You are viewing a plain text version of this content. The canonical link for it is here.
Posted to dev@velocity.apache.org by "ajbanck (Jira)" <de...@velocity.apache.org> on 2019/08/22 09:32:00 UTC
[jira] [Created] (VELTOOLS-183) beanutils 1.9.4 breaks
velocity-tools
ajbanck created VELTOOLS-183:
--------------------------------
Summary: beanutils 1.9.4 breaks velocity-tools
Key: VELTOOLS-183
URL: https://issues.apache.org/jira/browse/VELTOOLS-183
Project: Velocity Tools
Issue Type: Bug
Reporter: ajbanck
beanutils 1.9.4 was release to mitigate CVE-2014-0114. For this the *default* behaviour of the BeanUtilsBean was changed to not allow class level access, see BEANUTILS-520.
When using velocity-tools in a project that manages/enforces beanutils to version 1.9.4 velocity-tools stops working as expected. This is easily demonstrated with the unittests.
Running the velocity-tools unit tests will fail on ConfigTests.testXmlConfig
# In velocity-tools-generic/pom.xml update commons-beanutils to 1.9.4
# run mvn verify
Result
{noformat}
org.apache.velocity.tools.config.NullKeyException: Key is null for tool whose class is 'null'org.apache.velocity.tools.config.NullKeyException: Key is null for tool whose class is 'null' at org.apache.velocity.tools.test.whitebox.ConfigTests.assertConfigEquals(ConfigTests.java:428) at org.apache.velocity.tools.test.whitebox.ConfigTests.testPropsPlusXmlConfig(ConfigTests.java:120)
[ERROR] testXmlConfig(org.apache.velocity.tools.test.whitebox.ConfigTests) Time elapsed: 0.003 s <<< FAILURE!java.lang.AssertionError:
**** Unexpected Invalid Configuration ****
FactoryConfiguration from 2 sources including 1 data with 2 toolboxes: Toolbox 'application' with 1 properties [scope -auto-> application; ] and 2 tools: Tool 'null' => null with 1 properties [locale -auto-> fr; ] Tool 'calc' => null with 1 properties [key -auto-> calc; ] {noformat}
--
This message was sent by Atlassian Jira
(v8.3.2#803003)
---------------------------------------------------------------------
To unsubscribe, e-mail: dev-unsubscribe@velocity.apache.org
For additional commands, e-mail: dev-help@velocity.apache.org