[
https://issues.apache.org/jira/browse/XALANJ-2644?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=17745084#comment-17745084
]
Jeff Thomas commented on XALANJ-2644:
-------------------------------------
Hi Gary, thanks for the quick answer.
Ok, just as a heads-up, we have been using the previous version 2.7.2 from the
Maven Repository for years, so we were glad to see an update. :)
However, after updating to the new version, suddenly our Tomcat WAR deployments
were blowing up with very strange seemingly unrelated errors. It took serveral
hours of searching for a reason before noticing that the xalan POMs were
incorrect and now the transitive dependencies were not being included.
It might be worth manually pushing correcteds POM to the Maven Repository in
the short-term to ensure the build-continuity with previous releases?
> Publish xalan 2.7.3 to Maven central repository
> -----------------------------------------------
>
> Key: XALANJ-2644
> URL: https://issues.apache.org/jira/browse/XALANJ-2644
> Project: XalanJ2
> Issue Type: Improvement
> Security Level: No security risk; visible to anyone(Ordinary problems in
> Xalan projects. Anybody can view the issue.)
> Components: Xalan
> Affects Versions: 2.7.3
> Reporter: Vladimir Sitnikov
> Assignee: Steven J. Hathaway
> Priority: Blocker
> Labels: maven
>
> Please see XALANJ-2417 and do as was asked there for the current release.
> IMHO this would greatly quicken the distribution of this security fix.
> In this context please also consider XALANJ-2578 - that'd make life easier
> for a lot of developers that depend on xalan.
--
This message was sent by Atlassian Jira
(v8.20.10#820010)
---------------------------------------------------------------------
To unsubscribe, e-mail: [email protected]
For additional commands, e-mail: [email protected]
