What is normal scenario
1 We found a critical bug in POI 3.10.1, posted it and made a patch
2 In 3.11 this bug is fixed (I hope) , so we could safely swith back to unpatched version
Here is another story - patched POI contains added functionality from Alfresco (AlfrescoPoiPatchUtils). It means we cant switch to the new version - we pinned to that exact patched jar. In several month, no one could remember what and why exactly was done, so it'll be left as is. acegi-security-0.8.2_patched.jar is a good example, it looks like a tombstone
…
In our projects we need to add dependencies to alfresco - java dependencies are always pain in the neck, but with patched jars it is even harder, tons of <exclusions> in POM's etc
I understand that it is hard to stop to add new features, but imho from time to time some cleanup is needed, or we will finish with yet another Documentum
1 We found a critical bug in POI 3.10.1, posted it and made a patch
2 In 3.11 this bug is fixed (I hope) , so we could safely swith back to unpatched version
Here is another story - patched POI contains added functionality from Alfresco (AlfrescoPoiPatchUtils). It means we cant switch to the new version - we pinned to that exact patched jar. In several month, no one could remember what and why exactly was done, so it'll be left as is. acegi-security-0.8.2_patched.jar is a good example, it looks like a tombstone
…In our projects we need to add dependencies to alfresco - java dependencies are always pain in the neck, but with patched jars it is even harder, tons of <exclusions> in POM's etc
I understand that it is hard to stop to add new features, but imho from time to time some cleanup is needed, or we will finish with yet another Documentum
