Uploaded image for project: 'Jenkins'
  1. Jenkins
  2. JENKINS-69993

Prepare Ivy for removal of Commons HttpClient 3.x

    XMLWordPrintable

Details

    • Improvement
    • Resolution: Fixed
    • Major
    • ivy-plugin
    • None
    • 2.3

    Description

      Core still bundles a patched version of the deprecated Commons HttpClient 3.x library for use by plugins. This frequently confuses security scanners and is a maintenance liability. For this reason, we would like to remove this library from Jenkins core in jenkinsci/jenkins#7312.

      A systematic search of the plugin corpus was conducted in October 2022; this search revealed that a number of plugins have usages of Commons HttpClient 3.x. For compatibility with a future version of Jenkins core in which this library is removed, these plugins should either migrate their usage of Commons HttpClient 3.x to the Apache HttpComponents Client 4.x API plugin or Java 11 native HTTP client; or otherwise they should declare an explicit dependency on the Commons HttpClient 3.x API plugin.

      This plugin's identified usage of Commons HttpClient 3.x is as follows:

       RESULT: Plugin ivy:2.2 using org/apache/commons/httpclient/auth/AuthScope via org/apache/commons/vfs2/provider/http/HttpClientFactory.class
      RESULT: Plugin ivy:2.2 using org/apache/commons/httpclient/HeaderElement via org/apache/commons/vfs2/provider/http/HttpFileContentInfoFactory.class
      RESULT: Plugin ivy:2.2 using org/apache/commons/httpclient/Header via org/apache/commons/vfs2/provider/http/HttpFileContentInfoFactory.class
      RESULT: Plugin ivy:2.2 using org/apache/commons/httpclient/Header via org/apache/commons/vfs2/provider/http/HttpFileObject.class
      RESULT: Plugin ivy:2.2 using org/apache/commons/httpclient/HostConfiguration via org/apache/commons/vfs2/provider/http/HttpClientFactory.class
      RESULT: Plugin ivy:2.2 using org/apache/commons/httpclient/HttpClient via org/apache/commons/vfs2/provider/http/HttpClientFactory.class
      RESULT: Plugin ivy:2.2 using org/apache/commons/httpclient/HttpClient via org/apache/commons/vfs2/provider/http/HttpFileObject.class
      RESULT: Plugin ivy:2.2 using org/apache/commons/httpclient/HttpClient via org/apache/commons/vfs2/provider/http/HttpFileProvider.class
      RESULT: Plugin ivy:2.2 using org/apache/commons/httpclient/HttpClient via org/apache/commons/vfs2/provider/http/HttpFileSystem.class
      RESULT: Plugin ivy:2.2 using org/apache/commons/httpclient/HttpClient via org/apache/commons/vfs2/provider/http/HttpRandomAccessContent.class
      RESULT: Plugin ivy:2.2 using org/apache/commons/httpclient/HttpClient via org/apache/commons/vfs2/provider/webdav/WebdavFileObject.class
      RESULT: Plugin ivy:2.2 using org/apache/commons/httpclient/HttpClient via org/apache/commons/vfs2/provider/webdav/WebdavFileProvider.class
      RESULT: Plugin ivy:2.2 using org/apache/commons/httpclient/HttpClient via org/apache/commons/vfs2/provider/webdav/WebdavFileSystem.class
      RESULT: Plugin ivy:2.2 using org/apache/commons/httpclient/HttpConnectionManager via org/apache/commons/vfs2/provider/http/HttpClientFactory.class
      RESULT: Plugin ivy:2.2 using org/apache/commons/httpclient/HttpConnectionManager via org/apache/commons/vfs2/provider/http/HttpFileSystem.class
      RESULT: Plugin ivy:2.2 using org/apache/commons/httpclient/HttpMethodBase via org/apache/commons/vfs2/provider/webdav/WebdavFileObject.class
      RESULT: Plugin ivy:2.2 using org/apache/commons/httpclient/HttpMethodRetryHandler via org/apache/commons/vfs2/provider/webdav/WebdavMethodRetryHandler.class
      RESULT: Plugin ivy:2.2 using org/apache/commons/httpclient/HttpMethod via org/apache/commons/vfs2/provider/http/HttpFileObject.class
      RESULT: Plugin ivy:2.2 using org/apache/commons/httpclient/HttpMethod via org/apache/commons/vfs2/provider/webdav/WebdavFileObject.class
      RESULT: Plugin ivy:2.2 using org/apache/commons/httpclient/HttpMethod via org/apache/commons/vfs2/provider/webdav/WebdavMethodRetryHandler.class
