You are viewing a plain text version of this content. The canonical link for it is here.
Posted to dev@tika.apache.org by "Oleg Tikhonov (JIRA)" <ji...@apache.org> on 2018/10/14 08:15:00 UTC

[jira] [Comment Edited] (TIKA-2368) Clean up SentimentParser dependencies

    [ https://issues.apache.org/jira/browse/TIKA-2368?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=16649290#comment-16649290 ] 

Oleg Tikhonov edited comment on TIKA-2368 at 10/14/18 8:14 AM:
---------------------------------------------------------------

{code:java}
[INFO] Apache Tika parent ................................. SUCCESS [ 21.607 s] [INFO] Apache Tika core ................................... SUCCESS [  1.692 s] [INFO] Apache Tika parsers ................................ SUCCESS [  7.597 s] [INFO] Apache Tika XMP .................................... SUCCESS [  3.818 s] [INFO] Apache Tika serialization .......................... SUCCESS [  1.064 s] [INFO] Apache Tika batch .................................. SUCCESS [  2.633 s] [INFO] Apache Tika language detection ..................... SUCCESS [  1.204 s] [INFO] Apache Tika application ............................ SUCCESS [  3.097 s] [INFO] Apache Tika OSGi bundle ............................ SUCCESS [  3.941 s] [INFO] Apache Tika translate .............................. SUCCESS [  1.443 s] [INFO] Apache Tika server ................................. SUCCESS [  5.369 s] [INFO] Apache Tika examples ............................... FAILURE [  4.380 s] [INFO] Apache Tika Java-7 Components ...................... SKIPPED [INFO] Apache Tika eval ................................... SKIPPED [INFO] Apache Tika Deep Learning (powered by DL4J) ........ SKIPPED [INFO] Apache Tika Natural Language Processing ............ SKIPPED [INFO] Apache Tika ........................................ SKIPPED [INFO] ------------------------------------------------------------------------ [INFO] BUILD FAILURE [INFO] ------------------------------------------------------------------------ [INFO] Total time: 01:04 min [INFO] Finished at: 2018-10-14T11:07:24+03:00 [INFO] Final Memory: 33M/275M [INFO] ------------------------------------------------------------------------ [ERROR] Failed to execute goal org.sonatype.ossindex.maven:ossindex-maven-plugin:3.0.1:audit (default-cli) on project tika-example: Detected 1 vulnerable components: [ERROR]   org.springframework:spring-core:jar:3.2.16.RELEASE:compile; https://ossindex.sonatype.org/component/pkg:maven/org.springframework/spring-core@3.2.16.RELEASE [ERROR]     * [CVE-2018-1270]  Improperly Implemented Security Check for Standard (9.8); https://ossindex.sonatype.org/vuln/9a3de118-b038-49ed-9af7-533210c9d85f [ERROR]     * [CVE-2018-1271]  Improper Limitation of a Pathname to a Restricted Directory ("Path Traversal") (5.9); https://ossindex.sonatype.org/vuln/580d61c3-20df-4bb8-99c3-36c89e0d7550 [ERROR]     * [CVE-2018-1272]  Permissions, Privileges, and Access Controls (7.5); https://ossindex.sonatype.org/vuln/aa7190e3-4c47-42d6-82f6-afaf1da5762e [ERROR] [ERROR] ->
{code}
I've upgraded spring-context to 4.3.19.RELEASE and it passed the scanning.

 

 

 


was (Author: oleg@apache.org):
{code:java}
[INFO] Apache Tika parent ................................. SUCCESS [ 21.607 s] [INFO] Apache Tika core ................................... SUCCESS [  1.692 s] [INFO] Apache Tika parsers ................................ SUCCESS [  7.597 s] [INFO] Apache Tika XMP .................................... SUCCESS [  3.818 s] [INFO] Apache Tika serialization .......................... SUCCESS [  1.064 s] [INFO] Apache Tika batch .................................. SUCCESS [  2.633 s] [INFO] Apache Tika language detection ..................... SUCCESS [  1.204 s] [INFO] Apache Tika application ............................ SUCCESS [  3.097 s] [INFO] Apache Tika OSGi bundle ............................ SUCCESS [  3.941 s] [INFO] Apache Tika translate .............................. SUCCESS [  1.443 s] [INFO] Apache Tika server ................................. SUCCESS [  5.369 s] [INFO] Apache Tika examples ............................... FAILURE [  4.380 s] [INFO] Apache Tika Java-7 Components ...................... SKIPPED [INFO] Apache Tika eval ................................... SKIPPED [INFO] Apache Tika Deep Learning (powered by DL4J) ........ SKIPPED [INFO] Apache Tika Natural Language Processing ............ SKIPPED [INFO] Apache Tika ........................................ SKIPPED [INFO] ------------------------------------------------------------------------ [INFO] BUILD FAILURE [INFO] ------------------------------------------------------------------------ [INFO] Total time: 01:04 min [INFO] Finished at: 2018-10-14T11:07:24+03:00 [INFO] Final Memory: 33M/275M [INFO] ------------------------------------------------------------------------ [ERROR] Failed to execute goal org.sonatype.ossindex.maven:ossindex-maven-plugin:3.0.1:audit (default-cli) on project tika-example: Detected 1 vulnerable components: [ERROR]   org.springframework:spring-core:jar:3.2.16.RELEASE:compile; https://ossindex.sonatype.org/component/pkg:maven/org.springframework/spring-core@3.2.16.RELEASE [ERROR]     * [CVE-2018-1270]  Improperly Implemented Security Check for Standard (9.8); https://ossindex.sonatype.org/vuln/9a3de118-b038-49ed-9af7-533210c9d85f [ERROR]     * [CVE-2018-1271]  Improper Limitation of a Pathname to a Restricted Directory ("Path Traversal") (5.9); https://ossindex.sonatype.org/vuln/580d61c3-20df-4bb8-99c3-36c89e0d7550 [ERROR]     * [CVE-2018-1272]  Permissions, Privileges, and Access Controls (7.5); https://ossindex.sonatype.org/vuln/aa7190e3-4c47-42d6-82f6-afaf1da5762e [ERROR] [ERROR] ->
{code}
I've upgraded spring-context to 4.3.19.RELEASE and is passed the scanning.

 

 

 

> Clean up SentimentParser dependencies
> -------------------------------------
>
>                 Key: TIKA-2368
>                 URL: https://issues.apache.org/jira/browse/TIKA-2368
>             Project: Tika
>          Issue Type: Improvement
>            Reporter: Tim Allison
>            Priority: Blocker
>
> Is there any way to avoid reliance on edu.usc.ir's sentiment-analysis-parser?  I ask because:
> {noformat}
> [WARNING] sentiment-analysis-parser-0.1.jar, tika-parsers-1.15-SNAPSHOT.jar define 1 overlapping classes: 
> [WARNING]   - org.apache.tika.parser.sentiment.analysis.SentimentParser
> [WARNING] tika-core-1.15-SNAPSHOT.jar, tika-translate-1.15-SNAPSHOT.jar define 4 overlapping classes: 
> [WARNING]   - org.apache.tika.language.translate.DefaultTranslator$1
> [WARNING]   - org.apache.tika.language.translate.EmptyTranslator
> [WARNING]   - org.apache.tika.language.translate.DefaultTranslator
> [WARNING]   - org.apache.tika.language.translate.Translator
> {noformat}
> We should be ok keeping things as they are and excluding SentimentParser and tika-translate, but can we easily move the code that's still in edu.usc.ir's package into Tika?



--
This message was sent by Atlassian JIRA
(v7.6.3#76005)