Open Hub
Open Hub

 Settings |  Report Duplicate

172
I Use This!
Very Low Activity

News

Analyzed about 21 hours ago. based on code collected about 21 hours ago.
XERCESC-2258
Posted 10 months ago by Uma Kant
XercesDOMParser fails to parse file with with emojis and other symbols on mac
XERCESC-2257
Posted 10 months ago by Scott Cantor
> What would be really helpful if you documented the release process step-by-step. I think there used to be a document like this somewhere, but I don't remember where and it's probably fairly outdated. It's not actually all that complex with one Read more
XERCESC-2257
Posted 10 months ago by Boris Kolpackov
> Is mid-2025 too soon? No, I think that will work. What would be really helpful if you documented the release process step-by-step. I think there used to be a document like this somewhere, but I don't remember where and it's probably fairly Read more
XERCESC-2257
Posted 10 months ago by Scott Cantor
> I asked you a specific question and you give a wishy-washy answer like this? There is a large number of > applications that use Xerces-C++ only for parsing trusted input. What is the safety implication of this? Almost by definition, the safety Read more
XERCESC-2257
Posted 10 months ago by Boris Kolpackov
> If you honestly think there are not a significant nunber of unfound issues at this point I am 100% certain there are. But so is the case with most C/C++ code bases, actively or not actively maintained. Again, take Expat as an example: every Read more
XERCESC-2257
Posted 10 months ago by Scott Cantor
If you honestly think there are not a significant nunber of unfound issues at this point, I don't know what to say to that. Again, we have a difference of opinion. This is about risk and future outlook. I think one would have to be absolutely nuts Read more
XERCESC-2257
Posted 10 months ago by Boris Kolpackov
> I'm not discarding it. Well, you are: we have fixed the security issue (and so, as far as I know, there aren't any open ones at the moment), and you turn around and publicly announce that Xerces-C++ is still not good enough and should be taken out Read more
XERCESC-2257
Posted 10 months ago by Scott Cantor
I'm not discarding it. But we have very different opinons about what a "maintained and safe" code base means, and that's just not a bridgeable divide I expect. My judgement remains that projects should be working to move off this code now, and not Read more
XERCESC-2257
Posted 10 months ago by Boris Kolpackov
> If the PMC agrees to change the public status of the project, then I will post whatever is agreed to, but as it stands, I have no license to do that. I probably had no claim to say what I did about the port Right. You've also discarded other's Read more
XERCESC-2257
Posted 10 months ago by Boris Kolpackov
Let me add a couple of clarifications: > I am the last maintainer left, [...], and once I'm fully off Xerces in a few years, I seriously doubt it has a future unless somethiing changes.   As I said many times before, we have a product that depends Read more