Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Update Jackson to 2.11.1 and ensure all dependencies are pinned #7519

Merged
merged 4 commits into from
Jul 13, 2020
Merged

Update Jackson to 2.11.1 and ensure all dependencies are pinned #7519

merged 4 commits into from
Jul 13, 2020

Conversation

merlimat
Copy link
Contributor

Motivation

There are several CVEs opened on earlier versions of Jackson, updating to latest stable.

Additionally, we are not pinning the version on all the transitive dependencies and thus picking older versions for them.

@merlimat merlimat added this to the 2.7.0 milestone Jul 12, 2020
@merlimat merlimat self-assigned this Jul 12, 2020
@merlimat merlimat merged commit 1de5d38 into apache:master Jul 13, 2020
@merlimat merlimat deleted the update-jackson branch July 13, 2020 23:45
merlimat added a commit to merlimat/pulsar that referenced this pull request Jul 21, 2020
@merlimat
Update Jackson to 2.11.1 and ensure all dependencies are pinned (apac…
de92f71 
…he#7519)

* Update Jackson to 2.11.1 and ensure all dependencies are pinned

* Fixed license file

* More license file fixes

* Fixed passing annotation introspector which is now required
@wolfstudy
Copy link
Member

I will cherry-pick the change to 2.6.1, because the version of jackson we used in the 2.6.1 code is 2.11.1

huangdx0726 pushed a commit to huangdx0726/pulsar that referenced this pull request Aug 24, 2020
@merlimat @huangdx0726
Update Jackson to 2.11.1 and ensure all dependencies are pinned (apac…
8c5f4b8 
…he#7519)

* Update Jackson to 2.11.1 and ensure all dependencies are pinned

* Fixed license file

* More license file fixes

* Fixed passing annotation introspector which is now required
@gaoran10 gaoran10 mentioned this pull request Aug 24, 2020
Closed
@sijie sijie mentioned this pull request Aug 24, 2020
Closed
@gaoran10 gaoran10 mentioned this pull request Oct 29, 2020
Closed
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@srkukarni srkukarni srkukarni approved these changes

@rdhabalia rdhabalia rdhabalia approved these changes

@sijie sijie Awaiting requested review from sijie

@jerrypeng jerrypeng Awaiting requested review from jerrypeng

@aahmed-se aahmed-se Awaiting requested review from aahmed-se

@codelipenghui codelipenghui Awaiting requested review from codelipenghui

@massakam massakam Awaiting requested review from massakam

Assignees

@merlimat merlimat

Labels
area/build area/security release/2.6.1
Projects
None yet
Milestone
2.7.0
Development

Successfully merging this pull request may close these issues.

None yet
4 participants
@merlimat @wolfstudy @srkukarni @rdhabalia