[
https://issues.apache.org/jira/browse/MNG-7844?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=17744319#comment-17744319
]
Robert Scholte commented on MNG-7844:
-------------------------------------
Just a couple of my personnal opinions: the fact that XML can have an include
mechanism doesn't mean Maven should support it. It will be a target for
vulnerability injection.
What's the _important_ usecase that requires this? I assume it is more about
mixins, which I believe should be done based on GAV: it is just another way of
handling a parent pom.
> Support for DTD entities and XInclude in the code at build time
> ---------------------------------------------------------------
>
> Key: MNG-7844
> URL: https://issues.apache.org/jira/browse/MNG-7844
> Project: Maven
> Issue Type: New Feature
> Reporter: Guillaume Nodet
> Assignee: Guillaume Nodet
> Priority: Major
> Fix For: 4.0.x-candidate
>
>
> The idea is to open a bit more the POM XML to composition.
> The prerequisite is that the _original_ pom is not installed / uploaded
> anymore and needs to be processed and trimmed, so that the consumer pom is
> installed/uploaded. The consumer pom mechanism would have to be slightly
> changed to make sure DTD entities and xinclude are fully processed and merged
> in.
--
This message was sent by Atlassian Jira
(v8.20.10#820010)
