-
Notifications
You must be signed in to change notification settings - Fork 1.1k
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Centralize dependency versions and bump where necessary #2929
Centralize dependency versions and bump where necessary #2929
Conversation
Might also reference #2926. |
5226223
to
d2ef42e
Compare
6c3aa3d
to
00be70d
Compare
00be70d
to
2104d81
Compare
Kudos, SonarCloud Quality Gate passed! |
<org.projectlombok.version>1.18.24</org.projectlombok.version> | ||
<protobuf-java.version>3.21.9</protobuf-java.version> | ||
<reactor-netty.version>1.1.0</reactor-netty.version> | ||
<scala-lang.library.version>2.13.9</scala-lang.library.version> |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
@joschi any idea how did this thing get in here? There's no scala library prior to your commit 🤔
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
@Haarolean Kafka (org.apache.kafka:kafka_2.13
used in kafka-ui-e2e-checks
) is written in Scala and was pulling in a vulnerable version.
This property is only used in dependency management, so that Maven will pull in the non-vulnerable version of the Scala standard library instead.
https://github.com/personio/kafka-ui/blob/2104d81e139bb6b489594dc10caf676ea725dcf9/pom.xml#L132-L136
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
@joschi thank you very much, I prefer to indicate this in poms, I'll add the comment
What changes did you make? (Give an overview)
dependencyManagement
section.Refs #2805
Refs #2926
Closes #2711
Is there anything you'd like reviewers to focus on?
How Has This Been Tested? (put an "x" (case-sensitive!) next to an item)
Checklist (put an "x" (case-sensitive!) next to all the items, otherwise the build will fail)
Check out Contributing and Code of Conduct
A picture of a cute animal (not mandatory but encouraged)