[slf4j-dev] [JIRA] (SLF4J-454) Your project qos-ch/slf4j is using buggy third-party libraries [WARNING]

QOS.CH (JIRA) noreply-jira at qos.ch
Sat Feb 16 13:50:00 CET 2019


     [ https://jira.qos.ch/browse/SLF4J-454?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ]

Ceki Gülcü reopened SLF4J-454:
------------------------------

> Your project qos-ch/slf4j is using buggy third-party libraries [WARNING]
> ------------------------------------------------------------------------
>
>                 Key: SLF4J-454
>                 URL: https://jira.qos.ch/browse/SLF4J-454
>             Project: SLF4J
>          Issue Type: Bug
>         Environment: Hi, there!
> We are a research team working on third-party library analysis. We have found that some widely-used third-party libraries in your project have major/critical bugs, which will degrade the quality of your project. We highly recommend you to update those libraries to new versions.
> We have attached the buggy third-party libraries and corresponding jira issue links below for you to have more detailed information.
> 1. commons-lang commons-lang
>  version: 2.4
> Jira issues:
>  Fix case-insensitive string handling
>  affectsVersions:2.4
>  https://issues.apache.org/jira/projects/LANG/issues/LANG-432?filter=allopenissues
>  StringEscapeUtils.escapeHTML() does not escape chars (0x00-0x20)
>  affectsVersions:2.4
>  https://issues.apache.org/jira/projects/LANG/issues/LANG-439?filter=allopenissues
>  DateUtils.round doesn't work correct for Calendar.AM_PM
>  affectsVersions:2.4
>  https://issues.apache.org/jira/projects/LANG/issues/LANG-440?filter=allopenissues
>  Lower Ascii Characters don't get encoded by Entities.java
>  affectsVersions:2.4
>  https://issues.apache.org/jira/projects/LANG/issues/LANG-448?filter=allopenissues
>  Issue in HashCodeBuilder which only shows up under high load multi-threaded usage.
>  affectsVersions:2.4
>  https://issues.apache.org/jira/projects/LANG/issues/LANG-459?filter=allopenissues
>  Ant build file does not include ReflectTestSuite
>  affectsVersions:2.4
>  https://issues.apache.org/jira/projects/LANG/issues/LANG-463?filter=allopenissues
>  EqualsBuilder and HashCodeBuilder treat java.math.BigDecimal inconsistantly and break general contract of hashCode
>  affectsVersions:2.4
>  https://issues.apache.org/jira/projects/LANG/issues/LANG-467?filter=allopenissues
>  JDK 1.5 build/runtime failure on LANG-393 (EqualsBuilder)
>  affectsVersions:2.4
>  https://issues.apache.org/jira/projects/LANG/issues/LANG-468?filter=allopenissues
>  ExtendedMessageFormat: OutOfMemory with custom format registry and a pattern containing single quotes
>  affectsVersions:2.4
>  https://issues.apache.org/jira/projects/LANG/issues/LANG-477?filter=allopenissues
>  parseDate cannot parse ISO8601 dates produced by FastDateFormat
>  affectsVersions:2.4
>  https://issues.apache.org/jira/projects/LANG/issues/LANG-530?filter=allopenissues
>  DateFormatUtils.format does not correctly change Calendar TimeZone in certain situations
>  affectsVersions:2.4
>  https://issues.apache.org/jira/projects/LANG/issues/LANG-538?filter=allopenissues
>  StringUtils replaceEach - Bug or Missing Documentation 
>  affectsVersions:2.4
>  https://issues.apache.org/jira/projects/LANG/issues/LANG-552?filter=allopenissues
>  Javadoc wrong for StringUtils startsWith; startsWithIgnoreCase; endsWith and endsWithIgnoreCase
>  affectsVersions:2.4
>  https://issues.apache.org/jira/projects/LANG/issues/LANG-557?filter=allopenissues
>  HashCodeBuilder reflectionAppend creates unnecessary copy of excludeFields
>  affectsVersions:2.4
>  https://issues.apache.org/jira/projects/LANG/issues/LANG-575?filter=allopenissues
>  ExceptionUtils uses mutable lock target
>  affectsVersions:2.4
>  https://issues.apache.org/jira/projects/LANG/issues/LANG-584?filter=allopenissues
>  ClassUtils.toClass(Object[]) throws NPE on null array element
>  affectsVersions:2.4
>  https://issues.apache.org/jira/projects/LANG/issues/LANG-587?filter=allopenissues
>  
> Sincerely~
> FDU Software Engineering Lab
> Feb 15th, 2019
>            Reporter: Kaifeng Huang
>            Assignee: SLF4J developers list
>             Fix For: 1.8.0-beta4
>
>




--
This message was sent by Atlassian JIRA
(v7.3.1#73012)


More information about the slf4j-dev mailing list