Skip to content

Upgrade commons-compress dependency version to 1.14#227

Closed
iemejia wants to merge 1 commit intoapache:masterfrom
iemejia:avro
Closed

Upgrade commons-compress dependency version to 1.14#227
iemejia wants to merge 1 commit intoapache:masterfrom
iemejia:avro

Conversation

@iemejia
Copy link
Member

@iemejia iemejia commented May 27, 2017

The most recent of commons-compress was published recently and includes many interesting improvements for snappy and other compression algorithms.
https://commons.apache.org/proper/commons-compress/changes-report.html#a1.13

@Fokko
Copy link
Contributor

Fokko commented Nov 7, 2018

@iemejia Sorry for not responding to this. The version of commons-compress is already at 1.18. Closing this one.

@Fokko Fokko closed this Nov 7, 2018
@iemejia iemejia deleted the avro branch December 26, 2018 17:38
@barambani
Copy link

barambani commented Feb 4, 2019
edited
Loading

@Fokko are there any plans to release a version with commons-compress at 1.18 ? Veracode static analysis identifies v1.8.1 as affected by a medium severity vulnerability that's resolved in 1.18. Thanks for the help.
UPDATE: this is the issue

@iemejia
Copy link
Member Author

iemejia commented Feb 5, 2019

@barambani we are discussing the next release of Avro (version 1.9.0) which will include this and other dependency upgrades. Current version in master already includes the latest version of the library (1.18).

@barambani
Copy link

barambani commented Feb 6, 2019

Great news @iemejia . Thanks a lot

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

No reviews

Assignees

No one assigned

Labels

None yet

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

3 participants

@iemejia @Fokko @barambani