Comments (3)
atomashpolskiy
commented on June 3, 2024
Sorry, no ideas from my side. Are you sure that you need UPnP at all?
…On Wed, 12 Oct 2022 at 17:04, aqua-pro ***@***.***> wrote:
Greetings
I have setup Gradle to create a Kotlin project for Torrents
repositories {
mavenCentral()
}
dependencies {
implementation("com.github.atomashpolskiy:bt-core:1.10")
implementation("com.github.atomashpolskiy:bt-dht:1.10")
implementation("com.github.atomashpolskiy:bt-http-tracker-client:1.10")
implementation("com.github.atomashpolskiy:bt-upnp:1.10")
testImplementation(kotlin("test"))
}
I'm getting an error with bt-upnp library, it can't find the cling
library. I can however see it available at mvnrepository here
https://mvnrepository.com/artifact/org.fourthline.cling/cling-core/2.1.1
KotlinUpdater5:test: Could not find org.fourthline.cling:cling-core:2.1.1.
Required by:
project : > com.github.atomashpolskiy:bt-upnp:1.10
Possible solution:
- Declare repository providing the artifact, see the documentation at
https://docs.gradle.org/current/userguide/declaring_repositories.html
Does anyone have the same issue? Any idea how to fix this?
Thank you
Best regards
—
Reply to this email directly, view it on GitHub
<#210>, or unsubscribe
<https://github.com/notifications/unsubscribe-auth/AA4TJBWPFLT4V4S5J2UYLLDWC3HP3ANCNFSM6AAAAAARDMH2WI>
.
You are receiving this because you are subscribed to this thread.Message
ID: ***@***.***>
from bt.
pyckle
commented on June 3, 2024
Most likely this is due to the gradle equivalent of CVE-2021-26291 - https://maven.apache.org/docs/3.8.1/release-notes.html
As the 4thline.org repo lacks https, there's no easy fix. A release of cling probably should be uploaded to maven central, but as there's no maintainer and it hasn't been updated in years, I doubt this will be done any time soon.
from bt.
aqua-pro
commented on June 3, 2024
Greetings, dear friends
I've "fixed" it this way. I know it's insecure, but I really don't know any other way
repositories {
mavenCentral()
maven {
url = uri("http://4thline.org/m2")
isAllowInsecureProtocol = true
}
}
I believe the real fix is making a Cling fork and releasing the artifacts on maven central, and changing the dependencies in the BT project to the new fork. I also see many different CVE on the libraries, it might be interesting maintaining them
Thank you for your support!
from bt.
Related Issues (20)
- [BUG] Deadlock HOT 1
- [QUESTION] Why do process handles keep increasing. HOT 19
- [BUG] Something dCan the project run directly? What I need is to get the metadata according to infohashoes not work as it should HOT 5
- [BUG] Many Incoming Encryption fail with InvalidMessage HOT 1
- [BUG] Weird metainfo validation error in CLI HOT 3
- [BUG] springboot use HOT 1
- Webtorrent support? HOT 5
- how to download the file range pieces? HOT 2
- [BUG] Something does not work as it should
- Running CliClient.java Locally Reports an Error HOT 1
- java.lang.NoSuchMethodError: No virtual method getAnnotatedSuperclass()Ljava/lang/reflect/AnnotatedType; in class Ljava/lang/Class; or its super classes (declaration of 'java.lang.Class' appears in /apex/com.android.art/javalib/core-oj.jar) HOT 2
- Vulnerable dependencies
- [BUG] Cling 2.2.1 not found in Maven Central HOT 3
- How to access DHT Database at runtime? HOT 1
- Stopping client and stopWhenDownloaded() throws java.lang.RuntimeException HOT 1
- How can I get the info.files[0].filehash info
- [BUG] Something does not work as it should
- Dependency org.yaml:snakeyaml, leading to CVE problem
- Does it support Android?
Recommend Projects
-
React
A declarative, efficient, and flexible JavaScript library for building user interfaces.
-
Vue.js
🖖 Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.
-
Typescript
TypeScript is a superset of JavaScript that compiles to clean JavaScript output.
-
TensorFlow
An Open Source Machine Learning Framework for Everyone
-
Django
The Web framework for perfectionists with deadlines.
-
Laravel
A PHP framework for web artisans
-
D3
Bring data to life with SVG, Canvas and HTML. 📊📈🎉
-
Recommend Topics
-
javascript
JavaScript (JS) is a lightweight interpreted programming language with first-class functions.
-
web
Some thing interesting about web. New door for the world.
-
server
A server is a program made to process requests and deliver data to clients.
-
Machine learning
Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.
-
Visualization
Some thing interesting about visualization, use data art
-
Game
Some thing interesting about game, make everyone happy.
Recommend Org
-
Facebook
We are working to build community through open source technology. NB: members must have two-factor auth.
-
Microsoft
Open source projects and samples from Microsoft.
-
Google
Google ❤️ Open Source for everyone.
-
Alibaba
Alibaba Open Source for everyone
-
D3
Data-Driven Documents codes.
-
Tencent
China tencent open source team.
from bt.