Replace openCSV dependency by FastCSV #187

depryf · 2024-04-09T12:44:25Z

openCSV has been flagged with a vulnerability for years. It doesn't look like they can fix it themselves, and at this point, it doesn't look it will ever going to be fixed. This creates small issues now that we used so much automation to check for vulnerabilities.

Need to look into this one:

https://github.com/osiegmar/FastCSV

No dependencies at all.

At the end, parsing CSV is not rocket science and I don' think it really matters which library is used.

For this Algorithms library, it's only used to load internal data, so it should be a very simple and safe switch.

depryf assigned CookiIMS Nov 13, 2024

CookiIMS added a commit that referenced this issue Nov 21, 2024

Switched most classes to new reader (#187)

ea93502

CookiIMS added a commit that referenced this issue Nov 22, 2024

All readers switched (#187)

34483e6

CookiIMS added a commit that referenced this issue Nov 22, 2024

All writers switched + gradle implementation removed (#187)

b832c78

CookiIMS added a commit that referenced this issue Nov 25, 2024

Source files fixed (#187)

6161c4e

CookiIMS added a commit that referenced this issue Nov 25, 2024

Test files fixed (#187)

d338a9a

CookiIMS added a commit that referenced this issue Nov 25, 2024

Lab file fixed (#187)

4e8fbdb

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

Replace openCSV dependency by FastCSV #187

Replace openCSV dependency by FastCSV #187

depryf commented Apr 9, 2024

Replace openCSV dependency by FastCSV #187

Replace openCSV dependency by FastCSV #187

Comments

depryf commented Apr 9, 2024