[jboss-jira] [JBoss JIRA] (WFLY-11646) Upgrade antlr to more current release

Scott Marlow (Jira) issues at jboss.org
Tue Feb 19 15:13:00 EST 2019 

     [ https://issues.jboss.org/browse/WFLY-11646?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ]

Scott Marlow resolved WFLY-11646.
---------------------------------
    Resolution: Rejected


[~zabee] thanks for reporting this issue, good to bring awareness to the need (e.g. improvements in newer Antlr for running under Java security manager).  

The Hibernate master branch is still using Antlr 2.7.7.  Despite the comments in [HHH -10028|https://hibernate.atlassian.net/browse/HHH-10028], typically the Hibernate project does an upgrade first, during an upstream (e.g. latest [http://github.com/hibernate/hibernate-orm] master branch) and WildFly does a subsequent upgrade later when integrating the released Hibernate ORM release into WildFly.  

The reasoning is that the Hibernate project contains the unit tests that must prove that the upgraded Antlr libraries, still work correctly.  

If you feel like contributing to Hibernate, you could clone the [http://github.com/hibernate/hibernate-orm], upgrade the ANTLR version (in Hibernate gradle/libraries.gradle) and run tests (via something like /gradlew clean publishToMavenLocal test).  Also see the [http://hibernate.org/orm/contribute/] about how to contribute to Hibernate.

I'm closing this issue since we cannot upgrade the Antlr version until Hibernate ORM has upgraded to it.  After Hibernate ORM (master branch) has upgraded to the newer Antlr version, please reopen this jira, so we can track the issue.

> Upgrade antlr to more current release
> -------------------------------------
>
>                 Key: WFLY-11646
>                 URL: https://issues.jboss.org/browse/WFLY-11646
>             Project: WildFly
>          Issue Type: Component Upgrade
>          Components: JPA / Hibernate
>            Reporter: Zabee Ulla
>            Assignee: Scott Marlow
>            Priority: Minor
>
> As per the bug that was reported here - https://hibernate.atlassian.net/browse/HHH-10028, Hibernate stays in-step with Wildfly and EAP dependency versions to ensure compatibility.
> This task is a request to upgrade antlr to its latest version available against WildFly so that Hibernate also can pick the latest to be in synch with WildFly.
> Hibernate (hibernate-core to be more specific) latest version is still using antlr version 2.7.7 released on Jan 13, 2007. The latest available, built and maintained version is antlr-4-Runtime 4.7.2. Another reason for going with latest of antlr is to avoid any security vulnerabilities that the library is exposed to.



--
This message was sent by Atlassian Jira
(v7.12.1#712002)

More information about the jboss-jira mailing list