New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Nippy 2.15.1 upgrade #1044
Nippy 2.15.1 upgrade #1044
Conversation
Hi @keytiong - many thanks for bringing this to our attention. We'll unfortunately need to check whether we were inadvertently depending on the Cheers! James |
bb1d32d
to
432e754
Compare
Have included a |
Let's see if we can put that JVM property in Nippy instead ^^ |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
IIRC there was a reason we're stuck on this version of Nippy and have an explicit version of encore we depend on. But cannot remember why atm.
That said, this exposure of general serialised Java objects is likely something we want to close down before it gets to Nippy, so that's another way of dealing with this, but for now, assuming everything still works, as I don't recall what it was that kept us back, let's go ahead with this.
Merged - thanks again @keytiong 😄 |
A security advisory for users of nippy older than 2.15.0 to upgrade to 2.15.0.
The PR is to upgrade crux's nippy version to 2.15.0 plus associated dependency conflict resolutions due to the upgrade.