Removes commons-lang:2.6 from core

bom/pom.xml

@@ -121,11 +121,6 @@ THE SOFTWARE.
         <artifactId>commons-io</artifactId>
         <version>2.21.0</version>
       </dependency>
-      <dependency>
-        <groupId>commons-lang</groupId>
-        <artifactId>commons-lang</artifactId>
-        <version>2.6</version>
-      </dependency>
       <dependency>
         <groupId>jakarta.servlet</groupId>
         <artifactId>jakarta.servlet-api</artifactId>

core/pom.xml

@@ -158,11 +158,6 @@ THE SOFTWARE.
       <groupId>commons-io</groupId>
       <artifactId>commons-io</artifactId>
     </dependency>
-    <dependency>
-      <!-- Jenkins doesn't use this directly, but some plugins wanted to use the latest -->
-      <groupId>commons-lang</groupId>
-      <artifactId>commons-lang</artifactId>
-    </dependency>
     <dependency>
       <groupId>io.jenkins.tools</groupId>
       <artifactId>bridge-method-annotation</artifactId>

core/src/main/java/hudson/Util.java

@@ -94,13 +94,11 @@
 import java.util.EnumSet;
 import java.util.HexFormat;
 import java.util.List;
-import java.util.Locale;
 import java.util.Map;
 import java.util.MissingResourceException;
 import java.util.Properties;
 import java.util.ResourceBundle;
 import java.util.Set;
-import java.util.SimpleTimeZone;
 import java.util.StringTokenizer;
 import java.util.concurrent.TimeUnit;
 import java.util.concurrent.atomic.AtomicBoolean;
@@ -117,7 +115,6 @@
 import jenkins.util.SystemProperties;
 import jenkins.util.io.PathRemover;
 import org.apache.commons.io.IOUtils;
-import org.apache.commons.lang.time.FastDateFormat;
 import org.apache.tools.ant.BuildException;
 import org.apache.tools.ant.Project;
 import org.apache.tools.ant.taskdefs.Copy;
@@ -1878,23 +1875,9 @@ public static void printRedirect(String contextPath, String redirectUrl, String
                 "<!--%n", Functions.htmlAttributeEscape(redirectUrl), message);
     }
 
-    /**
-     * @deprecated use {@link #XS_DATETIME_FORMATTER2}
-     */
-    @Deprecated
-    public static final FastDateFormat XS_DATETIME_FORMATTER = FastDateFormat.getInstance("yyyy-MM-dd'T'HH:mm:ss'Z'", new SimpleTimeZone(0, "GMT"));
-
     public static final DateTimeFormatter XS_DATETIME_FORMATTER2 =
             DateTimeFormatter.ofPattern("yyyy-MM-dd'T'HH:mm:ss'Z'").withZone(ZoneOffset.UTC);
 
-    // Note: RFC822 dates must not be localized!
-    /**
-     * @deprecated use {@link DateTimeFormatter#RFC_1123_DATE_TIME}
-     */
-    @Deprecated
-    public static final FastDateFormat RFC822_DATETIME_FORMATTER
-            = FastDateFormat.getInstance("EEE, dd MMM yyyy HH:mm:ss Z", Locale.US);
-
     private static final Logger LOGGER = Logger.getLogger(Util.class.getName());
 
     /**

core/src/main/java/jenkins/security/csp/impl/CspDecorator.java

@@ -37,7 +37,6 @@
 import jenkins.security.csp.CspHeader;
 import jenkins.security.csp.CspHeaderDecider;
 import jenkins.security.csp.ReportingContext;
-import org.apache.commons.lang.StringUtils;
 import org.kohsuke.accmod.Restricted;
 import org.kohsuke.accmod.restrictions.NoExternalUse;
 import org.kohsuke.stapler.Ancestor;
@@ -74,7 +73,7 @@ public String getReportingEndpointsHeaderValue(HttpServletRequest req) {
     @CheckForNull
     /* package */ static String getReportingEndpoint(HttpServletRequest req) {
         Class<?> modelObjectClass = null;
-        String restOfPath = StringUtils.removeStart(req.getRequestURI(), req.getContextPath());
+        String restOfPath = req.getRequestURI().replaceFirst("^" + req.getContextPath(), "");
         final StaplerRequest2 staplerRequest2 = Stapler.getCurrentRequest2();
         if (staplerRequest2 != null) {
             final List<Ancestor> ancestors = staplerRequest2.getAncestors();