Bump org.xmlresolver:xmlresolver from 5.2.3 to 6.0.9 #5419
Conversation
![dependabot[bot]](https://avatars.githubusercontent.com/in/29110?s=60&v=4){kind=small}
Bumps [org.xmlresolver:xmlresolver](https://github.com/xmlresolver/xmlresolver) from 5.2.3 to 6.0.9. - [Release notes](https://github.com/xmlresolver/xmlresolver/releases) - [Commits](xmlresolver/xmlresolver@5.2.3...6.0.9) --- updated-dependencies: - dependency-name: org.xmlresolver:xmlresolver dependency-type: direct:production update-type: version-update:semver-major ... Signed-off-by: dependabot[bot] <[email protected]>
dependabot
bot
added
dependencies
|
still not a drop-in replacement @ndw |
|
There's a lot of output there. Any chance this can be narrowed down a little bit? I see what appear to be a bunch of attempts to pull in A possibly relevant failing test appears to be |
|
@ndw yes sorry I have been isolating the situation already. I will provide the relevant details |
|
Interestingly, version 6.0.9 did actually fix an issue where the xmlresolver did throw an NPE in "ResourceAccess.java", line 42 and/or 82 ; these test now pass, that is good :-) 
In the current issues, the resolver can't find the a DTD, which is stored in the database: <message level="Warning" line="25" column="4">schema_reference.4:
Failed to read schema document 'xmldb:/db/parse/instance/valid-dtd.xml', because
1) could not find the document;
2) the document could not be read;
3) the root element of the document is not <xsd:schema>.</message>I got this visible by adding a system.println to https://github.com/dizzzz/exist/blob/4cd81b6d44218879e27f549e51b54a2bb4c9cca0/exist-core/src/test/java/org/exist/xquery/functions/validate/JaxpDtdCatalogTest.java#L163 The interesting thing here -for now- is that '/db/parse/instance/valid-dtd.xml' is identified as a schema document whilst it is a XML document that should be validated with a dtd... Data is found on https://github.com/eXist-db/exist/blob/b1fc56ef202d186d1ad15040c22a6b5c84b7e9a8/exist-samples/src/main/resources/org/exist/samples/validation/parse queries: validation:jaxp-report( xs:anyURI('/db/parse/instance/valid-dtd.xml'),
false(),
doc('/db/parse/catalog.xml') )validation:jaxp-report( xs:anyURI('/db/parse/instance/valid-dtd.xml'),
false(),
xs:anyURI('/db/parse/catalog.xml') )The data can be easily uploaded using the java client `bin/client.sh -l' (embedded mode) 
query can be run via the 'binoculars' 
catalog in /db/parse/... <catalog xmlns="urn:oasis:names:tc:entity:xmlns:xml:catalog">
<uri name="MyNameSpace" uri="schemas/MyNameSpace.xsd" />
<uri name="AnotherNamespace" uri="schemas/AnotherNamespace.xsd" />
<public publicId="MNS" uri="dtds/MyNameSpace.dtd"/>
</catalog>valid-dtd.xml <!DOCTYPE A PUBLIC "MNS" "MyNameSpace.dtd">
<A>
<b>b0</b>
<c>0</c>
<Z>
<X>50</X>
<Y>2006-05-04T18:13:51.0Z</Y>
</Z>
</A> |
|
Can you make sure you've turned off That feature is enabled by default because otherwise HTTP redirects cause the parser to choke. |
|
We did integrate resolving that url with a custom url resolver indeed. That works for 15+ years or so.. |
|
What if... we could inject a custom protocol resolver into the xmlresolver ? |
|
If I'm not opposed to supporting custom URI resolvers. How does that work? I quick web search didn't turn up any obvious answers. |
|
Some explanation to be found here, our implementation here. I will check if I can intercept here , but for XML/xsds the mechanism/resolving seems to work..... I will try ResolverFeature.ALWAYS_RESOLVE ... |
|
The tests indeed pass if I set |
|
The other issues are now visible (again): Code test location here. This boils down to the |
|
What we need to figure out here is how we arrive at I cloned |
@ndw I usually run: |
|
Thanks, Adam. That seemed to configure things so that I could build it. (I'm not sure why it builds given that I can't see where FWIW, If you can reproduce the problem, but I can't, then I guess a stack trace would be the next most useful thing. |
@ndw This is Java code that is generated from Antlr v2 code during the build. The Antlr v2 source code is in
I think @dizzzz was looking into this... but I think he is on holiday for a couple of weeks right now. |
|
