You are viewing a plain text version of this content. The canonical link for it is here.
Posted to reviews@aurora.apache.org by GitBox <gi...@apache.org> on 2019/01/07 02:52:41 UTC

[GitHub] FDU-SE-LAB opened a new issue #51: Your project apache/aurora is using buggy third-party libraries [WARNING]

FDU-SE-LAB opened a new issue #51: Your project apache/aurora is using buggy third-party libraries [WARNING]
URL: https://github.com/apache/aurora/issues/51
 
 
   Hi, there!
   We are a research team working on third-party library analysis. We have found that some widely-used third-party libraries in your project have major/critical bugs, which will degrade the quality of your project. We highly recommend you to update those libraries to new versions.    
   We have attached the buggy third-party libraries and corresponding jira issue links below for you to have more detailed information.
     1  ch.qos.logback logback-classic (build.gradle)
     version: 1.2.3
   
     Jira issues:
     missing log files and log entries when using SizeAndTimeBasedRollingPolicy 
     affectsVersions:1.2.3
     https://jira.qos.ch/projects/LOGBACK/issues/LOGBACK-1361?filter=allopenissues
   
   
   
   
     2  commons-lang commons-lang (build.gradle)
     version: 2.6
   
     Jira issues:
     Remove unnecessary synchronization from registry lookup in EqualsBuilder and HashCodeBuilder
     affectsVersions:2.6
     https://issues.apache.org/jira/projects/LANG/issues/LANG-1230?filter=allopenissues
     LocaleUtils - DCL idiom is not thread-safe
     affectsVersions:2.6
     https://issues.apache.org/jira/projects/LANG/issues/LANG-803?filter=allopenissues
     Exception when combining custom and choice format in ExtendedMessageFormat
     affectsVersions:2.5;2.6
     https://issues.apache.org/jira/projects/LANG/issues/LANG-917?filter=allopenissues
   
   
   
   
   Sincerely~
   FDU Software Engineering Lab
   Jan 7th,2019

----------------------------------------------------------------
This is an automated message from the Apache Git Service.
To respond to the message, please log on GitHub and use the
URL above to go to the specific comment.
 
For queries about this service, please contact Infrastructure at:
users@infra.apache.org


With regards,
Apache Git Services