Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

simile-vicino: depends on ancient commons-compress library #4228

Closed
apoleon opened this issue Oct 20, 2021 · 4 comments · Fixed by OpenRefine/simile-vicino#5 or #6417
Closed

simile-vicino: depends on ancient commons-compress library #4228

apoleon opened this issue Oct 20, 2021 · 4 comments · Fixed by OpenRefine/simile-vicino#5 or #6417
Assignees
@tfmorris
Labels
PR: Dependencies Used for pull requests that update the project's dependencies to newer versions. Type: Bug Issues related to software defects or unexpected behavior, which require resolution.
Milestone
3.8

Comments

@apoleon
Copy link

apoleon commented Oct 20, 2021

Hello,

as part of the effort to package OpenRefine for Debian I discovered that simile-vicino depends on an ancient commons-compress artifact. I couldn't open an issue there, so I hope it makes sense to file a bug report here.

commons-compress commons-compress 20050911

The problem is that Debian and other Linux distributions try to ship only one library version to reduce code duplication and possible security vulnerabilities in the distribution. The latest commons-compress version in Debian does not ship the required CBZip2OutputStream class in src/edu/mit/simile/vicino/distances/BZip2Distance.java anymore.
Interestingly at some point in time the Ant project imported the exact same code, so it would be possible to depend on Ant and still be able to compile vicino.

Of course depending on another Java build system makes no sense. I see two solutions. Either we could replace the CBZip2OutputStream class / functionality or import the necessary code into vicino. At the moment I did the latter in Debian. zip file is attched.

CBZip2OutputStream.zip
@apoleon apoleon added Type: Bug Issues related to software defects or unexpected behavior, which require resolution. Status: Pending Review Indicates that the issue or pull request is awaiting review by project maintainers or collaborators labels Oct 20, 2021
@wetneb
Copy link
Sponsor Member

wetneb commented Oct 20, 2021

Hi Markus,
Thanks for the report! As far as I can tell, this distance is not exposed in OpenRefine, so we could as well consider removing it from Vicino altogether.

@wetneb wetneb added the PR: Dependencies Used for pull requests that update the project's dependencies to newer versions. label Oct 20, 2021
@thadguidry
Copy link
Member

I agree with @wetneb that for now we could remove it from Vicino.

@wetneb wetneb removed the Status: Pending Review Indicates that the issue or pull request is awaiting review by project maintainers or collaborators label Oct 23, 2021
This was referenced Mar 4, 2024
Closed
Merged
@tfmorris
Copy link
Member

tfmorris commented Mar 4, 2024

This was an oversight from when I put together the simile-vicino POM in 2020. There's no need for the ancient dependency.

I've put a PR with a fix up in OpenRefine/simile-vicino#5 which will require a bump of OpenRefine's dependency after it's published.

@tfmorris tfmorris self-assigned this Mar 4, 2024
@tfmorris tfmorris added this to the 3.8 milestone Mar 4, 2024
@tfmorris
Copy link
Member

tfmorris commented Mar 4, 2024

Reopening until we update the dependency here to pull in the fixed version.

@tfmorris tfmorris reopened this Mar 4, 2024
@tfmorris tfmorris mentioned this issue Mar 4, 2024
Merged
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees

@tfmorris tfmorris

Labels
PR: Dependencies Used for pull requests that update the project's dependencies to newer versions. Type: Bug Issues related to software defects or unexpected behavior, which require resolution.
Projects
None yet
Milestone
3.8
4 participants
@tfmorris @wetneb @thadguidry @apoleon