andreacavalli
/
scylla-jmx
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity
553 Commits 42 Branches 194 Tags 1.3 MiB
Commit Graph

11 Commits

Author SHA1 Message Date
Andrea Cavalli c43992ba08 Change version 2023-01-24 16:06:39 +01:00
Andrea Cavalli cd30267633 Update to java 17 2023-01-24 14:58:50 +01:00
Piotr Grabowski fe351e8491 Update jackson dependency 
Update jackson dependency to a newer version without any known
vulnerabilities. I have checked changelogs of all versions between
2.12.1 and 2.12.6.1, and none of the changes were potentially
problematic (minor fixes, etc).

2.12.6.1 version of jackson-databind is compatible with 2.12.6 versions
of other jackson packages.
 2022-05-31 13:46:06 +03:00
dependabot[bot] fbfbdaa298 build(deps): bump snakeyaml from 1.16 to 1.26 in /scylla-apiclient 
Bumps [snakeyaml](https://bitbucket.org/asomov/snakeyaml) from 1.16 to 1.26.
- [Commits](https://bitbucket.org/asomov/snakeyaml/branches/compare/snakeyaml-1.26..v1.16)

---
updated-dependencies:
- dependency-name: org.yaml:snakeyaml
  dependency-type: direct:production
...

Signed-off-by: dependabot[bot] <support@github.com>

Closes #169
 2021-06-10 09:59:48 +03:00
dependabot[bot] ffab41d714 Bump Jackson version in scylla-apiclient 
Bumps `jackson.version` from 2.10.4 to 2.12.1.

Updates `jackson-annotations` from 2.10.4 to 2.12.1
- [Release notes](https://github.com/FasterXML/jackson/releases)
- [Commits](https://github.com/FasterXML/jackson/commits)

Updates `jackson-databind` from 2.10.4 to 2.12.1
- [Release notes](https://github.com/FasterXML/jackson/releases)
- [Commits](https://github.com/FasterXML/jackson/commits)

Updates `jackson-jaxrs-json-provider` from 2.10.4 to 2.12.1

Signed-off-by: dependabot[bot] <support@github.com>

Closes #159
 2021-03-04 10:48:34 +02:00
Pekka Enberg 15eb6adf92 apiclient: Bump Jackson version to 2.10.4 
Jackson 2.9.x has various vulnerabilities that are fixed in 2.10 series:

https://github.com/FasterXML/jackson-databind/issues/2700#issuecomment-619590967

Let's update to the latest version of Jackson. This is a similar fix to
Github's Dependabot proposal, except we bump the version number across
all Jackson components:

https://github.com/scylladb/scylla-jmx/pull/116
 2020-07-14 10:19:49 +03:00
Pekka Enberg b2195734cc Upgrade to Guava 29.0 
CVE-2018-10237 impacts Guava 24.1.0 and earlier, so let's upgrade to the latest version.

Reported-by: GitHub and Shlomi Livne
 2020-06-16 10:04:48 +03:00
dependabot[bot] fc43c56369 build(deps): bump jackson-databind in /scylla-apiclient 
Bumps [jackson-databind](https://github.com/FasterXML/jackson) from 2.9.10.1 to 2.9.10.4.
- [Release notes](https://github.com/FasterXML/jackson/releases)
- [Commits](https://github.com/FasterXML/jackson/commits)

Signed-off-by: dependabot[bot] <support@github.com>
 2020-05-29 14:00:31 +03:00
dependabot[bot] 8e1beb11f4 Upgrade jackson-databind from 2.9.9 to 2.9.10.1 (#84) 
This upgrades jackson-databind dependency from version 2.9.9 to 2.9.10.1, which fixes various security vulnerabilities:

https://www.cvedetails.com/vulnerability-list/vendor_id-15866/product_id-42991/Fasterxml-Jackson-databind.html
 2019-11-13 19:57:55 +02:00
Calle Wilund bbc817013e apiclient/pom.xml: Add jackson JSON support libs for REST client 2019-07-24 14:27:56 +00:00
Lubos Kosco 91ae4ec8ee make scylla-apiclient a separate module so the jar can be reused 2019-07-01 17:33:08 +02:00