You are viewing a plain text version of this content. The canonical link for it is here.
Posted to issues@maven.apache.org by "Chris Campbell (Jira)" <ji...@apache.org> on 2022/08/31 15:03:00 UTC
[jira] [Created] (MNG-7535) Latest release of Maven contain EOL component - EOL-Google Guava 25.1
Chris Campbell created MNG-7535:
-----------------------------------
Summary: Latest release of Maven contain EOL component - EOL-Google Guava 25.1
Key: MNG-7535
URL: https://issues.apache.org/jira/browse/MNG-7535
Project: Maven
Issue Type: Dependency upgrade
Components: Dependencies
Affects Versions: 3.8.6
Reporter: Chris Campbell
We are utilizing the latest maven releases and getting EOL findings ( EOL-Google Guava 25.1 ) from our internal Enterprise Security team that we must remediate.
Will maven releases update to a newer, non-EOL of these components? If not, is there anything we can do ourselves to remediate and use non-EOL versions?
--
This message was sent by Atlassian Jira
(v8.20.10#820010)