Uploaded image for project: 'Camunda Optimize'
  1. Camunda Optimize
  2. OPT-6450

Move to supported jackson-dataformats-text

XMLWordPrintable

    • Icon: Task Task
    • Resolution: Won't Do
    • Icon: L3 - Default L3 - Default
    • 3.9.0, 3.9.0-alpha4
    • None
    • backend
    • None

      We currently have a dependency on https://github.com/FasterXML/jackson-dataformat-yaml

      However, this is no longer supported and pulls in a dependency of snakeyaml that has a security vulnerability. While we don't believe this vulnerability affects us, we should still migrate to using a library that is being actively supported: https://github.com/FasterXML/jackson-dataformats-text

      If the migration is complex, an acceptable solution for the short term might also be to pin the snakeyaml version used by the existing library to one that does not contain the vulnerability (>=1.31)

        This is the controller panel for Smart Panels app

              Unassigned Unassigned
              joshua.windels Joshua Windels
              Votes:
              0 Vote for this issue
              Watchers:
              1 Start watching this issue

                Created:
                Updated:
                Resolved: