You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
There are libraries with known CVEs in the published version of cfg4k -- mainly the s3 dependency brings in older versions of jackson and httpclient, and the jgit dependency also brings in an older version of httpclient.
As you can see I don't really have that much time anymore and I don't know when I will have that time so if you want to continue supporting it that would be great.
If you wish, I will update this repository so it points to your fork!
There are libraries with known CVEs in the published version of cfg4k -- mainly the s3 dependency brings in older versions of jackson and httpclient, and the jgit dependency also brings in an older version of httpclient.
This is fixed on my branch here: https://github.com/rocketraman/cfg4k/tree/library-updates-security.
The text was updated successfully, but these errors were encountered: