You are viewing a plain text version of this content. The canonical link for it is here.
Posted to issues@flink.apache.org by "Ufuk Celebi (Jira)" <ji...@apache.org> on 2024/04/07 18:34:00 UTC
[jira] [Created] (FLINK-35038) Bump test dependency org.yaml:snakeyaml to 2.2
Ufuk Celebi created FLINK-35038:
-----------------------------------
Summary: Bump test dependency org.yaml:snakeyaml to 2.2
Key: FLINK-35038
URL: https://issues.apache.org/jira/browse/FLINK-35038
Project: Flink
Issue Type: Technical Debt
Components: Connectors / Kafka
Affects Versions: 3.1.0
Reporter: Ufuk Celebi
Assignee: Ufuk Celebi
Fix For: 3.1.0
Usage of SnakeYAML via {{flink-shaded}} was replaced by an explicit test scope dependency on {{org.yaml:snakeyaml:1.31}} with FLINK-34193.
This outdated version of SnakeYAML triggers security warnings. These should not be an actual issue given the test scope, but we should consider bumping the version for security hygiene purposes.
--
This message was sent by Atlassian Jira
(v8.20.10#820010)