Pekka Enberg
|
15eb6adf92
|
apiclient: Bump Jackson version to 2.10.4
Jackson 2.9.x has various vulnerabilities that are fixed in 2.10 series:
https://github.com/FasterXML/jackson-databind/issues/2700#issuecomment-619590967
Let's update to the latest version of Jackson. This is a similar fix to
Github's Dependabot proposal, except we bump the version number across
all Jackson components:
https://github.com/scylladb/scylla-jmx/pull/116
|
2020-07-14 10:19:49 +03:00 |
|
Pekka Enberg
|
b2195734cc
|
Upgrade to Guava 29.0
CVE-2018-10237 impacts Guava 24.1.0 and earlier, so let's upgrade to the latest version.
Reported-by: GitHub and Shlomi Livne
|
2020-06-16 10:04:48 +03:00 |
|
dependabot[bot]
|
fc43c56369
|
build(deps): bump jackson-databind in /scylla-apiclient
Bumps [jackson-databind](https://github.com/FasterXML/jackson) from 2.9.10.1 to 2.9.10.4.
- [Release notes](https://github.com/FasterXML/jackson/releases)
- [Commits](https://github.com/FasterXML/jackson/commits)
Signed-off-by: dependabot[bot] <support@github.com>
|
2020-05-29 14:00:31 +03:00 |
|
dependabot[bot]
|
8e1beb11f4
|
Upgrade jackson-databind from 2.9.9 to 2.9.10.1 (#84)
This upgrades jackson-databind dependency from version 2.9.9 to 2.9.10.1, which fixes various security vulnerabilities:
https://www.cvedetails.com/vulnerability-list/vendor_id-15866/product_id-42991/Fasterxml-Jackson-databind.html
|
2019-11-13 19:57:55 +02:00 |
|
Calle Wilund
|
bbc817013e
|
apiclient/pom.xml: Add jackson JSON support libs for REST client
|
2019-07-24 14:27:56 +00:00 |
|
Lubos Kosco
|
91ae4ec8ee
|
make scylla-apiclient a separate module so the jar can be reused
|
2019-07-01 17:33:08 +02:00 |
|