Re: proposal for maven-archetype to switch to dom4j 2.1.1 (and Java 8)

[Mickael Istria]

People who don't want to update are the ones who have to pay the effort,
not the project that tries to ship a security fix.
The simplest past forward is the one provided by Tony. Customers who don't
want to use it can remain on previous version of the archetype plugins.
Other proposals to fix it are just more time-consuming without providing
value to Maven project.