OFBiz › OFBiz - Dev

Upgrading libs also in in release branches?

_‹ Previous Topic Next Topic _›

Classic

List

Threaded

4 messages Options

Jacques Le Roux

Upgrading libs also in in release branches?

Administrator

Hi,

After answering to Ben at https://issues.apache.org/jira/browse/OFBIZ-6747

I was wondering if, apart for security reasons, we would want to upgrade libs in release branches.

Actually it's obviously not needed, so just asking...

Jacques

taher

Re: Upgrading libs also in in release branches?

I think the obvious answer as you mentioned is not to touch releases unless
you have to.

On the other hand I'm not sure we want to add more dependencies on external
libraries like caffeine unless there is a strong reason. We are already
struggling with having way too many dependencies that complicate things.

On Sat, Jun 9, 2018, 10:23 AM Jacques Le Roux <[hidden email]>
wrote:

> Hi,
>
> After answering to Ben at https://issues.apache.org/jira/browse/OFBIZ-6747
>
> I was wondering if, apart for security reasons, we would want to upgrade
> libs in release branches.
>
> Actually it's obviously not needed, so just asking...
>
> Jacques
>
>

Jacques Le Roux

Re: Upgrading libs also in in release branches?

Administrator

Le 09/06/2018 à 10:57, Taher Alkhateeb a écrit :
> I think the obvious answer as you mentioned is not to touch releases unless
> you have to.
Yep

> On the other hand I'm not sure we want to add more dependencies on external
> libraries like caffeine unless there is a strong reason. We are already
> struggling with having way too many dependencies that complicate things.
Actually it's a replacement.
Ben is the author and maintainer of both and recommends to change because ConcurrentLinkedHashMap is no longer maintained
See OFBIZ-6747

Jacques

>
> On Sat, Jun 9, 2018, 10:23 AM Jacques Le Roux <[hidden email]>
> wrote:
>
>> Hi,
>>
>> After answering to Ben at https://issues.apache.org/jira/browse/OFBIZ-6747
>>
>> I was wondering if, apart for security reasons, we would want to upgrade
>> libs in release branches.
>>
>> Actually it's obviously not needed, so just asking...
>>
>> Jacques
>>
>>

taher

Re: Upgrading libs also in in release branches?

I see. It makes sense in this case. I'll take a quick look at the JIRA.

On Sat, Jun 9, 2018, 12:07 PM Jacques Le Roux <[hidden email]>
wrote:

> Le 09/06/2018 à 10:57, Taher Alkhateeb a écrit :
> > I think the obvious answer as you mentioned is not to touch releases
> unless
> > you have to.
> Yep
>
> > On the other hand I'm not sure we want to add more dependencies on
> external
> > libraries like caffeine unless there is a strong reason. We are already
> > struggling with having way too many dependencies that complicate things.
> Actually it's a replacement.
> Ben is the author and maintainer of both and recommends to change because
> ConcurrentLinkedHashMap is no longer maintained
> See OFBIZ-6747
>
> Jacques
> >
> > On Sat, Jun 9, 2018, 10:23 AM Jacques Le Roux <
> [hidden email]>
> > wrote:
> >
> >> Hi,
> >>
> >> After answering to Ben at
> https://issues.apache.org/jira/browse/OFBIZ-6747
> >>
> >> I was wondering if, apart for security reasons, we would want to upgrade
> >> libs in release branches.
> >>
> >> Actually it's obviously not needed, so just asking...
> >>
> >> Jacques
> >>
> >>
>
>