diff options
-rw-r--r-- | .classpath | 2 | ||||
-rw-r--r-- | build.gradle | 4 | ||||
-rw-r--r-- | build.xml | 9 | ||||
-rw-r--r-- | maven/poi-ooxml-schemas.pom | 2 | ||||
-rw-r--r-- | sonar/pom.xml | 2 | ||||
-rw-r--r-- | src/ooxml/java/org/apache/poi/ooxml/POIXMLTypeLoader.java | 1 |
6 files changed, 11 insertions, 9 deletions
diff --git a/.classpath b/.classpath index 367843e9c6..e689084f27 100644 --- a/.classpath +++ b/.classpath @@ -18,7 +18,7 @@ <classpathentry kind="lib" path="lib/ant-1.10.1.jar"/> <classpathentry kind="lib" path="lib/ant-launcher-1.10.1.jar"/> <classpathentry kind="lib" path="lib/log4j-1.2.17.jar"/> - <classpathentry exported="true" kind="lib" path="ooxml-lib/xmlbeans-3.0.0.jar" sourcepath="ooxml-lib/xmlbeans-3.0.0.jar"/> + <classpathentry exported="true" kind="lib" path="ooxml-lib/xmlbeans-3.0.1.jar" sourcepath="ooxml-lib/xmlbeans-3.0.1.jar"/> <classpathentry kind="lib" path="lib/hamcrest-core-1.3.jar"/> <classpathentry kind="lib" path="lib/junit-4.12.jar"/> <classpathentry kind="lib" path="ooxml-lib/curvesapi-1.05.jar"/> diff --git a/build.gradle b/build.gradle index ed7097ab60..1fa69cca95 100644 --- a/build.gradle +++ b/build.gradle @@ -26,10 +26,10 @@ buildscript { } repositories { + maven { url "https://repository.apache.org/content/repositories/staging" } mavenCentral() } - // Only add the plugin for Sonar if enabled if (project.hasProperty('enableSonar')) { println 'Enabling Sonar support' @@ -216,7 +216,7 @@ project('ooxml') { compileJava.dependsOn 'ant-compile-ooxml-xsds' dependencies { - compile 'org.apache.xmlbeans:xmlbeans:3.0.0' + compile 'org.apache.xmlbeans:xmlbeans:3.0.1' compile 'org.apache.commons:commons-collections4:4.2' compile 'org.apache.commons:commons-math3:3.6.1' compile 'org.apache.commons:commons-compress:1.18' @@ -200,9 +200,9 @@ under the License. <property name="ooxml.curvesapi.jar" location="${ooxml.lib}/curvesapi-1.05.jar"/> <property name="ooxml.curvesapi.url" value="${repository.m2}/maven2/com/github/virtuald/curvesapi/1.05/curvesapi-1.05.jar"/> - <property name="ooxml.xmlbeans.jar" location="${ooxml.lib}/xmlbeans-3.0.0.jar"/> + <property name="ooxml.xmlbeans.jar" location="${ooxml.lib}/xmlbeans-3.0.1.jar"/> <property name="ooxml.xmlbeans.url" - value="https://repository.apache.org/content/repositories/releases/org/apache/xmlbeans/xmlbeans/3.0.0/xmlbeans-3.0.0.jar"/> + value="https://repository.apache.org/content/repositories/staging/org/apache/xmlbeans/xmlbeans/3.0.1/xmlbeans-3.0.1.jar"/> <property name="ooxml.commons-compress.jar" location="${main.lib}/commons-compress-1.18.jar"/> <property name="ooxml.commons-compress.url" value="${repository.m2}/maven2/org/apache/commons/commons-compress/1.18/commons-compress-1.18.jar"/> @@ -637,7 +637,8 @@ under the License. <include name="ooxml-security-1.0.jar"/> <include name="curvesapi-1.03.jar"/> <include name="curvesapi-1.04.jar"/> - <include name="xmlbeans-2.*.jar*"/> + <include name="xmlbeans-2.*.jar"/> + <include name="xmlbeans-3.0.0.jar"/> </fileset> <fileset dir="${compile.lib}"> <include name="xercesImpl-*.jar"/> @@ -2025,7 +2026,7 @@ under the License. <globmapper from="*" to="${zipdir}/lib/*"/> </mappedresources> <mappedresources cache="true"> - <fileset dir="${ooxml.lib}" includes="xmlbeans-3.0.0.jar,curvesapi-*.jar"/> + <fileset dir="${ooxml.lib}" includes="xmlbeans-3.0.1.jar,curvesapi-*.jar"/> <regexpmapper from="^(.*\.jar)$$" to="${zipdir}/ooxml-lib/\1"/> </mappedresources> <mappedresources cache="true"> diff --git a/maven/poi-ooxml-schemas.pom b/maven/poi-ooxml-schemas.pom index 295eeab9b0..bff66dfb6e 100644 --- a/maven/poi-ooxml-schemas.pom +++ b/maven/poi-ooxml-schemas.pom @@ -62,7 +62,7 @@ <dependency> <groupId>org.apache.xmlbeans</groupId> <artifactId>xmlbeans</artifactId> - <version>3.0.0</version> + <version>3.0.1</version> </dependency> </dependencies> </project> diff --git a/sonar/pom.xml b/sonar/pom.xml index c76d331630..e6f381cd8c 100644 --- a/sonar/pom.xml +++ b/sonar/pom.xml @@ -72,7 +72,7 @@ <sonar.scm.disabled>true</sonar.scm.disabled> <!-- define some of the third-party or plugin-versions globally to use the same in all modules --> - <xmlbeans.version>3.0.0</xmlbeans.version> + <xmlbeans.version>3.0.1</xmlbeans.version> <junit.version>4.12</junit.version> <xmlunit.version>2.5.1</xmlunit.version> <mockito.version>2.13.0</mockito.version> diff --git a/src/ooxml/java/org/apache/poi/ooxml/POIXMLTypeLoader.java b/src/ooxml/java/org/apache/poi/ooxml/POIXMLTypeLoader.java index c795cd0d62..4a7a2b1b7b 100644 --- a/src/ooxml/java/org/apache/poi/ooxml/POIXMLTypeLoader.java +++ b/src/ooxml/java/org/apache/poi/ooxml/POIXMLTypeLoader.java @@ -40,6 +40,7 @@ public class POIXMLTypeLoader { DEFAULT_XML_OPTIONS.setUseDefaultNamespace(); DEFAULT_XML_OPTIONS.setSaveAggressiveNamespaces(); DEFAULT_XML_OPTIONS.setCharacterEncoding("UTF-8"); + DEFAULT_XML_OPTIONS.setEntityExpansionLimit(1); // Piccolo is disabled for POI builts, i.e. JAXP is used for parsing // so only user code using XmlObject/XmlToken.Factory.parse // directly can bypass the entity check, which is probably unlikely (... and not within our responsibility :)) |