New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Ban org.javassist:javassist #26071
Comments
@ppalaga do you know what's bringing Javassist? Ideally we should get rid of it. |
quarkus-scheduler via com.cronutils:cron-utils (not sure this is the only path)
Why? |
FTR I opened jmrozanec/cron-utils#521 removing it as it doesn't seem to be used in the codebase |
@ppalaga we try to favor ByteBuddy if possible. Obviously if a dependency needs it, we have to comply, but it's worth having a look at what brings it. |
Should I remove the javassist commit from #26069 ? |
If it's indeed not used by cron-utils, I would rather exclude it from there while waiting for @gastaldi 's PR to get in. |
Ok, let me do it in #26069 |
javassist now banned in #26069 |
(cherry picked from commit da8afc0)
FWIW cron-utils 9.1.7 is now out without the dependency on Javassist |
Describe the bug
Similar case as #26066
quarkus-scheduler depends on org.javassist:javassist but we do not manage it and so other platform participants may bring an incompatible version.
Hence we should start managing org.javassist:javassist.
Expected behavior
No response
Actual behavior
No response
How to Reproduce?
No response
Output of
uname -a
orver
No response
Output of
java -version
No response
GraalVM version (if different from Java)
No response
Quarkus version or git rev
No response
Build tool (ie. output of
mvnw --version
orgradlew --version
)No response
Additional information
No response
The text was updated successfully, but these errors were encountered: