Closed winne42 closed 8 months ago
Hi @winne42 : upgrade done in PR https://github.com/highsource/jaxb2-basics/pull/165
@laurentschoelens great, thanks!
Hi @winne42 : upgrade done in PR #165
Thank you for this, but I suppose that https://github.com/highsource/jaxb2-basics/pull/119 does it as well and could be merged in seconds (thus, version has to be bumped & released), rather than your PR with 646 files changed :)
Yes for sure but @mattrpav plans to move to jakarta so I suppose this will be the plan. He'll do the best choice I think
@winne42 you can use new jaxb2-basics coordinates in jaxb-tools repository Version 2.0.4 available with some bugfixes in it. Will publish new version here too with same fix and relocation info
Hello @laurentschoelens , thanks for the info! I don't quite understand the relationship between jaxb2-basic and jaxb-tools yet (and I couldn't find info in the README.md
s).
Does jaxb2-basics now live in the jaxb-tools repo and this repo here is obsolete? Is there a separate artifact or are jaxb2-basics' classes included in the jaxb-tools artifact? Should I just use org.jvnet.jaxb:jaxb2-basics-tools:2.0.4
as dependency?
This is still a bit confusing. jaxb-tools' README.md
even includes git conflict markers ;-)
Yes: we decided, in order to provide jakarta versions of all artifacts, to merge all jaxb-related repositories in former maven-jaxb2-plugin repository, renamed as jaxb-tools. Everything still splitted (and as independant as it should be) and will stay splitted in maven artifacts.
README.md is currently rewritten too (PR waiting to be merged) in jaxb-tools. After jakarta migration, we'll do some cleanup on "deprecated" repositories, adding mentions in README.md and releasing a latest version with maven relocation infos.
You can use the following to build with commons-beanutils upgraded. Feel free to get back if any problems
<dependency>
<groupId>org.jvnet.jaxb</groupId>
<artifactId>jaxb2-basics</artifactId>
<version>2.0.4</version>
</dependency>
Thanks for the quick and thorough explanation, @laurentschoelens !
Fixed artifactId
which was not the one to be declared as plugin dependency
Fixed in jaxb-tools v2 branch and further
Hi there, we are currently using
jaxb2-basics:0.13.1
Unfortunately, this has a dependency tocommons-beanutils:commons-beanutils:1.9.3
, which has a known security vulnerability, see https://mvnrepository.com/artifact/commons-beanutils/commons-beanutils/1.9.3Is there any chance we could get a 0.13.2 relase that uses beanutils 1.9.4 instead?