diff --git a/.gitignore b/.gitignore
new file mode 100644
index 0000000..43119d2
--- /dev/null
+++ b/.gitignore
@@ -0,0 +1 @@
+SOURCES/v1.2.2.tar.gz
diff --git a/.owasp-java-encoder.metadata b/.owasp-java-encoder.metadata
new file mode 100644
index 0000000..f3a754a
--- /dev/null
+++ b/.owasp-java-encoder.metadata
@@ -0,0 +1 @@
+73bd33ad45dac8f353ab3ab30093bc4a60e9c2c4 SOURCES/v1.2.2.tar.gz
diff --git a/SOURCES/0_manifest.patch b/SOURCES/0_manifest.patch
new file mode 100644
index 0000000..51e7b76
--- /dev/null
+++ b/SOURCES/0_manifest.patch
@@ -0,0 +1,12 @@
+diff -Nur owasp-java-encoder-1.2.1-orig/META-INF/MANIFEST.MF owasp-java-encoder-1.2.1/META-INF/MANIFEST.MF
+--- owasp-java-encoder-1.2.1-orig/META-INF/MANIFEST.MF	1969-12-31 19:00:00.000000000 -0500
++++ owasp-java-encoder-1.2.1/META-INF/MANIFEST.MF	2018-08-07 11:59:15.923471361 -0400
+@@ -0,0 +1,8 @@
++Manifest-Version: 1.0
++Bnd-LastModified: 1533328833261
++Bundle-ManifestVersion: 2
++Bundle-Name: org.owasp.encoder
++Bundle-SymbolicName: org.owasp.encoder
++Created-By: 1.8.0_181 (Oracle Corporation)
++Export-Package: org.owasp.encoder
++Tool: Bnd-1.50.0
diff --git a/SPECS/owasp-java-encoder.spec b/SPECS/owasp-java-encoder.spec
new file mode 100644
index 0000000..1d76a1d
--- /dev/null
+++ b/SPECS/owasp-java-encoder.spec
@@ -0,0 +1,73 @@
+Name:		owasp-java-encoder
+Version:	1.2.2
+Release:	2%{?dist}
+Summary:	Collection of high-performance low-overhead contextual encoders
+
+License:	BSD
+URL:		https://github.com/OWASP/owasp-java-encoder/
+
+Source0:	https://github.com/OWASP/owasp-java-encoder/archive/v%{version}.tar.gz
+
+# add OSGi metadata
+Patch0:		0_manifest.patch
+
+BuildArch:	noarch
+
+BuildRequires:	maven-local
+BuildRequires:	mvn(org.apache.maven.plugins:maven-source-plugin)
+BuildRequires:	mvn(org.sonatype.oss:oss-parent:pom:)
+
+%description
+The OWASP Encoders package is a collection of high-performance low-overhead
+contextual encoders, that when utilized correctly, is an effective tool in
+preventing Web Application security vulnerabilities such as
+Cross-Site Scripting.
+
+%package javadoc
+Summary:  Javadoc for %{name}
+
+%description javadoc
+%{summary}.
+
+%prep
+%setup -q
+
+%patch0 -p1
+
+# add version number in OSGi metadata
+sed -i '/^Bundle-SymbolicName: org.owasp.encoder$/a Bundle-Version: %{version}' %{_builddir}/%{name}-%{version}/META-INF/MANIFEST.MF
+
+%pom_disable_module jsp
+%pom_disable_module esapi
+
+%pom_remove_plugin org.apache.maven.plugins:maven-javadoc-plugin
+
+# analysis tool for testing coverage is not required
+%pom_remove_plugin :cobertura-maven-plugin
+
+%build
+%mvn_build
+
+# inject OSGi manifest
+jar ufm %{_builddir}/%{name}-%{version}/core/target/encoder-%{version}.jar %{_builddir}/%{name}-%{version}/META-INF/MANIFEST.MF
+
+%install
+%mvn_install
+
+%files -f .mfiles
+%doc README.md
+%license LICENSE
+
+%files javadoc -f .mfiles-javadoc
+%doc README.md
+%license LICENSE
+
+%changelog
+* Tue May 28 2019 Jie Kang <jkang@redhat.com> -1.2.2-2
+- Remove unnecessary javadoc plugin for Fedora builds
+
+* Fri Nov 16 2018 Salman Siddiqui <sasiddiq@redhat.com> - 1.2.2-1
+- Version update
+
+* Wed Aug 08 2018 Salman Siddiqui <sasiddiq@redhat.com> - 1.2.1-1
+- Initial packaging