Closed oupala closed 5 years ago
@oupala I updated the version of Jena to 3.9 which removed the dependency and XercesImpl and resolves the issue. If you could take a look at the updated POM file and let me know if you spot any other improvements before I spin a new release.
I had already taken a look to the pom.xml and did not noticed any improvement. I think that you can release a new version!
Version 2.1.14 is now release and should be available in Maven central.
It now works like a charm. Thanks!
The pom.xml file contains a restriction in order to use a more recent version of xercesImpl:
https://github.com/spdx/tools/blob/f1a114070ebde6cf6a94bdb08d6303a47f41eadb/pom.xml#L66-L70
The updated version is retrieved from bintray, which is offering version
2.11.0.SP5
https://github.com/spdx/tools/blob/f1a114070ebde6cf6a94bdb08d6303a47f41eadb/pom.xml#L73-L77
In appears that maven central in now offering version 2.12.0 which makes the restriction now useless.
It should now be possible to remove the restriction in order to use only dependencies from maven central (which is sometime required in order to be runnable from a CI/CD that have no direct access to the internet, but only to an internal mirror of maven central).
If so, could you please release a new version to GitHub, and to maven central, then update spdx-maven-plugin to use this new version of spdx-tools. Thanks in advance.