.1.1 > - org.apache.httpcomponents:httpclient-cache:4.5.9 > - org.apache.logging.log4j:log4j-1.2-api:2.12.1 > - org.apache.logging.log4j:log4j-api:2.12.1 > - org.apache.logging.log4j:log4j-core:2.12.1 > - org.apache.logging.log4j:log4j-jul:2.12.1 > - org.apache.logging.log4j:log4j-slf4j-impl:2.12.1 > - org.apache.lucene:lucene-analyzers-common:8.2.0 > - org.apache.lucene:lucene-core:8.2.0 > - org.apache.lucene:lucene-queryparser:8.2.0 > - org.apache.poi:poi:4.1.0 > - org.apache.poi:poi-excelant:4.1.0 > - org.apache.poi:poi-ooxml:4.1.0 > - org.apache.poi:poi-ooxml-schemas:4.1.0 > - org.apache.poi:poi-scratchpad:4.1.0 > - org.apache.shiro:shiro-core:1.4.1 > - org.apache.solr:solr-core:8.2.0 > - org.apache.tika:tika-core:1.22 > - org.apache.tika:tika-parsers:1.22 > - org.apache.tomcat:tomcat-catalina:9.0.22 > - org.apache.tomcat:tomcat-catalina-ha:9.0.22 > - org.apache.tomcat:tomcat-jasper:9.0.22 > - org.apache.tomcat:tomcat-tribes:9.0.22 > - org.apache.tomcat.embed:tomcat-embed-websocket:9.0.22 > - org.apache.xmlgraphics:fop:2.3 > - org.apache.xmlrpc:xmlrpc-client:3.1.3 > - org.apache.xmlrpc:xmlrpc-server:3.1.3 > - org.codeartisans.thirdparties.swing:batik-all:1.8pre-r1084380 > - org.eclipse.birt.runtime:viewservlets:4.5.0 > - org.freemarker:freemarker:2.3.28 > - org.hamcrest:hamcrest:2.1 > - org.hamcrest:hamcrest-library:2.1 > - org.jruby:jruby-complete:9.2.7.0 > - org.jsoup:jsoup:1.12.1 > - org.mockito:mockito-core:3.0.0 > - org.owasp.dependencycheck:org.owasp.dependencycheck.gradle.plugin:5.2.1 > - org.owasp.esapi:esapi:2.2.0.0 > - org.safehaus.jug:jug:2.0.0 > - org.springframework:spring-test:5.1.9.RELEASE > - org.zapodot:jackson-databind-java-optional:2.6.1 > - oro:oro:2.0.8 > - > se.patrikerdes.use-latest-versions:se.patrikerdes.use-latest-versions.gradle.plugin:0.2.12 > - wsdl4j:wsdl4j:1.6.3 > The following dependencies exceed the version found at the release revision > level: > - com.googlecode.owasp-java-html-sanitizer:owasp-java-html-sanitizer > [20180219.1 <- 1.1] > https://github.com/OWASP/java-html-sanitizer > The following dependencies have later release versions: > -
[jira] [Commented] (OFBIZ-11151) Update build.gradle to the latest dependencies
[ https://issues.apache.org/jira/browse/OFBIZ-11151?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel=16905291#comment-16905291 ] Jacques Le Roux commented on OFBIZ-11151: - For the same or similar reasons than in OFBIZ-10922 I did not update few libs (see which ones above and refer to OFBIZ-10922 for explanations) Notes: * For license reason com.lowagie:itext should never be updated. * Solr and Lucene have been upgraded and tested, Guava remains the same. * AsciiDOctor remains the same Committed revision: 1864973. It was not as easy as it might be seen ;) > Update build.gradle to the latest dependencies > -- > > Key: OFBIZ-11151 > URL: https://issues.apache.org/jira/browse/OFBIZ-11151 > Project: OFBiz > Issue Type: Sub-task > Components: Gradle >Affects Versions: Trunk >Reporter: Jacques Le Roux >Priority: Trivial > > Here is the dependencyUpdates report.txt content: > {noformat} > > : Project Dependency Updates (report to plain text file) > > The following dependencies are using the latest release version: > - apache-xerces:xercesImpl:2.9.1 > - at.bxm.svntools:at.bxm.svntools.gradle.plugin:2.2.1 > - > com.github.ben-manes.versions:com.github.ben-manes.versions.gradle.plugin:0.22.0 > - com.google.guava:guava:20.0 > - com.google.zxing:core:3.4.0 > - com.googlecode.concurrentlinkedhashmap:concurrentlinkedhashmap-lru:1.4.2 > - com.googlecode.ez-vcard:ez-vcard:0.9.10 > - com.googlecode.libphonenumber:libphonenumber:8.10.16 > - com.ibm.icu:icu4j:64.2 > - com.sun.mail:javax.mail:1.6.2 > - com.thoughtworks.xstream:xstream:1.4.11.1 > - commons-cli:commons-cli:1.4 > - commons-fileupload:commons-fileupload:1.4 > - commons-net:commons-net:3.6 > - commons-validator:commons-validator:1.6 > - de.odysseus.juel:juel-impl:2.2.7 > - de.odysseus.juel:juel-spi:2.2.7 > - io.jsonwebtoken:jjwt:0.9.1 > - javax.el:javax.el-api:3.0.1-b06 > - javax.servlet:javax.servlet-api:4.0.1 > - javax.servlet.jsp:javax.servlet.jsp-api:2.3.3 > - javax.xml.soap:javax.xml.soap-api:1.4.0 > - net.fortuna.ical4j:ical4j:1.0-rc3-atlassian-11 > - net.sf.barcode4j:barcode4j:2.1 > - net.sf.barcode4j:barcode4j-fop-ext:2.1 > - org.apache.ant:ant-junit:1.10.6 > - org.apache.axis2:axis2-kernel:1.7.9 > - org.apache.axis2:axis2-transport-http:1.7.9 > - org.apache.axis2:axis2-transport-local:1.7.9 > - org.apache.commons:commons-collections4:4.4 > - org.apache.commons:commons-csv:1.7 > - org.apache.commons:commons-dbcp2:2.7.0 > - org.apache.commons:commons-text:1.7 > - org.apache.geronimo.components:geronimo-transaction:3.1.4 > - org.apache.geronimo.specs:geronimo-jms_1.1_spec:1.1.1 > - org.apache.httpcomponents:httpclient-cache:4.5.9 > - org.apache.logging.log4j:log4j-1.2-api:2.12.1 > - org.apache.logging.log4j:log4j-api:2.12.1 > - org.apache.logging.log4j:log4j-core:2.12.1 > - org.apache.logging.log4j:log4j-jul:2.12.1 > - org.apache.logging.log4j:log4j-slf4j-impl:2.12.1 > - org.apache.lucene:lucene-analyzers-common:8.2.0 > - org.apache.lucene:lucene-core:8.2.0 > - org.apache.lucene:lucene-queryparser:8.2.0 > - org.apache.poi:poi:4.1.0 > - org.apache.poi:poi-excelant:4.1.0 > - org.apache.poi:poi-ooxml:4.1.0 > - org.apache.poi:poi-ooxml-schemas:4.1.0 > - org.apache.poi:poi-scratchpad:4.1.0 > - org.apache.shiro:shiro-core:1.4.1 > - org.apache.solr:solr-core:8.2.0 > - org.apache.tika:tika-core:1.22 > - org.apache.tika:tika-parsers:1.22 > - org.apache.tomcat:tomcat-catalina:9.0.22 > - org.apache.tomcat:tomcat-catalina-ha:9.0.22 > - org.apache.tomcat:tomcat-jasper:9.0.22 > - org.apache.tomcat:tomcat-tribes:9.0.22 > - org.apache.tomcat.embed:tomcat-embed-websocket:9.0.22 > - org.apache.xmlgraphics:fop:2.3 > - org.apache.xmlrpc:xmlrpc-client:3.1.3 > - org.apache.xmlrpc:xmlrpc-server:3.1.3 > - org.codeartisans.thirdparties.swing:batik-all:1.8pre-r1084380 > - org.eclipse.birt.runtime:viewservlets:4.5.0 > - org.freemarker:freemarker:2.3.28 > - org.hamcrest:hamcrest:2.1 > - org.hamcrest:hamcrest-library:2.1 > - org.jruby:jruby-complete:9.2.7.0 > - org.jsoup:jsoup:1.12.1 > - org.mockito:mockito-core:3.0.0 > - org.owasp.dependencycheck:org.owasp.dependencycheck.gradle.plugin:5.2.1 > - org.owasp.esapi:esapi:2.2.0.0 > - org.safehaus.jug:jug:2.0.0 > - org.springframework:spring-test:5.1.9.RELEASE > - org.zapodot:jackson-databind-java-optional:2.6.1 > - oro:oro:2.0.8 > - > se.patrikerdes.use-latest-versions:se.patrikerdes.use-latest-versions.gradle.plugin:0.2.12 > - wsdl4j:wsdl4j:1.6.3 > The following dependencies exceed the version found at the release revision > level: > - com.googlecode.owasp-java-html-sanitizer:owasp-java-html-sanitizer > [20180219.1 <- 1.1] >