You are viewing a plain text version of this content. The canonical link for it is here.

Posted to commits@tika.apache.org by ta...@apache.org on 2021/12/11 15:25:27 UTC

[tika] branch main updated: ban dangerous versions of log4j2 via gunnarmorling: https://gist.github.com/gunnarmorling

This is an automated email from the ASF dual-hosted git repository.

tallison pushed a commit to branch main
in repository https://gitbox.apache.org/repos/asf/tika.git


The following commit(s) were added to refs/heads/main by this push:
     new 859b57b  ban dangerous versions of log4j2 via gunnarmorling: https://gist.github.com/gunnarmorling
859b57b is described below

commit 859b57b261b912d9fa4555c33847853d34ccbc29
Author: tallison <ta...@apache.org>
AuthorDate: Sat Dec 11 10:24:38 2021 -0500

    ban dangerous versions of log4j2 via gunnarmorling: https://gist.github.com/gunnarmorling
---
 tika-parent/pom.xml | 17 +++++++++++++++++
 1 file changed, 17 insertions(+)

diff --git a/tika-parent/pom.xml b/tika-parent/pom.xml
index 6f8e399..85b6d64 100644
--- a/tika-parent/pom.xml
+++ b/tika-parent/pom.xml
@@ -757,6 +757,23 @@
               <goal>enforce</goal>
             </goals>
           </execution>
+          <execution>
+            <id>ban-bad-log4j-versions</id>
+            <phase>validate</phase>
+            <goals>
+              <goal>enforce</goal>
+            </goals>
+            <configuration>
+              <rules>
+                <bannedDependencies>
+                  <excludes>
+                    <exclude>org.apache.logging.log4j:log4j-core:(,2.15.0)</exclude>
+                  </excludes>
+                </bannedDependencies>
+              </rules>
+              <fail>true</fail>
+            </configuration>
+          </execution>
         </executions>
       </plugin>
       <plugin>