You are viewing a plain text version of this content. The canonical link for it is here.
Posted to issues@streampipes.apache.org by "bossenti (via GitHub)" <gi...@apache.org> on 2023/05/01 13:14:38 UTC
[I] Remove vulnerabilities from dependencies (streampipes)
bossenti opened a new issue, #1538:
URL: https://github.com/apache/streampipes/issues/1538
### Body
We collect and regularly update our dependencies with vulnerabilities in the file [`VULNERABILITY.md`](https://github.com/apache/streampipes/blob/dev/VULNERABILITY.md).
The aim is to upgrade to newer versions which are not affected anymore step by step.
Currently we have the following affected dependencies:
- [ ] Maven: org.apache.commons:commons-text
- [ ] Maven: org.springframework:spring-core
- [ ] Maven: org.yaml:snakeyaml
- [ ] PyPI : werkzeug
- [ ] npm : d3-color
- [ ] npm: glob-parent
- [ ] npm: quill
- [ ] npm: webpack
- [ ] npm: yaml
### StreamPipes Committer
I acknowledge that I am a maintainer/committer of the Apache StreamPipes project.
--
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.
To unsubscribe, e-mail: issues-unsubscribe@streampipes.apache.org.apache.org
For queries about this service, please contact Infrastructure at:
users@infra.apache.org
Re: [I] Remove vulnerabilities from dependencies
Posted by "bossenti (via GitHub)" <gi...@apache.org>.
bossenti closed issue #1538: Remove vulnerabilities from dependencies
URL: https://github.com/apache/streampipes/issues/1538
--
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.
To unsubscribe, e-mail: issues-unsubscribe@streampipes.apache.org
For queries about this service, please contact Infrastructure at:
users@infra.apache.org