You are viewing a plain text version of this content. The canonical link for it is here.

Posted to dev@jackrabbit.apache.org by "Julian Reschke (JIRA)" <ji...@apache.org> on 2017/02/03 18:21:51 UTC

[jira] [Created] (JCRVLT-156) Review dependencies

Julian Reschke created JCRVLT-156:
-------------------------------------

             Summary: Review dependencies
                 Key: JCRVLT-156
                 URL: https://issues.apache.org/jira/browse/JCRVLT-156
             Project: Jackrabbit FileVault
          Issue Type: Task
    Affects Versions: 3.1.36
            Reporter: Julian Reschke


The pom currently references unstable releases of Jackrabbit and Oak. Is this necessary?

Also, other dependencies should be reviewed as well. For instance, commons-collections should be update to 3.2.2 (see https://www.cvedetails.com/vulnerability-list/vendor_id-45/product_id-32731/version_id-187982/Apache-Commons-Collections-3.2.1.html)



--
This message was sent by Atlassian JIRA
(v6.3.15#6346)