Skip to content

Bump LibreOffice library odfdom-java to 0.12.0, require JDK 11+ for generating Calc file ODS #684

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Open
slawekjaranowski wants to merge 1 commit into
base: master
Choose a base branch
from
Open

Bump LibreOffice library odfdom-java to 0.12.0, require JDK 11+ for generating Calc file ODS #684

slawekjaranowski wants to merge 1 commit into from

Conversation

@slawekjaranowski
Copy link
Member

@slawekjaranowski slawekjaranowski commented Dec 1, 2025

Old library contains security issues so should be updated, hope feature is not widely used, so we can bump and require JDK 11+ for this

Copilot AI reviewed Dec 1, 2025
View reviewed changes
Copy link
Contributor

Copilot AI left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Pull request overview

This PR upgrades the odfdom-java library from version 0.9.0 to 0.12.0 to address security vulnerabilities in the older version. The upgrade requires JDK 11+ for generating LibreOffice Calc (ODS) files, implemented using a Multi-Release JAR (MRJAR) pattern to maintain backward compatibility with JDK 8.

Key changes:

  • Upgraded odfdom-java dependency to 0.12.0 and added xml-apis 1.4.01 for JDK 8 compatibility
  • Implemented MRJAR pattern with JDK 8 stub throwing UnsupportedOperationException and full JDK 11+ implementation
  • Added JDK version check in tests and integration test requirements

Reviewed changes

Copilot reviewed 7 out of 7 changed files in this pull request and generated 7 comments.

Show a summary per file
File Description
pom.xml Updated odfdom-java to 0.12.0, added xml-apis dependency, configured MRJAR profile with compiler and surefire plugins
src/main/java/org/codehaus/mojo/license/extended/spreadsheet/CalcFileWriter.java JDK 8 stub implementation throwing UnsupportedOperationException
src/main/java11/org/codehaus/mojo/license/extended/spreadsheet/CalcFileWriter.java Complete JDK 11+ implementation for ODS file generation
src/test/java/org/codehaus/mojo/license/download/LicenseSummaryTest.java Added version check to conditionally test ODS generation or exception handling
src/main/java/org/codehaus/mojo/license/utils/MojoHelper.java Fixed URL concatenation to prevent double slashes when baseUrl already ends with "/"
src/main/java/org/codehaus/mojo/license/AbstractDownloadLicensesMojo.java Added documentation noting JDK 11+ requirement for ODS file generation
src/it/aggregate-download-licenses-extended-spreadsheet/invoker.properties Set minimum JDK version to 11+ for integration test

💡 Add Copilot custom instructions for smarter, more guided reviews. Learn how to get started.

@slawekjaranowski
Bump LibreOffice library odfdom-java to 0.12.0, require JDK 11+ for g…
5aaf8ac 
…enerating Calc file ODS

Old library contains security issues so should be updated,
hope feature is not widely used, so we can bump and require JDK 11+ for this
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

Copilot code review Copilot Copilot left review comments

@slachiewicz slachiewicz Awaiting requested review from slachiewicz

Assignees

No one assigned

Labels

breaking enhancement

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

1 participant

@slawekjaranowski