Uploaded image for project: 'Talend Component Kit'
  1. Talend Component Kit
  2. TCOMP-1579

Don't deliver jackson-mapper-asl (org.codehaus.jackson coming from avro) anymore by default

Apply templateInsert Lucidchart Diagram
    XMLWordPrintable

Details

    • Work Item
    • Resolution: Fixed
    • Minor
    • 1.1.15
    • None
    • None
    • None
    • All
    • GreenHopper Ranking:
      0|i1ltf7:
    • 9223372036854775807
    • Small

    Description

      There are too much CVE related to this old jackson and avro will likely not fix it anytime soon.
      Since it is not needed for the product and there is also no will to justify any usage not being vulnerable for each single release and deliverable, we will not deliver this dependency anymore but stay compatible with it if provided.

      Attachments

        Activity

          People

            rmannibucau Romain Manni-Bucau
            rmannibucau Romain Manni-Bucau
            Votes:
            0 Vote for this issue
            Watchers:
            1 Start watching this issue

            Dates

              Created:
              Updated:
              Resolved: