[
https://issues.apache.org/jira/browse/GEODE-10046?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=17518431#comment-17518431
]
ASF subversion and git services commented on GEODE-10046:
---------------------------------------------------------
Commit f110b9be3547474e74bc16cf2f24337b90e8fae2 in geode's branch
refs/heads/develop from Owen Nichols
[ https://gitbox.apache.org/repos/asf?p=geode.git;h=f110b9be35 ]
GEODE-10046: Bump 3rd-party dependency versions (#7557)
Geode endeavors to regularly update 3rd-party dependencies to increase
shelf life, security and reliability of releases.
Dependency bumps in this batch:
* Bump classgraph from 4.8.141 to 4.8.143
* Bump jetty from 9.4.45.v20220203 to 9.4.46.v20220331
* Bump jna from 5.10.0 to 5.11.0
* Bump junit-pioneer from 1.6.1 to 1.6.2
* Bump lettuce-core from 6.1.6.RELEASE to 6.1.8.RELEASE
* Bump maven-artifact from 3.8.1 to 3.8.5
* Bump micrometer-core from 1.8.3 to 1.8.4
* Bump nebula.lint from 17.6.1 to 17.7.0
* Bump netty from 4.1.74.Final to 4.1.75.Final
* Bump rat from 0.7.0 to 0.7.1
* Bump shiro-core from 1.8.0 to 1.9.0
* Bump spotless from 6.2.2 to 6.4.1
* Bump spring-boot-starter-web from 2.6.5 to 2.6.6
* Bump swagger-annotations from 1.6.2 to 1.6.6
* Bump tomcat from 9.0.59 to 9.0.62
> bump dependencies in 1.16
> -------------------------
>
> Key: GEODE-10046
> URL: https://issues.apache.org/jira/browse/GEODE-10046
> Project: Geode
> Issue Type: Improvement
> Components: build
> Reporter: Owen Nichols
> Assignee: Owen Nichols
> Priority: Major
> Labels: pull-request-available
> Fix For: 1.15.0
>
>
> until support/1.16 is cut, periodically check for and switch to latest
> version of 3rd-party dependencies. this will extend the shelf-life of
> eventual Geode 1.16 release and hopefully reduce bugs and cve exposure, or at
> least give a smaller delta if there is later a cve found that we need to
> patch for
--
This message was sent by Atlassian Jira
(v8.20.1#820001)
