[rdf4j-dev] Newer Lucene Version

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index] [List Home]

[rdf4j-dev] Newer Lucene Version

From: Andreas Schwarte <aschwarte10@xxxxxxxxx>
Date: Wed, 16 May 2018 11:35:48 +0200
Delivered-to: rdf4j-dev@xxxxxxxxxxx
List-archive: <https://dev.eclipse.org/mailman/private/rdf4j-dev>
List-help: <mailto:rdf4j-dev-request@eclipse.org?subject=help>
List-subscribe: <https://dev.eclipse.org/mailman/listinfo/rdf4j-dev>, <mailto:rdf4j-dev-request@eclipse.org?subject=subscribe>
List-unsubscribe: <https://dev.eclipse.org/mailman/options/rdf4j-dev>, <mailto:rdf4j-dev-request@eclipse.org?subject=unsubscribe>

Hi,

in our new company we have more strict security guidelines w.r.t open source software.

The lucene version that is currently bundled with RDF4J (i.e. lucene 5.x) is EOL, same for solr (and probably elasticsearch). The current stable is 7.3.0 (or 7.3.1).

How are the policies with an upgrade of these 3rd party components? Could this be done in a 2.4.0 release?

I have done an evaluation of the update. Quite a bit of Lucene API replacements required, but looks pretty dsave. The only thing that I could not solve so far is the update of "elasticsearch", which fails in maven with a "bytecode enforce check" on log4j

[INFO] Restricted to JDK 1.8 yet org.apache.logging.log4j:log4j-api:jar:2.9.1:compile contains META-INF/versions/9/org/apache/logging/log4j/util/ProcessIdUtil.class targeted to JDK 1.9

Any ideas on how to fix this?

If we are ok to get the work on an upgrade started I could upload my change as a pull request.

Opinions?

Thanks,

Andreas

Follow-Ups:
- Re: [rdf4j-dev] Newer Lucene Version
  - From: Bart Hanssens (BOSA)

Prev by Date: Re: [rdf4j-dev] package naming issue in MemoryBenchmark?
Next by Date: Re: [rdf4j-dev] Newer Lucene Version
Previous by thread: [rdf4j-dev] project-wide planning board
Next by thread: Re: [rdf4j-dev] Newer Lucene Version
Index(es):
- Date
- Thread

Breadcrumbs