This is an automated email from the ASF dual-hosted git repository.
fokko pushed a commit to branch main
in repository https://gitbox.apache.org/repos/asf/avro.git
The following commit(s) were added to refs/heads/main by this push:
new 58cad6922 Bump maven-core to 3.9.6 and drop needless plexus-utils
(#2723)
58cad6922 is described below
commit 58cad6922748190e43e077c8a91b623e88233e6b
Author: Niels Basjes <[email protected]>
AuthorDate: Mon Feb 12 12:34:04 2024 +0100
Bump maven-core to 3.9.6 and drop needless plexus-utils (#2723)
---
lang/java/maven-plugin/pom.xml | 8 --------
lang/java/pom.xml | 2 +-
2 files changed, 1 insertion(+), 9 deletions(-)
diff --git a/lang/java/maven-plugin/pom.xml b/lang/java/maven-plugin/pom.xml
index a4e9e7b6f..9f9ab3859 100644
--- a/lang/java/maven-plugin/pom.xml
+++ b/lang/java/maven-plugin/pom.xml
@@ -72,14 +72,6 @@
</exclusion>
</exclusions>
</dependency>
- <!-- Bump this to a higher version while maven 3.3.9 still uses 3.0.22
with a -->
- <!-- XML injection vulnerability. -->
- <dependency>
- <groupId>org.codehaus.plexus</groupId>
- <artifactId>plexus-utils</artifactId>
- <version>3.5.1</version>
- <scope>provided</scope>
- </dependency>
<dependency>
<groupId>org.apache.maven.shared</groupId>
<artifactId>file-management</artifactId>
diff --git a/lang/java/pom.xml b/lang/java/pom.xml
index 45068634c..8d1493103 100644
--- a/lang/java/pom.xml
+++ b/lang/java/pom.xml
@@ -49,7 +49,7 @@
<jetty.version>9.4.53.v20231009</jetty.version>
<jopt-simple.version>5.0.4</jopt-simple.version>
<junit5.version>5.10.2</junit5.version>
- <maven-core.version>3.3.9</maven-core.version>
+ <maven-core.version>3.9.6</maven-core.version>
<mockito.version>5.10.0</mockito.version>
<netty.version>4.1.106.Final</netty.version>
<protobuf.version>3.25.2</protobuf.version>
