Skip to content

Commit

Permalink
exclude <v32 version of google guava dependency from google java form…
Browse files Browse the repository at this point in the history
…at and add google guava 32.0.1 to resolve CVE CVE-2023-2976 (#1094) (#1095)

(cherry picked from commit 778e7ce)

Signed-off-by: Surya Sashank Nistala <snistala@amazon.com>
Signed-off-by: github-actions[bot] <github-actions[bot]@users.noreply.github.com>
Co-authored-by: github-actions[bot] <github-actions[bot]@users.noreply.github.com>
  • Loading branch information
1 parent 88f587b commit b6d4cd1
Showing 1 changed file with 4 additions and 1 deletion.
5 changes: 4 additions & 1 deletion core/build.gradle
Original file line number Diff line number Diff line change
Expand Up @@ -14,7 +14,10 @@ dependencies {
api "org.jetbrains.kotlin:kotlin-stdlib-jdk8:${kotlin_version}"
implementation "com.cronutils:cron-utils:9.1.6"
api "org.opensearch.client:opensearch-rest-client:${opensearch_version}"
implementation 'com.google.googlejavaformat:google-java-format:1.10.0'
implementation('com.google.googlejavaformat:google-java-format:1.10.0') {
exclude group: 'com.google.guava'
}
implementation 'com.google.guava:guava:32.0.1-jre'
api "org.opensearch:common-utils:${common_utils_version}@jar"
implementation 'commons-validator:commons-validator:1.7'

Expand Down

0 comments on commit b6d4cd1

Please sign in to comment.