You are viewing a plain text version of this content. The canonical link for it is here.
Posted to commits@flink.apache.org by ma...@apache.org on 2022/12/13 14:01:40 UTC

[flink] branch master updated: [FLINK-30175][Build] Bump snakeyaml from 1.31 to 1.33

This is an automated email from the ASF dual-hosted git repository.

martijnvisser pushed a commit to branch master
in repository https://gitbox.apache.org/repos/asf/flink.git


The following commit(s) were added to refs/heads/master by this push:
     new 2c89283b877 [FLINK-30175][Build] Bump snakeyaml from 1.31 to 1.33
2c89283b877 is described below

commit 2c89283b87746398ac2be425f13cd587a9fa6228
Author: Martijn Visser <ma...@apache.org>
AuthorDate: Wed Nov 23 14:51:03 2022 +0100

    [FLINK-30175][Build] Bump snakeyaml from 1.31 to 1.33
---
 flink-kubernetes/src/main/resources/META-INF/NOTICE | 2 +-
 pom.xml                                             | 6 +++---
 2 files changed, 4 insertions(+), 4 deletions(-)

diff --git a/flink-kubernetes/src/main/resources/META-INF/NOTICE b/flink-kubernetes/src/main/resources/META-INF/NOTICE
index f4ecc7fdcb2..4c624104361 100644
--- a/flink-kubernetes/src/main/resources/META-INF/NOTICE
+++ b/flink-kubernetes/src/main/resources/META-INF/NOTICE
@@ -36,7 +36,7 @@ This project bundles the following dependencies under the Apache Software Licens
 - io.fabric8:kubernetes-model-scheduling:5.12.3
 - io.fabric8:kubernetes-model-storageclass:5.12.3
 - io.fabric8:zjsonpatch:0.3.0
-- org.yaml:snakeyaml:1.31
+- org.yaml:snakeyaml:1.33
 
 This project bundles the following dependencies under the BSD License.
 See bundled license files for details.
diff --git a/pom.xml b/pom.xml
index 785d3a7b5aa..99cf68618c4 100644
--- a/pom.xml
+++ b/pom.xml
@@ -884,7 +884,7 @@ under the License.
 				<!-- Bumped for security purposes and making it work with Jackson dependencies (2.10.1) -->
 				<groupId>org.yaml</groupId>
 				<artifactId>snakeyaml</artifactId>
-				<version>1.31</version>
+				<version>1.33</version>
 			</dependency>
 			<dependency>
 				<groupId>io.netty</groupId>
@@ -1712,12 +1712,12 @@ under the License.
 							<rules>
 								<bannedDependencies>
 									<excludes>
-										<exclude>org.yaml:snakeyaml:(,1.30]</exclude>
+										<exclude>org.yaml:snakeyaml:(,1.31]</exclude>
 									</excludes>
 									<includes>
 										<!-- Snakeyaml is pulled in by many modules without using it in production,
 											so there's no benefit in us investing time into bumping these. -->
-										<include>org.yaml:snakeyaml:(,1.30]:*:test</include>
+										<include>org.yaml:snakeyaml:(,1.31]:*:test</include>
 									</includes>
 									<message>Older snakeyaml versions are not allowed due to security vulnerabilities.</message>
 								</bannedDependencies>