refactor: Remove Xerces/xml-apis dependencies and modernize SAX readers

Removes the dependency on `xercesImpl` and `xml-apis` to resolve
classloader conflicts and reduce security risks in Java 17+
environments. Refactors custom Reader classes to use the standard JDK
`XMLReader` interface instead of extending the Apache Xerces
`SAXParser`.

Changes:
- **Dependency Removal:** Removed `xercesImpl` and `xml-apis` from the
  build configuration.
- **New Base Class:** Introduced `AbstractXMLReader` to centralize
  common `XMLReader` logic (handler management, feature/property
  compliance) and reduce code duplication across plugins.
- **Reader Refactoring:** Updated `DelimitedReader`, `EDIReader`,
  `ER7Reader`, and `NCPDPReader`:
  - Replaced inheritance (`extends SAXParser`) with `extends AbstractXMLReader`.
  - Added standard `parse(String)` overload via the base class.
  - Implemented strict SAX2 compliance for `getFeature`/`setFeature`
    to correctly report namespace support to downstream transformers.
- **Code Cleanup:** Removed unused imports of
  `org.apache.xerces.parsers.SAXParser`.
- **Documentation Cleanup:** Removed references to removed libraries in
  `THIRD-PARTY-README.txt`

This change ensures the application uses the built-in JDK XML parser,
reducing the artifact size and aligning with modern Java best practices.

Signed-off-by: Tony Germano <tony@germano.name>

Author: tonygermano

client/.classpath

@@ -122,7 +122,6 @@
 	<classpathentry kind="lib" path="lib/xpp3-1.1.4c.jar"/>
 	<classpathentry kind="lib" path="lib/commons-logging-1.2.jar"/>
 	<classpathentry kind="lib" path="lib/looks-2.3.1.jar"/>
-	<classpathentry kind="lib" path="lib/xercesImpl-2.12.2.jar"/>
 	<classpathentry kind="lib" path="lib/commons-io-2.13.0.jar"/>
 	<classpathentry kind="lib" path="lib/commons-lang3-3.13.0.jar">
 		<attributes>
@@ -213,7 +212,6 @@
 	<classpathentry kind="lib" path="lib/xstream-1.4.20.jar"/>
 	<classpathentry kind="lib" path="lib/libphonenumber-8.12.50.jar"/>
 	<classpathentry kind="lib" path="lib/commons-pool2-2.3.jar"/>
-	<classpathentry kind="lib" path="lib/xml-apis-1.4.01.jar"/>
 	<classpathentry kind="lib" path="lib/java-semver-0.10.2.jar"/>
 	<classpathentry kind="output" path="bin"/>
 </classpath>

client/lib/xercesImpl-2.12.2.jar

@@ -269,7 +269,5 @@
 	<classpathentry kind="lib" path="lib/rhino-1.7.13.jar"/>
 	<classpathentry kind="lib" path="lib/commons/commons-fileupload-1.5.jar"/>
 	<classpathentry kind="lib" path="lib/xstream-1.4.20.jar"/>
-	<classpathentry kind="lib" path="lib/xercesImpl-2.12.2.jar"/>
-	<classpathentry kind="lib" path="lib/xml-apis-1.4.01.jar"/>
 	<classpathentry kind="output" path="bin"/>
 </classpath>

client/lib/xml-apis-1.4.01.jar

@@ -521,16 +521,6 @@ License: LGPL (dual-license with SPL)
 Use version 2.x as Xilize has a dependency on it; used only to produce 
 documentation.
 
-XML-APIs (extracted from Apache Xerces-2)
-http://xerces.apache.org/xerces2-j/
-License: Apache v2
-We include the xml-apis.jar from the Xerces binary distribution in order to allow
-our code to compile on JDK 1.4, which does not include newer XML APIs, even though
-these API implementations will run on version 1.4 of the JRE. The JAR is unmodified
-from the Xerces release, but is renamed as xml-apis-xerces-2.9.1.jar to
-make the version clear.
-Included as lib/xml-apis-xerces-2.9.1.jar
-
 =================== End of License Information ===================
 
 
@@ -883,74 +873,6 @@ WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE SOFTWARE.
 --------------------------------------------------------------------------------
 
