You are viewing a plain text version of this content. The canonical link for it is here.

Posted to issues@maven.apache.org by "Chris Campbell (Jira)" <ji...@apache.org> on 2022/08/31 15:03:00 UTC

[jira] [Created] (MNG-7535) Latest release of Maven contain EOL component - EOL-Google Guava 25.1

Chris Campbell created MNG-7535:
-----------------------------------

             Summary: Latest release of Maven contain EOL component - EOL-Google Guava 25.1
                 Key: MNG-7535
                 URL: https://issues.apache.org/jira/browse/MNG-7535
             Project: Maven
          Issue Type: Dependency upgrade
          Components: Dependencies
    Affects Versions: 3.8.6
            Reporter: Chris Campbell


We are utilizing the latest maven releases and getting EOL findings ( EOL-Google Guava 25.1 ) from our internal Enterprise Security team that we must remediate.

Will maven releases update to a newer, non-EOL of these components?  If not, is there anything we can do ourselves to remediate and use non-EOL versions?



--
This message was sent by Atlassian Jira
(v8.20.10#820010)