flink-shaded
flink-shaded copied to clipboard
apache
Apache Flink shaded artifacts repository
Addressing https://github.com/advisories/GHSA-57j2-w4cx-62h2 References: https://github.com/FasterXML/jackson/wiki/Jackson-Release-2.12#micro-patches https://github.com/FasterXML/jackson-databind/issues/2816
When working against the shaded dependencies it is not possible to jump to the source of a class, since we don't build source jars. The source jars can be created...
Bumps [snakeyaml](https://bitbucket.org/snakeyaml/snakeyaml) from 1.31 to 1.32. Commits b8239ec Add warning about untrusted data on landing page 2853420 Merge remote-tracking branch 'origin/master' 4b3d996 Merged master into format-2 4081e08 Reformat with IntelliJ...
![dependabot[bot] avatar](https://avatars.githubusercontent.com/in/29110?v=4 "dependabot[bot] avatar"){kind=avatar}
JIRA: FLINK-35003. Update zookeeper to 3.8.4 to address CVE-2024-23944. From the maven link, we can know that CVE-2024-23944 exists in zookpeer-3.8.3, and we can upgrade to zookpeer-3.8.4 to solve this...
~~As a test [1] there was first a commit with enabling `ShadeOptionalChecker` however without adding `optional`. As a result it detects the issue i a number of places.~~ UPD: Since...
Bumps org.apache.zookeeper:zookeeper from 3.5.10 to 3.7.2. [](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores) Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a...
Bumps org.apache.zookeeper:zookeeper from 3.6.4 to 3.7.2. [](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores) Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a...
Update json-path library to address CVE-2023-1370 and CVE-2023-51074.
