[jira] [Commented] (TIKA-3003) Remove unused dependencies

classic Classic list List threaded Threaded
1 message Options
Reply | Threaded
Open this post in threaded view
|

[jira] [Commented] (TIKA-3003) Remove unused dependencies

David Eric Pugh (Jira)

    [ https://issues.apache.org/jira/browse/TIKA-3003?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=16984536#comment-16984536 ]

ASF GitHub Bot commented on TIKA-3003:
--------------------------------------

cesarsotovalero commented on pull request #299: fix for TIKA-3003 contributed by cesarsotovalero
URL: https://github.com/apache/tika/pull/299
 
 
   I'm making this pull reques because I noticed that dependency `org.jsoup:jsoup:1.12.1` is declared in module `tika-parsers` to prevent from having a vulnerable version from edu.ucar:grib. However, this dependency is not used and, therefore, it can be removed to make the ` pom` clearer and the dependency tree of this module less complex.
   
   In addition, dependency `net.sf.ehcache:ehcache-core`, induced transitively from `edu.ucar:cdm:4.5.5`, is not used and can be excluded safely. Notice that the size of the `jar` of `ehcache-core` is around 1.3MB, thus removing it has a positive impact on the size of module `tika-parsers`.
 
----------------------------------------------------------------
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.
 
For queries about this service, please contact Infrastructure at:
[hidden email]


> Remove unused dependencies
> --------------------------
>
>                 Key: TIKA-3003
>                 URL: https://issues.apache.org/jira/browse/TIKA-3003
>             Project: Tika
>          Issue Type: Improvement
>          Components: parser
>    Affects Versions: 2.0.0
>            Reporter: César Soto Valero
>            Priority: Minor
>             Fix For: 2.0.0
>
>
> I noticed that dependency *org.jsoup:jsoup:1.12.1* is declared in module *tika-parsers*  to prevent from having a vulnerable version from *edu.ucar:grib*. However, this dependency is not used and, therefore, it can be removed to make the pom clearer and the dependency tree of this module complex.
> In addition, dependency *net.sf.ehcache:ehcache-core*, induced transitively from *edu.ucar:cdm:4.5.5*, is not used and can be excluded safely. Notice that the size of the jar of *ehcache-core* is around 1.3MB, thus removing it has a positive impact on the size of *tika-parsers*.



--
This message was sent by Atlassian Jira
(v8.3.4#803005)