Uploaded image for project: 'Jenkins'
  1. Jenkins
  2. JENKINS-65161

Remove commons-digester from Core


    • Icon: Task Task
    • Resolution: Unresolved
    • Icon: Major Major
    • core
    • None

      Currently commons-digester 2.1 is triggering some security alerts on scanner. 

      Digester is not used in core but exposed to some plugins which use it.

      With the help of https://github.com/jenkins-infra/usage-in-plugins    we found the class 

      A draft PR has been opened here https://github.com/jenkinsci/jenkins/pull/5320  for discussion.

      I would personally remove it from core and make some PRs on plugins using it (except very old plugins not anymore maintained)



            olamy Olivier Lamy
            olamy Olivier Lamy
            0 Vote for this issue
            3 Start watching this issue