Skip to content

Commit

Permalink
[MNG-7513] Address commons-io_commons-io vulnerability found in maven…
Browse files Browse the repository at this point in the history
… latest version

We can safely remove Commons IO altogether because it is not used in any direct or
transitive usecase at compile time or runtime.

This closes #771
  • Loading branch information
michael-o committed Dec 20, 2022
1 parent 7db942b commit ba058ee
Showing 1 changed file with 7 additions and 0 deletions.
7 changes: 7 additions & 0 deletions pom.xml
Original file line number Diff line number Diff line change
Expand Up @@ -295,6 +295,13 @@ under the License.
<groupId>org.apache.maven.shared</groupId>
<artifactId>maven-shared-utils</artifactId>
<version>3.3.4</version>
<exclusions>
<!-- We use org.apache.maven.shared.utils.logging only in Maven Core -->
<exclusion>
<groupId>commons-io</groupId>
<artifactId>commons-io</artifactId>
</exclusion>
</exclusions>
</dependency>
<dependency>
<groupId>org.fusesource.jansi</groupId>
Expand Down

0 comments on commit ba058ee

Please sign in to comment.