You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
Any plans to update dependencies to remedy security issues.
These are a potential show stoppers for adopting this utility in my organization and I hate
to have to do that
Perhaps the best known is the one involving log4j 2 and log4j-1 specially the former.
log4j-1 should be avoided and log4j 2 should not be earlier than 2.17.1 I think (please don't take my word for that, check it out and report) and the current dependency is 2.14.x. These are not direct dependencies but rather pulled in thru third party libraries, so that makes it. a bit challenging
The text was updated successfully, but these errors were encountered:
Any plans to update dependencies to remedy security issues.
These are a potential show stoppers for adopting this utility in my organization and I hate
to have to do that
Perhaps the best known is the one involving log4j 2 and log4j-1 specially the former.
log4j-1 should be avoided and log4j 2 should not be earlier than 2.17.1 I think (please don't take my word for that, check it out and report) and the current dependency is 2.14.x. These are not direct dependencies but rather pulled in thru third party libraries, so that makes it. a bit challenging
The text was updated successfully, but these errors were encountered: