[
https://issues.apache.org/jira/browse/TIKA-2368?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=16649290#comment-16649290
]
Oleg Tikhonov commented on TIKA-2368:
-------------------------------------
{code:java}
[INFO] Apache Tika parent ................................. SUCCESS [ 21.607 s]
[INFO] Apache Tika core ................................... SUCCESS [ 1.692 s]
[INFO] Apache Tika parsers ................................ SUCCESS [ 7.597 s]
[INFO] Apache Tika XMP .................................... SUCCESS [ 3.818 s]
[INFO] Apache Tika serialization .......................... SUCCESS [ 1.064 s]
[INFO] Apache Tika batch .................................. SUCCESS [ 2.633 s]
[INFO] Apache Tika language detection ..................... SUCCESS [ 1.204 s]
[INFO] Apache Tika application ............................ SUCCESS [ 3.097 s]
[INFO] Apache Tika OSGi bundle ............................ SUCCESS [ 3.941 s]
[INFO] Apache Tika translate .............................. SUCCESS [ 1.443 s]
[INFO] Apache Tika server ................................. SUCCESS [ 5.369 s]
[INFO] Apache Tika examples ............................... FAILURE [ 4.380 s]
[INFO] Apache Tika Java-7 Components ...................... SKIPPED [INFO]
Apache Tika eval ................................... SKIPPED [INFO] Apache Tika
Deep Learning (powered by DL4J) ........ SKIPPED [INFO] Apache Tika Natural
Language Processing ............ SKIPPED [INFO] Apache Tika
........................................ SKIPPED [INFO]
------------------------------------------------------------------------ [INFO]
BUILD FAILURE [INFO]
------------------------------------------------------------------------ [INFO]
Total time: 01:04 min [INFO] Finished at: 2018-10-14T11:07:24+03:00 [INFO]
Final Memory: 33M/275M [INFO]
------------------------------------------------------------------------
[ERROR] Failed to execute goal
org.sonatype.ossindex.maven:ossindex-maven-plugin:3.0.1:audit (default-cli) on
project tika-example: Detected 1 vulnerable components: [ERROR]
org.springframework:spring-core:jar:3.2.16.RELEASE:compile;
https://ossindex.sonatype.org/component/pkg:maven/org.springframework/spring-core@3.2.16.RELEASE
[ERROR] * [CVE-2018-1270] Improperly Implemented Security Check for
Standard (9.8);
https://ossindex.sonatype.org/vuln/9a3de118-b038-49ed-9af7-533210c9d85f [ERROR]
* [CVE-2018-1271] Improper Limitation of a Pathname to a Restricted
Directory ("Path Traversal") (5.9);
https://ossindex.sonatype.org/vuln/580d61c3-20df-4bb8-99c3-36c89e0d7550 [ERROR]
* [CVE-2018-1272] Permissions, Privileges, and Access Controls (7.5);
https://ossindex.sonatype.org/vuln/aa7190e3-4c47-42d6-82f6-afaf1da5762e [ERROR]
[ERROR] ->
{code}
I've upgraded spring-context to 4.3.19.RELEASE and is passed the scanning.
> Clean up SentimentParser dependencies
> -------------------------------------
>
> Key: TIKA-2368
> URL: https://issues.apache.org/jira/browse/TIKA-2368
> Project: Tika
> Issue Type: Improvement
> Reporter: Tim Allison
> Priority: Blocker
>
> Is there any way to avoid reliance on edu.usc.ir's sentiment-analysis-parser?
> I ask because:
> {noformat}
> [WARNING] sentiment-analysis-parser-0.1.jar, tika-parsers-1.15-SNAPSHOT.jar
> define 1 overlapping classes:
> [WARNING] - org.apache.tika.parser.sentiment.analysis.SentimentParser
> [WARNING] tika-core-1.15-SNAPSHOT.jar, tika-translate-1.15-SNAPSHOT.jar
> define 4 overlapping classes:
> [WARNING] - org.apache.tika.language.translate.DefaultTranslator$1
> [WARNING] - org.apache.tika.language.translate.EmptyTranslator
> [WARNING] - org.apache.tika.language.translate.DefaultTranslator
> [WARNING] - org.apache.tika.language.translate.Translator
> {noformat}
> We should be ok keeping things as they are and excluding SentimentParser and
> tika-translate, but can we easily move the code that's still in edu.usc.ir's
> package into Tika?
--
This message was sent by Atlassian JIRA
(v7.6.3#76005)
