Skip to content

2.0.4: Updated dependencies to fix CVE vulnerabilities
Compare
Choose a tag to compare
@morazow morazow released this 28 Jun 11:59
· 8 commits to main since this release
2.0.4
dfc015f
This commit was created on GitHub.com and signed with GitHub’s verified signature. The key has expired.
GPG key ID: 4AEE18F83AFDEB23
Expired
Learn about vigilant mode.

Summary

This release updates Hadoop dependency to fix CVE vulnerabilities.

Security

  • #50: Upgraded Hadoop dependency to fix CVE vulnerabilities

Dependency Updates

Compile Dependency Updates

  • Updated org.apache.hadoop:hadoop-client:3.3.5 to 3.3.6
  • Updated org.apache.parquet:parquet-hadoop:1.13.0 to 1.13.1
  • Updated org.scala-lang:scala-library:2.13.10 to 2.13.11
  • Added org.xerial.snappy:snappy-java:1.1.10.1

Test Dependency Updates

  • Updated org.junit.jupiter:junit-jupiter:5.9.2 to 5.9.3
  • Updated org.mockito:mockito-core:5.3.1 to 5.4.0
  • Updated org.mockito:mockito-junit-jupiter:5.3.1 to 5.4.0

Plugin Dependency Updates

  • Updated org.itsallcode:openfasttrace-maven-plugin:1.6.1 to 1.6.2
Assets 8
Loading