Skip to content

Bump Apache Velocity Engine to version 2.x #1461

New issue
New issue
Open
Open
Bump Apache Velocity Engine to version 2.x#1461
Labels
buildAffects the build system or other automationdependenciesRelated to third party dependency updates or migrations
@ppkarwasz

Description

@ppkarwasz
ppkarwasz
opened on May 4, 2023

Description

We should consider moving away from the unmaintained Velocity 1.x: it starts collecting security advisories, like the one on our Dependabot alerts page.

If we continue to use Maven Site Plugin, we need to bump its version to 4.x (which is in its alpha stage). However the current versions (2.x) of asciidoctor-maven-plugin are not compatible with version 4.x of Maven Site Plugin, so we are blocked until asciidoctor/asciidoctor-maven-plugin#578 is resolved.

Metadata

Metadata

Assignees

No one assigned

    Labels

    buildAffects the build system or other automationdependenciesRelated to third party dependency updates or migrations

    Type

    No type

    Projects

    Log4j bug tracker

    Status

    To triage

    Milestone

    No milestone

    Relationships

    None yet

    Development

    No branches or pull requests

    Issue actions