Alan Orth

DSpace's workflows revolve around CSVs. The only thing we should be worried about is whether our CSVs are compliant with RFC 4180 (or whatever), as well as various DSpace-isms like...

If Excel is evaluating the literal text value `=1+1` as `2` that's Excel's problem, not ours. > Unfortunately if a CVE is raised on the issue externally, there will be...

I disagree that the linked CVE is a vulnerability in Koha. Surprising that it got assigned a CVE in my opinion. Shame, because it creates a precedent for corporate ICT...

I have just created a CSV containing "injected" content from the user (myself) in LibreOffice Calc: [libreoffice-cve.csv](https://github.com/user-attachments/files/17438617/libreoffice-cve.csv). The file contains: ```csv "id","comment" 1,"DDE (""cmd"";""/C cmd"";""!A0"")A0" ``` So by this logic...

Thanks @jxfzzzt for the PR and @bkeese for the comments. I don't know enough about PDFBox to have an opinion on the implementation so I will let you two discuss.

Hi @jxfzzzt! This has conflicts with `main` now as that branch has moved a lot since you opened the PR. Would mind rebasing this on top of `main` again? Also,...

FYI I did a clean port of this on top of latest `main` to fix the merge conflicts and ignore all the unnecessary changes to whitespace and formatting introduced here....

Hi @jxfzzzt. This patch works well, thank you. I noticed there are a lot of unrelated formatting changes from your IDE, which make it difficult to see what changed and...

Thanks @jxfzzzt. Let's wait for @kshepherd or @nwoodward to review #11147 and we can merge that one since I can't approve my own pull request.

Thank you for the PR @jxfzzzt! Your code was merged in #11147, which I ported directly from here without the whitespace and other formatting changes.