www-legal-discuss mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From "Sebb (JIRA)" <j...@apache.org>
Subject [jira] [Comment Edited] (LEGAL-171) OK to distribute code containing the JavadocFixTool
Date Mon, 24 Jun 2013 16:58:20 GMT

    [ https://issues.apache.org/jira/browse/LEGAL-171?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=13692131#comment-13692131
] 

Sebb edited comment on LEGAL-171 at 6/24/13 4:56 PM:
-----------------------------------------------------

For completeness, there are various options for avoiding / fixing the vulnerability:

Use a patched version of the javadoc tool, for example use JDK 1.7.0_25 or later (but beware
that some versions of Java 1.8 may have the vulnerability)
To check the javadoc version:  "javadoc -J-version"

Download and run the Oracle tool stand-alone.
Note that the tool version 1.2 06/14/2013 has several bugs which may affect the outcome 
(e.g. it assumes the platform encoding; does not close files; fails to delete replaced input
file on Windows)

Use the Maven Javadoc plugin, a new version of which is about to be released that includes
automatic correction of javadoc files after running the javadoc tool

Use an Ant macro to fix the code after every javadoc invocation.

See above for links
                
      was (Author: sebb@apache.org):
    For completeness, there are various options for solving the vulnerability:

Download and run the Oracle tool stand-alone.
Note that the tool version 1.2 06/14/2013 has several bugs which may affect the outcome (e.g.
assumes the platform encoding; does not close files; fails to delete replaced input file on
Windows)

Use the Maven Javadoc plugin, a new version of which is about to be released that includes
automatic correction of javadoc files after running the javadoc tool

Use an Ant macro to fix the code after every javadoc invocation.

See above for links
                  
> OK to distribute code containing the JavadocFixTool
> ---------------------------------------------------
>
>                 Key: LEGAL-171
>                 URL: https://issues.apache.org/jira/browse/LEGAL-171
>             Project: Legal Discuss
>          Issue Type: Question
>            Reporter: Sebb
>         Attachments: LICENSE
>
>
> Oracle have released a tool which can be used to fix a vulnerability in Javadoc created
by earlier versions of their javadoc application.
> We'd like to include the code as part of a Maven plugin, but doubts have been raised
as to whether the license allows this.
> If it's relevant, the code would need to be amended slightly to fix some bugs and change
the package name so it can be called from other packages.

--
This message is automatically generated by JIRA.
If you think it was sent incorrectly, please contact your JIRA administrators
For more information on JIRA, see: http://www.atlassian.com/software/jira

---------------------------------------------------------------------
To unsubscribe, e-mail: legal-discuss-unsubscribe@apache.org
For additional commands, e-mail: legal-discuss-help@apache.org


Mime
View raw message