Regression: Aspose HTML 23.10+ includes bouncycastle dependency bundled in the JAR

Hello,

I just wanted to clarify whether it was a mistake or deliberate action. Aspose HTML starting with version 23.10 includes the whole bouncycastle dependency directly in the aspose-html-23.10.jar.

Obviously that creates a problem with any Java app that is already using bouncycastle because now there are classes with duplicate names but potentially different versions.

It only started to happen since 23.10 version as far as I can see. 23.8 didn’t have this issue. I wanted to update to 23.12 but now I have to stay on 23.8 because of that. Or I would need to manually repack the JAR to remove the duplicates.

It would be much better if you declared a proper dependency on bouncycastle instead of bundling it directly into the JAR.

Another option could be shadowing the bouncycastly package (e.g. com.aspose.bouncycastle.*) so it doesn’t conflict with the normal JAR.

@igor.rogov

Please allow us to perform an early analysis. We will be logging a ticket then to address it and sharing the ID with you.

@igor.rogov

We have opened the following new ticket(s) in our internal issue tracking system and will deliver their fixes according to the terms mentioned in Free Support Policies.

Issue ID(s): HTMLJAVA-1660

You can obtain Paid Support Services if you need support on a priority basis, along with the direct access to our Paid Support management team.

The issues you have found earlier (filed as HTMLJAVA-1660) have been fixed in this update. This message was posted using Bugs notification tool by pavel.terechshenkov

Thanks a lot! I can confirm it’s fixed in 24.1.