You are viewing a plain text version of this content. The canonical link for it is here.

Posted to issues@streampipes.apache.org by "bossenti (via GitHub)" <gi...@apache.org> on 2023/05/01 13:14:38 UTC

[I] Remove vulnerabilities from dependencies (streampipes)

bossenti opened a new issue, #1538:
URL: https://github.com/apache/streampipes/issues/1538

   ### Body
   
   We collect and regularly update our dependencies with vulnerabilities in the file [`VULNERABILITY.md`](https://github.com/apache/streampipes/blob/dev/VULNERABILITY.md).
   The aim is to upgrade to newer versions which are not affected anymore step by step.
   
   Currently we have the following affected dependencies:
   
   - [ ] Maven: org.apache.commons:commons-text
   - [ ] Maven: org.springframework:spring-core
   - [ ] Maven: org.yaml:snakeyaml
   - [ ] PyPI : werkzeug 
   - [ ] npm : d3-color
   - [ ] npm: glob-parent
   - [ ] npm: quill
   - [ ] npm: webpack
   - [ ] npm: yaml
   
   ### StreamPipes Committer
   
   I acknowledge that I am a maintainer/committer of the Apache StreamPipes project.


-- 
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.

To unsubscribe, e-mail: issues-unsubscribe@streampipes.apache.org.apache.org

For queries about this service, please contact Infrastructure at:
users@infra.apache.org

Re: [I] Remove vulnerabilities from dependencies

Posted by "bossenti (via GitHub)" <gi...@apache.org>.

bossenti closed issue #1538: Remove vulnerabilities from dependencies
URL: https://github.com/apache/streampipes/issues/1538


-- 
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.

To unsubscribe, e-mail: issues-unsubscribe@streampipes.apache.org

For queries about this service, please contact Infrastructure at:
users@infra.apache.org