      RESULT: Plugin ivy:2.2 using org/apache/commons/httpclient/HttpState via org/apache/commons/vfs2/provider/http/HttpClientFactory.class
      RESULT: Plugin ivy:2.2 using org/apache/commons/httpclient/HttpStatus via org/apache/commons/vfs2/provider/webdav/WebdavFileObject.class
      RESULT: Plugin ivy:2.2 using org/apache/commons/httpclient/methods/ByteArrayRequestEntity via org/apache/commons/vfs2/provider/webdav/WebdavFileObject$WebdavOutputStream.class
      RESULT: Plugin ivy:2.2 using org/apache/commons/httpclient/methods/GetMethod via org/apache/commons/vfs2/provider/http/HttpFileObject$HttpInputStream.class
      RESULT: Plugin ivy:2.2 using org/apache/commons/httpclient/methods/GetMethod via org/apache/commons/vfs2/provider/http/HttpFileObject.class
      RESULT: Plugin ivy:2.2 using org/apache/commons/httpclient/methods/GetMethod via org/apache/commons/vfs2/provider/http/HttpRandomAccessContent.class
      RESULT: Plugin ivy:2.2 using org/apache/commons/httpclient/methods/HeadMethod via org/apache/commons/vfs2/provider/http/HttpFileContentInfoFactory.class
      RESULT: Plugin ivy:2.2 using org/apache/commons/httpclient/methods/HeadMethod via org/apache/commons/vfs2/provider/http/HttpFileObject.class
      RESULT: Plugin ivy:2.2 using org/apache/commons/httpclient/methods/RequestEntity via org/apache/commons/vfs2/provider/webdav/WebdavFileObject$WebdavOutputStream.class
      RESULT: Plugin ivy:2.2 using org/apache/commons/httpclient/MultiThreadedHttpConnectionManager via org/apache/commons/vfs2/provider/http/HttpClientFactory.class
      RESULT: Plugin ivy:2.2 using org/apache/commons/httpclient/MultiThreadedHttpConnectionManager via org/apache/commons/vfs2/provider/http/HttpFileSystem.class
      RESULT: Plugin ivy:2.2 using org/apache/commons/httpclient/params/HttpClientParams via org/apache/commons/vfs2/provider/http/HttpClientFactory.class
      RESULT: Plugin ivy:2.2 using org/apache/commons/httpclient/params/HttpConnectionManagerParams via org/apache/commons/vfs2/provider/http/HttpClientFactory.class
      RESULT: Plugin ivy:2.2 using org/apache/commons/httpclient/params/HttpConnectionManagerParams via org/apache/commons/vfs2/provider/http/HttpFileSystemConfigBuilder.class
      RESULT: Plugin ivy:2.2 using org/apache/commons/httpclient/params/HttpConnectionParams via org/apache/commons/vfs2/provider/http/HttpFileSystemConfigBuilder.class
      RESULT: Plugin ivy:2.2 using org/apache/commons/httpclient/params/HttpMethodParams via org/apache/commons/vfs2/provider/webdav/WebdavFileObject.class
      RESULT: Plugin ivy:2.2 using org/apache/commons/httpclient/URIException via org/apache/commons/vfs2/provider/http/HttpFileObject.class
      RESULT: Plugin ivy:2.2 using org/apache/commons/httpclient/URIException via org/apache/commons/vfs2/provider/URLFileName.class
      RESULT: Plugin ivy:2.2 using org/apache/commons/httpclient/URIException via org/apache/commons/vfs2/provider/url/UrlFileObject.class
      RESULT: Plugin ivy:2.2 using org/apache/commons/httpclient/URIException via org/apache/commons/vfs2/provider/webdav/WebdavFileObject.class
      RESULT: Plugin ivy:2.2 using org/apache/commons/httpclient/UsernamePasswordCredentials via org/apache/commons/vfs2/provider/http/HttpClientFactory.class
      RESULT: Plugin ivy:2.2 using org/apache/commons/httpclient/util/DateUtil via org/apache/commons/vfs2/provider/http/HttpFileObject.class
      RESULT: Plugin ivy:2.2 using org/apache/commons/httpclient/util/DateUtil via org/apache/commons/vfs2/provider/webdav/WebdavFileObject.class
      RESULT: Plugin ivy:2.2 using org/apache/commons/httpclient/util/URIUtil via org/apache/commons/vfs2/provider/http/HttpFileObject.class
      RESULT: Plugin ivy:2.2 using org/apache/commons/httpclient/util/URIUtil via org/apache/commons/vfs2/provider/URLFileName.class

      Attachments

        Activity

          People

            basil Basil Crow
            basil Basil Crow
            Votes:
            0 Vote for this issue
            Watchers:
            1 Start watching this issue

            Dates

              Created:
              Updated:
              Resolved: