gestalt icon indicating copy to clipboard operation
gestalt copied to clipboard

Published 20 hours ago verified publisher icon MovingBlocks

build: Added configurations to apply constraints to dependencies `resolves` #134

Open Thedrogon opened this issue 10 months ago • 4 comments

Added configurations to apply constraints to the build.gradle dependencies to prevent gestalt pulling in dependencies with known CVEs, directly or transitively through things like Reflections. Added some suppressions in various files and as well removed some unnecessary imports

Thedrogon avatar Jan 26 '25 06:01 Thedrogon

@BenjaminAmos does this look good to you now? apart from commented stuff which imo should be better removed ...

soloturn avatar Feb 19 '25 16:02 soloturn

@BenjaminAmos what you think now of this?

soloturn avatar Mar 19 '25 21:03 soloturn

My comments from before are still valid, I think? The changes remove code needed for gestalt to work with SecurityManager, as well as other unrelated changes. I could probably accept removing unused code but the AccessController.doPrivileged blocks are still needed.

BenjaminAmos avatar Mar 19 '25 21:03 BenjaminAmos

This also has merge conflicts now, so it would have to be updated regardless.

BenjaminAmos avatar Mar 19 '25 21:03 BenjaminAmos