We read every piece of feedback, and take your input very seriously.
To see all available qualifiers, see our documentation.
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Hi,
I upgraded some Jackson jars in your code:
compile "com.fasterxml.jackson.core:jackson-annotations:${jacksonVersion}" compile "com.fasterxml.jackson.core:jackson-core:${jacksonVersion}" compile "com.fasterxml.jackson.core:jackson-databind:${jacksonDatabindVersion}"
// Eureka client uses JSON encoding by default compileOnly "com.fasterxml.jackson.dataformat:jackson-dataformat-xml:${jacksonVersion}"`
In this PR we discussed and we agreed to not keep upgrade after 2.10 version.
I run whitesource scanning and I saw some vulnerabilities in this jar:
eureka\WEB-INF\lib\jackson-dataformat-cbor-2.6.7.jar
I searched in the source code and I didn't find this dependency in the gradle file.
Any suggestions?
Thank guys and have a nice day,
Amit.
The text was updated successfully, but these errors were encountered:
What does depedencyInsight tell you in Gradle?
depedencyInsight
Sorry, something went wrong.
Hi @troshko111 , the pull request is addressed to fix the issue with outdated Jackson CBOR library.
No branches or pull requests
Hi,
I upgraded some Jackson jars in your code:
compile "com.fasterxml.jackson.core:jackson-annotations:${jacksonVersion}" compile "com.fasterxml.jackson.core:jackson-core:${jacksonVersion}" compile "com.fasterxml.jackson.core:jackson-databind:${jacksonDatabindVersion}"
In this PR we discussed and we agreed to not keep upgrade after 2.10 version.
I run whitesource scanning and I saw some vulnerabilities in this jar:
eureka\WEB-INF\lib\jackson-dataformat-cbor-2.6.7.jar
I searched in the source code and I didn't find this dependency in the gradle file.
Any suggestions?
Thank guys and have a nice day,
Amit.
The text was updated successfully, but these errors were encountered: