You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
{{ message }}
This repository has been archived by the owner on Jan 11, 2023. It is now read-only.
All the dependencies use <scope>provided</scope>, so they are not transitive.
Therefore, the library doesn't force you to use a dependency that has vulnerabilities as you have to declare all the dependencies explicitly in your project with higher version numbers.
I could do a release, but it will not change anything actually. The Logback version that your application is using is not the one from the db-util, but the one you declared explicitly in your pom.xml file.
Hi! Do you have plans to publish version 1.0.7 on maven? For now, the latest version has logback vulnerabilities
The text was updated successfully, but these errors were encountered: