We have a test that checks whether old versions of dependencies can be used in plugins. While this is helpful, pinning the old version of a plugin (in this case Jackson) results in a lot of CVEs being reported for the codebase. We should investigate an alternative solution, which could include:

• Creating our own library to use, which doesn't contain vulnerabilities
• Removing this test
• Changing the scope of the dependency