You are viewing a plain text version of this content. The canonical link for it is here.

Posted to notifications@shardingsphere.apache.org by GitBox <gi...@apache.org> on 2022/01/14 05:54:14 UTC

[GitHub] [shardingsphere] Ahoo-Wang edited a comment on pull request #14314: Upgrade to Guava 30.0-jre

Ahoo-Wang edited a comment on pull request #14314:
URL: https://github.com/apache/shardingsphere/pull/14314#issuecomment-1012794429


   I'm very sorry to reply you too late.
   
   I checked https://github.com/google/guava/releases/tag/v30.0 ,And compare the code https://github.com/google/guava/compare/v29.0...v30.0,
   `v30.0` has only made feature enhancements and no breaking changes, so there should be no problem with compatibility.
   
   But another problem is that we still can't solve this problem by upgrading to to `Guava 30.0-jre` (just `@Deprecated` this method). Here is a discussion on https://github.com/google/guava/issues/4011.
   
   That is, the advantage of upgrading to 30.0 is that [CVE-2020-8908] is no longer received, and `com.google.common.io.Files.createTempDir()` gets a warning when the user uses this method.
   


-- 
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.

To unsubscribe, e-mail: notifications-unsubscribe@shardingsphere.apache.org

For queries about this service, please contact Infrastructure at:
users@infra.apache.org