norrisjeremy commented on code in PR #1205: URL: https://github.com/apache/maven/pull/1205#discussion_r1447425063
########## api/maven-api-core/src/main/java/org/apache/maven/api/feature/Features.java: ########## @@ -62,6 +64,18 @@ public static boolean buildConsumer(@Nullable Session session) { return buildConsumer(session != null ? session.getUserProperties() : null); } + public static boolean xinclude(@Nullable Properties userProperties) { + return doGet(userProperties, XINCLUDE, true); Review Comment: I would still advocate for this being off by default (opt-in) instead of on by default (opt-out) since XML parsers have a long history of security vulnerabilities surrounding this stuff. -- This is an automated message from the Apache Git Service. To respond to the message, please log on to GitHub and use the URL above to go to the specific comment. To unsubscribe, e-mail: issues-unsubscr...@maven.apache.org For queries about this service, please contact Infrastructure at: us...@infra.apache.org