CCMSG-1688: CVE fix for Guava dependency (#522)

* CCMSG-1688: CVE fix for Guava dependency * Update pom.xml Co-authored-by: arihant-confluent <105902781+arihant-confluent@users.noreply.github.com>
confluentinc · Jul 24, 2022 · c0164c3 · c0164c3
1 parent 131ea37
commit c0164c3
Show file tree

Hide file tree

Showing 2 changed files with 11 additions and 1 deletion.
diff --git a/kafka-connect-s3/pom.xml b/kafka-connect-s3/pom.xml
@@ -92,6 +92,12 @@
             <version>${s3mock.version}</version>
             <scope>test</scope>
         </dependency>
+        <dependency>
+            <groupId>com.google.guava</groupId>
+            <artifactId>guava</artifactId>
+            <version>${guava.version}</version>
+            <scope>test</scope>
+        </dependency>
     </dependencies>
 
     <build>

diff --git a/pom.xml b/pom.xml
@@ -175,7 +175,7 @@
         <dependency>
             <groupId>io.confluent</groupId>
             <artifactId>confluent-log4j</artifactId>
-            <version>${confluent-log4j.version}</version>
+            <version>${confluent.log4j.version}</version>
             <scope>test</scope>
         </dependency>
         <dependency>
@@ -196,6 +196,10 @@
                     <groupId>log4j</groupId>
                     <artifactId>log4j</artifactId>
                 </exclusion>
+                <exclusion>
+                    <groupId>com.google.guava</groupId>
+                    <artifactId>guava</artifactId>
+                </exclusion>
             </exclusions>
             <scope>test</scope>
         </dependency>