Skip to content

Vulnerability in jetty: lib upgrade #12555

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Merged
merged 1 commit into from
Jun 18, 2025
Merged

Vulnerability in jetty: lib upgrade #12555

merged 1 commit into from
Jun 18, 2025

Conversation

kopernic-pl
Copy link

@kopernic-pl kopernic-pl commented Jun 14, 2025
edited
Loading

PR checklist

  • Read the contribution guidelines.
  • Ran the shell script under ./bin/ to update Petstore sample so that CIs can verify the change - does not apply
  • Filed the PR against the correct branch: 3.0.0 branch for changes related to OpenAPI spec 3.0. Default: master.
  • Copied the technical committee to review the pull request if your PR is targeting a particular programming language - does not apply.

Description of the PR

updated the jetty dependency to fence off few security vulnerabilities.

@kopernic-pl kopernic-pl requested a review from Copilot June 14, 2025 08:48
@kopernic-pl kopernic-pl self-assigned this Jun 14, 2025
Copilot

This comment was marked as outdated.

Sign in to view

@kopernic-pl kopernic-pl changed the base branch from master to 3.0.0 June 16, 2025 10:08
@kopernic-pl kopernic-pl requested a review from Copilot June 16, 2025 10:11
Copilot
Copilot AI reviewed Jun 16, 2025
View reviewed changes
Copy link

@Copilot Copilot AI left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Pull Request Overview

This PR upgrades the Jetty dependency to a newer version to address security vulnerabilities.

  • Updated Jetty version from 9.4.53.v20231009 to 9.4.57.v20241219
  • Aimed at mitigating known security issues in the current setup
Comments suppressed due to low confidence (1)

modules/swagger-generator/pom.xml:337

  • Ensure that the new Jetty version has been tested for compatibility with the rest of the project dependencies and that integration tests are executed to catch any potential regressions.
<jetty-version>9.4.57.v20241219</jetty-version>

@kopernic-pl kopernic-pl marked this pull request as ready for review June 16, 2025 15:46
@frantuma frantuma merged commit 54cf149 into 3.0.0 Jun 18, 2025
@frantuma frantuma deleted the fix/vulnerability-in-jetty branch June 18, 2025 09:51
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

Copilot code review Copilot Copilot left review comments

@frantuma frantuma frantuma approved these changes

Assignees

@kopernic-pl kopernic-pl

Labels
None yet
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
2 participants
@kopernic-pl @frantuma