Skip to content

Commit

Permalink
Fix build, update CVE-affected versions (opensearch-project#1102) (op…
Browse files Browse the repository at this point in the history
…ensearch-project#1103)

* Fix build, update CVE-affected versions

* Spotless depends on CVE-impacted eclipse dependency, now needs JDK17+



---------

Signed-off-by: Daniel Widdis <[email protected]>
  • Loading branch information
dbwiddis authored Feb 5, 2024
1 parent aaa942d commit 54a6a45
Show file tree
Hide file tree
Showing 2 changed files with 5 additions and 1 deletion.
4 changes: 4 additions & 0 deletions build.gradle
Original file line number Diff line number Diff line change
Expand Up @@ -156,6 +156,10 @@ configurations.all {
force "net.bytebuddy:byte-buddy-agent:1.14.9"
force "com.google.code.gson:gson:2.8.9"
force "junit:junit:4.13.2"

force "com.google.guava:guava:32.1.3-jre" // CVE for 31.1
force "com.fasterxml.jackson.core:jackson-core:2.16.0" // CVE for 2.14.1
force "org.eclipse.platform:org.eclipse.core.runtime:3.29.0" // CVE for < 3.29.0
}
}

Expand Down
2 changes: 1 addition & 1 deletion dataGeneration/requirements.txt
Original file line number Diff line number Diff line change
Expand Up @@ -2,4 +2,4 @@ numpy==1.23.0
opensearch_py==2.0.0
retry==0.9.2
scipy==1.10.0
urllib3==1.26.17
urllib3==1.26.18

0 comments on commit 54a6a45

Please sign in to comment.