(re: Okay. Holidays are a good thing. But I don't think I can do much more here until I can reproduce the problem or there's some way to get more detail. It's tempting to just return |
|
Rookie error. I was running it on the wrong branch,. I can now reproduce the problem, but only if the ALWAYS_RESOLVE feature is set to true. And now that I look back at the comments, I'm confused. First @dizzzz says that the tests pass if that feature is set to false. Then in the next comment, he says other issues are visible again and points to this test. Because you have custom URI schemes in the mix, I don't think the XML Resolver will succeed unless you set the ALWAYS_RESOLVE feature to false. If it works when that feature is false, I think you're good to go. If it fails when that feature is set to true, then set it to false :-) If you need it to be true for some reason, or if you can't control how it's set, then we'll need to work out some API where you can tell the resolver how to find resources with your custom URI scheme. |
|
Thank you Norm, for looking into it so far. Unfortunately I don't have access to a laptop for the coming 2 weeks, so I can't experiment myself. That said... I have never been a fan of the Custom URL Resolver (which I introduced a long long time ago). In the past it gave issues for exist running in tomcat, as tomcat did already the same thing, and it is only possible to register one, once, to a JVM. We need to have this URL resolver as there is no other way to have 3rd party libs (Saxon, Xalan, XProc, XMLresolver,... ) working with in eXist stored resources. Actually (a long time ago) I already have been thinking of extending the original resolver with a pluggable URL resolver, to solve things without registering this custom resolver. I would be in favor of having such an API as you suggested as it makes the resolver more versatile, e.g. it would be possible to introduce an extension for commons-vfs ... https://commons.apache.org/proper/commons-vfs/filesystems.html The xmldb:exist:/// one (maybe to be simplified as exist:// - another option, but with impact) would be then just another one.... |
|
I think there are two separate questions here. First, under what circumstances are you seeing the bug reported above about a null URI in Second, a mechanism for registering custom URI resolvers might be possible. I'll give that a think. (Enjoy your vacation! Talk to you in a couple of weeks!) |
|
Custom scheme resolvers turned out to be not too hard, xmlresolver/xmlresolver#210 (comment) |
|
Superseded by #5448. |
dependabot
bot
deleted the
dependabot/maven/org.xmlresolver-xmlresolver-6.0.9
branch
Bumps org.xmlresolver:xmlresolver from 5.2.3 to 6.0.9.
Release notes
Sourced from org.xmlresolver:xmlresolver's releases.
... (truncated)
Commits
f486fe9Merge pull request #209 from ndw/iss-208477d052Bump version to 6.0.9560c399Fix #208 by closing the properties stream8339d84Merge pull request #207 from ndw/fix-ver3a48f76Fix version number in overview.html3751f38Merge pull request #206 from ndw/resolve-ns53c0e05Restore the NamespaceResolver API (deprecated)2950fb6Merge pull request #205 from ndw/jd-slf4jb1d4f3fRemoved out-of-date API referencedaca09dMerge pull request #204 from ndw/v607You can trigger a rebase of this PR by commenting
@dependabot rebase.Dependabot commands and options
You can trigger Dependabot actions by commenting on this PR:
@dependabot rebasewill rebase this PR@dependabot recreatewill recreate this PR, overwriting any edits that have been made to it@dependabot mergewill merge this PR after your CI passes on it@dependabot squash and mergewill squash and merge this PR after your CI passes on it@dependabot cancel mergewill cancel a previously requested merge and block automerging@dependabot reopenwill reopen this PR if it is closed@dependabot closewill close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually@dependabot show <dependency name> ignore conditionswill show all of the ignore conditions of the specified dependency@dependabot ignore this major versionwill close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)@dependabot ignore this minor versionwill close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)@dependabot ignore this dependencywill close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)