Request to upgrade apache commons dependency in next ema release
Our application is using com.refinitiv.ema 3.7.2.0 dependency, which is bundled with apache commons-configuration2 v2.8.0, which has apache-commons-text v1.9.0 dependency. This apache-commons-text v1.9.0 dependency has been flagged as being vulnerable by the IT department in my company.
I would like to kindly request for the apache commons-configuration2 to be upgraded to v2.9.0 and be included in the next refinitiv ema dependency release. May I know when can this upgrade be done and be made available on maven repository?
Thanks.
Best Regards,
Vikneshh
Best Answer
-
Thank you for reaching out to us.
I checked the apache commons dependencies in the RTSDK-2.1.2.L1 or EMA/ETA 3.7.2.L1 release and the dependencies are:
It uses commons-text-1.10.0.jar.
If you are a RDC (Refinitiv Developer Connect) contact, you can submit this request to the API support team directly via Contact Premium Support. Otherwise, you can submit this request via GitHub.
0
Answers
-
Hi Jirapongse,
In order to import RTSDK-2.1.2.L1 into my spring boot application, do I need to import each individual ema, eta and apache dependencies like (ema 3.7.2.0, commons-text-1.10.0 etc) found in the RTSDK-2.1.2.L1.jav.rrg.zip folder?
Or is there a specific maven dependency which encompasses the dependencies found in RTSDK-2.1.2.L1 that can be added to my application?
Is EMA/ETA 3.7.2.L1 release the same as RTSDK-2.1.2.L1 release?
Best Regards,
Vikneshh
0 -
Yes, RTSDK-2.1.2.L1 is EMA/ETA 3.7.2.L1.
Correct, you need to import dependencies to the project.
I checked EMA 3.7.2 in Maven (https://mvnrepository.com/artifact/com.refinitiv.ema/ema/3.7.2.0). It depends on commons-configuration2:2.9.0 and commons-configuration2:2.9.0 depends on commons-text:1.10.0.
0 -
Hi Jirapongse,
Actually EMA 3.7.2 in Maven is currently using apache commons configuration2 v2.8.0 while it is stated that apache commons v2.9.0 is the latest update to this dependency.
May I know if Refinitiv would be upgrading apache commons configuration2 dependency to v2.9.0 in the next ema release 3.7.3.0? Also roughly when is ema 3.7.3.0 due to be released?
Thanks.
Best Regards,
Vikneshh
0 -
Thank you for the update.
If you are a RDC (Refinitiv Developer Connect) contact, you can submit this request to the API support team via Contact Premium Support.
Otherwise, you can post this issue on GitHub.
0
Categories
- All Categories
- 3 Polls
- 6 AHS
- 36 Alpha
- 166 App Studio
- 6 Block Chain
- 4 Bot Platform
- 18 Connected Risk APIs
- 47 Data Fusion
- 34 Data Model Discovery
- 689 Datastream
- 1.4K DSS
- 627 Eikon COM
- 5.2K Eikon Data APIs
- 11 Electronic Trading
- 1 Generic FIX
- 7 Local Bank Node API
- 3 Trading API
- 2.9K Elektron
- 1.4K EMA
- 255 ETA
- 559 WebSocket API
- 39 FX Venues
- 15 FX Market Data
- 1 FX Post Trade
- 1 FX Trading - Matching
- 12 FX Trading – RFQ Maker
- 5 Intelligent Tagging
- 2 Legal One
- 24 Messenger Bot
- 3 Messenger Side by Side
- 9 ONESOURCE
- 7 Indirect Tax
- 60 Open Calais
- 279 Open PermID
- 45 Entity Search
- 2 Org ID
- 1 PAM
- PAM - Logging
- 6 Product Insight
- Project Tracking
- ProView
- ProView Internal
- 23 RDMS
- 2K Refinitiv Data Platform
- 708 Refinitiv Data Platform Libraries
- 4 LSEG Due Diligence
- LSEG Due Diligence Portal API
- 4 Refinitiv Due Dilligence Centre
- Rose's Space
- 1.2K Screening
- 18 Qual-ID API
- 13 Screening Deployed
- 23 Screening Online
- 12 World-Check Customer Risk Screener
- 1K World-Check One
- 46 World-Check One Zero Footprint
- 45 Side by Side Integration API
- 2 Test Space
- 3 Thomson One Smart
- 10 TR Knowledge Graph
- 151 Transactions
- 143 REDI API
- 1.8K TREP APIs
- 4 CAT
- 27 DACS Station
- 121 Open DACS
- 1.1K RFA
- 106 UPA
- 194 TREP Infrastructure
- 229 TRKD
- 918 TRTH
- 5 Velocity Analytics
- 9 Wealth Management Web Services
- 96 Workspace SDK
- 11 Element Framework
- 5 Grid
- 19 World-Check Data File
- 1 Yield Book Analytics
- 48 中文论坛
