[
https://issues.apache.org/jira/browse/GEODE-8066?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=17196465#comment-17196465
]
ASF subversion and git services commented on GEODE-8066:
--------------------------------------------------------
Commit 1d629e188374954b8253aced80f287c81f59e1ee in geode's branch
refs/heads/develop from Robert Houghton
[ https://gitbox.apache.org/repos/asf?p=geode.git;h=1d629e1 ]
GEODE-8066: Pull up transitive dependency to clean up javax.activation and mail
licenses. (#5291)
* correct dependency classpath test to remove javax.activation
* fix assembly_content test
* fix expected-jars test in gemfire-assembly:integrationTest
* Drop 'activation v1.1.0' from src license file
> Geode should not be using both activation 1.1 and javax.activation 1.2
> ----------------------------------------------------------------------
>
> Key: GEODE-8066
> URL: https://issues.apache.org/jira/browse/GEODE-8066
> Project: Geode
> Issue Type: Improvement
> Components: pulse
> Reporter: Owen Nichols
> Assignee: Robert Houghton
> Priority: Major
> Labels: pull-request-available
>
> javax.activation 1.2 is referenced by Geode as an indirect dependency of jaxb
> However, Spring 5.3 brings in some unwanted guests via
> com.nimbusds:oauth2-oidc-sdk:7.1.1, including com.sun.mail:javax.mail:1.6.1
> (we already use javax.mail:javax.mail-api:1.6.2) which in turn brings in
> javax.activation:activation:1.1 (we already use
> com.sun.activation:javax.activation:1.2.0)
> It would be nice to only have one version and one provider of mail and
> activation in our project.
--
This message was sent by Atlassian Jira
(v8.3.4#803005)
