Skip to main content
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index] [List Home]
Re: [cross-project-issues-dev] Fwd: [eclipse-platform/eclipse.platform.releng.aggregator] New Dependency Chain rcp -> batik -> xmlgraphics -> commons.logging (Issue #651)
Le 29/10/2022 à 10:33, Ed Merks a écrit :

FYI, The platform and Orbit have moved to Batik version 1.16.0 to fix some CVEs so please (Graphiti, GMF, Papyrus, and Sirius) update to this new version for M3.


I'm working on it for GMF Runtime and Sirius, but noticed that there has been some recent security-related fixes post-1.16.0 (see https://github.com/apache/xmlgraphics-batik/commits/trunk). We should probably expect a Batik 1.17 in the near future.



-------- Forwarded Message --------
Subject: [eclipse-platform/eclipse.platform.releng.aggregator] New Dependency Chain rcp -> batik -> xmlgraphics -> commons.logging (Issue #651)
Date: Fri, 28 Oct 2022 23:45:11 -0700
From: Christian Dietrich <notifications@xxxxxxxxxx>
Reply-To: eclipse-platform/eclipse.platform.releng.aggregator <reply+AABS6TBEZPFWMQH47GVKHS6BNH7HPEVBNHHFKH3GRA@xxxxxxxxxxxxxxxx>
To: eclipse-platform/eclipse.platform.releng.aggregator <eclipse.platform.releng.aggregator@xxxxxxxxxxxxxxxxxx>
CC: Subscribed <subscribed@xxxxxxxxxxxxxxxxxx>


hi, is the new dependency chain

Error: Cannot resolve project dependencies:
Error: Software being installed: org.eclipse.rcp.feature.group 4.26.0.v20221020-2202
Error: Missing requirement: org.apache.xmlgraphics 2.7.0.v20221018-0736 requires 'java.package; org.apache.commons.logging [1.0.4,1.3.0)' but it could not be found
Error: Cannot satisfy dependency: org.apache.batik.css 1.15.0.v20221018-0736 depends on: java.package; org.apache.xmlgraphics.java2d.color 2.7.0
Error: Cannot satisfy dependency: org.eclipse.e4.rcp.feature.group 4.26.0.v20221020-2202 depends on: org.eclipse.equinox.p2.iu; org.apache.batik.css [1.15.0.v20221018-0736,1.15.0.v20221018-0736]
Error: Cannot satisfy dependency: org.eclipse.rcp.feature.group 4.26.0.v20221020-2202 depends on: org.eclipse.equinox.p2.iu; org.eclipse.e4.rcp.feature.group [4.26.0.v20221020-2202,4.26.0.v20221020-2202]

intentional (aka is the new org.apache.xmlgraphics 2.7.0.v20221018-0736 in orbit as we want it or did unwanted changes sneak in)

https://github.com/itemis/xtext-reference-projects/pull/300/files


Reply to this email directly, view it on GitHub, or unsubscribe.
You are receiving this because you are subscribed to this thread.Message ID: <eclipse-platform/eclipse.platform.releng.aggregator/issues/651@github.com>


_______________________________________________
cross-project-issues-dev mailing list
cross-project-issues-dev@xxxxxxxxxxx
To unsubscribe from this list, visit https://www.eclipse.org/mailman/listinfo/cross-project-issues-dev

-- 
Pierre-Charles David (Obeo)

Back to the top