 
-The license below pertains to Apache Xerces2 Java (Build Tools) version 2.9.1,
-which is included with Mirth Connect.
-
-=================== Beginning of License ===================
-
-/*
- * The Apache Software License, Version 1.1
- *
- *
- * Copyright (c) 1999-2002 The Apache Software Foundation.  All rights 
- * reserved.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- *
- * 1. Redistributions of source code must retain the above copyright
- *    notice, this list of conditions and the following disclaimer. 
- *
- * 2. Redistributions in binary form must reproduce the above copyright
- *    notice, this list of conditions and the following disclaimer in
- *    the documentation and/or other materials provided with the
- *    distribution.
- *
- * 3. The end-user documentation included with the redistribution,
- *    if any, must include the following acknowledgment:  
- *       "This product includes software developed by the
- *        Apache Software Foundation (http://www.apache.org/)."
- *    Alternately, this acknowledgment may appear in the software itself,
- *    if and wherever such third-party acknowledgments normally appear.
- *
- * 4. The names "Xerces" and "Apache Software Foundation" must
- *    not be used to endorse or promote products derived from this
- *    software without prior written permission. For written 
- *    permission, please contact apache@apache.org.
- *
- * 5. Products derived from this software may not be called "Apache",
- *    nor may "Apache" appear in their name, without prior written
- *    permission of the Apache Software Foundation.
- *
- * THIS SOFTWARE IS PROVIDED ``AS IS'' AND ANY EXPRESSED OR IMPLIED
- * WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES
- * OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE
- * DISCLAIMED.  IN NO EVENT SHALL THE APACHE SOFTWARE FOUNDATION OR
- * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
- * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT
- * LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF
- * USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND
- * ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY,
- * OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT
- * OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
- * SUCH DAMAGE.
- * ====================================================================
- *
- * This software consists of voluntary contributions made by many
- * individuals on behalf of the Apache Software Foundation and was
- * originally based on software copyright (c) 1999, International
- * Business Machines, Inc., http://www.ibm.com.  For more
- * information on the Apache Software Foundation, please see
- * <http://www.apache.org/>.
- */
-
-=================== End of License =========================
-
-
---------------------------------------------------------------------------------
-
-
 The license below pertains to Jsch version 0.2.13, which is included with Mirth
 Connect.
 

server/.classpath

@@ -1,11 +1,6 @@
-/*
- * Copyright (c) Mirth Corporation. All rights reserved.
- * 
- * http://www.mirthcorp.com
- * 
- * The software in this package is published under the terms of the MPL license a copy of which has
- * been included with this distribution in the LICENSE.txt file.
- */
+// SPDX-License-Identifier: MPL-2.0
+// SPDX-FileCopyrightText: Mirth Corporation
+// SPDX-FileCopyrightText: 2025 Tony Germano
 
 package com.mirth.connect.plugins.datatypes.delimited;
 
@@ -16,14 +11,13 @@
 import org.apache.commons.lang3.StringUtils;
 import org.apache.logging.log4j.LogManager;
 import org.apache.logging.log4j.Logger;
-import org.apache.xerces.parsers.SAXParser;
-import org.xml.sax.ContentHandler;
+import org.openintegrationengine.engine.plugins.datatypes.AbstractXMLReader;
 import org.xml.sax.InputSource;
 import org.xml.sax.SAXException;
 
 import com.mirth.connect.util.StringUtil;
 
-public class DelimitedReader extends SAXParser {
+public class DelimitedReader extends AbstractXMLReader {
     private Logger logger = LogManager.getLogger(this.getClass());
 
     private DelimitedSerializationProperties serializationProperties;
@@ -49,8 +43,10 @@ public DelimitedReader(DelimitedSerializationProperties serializationProperties)
         ungottenRawText = null;
     }
 
+    @Override
     public void parse(InputSource input) throws SAXException, IOException {
-
+        ensureHandlerSet();
+        
         // Parsing overview
         //
         // The incoming stream is a single message which is a collection of one
@@ -85,7 +81,6 @@ public void parse(InputSource input) throws SAXException, IOException {
 
         // Start the document
         String documentHead = "delimited";
-        ContentHandler contentHandler = getContentHandler();
         contentHandler.startDocument();
 
