[MAGNOLIA-5352] Update JSTL to 1.2 and JSP-API to 2.1 Created: 01/Oct/13  Updated: 27/Dec/13  Resolved: 01/Nov/13

Status: Closed
Project: Magnolia
Component/s: build, core, templating
Affects Version/s: 5.0.4, 5.1
Fix Version/s: 5.2

Type: Improvement Priority: Neutral
Reporter: Paul Piper Assignee: Tobias Mattsson
Resolution: Fixed Votes: 0
Labels: actions
Remaining Estimate: Not Specified
Time Spent: Not Specified
Original Estimate: Not Specified

Attachments: Text File MAGNOLIA-5352_upgraded_to_JSP_2_1_and_JSTL_1_2.patch    
Issue Links:
dependency
is depended upon by MGNLXAA-73 Update JSP-API to version 2.1 Closed
relation
is related to MGNLACTIVATION-36 Update JSP-API to version 2.1 Closed
is related to MGNLADMLEG-23 Update JSP-API to version 2.1 Closed
is related to MGNLCACHE-20 Update JSP-API to version 2.1 Closed
is related to MGNLDATA-195 Update JSP-API to version 2.1 Closed
is related to MGNLEE-336 Update enterprise module to JSP-API v... Closed
is related to MGNLFORUM-183 Update JSP-API to version 2.1 Closed
is related to MGNLSTK-1242 Update JSP-API to version 2.1 Closed
is related to MGNLTPLSMPL-14 Update JSP-API to version 2.1 Closed
is related to MGNLUI-2235 Update JSP-API to version 2.1 Closed
Template:
Acceptance criteria:
Empty
Task DoD:
[ ]* Doc/release notes changes? Comment present?
[ ]* Downstream builds green?
[ ]* Solution information and context easily available?
[ ]* Tests
[ ]* FixVersion filled and not yet released
[ ]  Architecture Decision Record (ADR)
Release notes required:
Yes
Date of First Response:
Sprint: 5.1 - Final, 5.2-rc1, 5.1.1

 Description   

We noticed that the core pom still relies on JSTL 1.1.2, which was released in 2004. There has been a maintenance release to 1.2 in 2009, which should be used instead, as it aligns with the Unified Expression Language (EL) that has been delivered as part of the JavaServer Pages (JSP) 2.1 specification.

On our end this is currently causing some problems, since we rely heavily on JSTL 1.2 within a blossom module and the current 1.1.2 version included will throw an error when using <c:foreach> functionality. There shouldn't be any side-effects, as the 1.2 release was entirely backward compatible and there haven't been many reports since.

Would it be possible to update the POM.xml?



 Comments   
Comment by Magnolia International [ 02/Oct/13 ]

Tentatively assigning this to 5.1, as we should really have noticed earlier.
developers: Only explicit usage I find is in info.magnolia.cms.i18n.I18nContentSupportFilter. It sounds to me like that particular usage is really JSP-specific and as such should be in magnolia-templating.
Either way, the dependency should be updatable, especially since we've updated servlet-api versions.

In the meantime, madppiper, you can always use <exclude>, or, better, <dependencyManagement>, in your projects, right ?

Comment by Paul Piper [ 02/Oct/13 ]

Sounds good - using exclude for now is precisely what we came up with also. Thanks for the update.

Comment by Tobias Mattsson [ 03/Oct/13 ]

The changes we're looking at here are:

Updating javax.servlet:jstl to 1.2

Dropping taglibs:standard:1.1.2 because its bundled with the api in jstl 1.2

Updating to jsp-api 2.1 by dropping javax.servlet:jsp-api:2.0 and replacing it with javax.servlet.jsp:jsp-api:2.1

As a consequence we need to add javax.servlet:servlet-api in some modules because it was transitively included from javax.servlet:jsp-api:2.0

Comment by Tobias Mattsson [ 11/Oct/13 ]

We might want to add a <version>BANNED-WE-USE-JSTL-1-2-INSTEAD</version> for taglibs:standard to make sure there's no jar conflicts in customer projects.

Comment by Tobias Mattsson [ 11/Oct/13 ]

Scheduling for 5.2, attached patch.

Generated at Mon Feb 12 04:04:20 CET 2024 using Jira 9.4.2#940002-sha1:46d1a51de284217efdcb32434eab47a99af2938b.