Archi installing obsolete version OpenJDK

[rautej1]

Version of Archi

4.9.1

Archi Plug-ins

not relevant

Operating System

Win 8/10 64-bit

Expected Behaviour

n/a

Actual Behaviour

Archi installer tries to install open JDK 11.0.8 which has known vulnerabilities and is not allowed in corporate IT enviroments

Steps to Reproduce the Behaviour

1. If there was a way to configure the installer to run without installing JDK, that would do it for us in Ceska Sporitelna
2. If there is a plan to run on a newer version of openJDK that would also do it

[Phillipus]

which has known vulnerabilities

Such as?

and is not allowed in corporate IT enviroments

Not my problem. Use something else or build from source and provide your own JRE. This stuff is free and open source.

If there was a way to configure the installer to run without installing JDK

Simply delete the "jre" folder and edit the Archi.ini file for new vm path and Archi will use that. It needs to be Java 11 as that is LTS, and needed for jArchi.

[jbsarrodie]

Hi, you can simply remove the jre after the install or start with the portable zip version and remove the jre. As soon as you provide a jre know to support eclipse framework of course.

[rautej1]

which has known vulnerabilities

Such as?

CVE-2021-2388 CVE-2021-2161 CVE-2021-2163 CVE-2020-14803

If there was a way to configure the installer to run without installing JDK

Simply delete the "jre" folder and edit the Archi.ini file for new vm path and Archi will use that. It needs to be Java 11. Good tip, but I will have to prepare a package for distribution to tens of users within the organistaion so I will try the portable version, I was blind to that option suggested by @jbsarrodie - thanks