         // Output <delimited>
@@ -118,7 +113,8 @@ public void parse(InputSource input) throws SAXException, IOException {
                 contentHandler.startElement("", columnName, "", null);
 
                 // Output column value
-                contentHandler.characters(record.get(i).toCharArray(), 0, record.get(i).length());
+                String val = record.get(i);
+                contentHandler.characters(val.toCharArray(), 0, val.length());
 
                 // Output </columnN>
                 contentHandler.endElement("", columnName, "");

server/docs/thirdparty/THIRD-PARTY-README.txt

@@ -1,11 +1,6 @@
-/*
- * Copyright (c) Mirth Corporation. All rights reserved.
- * 
- * http://www.mirthcorp.com
- * 
- * The software in this package is published under the terms of the MPL license a copy of which has
- * been included with this distribution in the LICENSE.txt file.
- */
+// SPDX-License-Identifier: MPL-2.0
+// SPDX-FileCopyrightText: Mirth Corporation
+// SPDX-FileCopyrightText: 2025 Tony Germano
 
 package com.mirth.connect.plugins.datatypes.edi;
 
@@ -15,19 +10,17 @@
 
 import org.apache.logging.log4j.LogManager;
 import org.apache.logging.log4j.Logger;
-import org.apache.xerces.parsers.SAXParser;
+import org.openintegrationengine.engine.plugins.datatypes.AbstractXMLReader;
 import org.xml.sax.ContentHandler;
 import org.xml.sax.InputSource;
 import org.xml.sax.SAXException;
 import org.xml.sax.helpers.AttributesImpl;
 
-public class EDIReader extends SAXParser {
+public class EDIReader extends AbstractXMLReader {
     private Logger logger = LogManager.getLogger(this.getClass());
 
     private String segmentDelimiter;
-
     private String elementDelimiter;
-
     private String subelementDelimiter;
 
     public EDIReader(String segmentDelimiter, String elementDelimiter, String subelementDelimiter) {
@@ -37,7 +30,10 @@ public EDIReader(String segmentDelimiter, String elementDelimiter, String subele
         return;
     }
 
+    @Override
     public void parse(InputSource input) throws SAXException, IOException {
+        ensureHandlerSet();
+
         // Read the data from the InputSource
         BufferedReader in = new BufferedReader(input.getCharacterStream());
         String nextLine = "";
@@ -175,5 +171,4 @@ public void parse(InputSource input) throws SAXException, IOException {
         contentHandler.endElement("", documentHead, "");
         contentHandler.endDocument();
     }
-
 }

server/lib/xercesImpl-2.12.2.jar

@@ -1,11 +1,6 @@
-/*
- * Copyright (c) Mirth Corporation. All rights reserved.
- * 
- * http://www.mirthcorp.com
- * 
- * The software in this package is published under the terms of the MPL license a copy of which has
- * been included with this distribution in the LICENSE.txt file.
- */
+// SPDX-License-Identifier: MPL-2.0
+// SPDX-FileCopyrightText: Mirth Corporation
+// SPDX-FileCopyrightText: 2025 Tony Germano
 
 package com.mirth.connect.plugins.datatypes.hl7v2;
 
@@ -16,13 +11,14 @@
 import org.apache.commons.lang3.StringUtils;
 import org.apache.logging.log4j.LogManager;
 import org.apache.logging.log4j.Logger;
-import org.apache.xerces.parsers.SAXParser;
+import org.openintegrationengine.engine.plugins.datatypes.AbstractXMLReader;
 import org.xml.sax.ContentHandler;
 import org.xml.sax.InputSource;
 import org.xml.sax.SAXException;
 
-public class ER7Reader extends SAXParser {
+public class ER7Reader extends AbstractXMLReader {
     private Logger logger = LogManager.getLogger(this.getClass());
+
     private boolean handleRepetitions = false;
     private boolean handleSubcomponents = false;
     private String segmentDelimiter;
@@ -54,7 +50,10 @@ private String getMessageFromSource(InputSource source) throws IOException {
         return builder.toString().trim();
     }
 
+    @Override
     public void parse(InputSource source) throws SAXException, IOException {
+        ensureHandlerSet();
+
         String message = getMessageFromSource(source);
         ContentHandler contentHandler = getContentHandler();
         contentHandler.startDocument();