[slf4j-dev] [JIRA] (SLF4J-454) Your project qos-ch/slf4j is using buggy third-party libraries [WARNING]

John Patrick nhoj.patrick at gmail.com
Fri Feb 15 12:29:28 CET 2019 

The project appear to be dormant, i've tried emailing the developers
and using the contact us page at qos.sh but have not been able to
contact any slf4j developers in the past year.

only ceki appears to have done anything in over a year for slf4j, it
might need to be forked if people are still using slf4j and want it to
continue. i would step up to help contributing as i want to fixed some
issues but until i'm able to get ahold of any developer that isn't
possible

the https://github.com/qos-ch project does have activity for logback
but for slf4j it says 8th of Dec 2018 but i've no idea what changed



On Fri, 15 Feb 2019 at 08:45, QOS.CH (JIRA) <noreply-jira at qos.ch> wrote:
>
> Kaifeng Huang created SLF4J-454:
> -----------------------------------
>
>              Summary: Your project qos-ch/slf4j is using buggy third-party libraries [WARNING]
>                  Key: SLF4J-454
>                  URL: https://jira.qos.ch/browse/SLF4J-454
>              Project: SLF4J
>           Issue Type: Bug
>          Environment: Hi, there!
>
> We are a research team working on third-party library analysis. We have found that some widely-used third-party libraries in your project have major/critical bugs, which will degrade the quality of your project. We highly recommend you to update those libraries to new versions.
>
> We have attached the buggy third-party libraries and corresponding jira issue links below for you to have more detailed information.
>
> 1. commons-lang commons-lang
>  version: 2.4
>
> Jira issues:
>  Fix case-insensitive string handling
>  affectsVersions:2.4
>  https://issues.apache.org/jira/projects/LANG/issues/LANG-432?filter=allopenissues
>  StringEscapeUtils.escapeHTML() does not escape chars (0x00-0x20)
>  affectsVersions:2.4
>  https://issues.apache.org/jira/projects/LANG/issues/LANG-439?filter=allopenissues
>  DateUtils.round doesn't work correct for Calendar.AM_PM
>  affectsVersions:2.4
>  https://issues.apache.org/jira/projects/LANG/issues/LANG-440?filter=allopenissues
>  Lower Ascii Characters don't get encoded by Entities.java
>  affectsVersions:2.4
>  https://issues.apache.org/jira/projects/LANG/issues/LANG-448?filter=allopenissues
>  Issue in HashCodeBuilder which only shows up under high load multi-threaded usage.
>  affectsVersions:2.4
>  https://issues.apache.org/jira/projects/LANG/issues/LANG-459?filter=allopenissues
>  Ant build file does not include ReflectTestSuite
>  affectsVersions:2.4
>  https://issues.apache.org/jira/projects/LANG/issues/LANG-463?filter=allopenissues
>  EqualsBuilder and HashCodeBuilder treat java.math.BigDecimal inconsistantly and break general contract of hashCode
>  affectsVersions:2.4
>  https://issues.apache.org/jira/projects/LANG/issues/LANG-467?filter=allopenissues
>  JDK 1.5 build/runtime failure on LANG-393 (EqualsBuilder)
>  affectsVersions:2.4
>  https://issues.apache.org/jira/projects/LANG/issues/LANG-468?filter=allopenissues
>  ExtendedMessageFormat: OutOfMemory with custom format registry and a pattern containing single quotes
>  affectsVersions:2.4
>  https://issues.apache.org/jira/projects/LANG/issues/LANG-477?filter=allopenissues
>  parseDate cannot parse ISO8601 dates produced by FastDateFormat
>  affectsVersions:2.4
>  https://issues.apache.org/jira/projects/LANG/issues/LANG-530?filter=allopenissues
>  DateFormatUtils.format does not correctly change Calendar TimeZone in certain situations
>  affectsVersions:2.4
>  https://issues.apache.org/jira/projects/LANG/issues/LANG-538?filter=allopenissues
>  StringUtils replaceEach - Bug or Missing Documentation
>  affectsVersions:2.4
>  https://issues.apache.org/jira/projects/LANG/issues/LANG-552?filter=allopenissues
>  Javadoc wrong for StringUtils startsWith; startsWithIgnoreCase; endsWith and endsWithIgnoreCase
>  affectsVersions:2.4
>  https://issues.apache.org/jira/projects/LANG/issues/LANG-557?filter=allopenissues
>  HashCodeBuilder reflectionAppend creates unnecessary copy of excludeFields
>  affectsVersions:2.4
>  https://issues.apache.org/jira/projects/LANG/issues/LANG-575?filter=allopenissues
>  ExceptionUtils uses mutable lock target
>  affectsVersions:2.4
>  https://issues.apache.org/jira/projects/LANG/issues/LANG-584?filter=allopenissues
>  ClassUtils.toClass(Object[]) throws NPE on null array element
>  affectsVersions:2.4
>  https://issues.apache.org/jira/projects/LANG/issues/LANG-587?filter=allopenissues
>
>
>
>
> Sincerely~
> FDU Software Engineering Lab
> Feb 15th, 2019
>             Reporter: Kaifeng Huang
>             Assignee: SLF4J developers list
>
>
>
>
>
>
> --
> This message was sent by Atlassian JIRA
> (v7.3.1#73012)
> _______________________________________________
> slf4j-dev mailing list
> slf4j-dev at qos.ch
> http://mailman.qos.ch/mailman/listinfo/slf4j-dev

More information about the slf4j-dev mailing list