[MAGNOLIA-5352] Update JSTL to 1.2 and JSP-API to 2.1 Created: 01/Oct/13 Updated: 27/Dec/13 Resolved: 01/Nov/13 |
|
| Status: | Closed |
| Project: | Magnolia |
| Component/s: | build, core, templating |
| Affects Version/s: | 5.0.4, 5.1 |
| Fix Version/s: | 5.2 |
| Type: | Improvement | Priority: | Neutral |
| Reporter: | Paul Piper | Assignee: | Tobias Mattsson |
| Resolution: | Fixed | Votes: | 0 |
| Labels: | actions | ||
| Remaining Estimate: | Not Specified | ||
| Time Spent: | Not Specified | ||
| Original Estimate: | Not Specified | ||
| Attachments: |
|
||||||||||||||||||||||||||||||||||||||||||||||||
| Issue Links: |
|
||||||||||||||||||||||||||||||||||||||||||||||||
| Template: |
|
||||||||||||||||||||||||||||||||||||||||||||||||
| Acceptance criteria: |
Empty
|
||||||||||||||||||||||||||||||||||||||||||||||||
| Task DoD: |
[ ]*
Doc/release notes changes? Comment present?
[ ]*
Downstream builds green?
[ ]*
Solution information and context easily available?
[ ]*
Tests
[ ]*
FixVersion filled and not yet released
[ ] 
Architecture Decision Record (ADR)
|
||||||||||||||||||||||||||||||||||||||||||||||||
| Release notes required: |
Yes
|
||||||||||||||||||||||||||||||||||||||||||||||||
| Date of First Response: | |||||||||||||||||||||||||||||||||||||||||||||||||
| Sprint: | 5.1 - Final, 5.2-rc1, 5.1.1 | ||||||||||||||||||||||||||||||||||||||||||||||||
| Description |
|
We noticed that the core pom still relies on JSTL 1.1.2, which was released in 2004. There has been a maintenance release to 1.2 in 2009, which should be used instead, as it aligns with the Unified Expression Language (EL) that has been delivered as part of the JavaServer Pages (JSP) 2.1 specification. On our end this is currently causing some problems, since we rely heavily on JSTL 1.2 within a blossom module and the current 1.1.2 version included will throw an error when using <c:foreach> functionality. There shouldn't be any side-effects, as the 1.2 release was entirely backward compatible and there haven't been many reports since. Would it be possible to update the POM.xml? |
| Comments |
| Comment by Magnolia International [ 02/Oct/13 ] |
|
Tentatively assigning this to 5.1, as we should really have noticed earlier. In the meantime, madppiper, you can always use <exclude>, or, better, <dependencyManagement>, in your projects, right ? |
| Comment by Paul Piper [ 02/Oct/13 ] |
|
Sounds good - using exclude for now is precisely what we came up with also. Thanks for the update. |
| Comment by Tobias Mattsson [ 03/Oct/13 ] |
|
The changes we're looking at here are: Updating javax.servlet:jstl to 1.2 Dropping taglibs:standard:1.1.2 because its bundled with the api in jstl 1.2 Updating to jsp-api 2.1 by dropping javax.servlet:jsp-api:2.0 and replacing it with javax.servlet.jsp:jsp-api:2.1 As a consequence we need to add javax.servlet:servlet-api in some modules because it was transitively included from javax.servlet:jsp-api:2.0 |
| Comment by Tobias Mattsson [ 11/Oct/13 ] |
|
We might want to add a <version>BANNED-WE-USE-JSTL-1-2-INSTEAD</version> for taglibs:standard to make sure there's no jar conflicts in customer projects. |
| Comment by Tobias Mattsson [ 11/Oct/13 ] |
|
Scheduling for 5.2, attached patch. |