Browse Source

[Improvement-12029][dolphinscheduler-api] Upgrade the snakeyaml version to avoid vulnerabilities (#12726)

3.2.0-release
seedscoder 2 years ago committed by GitHub
parent
commit
1f23d29698
No known key found for this signature in database
GPG Key ID: 4AEE18F83AFDEB23
  1. 2
      dolphinscheduler-bom/pom.xml
  2. 2
      dolphinscheduler-dist/release-docs/LICENSE
  3. 2
      tools/dependencies/known-dependencies.txt

2
dolphinscheduler-bom/pom.xml

@ -94,7 +94,7 @@
<snappy.version>1.1.8.4</snappy.version>
<spark.version>3.2.2</spark.version>
<janino.version>3.0.16</janino.version>
<snakeyaml.version>1.31</snakeyaml.version>
<snakeyaml.version>1.33</snakeyaml.version>
<htrace.version>4.1.1</htrace.version>
<datasync.version>2.17.282</datasync.version>
<springdoc-openapi-ui.version>1.6.9</springdoc-openapi-ui.version>

2
dolphinscheduler-dist/release-docs/LICENSE vendored

@ -352,7 +352,7 @@ The text of each license is also included at licenses/LICENSE-[project].txt.
poi-ooxml-schemas-4.1.2: https://mvnrepository.com/artifact/org.apache.poi/poi-ooxml-schemas/4.1.2, Apache 2.0
quartz 2.3.2: https://mvnrepository.com/artifact/org.quartz-scheduler/quartz/2.3.2, Apache 2.0
reload4j 1.2.18.3: https://mvnrepository.com/artifact/ch.qos.reload4j/reload4j/1.2.18.3, Apache 2.0
snakeyaml 1.31: https://mvnrepository.com/artifact/org.yaml/snakeyaml/1.31, Apache 2.0
snakeyaml 1.33: https://mvnrepository.com/artifact/org.yaml/snakeyaml/1.33, Apache 2.0
snappy-java 1.1.8.4: https://github.com/xerial/snappy-java, Apache 2.0
SparseBitSet 1.2: https://mvnrepository.com/artifact/com.zaxxer/SparseBitSet/1.2, Apache 2.0
spring-aop 5.3.13: https://mvnrepository.com/artifact/org.springframework/spring-aop/5.3.13, Apache 2.0

2
tools/dependencies/known-dependencies.txt

@ -276,7 +276,7 @@ simpleclient_tracer_common-0.15.0.jar
simpleclient_tracer_otel-0.15.0.jar
simpleclient_tracer_otel_agent-0.15.0.jar
slf4j-api-1.7.36.jar
snakeyaml-1.31.jar
snakeyaml-1.33.jar
snappy-java-1.1.8.4.jar
spring-aop-5.3.22.jar
spring-beans-5.3.22.jar

Loading…
Cancel
Save