[
https://issues.apache.org/jira/browse/GEODE-8066?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=17140832#comment-17140832
]
Robert Houghton commented on GEODE-8066:
----------------------------------------
Opened a GitHub issue against Spring Security to update their dependency past
this issue. [https://github.com/spring-projects/spring-security/issues/8733]
> Geode should not be using both activation 1.1 and javax.activation 1.2
> ----------------------------------------------------------------------
>
> Key: GEODE-8066
> URL: https://issues.apache.org/jira/browse/GEODE-8066
> Project: Geode
> Issue Type: Improvement
> Components: pulse
> Reporter: Owen Nichols
> Assignee: Robert Houghton
> Priority: Major
>
> javax.activation 1.2 is referenced by Geode as an indirect dependency of jaxb
> However, Spring 5.3 brings in some unwanted guests via
> com.nimbusds:oauth2-oidc-sdk:7.1.1, including com.sun.mail:javax.mail:1.6.1
> (we already use javax.mail:javax.mail-api:1.6.2) which in turn brings in
> javax.activation:activation:1.1 (we already use
> com.sun.activation:javax.activation:1.2.0)
> It would be nice to only have one version and one provider of mail and
> activation in our project.
--
This message was sent by Atlassian Jira
(v8.3.4#803005)
