gocd-plugins icon indicating copy to clipboard operation
gocd-plugins copied to clipboard

Published 20 hours ago verified publisher icon Haufe-Lexware

Update guava to 30.1

Open Breee opened this issue 4 years ago • 2 comments

There is a security alert for guava, everything below 24.1.1 contains a vulnerability i.e. https://github.com/advisories/GHSA-mvr2-9pj6-7w5j

I propose to update the version directly to the latest release or at least 24.1.1.

This affects the fortify plugin. Can someone make sure, that this update does not break it?

Breee avatar Jan 25 '21 11:01 Breee

CLA assistant check
Thank you for your submission! We really appreciate it. Like many open source projects, we ask that you sign our Contributor License Agreement before we can accept your contribution.
You have signed the CLA already but the status is still pending? Let us recheck it.

CLAassistant avatar Jan 25 '21 11:01 CLAassistant

The dependency version update looks fine by me, but I'm not the right person to approve this merge request because there's no way I can test the fortify plugin. @Dutzu can you reach out to the guys who are still maintaining this ? Also mentioning @markus2810

bradeac avatar Jan 26 '21 10:01 bradeac