tinkerpop-dev mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From "ASF GitHub Bot (Jira)" <j...@apache.org>
Subject [jira] [Commented] (TINKERPOP-2356) Bump to Jackson 2.10.x
Date Fri, 27 Mar 2020 19:48:00 GMT

    [ https://issues.apache.org/jira/browse/TINKERPOP-2356?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=17069015#comment-17069015

ASF GitHub Bot commented on TINKERPOP-2356:

spmallette commented on pull request #1271: TINKERPOP-2356 Bump to Jackson 2.10
URL: https://github.com/apache/tinkerpop/pull/1271
   This moves us off the CVE flooded 2.9.x. Changes were pretty minimal. I suppose we could
backport if we really wanted to but this was mostly done to see what the impact would be as
we look forward to hopefully going to Jackson 3.0 before TP 3.5.0 releases.
   All tests pass with `docker/build.sh -t -n -i`
   VOTE +1
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.
For queries about this service, please contact Infrastructure at:

> Bump to Jackson 2.10.x
> ----------------------
>                 Key: TINKERPOP-2356
>                 URL: https://issues.apache.org/jira/browse/TINKERPOP-2356
>             Project: TinkerPop
>          Issue Type: Improvement
>          Components: io
>    Affects Versions: 3.5.0
>            Reporter: Stephen Mallette
>            Assignee: Stephen Mallette
>            Priority: Minor
> Going to look at what it takes to bump to Jackson 2.10.x for 3.5.0 since it seems to
solve this CVE hell we continue to live in:
> https://medium.com/@cowtowncoder/jackson-2-10-features-cd880674d8a2

This message was sent by Atlassian Jira

View raw message