Uploaded image for project: 'Tika'
  1. Tika
  2. TIKA-2721

Exclude Spring (transitive dependency) from tika-parsers

    XMLWordPrintableJSON

Details

    • Bug
    • Status: Closed
    • Minor
    • Resolution: Fixed
    • None
    • 1.19, 2.0.0
    • packaging
    • None

    Description

      uimafit-core brings spring-core, spring-beans and spring-context with quite ancient version 3.2.x which is not required for parsing and usually clash with actual Spring libs or just pollutes jar if uberjar (shade plugin, onejar, assembly plugin with jar-with-dependencies etc) is used.

      Its exclusion from deps seems more or less safe to me. But formally it can be seen as breaking change if someone depends on that tika-parsers provides spring libs transitively.

      Attachments

        Issue Links

          supercedes

          Bug - A problem which impairs or prevents the functions of the product. TIKA-2716 Sonatype Nexus auditor is reporting that spring framework vesrion used by Tika 1.18 is vulnerable

          • Major - Major loss of function.
          • Closed

          Activity

            People

              grossws Konstantin Gribov
              grossws Konstantin Gribov
              Votes:
              0 Vote for this issue
              Watchers:
              3 Start watching this issue

              Dates

                Created:
                Updated:
                Resolved: