You are viewing a plain text version of this content. The canonical link for it is here.
Posted to dev@jackrabbit.apache.org by "Julian Reschke (JIRA)" <ji...@apache.org> on 2017/02/03 18:21:51 UTC
[jira] [Created] (JCRVLT-156) Review dependencies
Julian Reschke created JCRVLT-156:
-------------------------------------
Summary: Review dependencies
Key: JCRVLT-156
URL: https://issues.apache.org/jira/browse/JCRVLT-156
Project: Jackrabbit FileVault
Issue Type: Task
Affects Versions: 3.1.36
Reporter: Julian Reschke
The pom currently references unstable releases of Jackrabbit and Oak. Is this necessary?
Also, other dependencies should be reviewed as well. For instance, commons-collections should be update to 3.2.2 (see https://www.cvedetails.com/vulnerability-list/vendor_id-45/product_id-32731/version_id-187982/Apache-Commons-Collections-3.2.1.html)
--
This message was sent by Atlassian JIRA
(v6.3.15#6346)