Significantly better. Can you check that in?
What I'm imagining to make it easier to digest the breadth of data: - run the asmifier on the unmodified zip - check every file into *github* - run the asmifier on the modified zip - check that in and create a PR - we can then pick through the PR to see what's happening -- David Blevins http://twitter.com/dblevins http://www.tomitribe.com > On Jun 3, 2020, at 10:45 AM, Jonathan Gallimore > <[email protected]> wrote: > > Made some progress by adjusting the rules - here's the latest counts (not > including string references): > > Path javax uses total > ./opensaml-xmlsec-api-3.3.1.jar 2 > ./opensaml-soap-api-3.3.1.jar 5 > ./java-support-7.3.0.jar 12 > ./opensaml-saml-impl-3.3.1.jar 7 > ./opensaml-core-3.3.1.jar 5 > ./opensaml-profile-api-3.3.1.jar 1 > ./opensaml-saml-api-3.3.1.jar 7 > > And if we include string references: > > Path javax uses total > ./servlet-api.jar 26 > ./jakarta.activation-1.2.1.jar 2 > ./jsp-api.jar 13 > ./bval-jsr-2.0.3.jar 1 > ./taglibs-standard-impl-1.2.5.jar 17 > ./openejb-core-8.0.3-SNAPSHOT.jar 41 > ./cxf-core-3.3.6.jar 48 > ./catalina.jar 135 > ./cxf-rt-security-saml-3.3.6.jar 7 > ./cxf-rt-bindings-soap-3.3.6.jar 5 > ./taglibs-standard-jstlel-1.2.5.jar 1 > ./opensaml-xmlsec-api-3.3.1.jar 2 > ./opensaml-security-api-3.3.1.jar 2 > ./jakarta.xml.bind-api-2.3.2.jar 5 > ./taglibs-standard-spec-1.2.5.jar 11 > ./openejb-jee-8.0.3-SNAPSHOT.jar 1 > ./openwebbeans-impl-2.0.12.jar 4 > ./saaj-impl-1.5.1.jar 7 > ./opensaml-soap-api-3.3.1.jar 5 > ./jasper.jar 36 > ./jakarta.faces-2.3.14.jar 165 > ./openejb-client-8.0.3-SNAPSHOT.jar 1 > ./tomcat-util-scan.jar 1 > ./openjpa-3.1.0.jar 80 > ./cxf-rt-rs-security-oauth2-3.3.6.jar 1 > ./java-support-7.3.0.jar 12 > ./cxf-rt-frontend-jaxws-3.3.6.jar 74 > ./cxf-rt-transports-http-3.3.6.jar 10 > ./opensaml-saml-impl-3.3.1.jar 7 > ./catalina-ssi.jar 4 > ./cxf-rt-ws-security-3.3.6.jar 15 > ./javaee-api-8.0-4.jar 47 > ./tomee-catalina-8.0.3-SNAPSHOT.jar 1 > ./opensaml-core-3.3.1.jar 5 > ./cxf-rt-ws-addr-3.3.6.jar 4 > ./eclipselink-2.7.4.jar 177 > ./opensaml-profile-api-3.3.1.jar 1 > ./tomcat-coyote.jar 23 > ./opensaml-saml-api-3.3.1.jar 7 > ./cxf-rt-frontend-jaxrs-3.3.6.jar 3 > > This is looking a lot better. > > Jon > > On Wed, Jun 3, 2020 at 6:06 PM David Blevins <[email protected]> > wrote: > >>> On Jun 3, 2020, at 9:03 AM, Jonathan Gallimore < >> [email protected]> wrote: >>> >>> Just wanted to follow up with some details on how I'm getting the numbers >>> below. I'm using this tool: https://github.com/tomitribe/jkta >> >> So people have a heads-up on that tool, I'm currently working on the >> Tomitribe side with Sonatype to scan all of Maven Central for uses of the >> affected javax packages. We'll be building a reporting site to share the >> data with everyone. I mention that just in case people get excited and >> think, "wow, we could help a lot of people with a tool like that!" Agree >> and covered :) "Go big or go home" as they say :) >> >> I unfortunately won't be able to go into much more detail. I'll just say >> we're all very excited and we hope to make the javax-to-jakarta transition >> as survivable as possible. >> >>> Once TomEE is built, I'm extracting the zip, changing to the lib folder, >>> and running the following commands: >>> >>> for f in *.jar; do java -jar >>> ~/dev/jkta/target/jkta-0.11-SNAPSHOT-shaded.jar usage jar $f > $f.tsv; >> done >>> for f in *.jar; do java -jar >>> ~/dev/jkta/target/jkta-0.11-SNAPSHOT-shaded.jar usage jar >>> --include-strings=true $f > $f.strings.tsv; done >>> java -jar ~/dev/jkta/target/jkta-0.11-SNAPSHOT-shaded.jar usage dir . > >>> jars.tsv >>> java -jar ~/dev/jkta/target/jkta-0.11-SNAPSHOT-shaded.jar usage dir >>> --include-strings=true . > jars.strings.tsv >>> >>> The goal to see what the gaps are from the transformation process and >> close >>> those gaps. >> >> I'll dig in and see what I can find. I've had my nose deep in ASM for a >> few weeks now, so we'll see if helps. >> >> >> -David >> >>
smime.p7s
Description: S/MIME cryptographic signature
