aboutsummaryrefslogtreecommitdiffstats
diff options
context:
space:
mode:
-rw-r--r--.classpath2
-rw-r--r--build.gradle4
-rw-r--r--build.xml9
-rw-r--r--maven/poi-ooxml-schemas.pom2
-rw-r--r--sonar/pom.xml2
-rw-r--r--src/ooxml/java/org/apache/poi/ooxml/POIXMLTypeLoader.java1
6 files changed, 11 insertions, 9 deletions
diff --git a/.classpath b/.classpath
index 367843e9c6..e689084f27 100644
--- a/.classpath
+++ b/.classpath
@@ -18,7 +18,7 @@
<classpathentry kind="lib" path="lib/ant-1.10.1.jar"/>
<classpathentry kind="lib" path="lib/ant-launcher-1.10.1.jar"/>
<classpathentry kind="lib" path="lib/log4j-1.2.17.jar"/>
- <classpathentry exported="true" kind="lib" path="ooxml-lib/xmlbeans-3.0.0.jar" sourcepath="ooxml-lib/xmlbeans-3.0.0.jar"/>
+ <classpathentry exported="true" kind="lib" path="ooxml-lib/xmlbeans-3.0.1.jar" sourcepath="ooxml-lib/xmlbeans-3.0.1.jar"/>
<classpathentry kind="lib" path="lib/hamcrest-core-1.3.jar"/>
<classpathentry kind="lib" path="lib/junit-4.12.jar"/>
<classpathentry kind="lib" path="ooxml-lib/curvesapi-1.05.jar"/>
diff --git a/build.gradle b/build.gradle
index ed7097ab60..1fa69cca95 100644
--- a/build.gradle
+++ b/build.gradle
@@ -26,10 +26,10 @@ buildscript {
}
repositories {
+ maven { url "https://repository.apache.org/content/repositories/staging" }
mavenCentral()
}
-
// Only add the plugin for Sonar if enabled
if (project.hasProperty('enableSonar')) {
println 'Enabling Sonar support'
@@ -216,7 +216,7 @@ project('ooxml') {
compileJava.dependsOn 'ant-compile-ooxml-xsds'
dependencies {
- compile 'org.apache.xmlbeans:xmlbeans:3.0.0'
+ compile 'org.apache.xmlbeans:xmlbeans:3.0.1'
compile 'org.apache.commons:commons-collections4:4.2'
compile 'org.apache.commons:commons-math3:3.6.1'
compile 'org.apache.commons:commons-compress:1.18'
diff --git a/build.xml b/build.xml
index 18233c894d..3bd8a951d2 100644
--- a/build.xml
+++ b/build.xml
@@ -200,9 +200,9 @@ under the License.
<property name="ooxml.curvesapi.jar" location="${ooxml.lib}/curvesapi-1.05.jar"/>
<property name="ooxml.curvesapi.url"
value="${repository.m2}/maven2/com/github/virtuald/curvesapi/1.05/curvesapi-1.05.jar"/>
- <property name="ooxml.xmlbeans.jar" location="${ooxml.lib}/xmlbeans-3.0.0.jar"/>
+ <property name="ooxml.xmlbeans.jar" location="${ooxml.lib}/xmlbeans-3.0.1.jar"/>
<property name="ooxml.xmlbeans.url"
- value="https://repository.apache.org/content/repositories/releases/org/apache/xmlbeans/xmlbeans/3.0.0/xmlbeans-3.0.0.jar"/>
+ value="https://repository.apache.org/content/repositories/staging/org/apache/xmlbeans/xmlbeans/3.0.1/xmlbeans-3.0.1.jar"/>
<property name="ooxml.commons-compress.jar" location="${main.lib}/commons-compress-1.18.jar"/>
<property name="ooxml.commons-compress.url"
value="${repository.m2}/maven2/org/apache/commons/commons-compress/1.18/commons-compress-1.18.jar"/>
@@ -637,7 +637,8 @@ under the License.
<include name="ooxml-security-1.0.jar"/>
<include name="curvesapi-1.03.jar"/>
<include name="curvesapi-1.04.jar"/>
- <include name="xmlbeans-2.*.jar*"/>
+ <include name="xmlbeans-2.*.jar"/>
+ <include name="xmlbeans-3.0.0.jar"/>
</fileset>
<fileset dir="${compile.lib}">
<include name="xercesImpl-*.jar"/>
@@ -2025,7 +2026,7 @@ under the License.
<globmapper from="*" to="${zipdir}/lib/*"/>
</mappedresources>
<mappedresources cache="true">
- <fileset dir="${ooxml.lib}" includes="xmlbeans-3.0.0.jar,curvesapi-*.jar"/>
+ <fileset dir="${ooxml.lib}" includes="xmlbeans-3.0.1.jar,curvesapi-*.jar"/>
<regexpmapper from="^(.*\.jar)$$" to="${zipdir}/ooxml-lib/\1"/>
</mappedresources>
<mappedresources cache="true">
diff --git a/maven/poi-ooxml-schemas.pom b/maven/poi-ooxml-schemas.pom
index 295eeab9b0..bff66dfb6e 100644
--- a/maven/poi-ooxml-schemas.pom
+++ b/maven/poi-ooxml-schemas.pom
@@ -62,7 +62,7 @@
<dependency>
<groupId>org.apache.xmlbeans</groupId>
<artifactId>xmlbeans</artifactId>
- <version>3.0.0</version>
+ <version>3.0.1</version>
</dependency>
</dependencies>
</project>
diff --git a/sonar/pom.xml b/sonar/pom.xml
index c76d331630..e6f381cd8c 100644
--- a/sonar/pom.xml
+++ b/sonar/pom.xml
@@ -72,7 +72,7 @@
<sonar.scm.disabled>true</sonar.scm.disabled>
<!-- define some of the third-party or plugin-versions globally to use the same in all modules -->
- <xmlbeans.version>3.0.0</xmlbeans.version>
+ <xmlbeans.version>3.0.1</xmlbeans.version>
<junit.version>4.12</junit.version>
<xmlunit.version>2.5.1</xmlunit.version>
<mockito.version>2.13.0</mockito.version>
diff --git a/src/ooxml/java/org/apache/poi/ooxml/POIXMLTypeLoader.java b/src/ooxml/java/org/apache/poi/ooxml/POIXMLTypeLoader.java
index c795cd0d62..4a7a2b1b7b 100644
--- a/src/ooxml/java/org/apache/poi/ooxml/POIXMLTypeLoader.java
+++ b/src/ooxml/java/org/apache/poi/ooxml/POIXMLTypeLoader.java
@@ -40,6 +40,7 @@ public class POIXMLTypeLoader {
DEFAULT_XML_OPTIONS.setUseDefaultNamespace();
DEFAULT_XML_OPTIONS.setSaveAggressiveNamespaces();
DEFAULT_XML_OPTIONS.setCharacterEncoding("UTF-8");
+ DEFAULT_XML_OPTIONS.setEntityExpansionLimit(1);
// Piccolo is disabled for POI builts, i.e. JAXP is used for parsing
// so only user code using XmlObject/XmlToken.Factory.parse
// directly can bypass the entity check, which is probably unlikely (... and not within our responsibility :))