janjwerner-confluent opened a new pull request, #15464: URL: https://github.com/apache/druid/pull/15464
### Description Update multiple dependencies to clear CVEs Update dropwizard-metrics to 4.2.22 to address https://github.com/advisories/GHSA-mm8h-8587-p46h in com.rabbitmq:amqp-client Update ant to 1.10.14 to resolve https://github.com/advisories/GHSA-f62v-xpxf-3v68 https://github.com/advisories/GHSA-4p6w-m9wc-c9c9 https://github.com/advisories/GHSA-q5r4-cfpx-h6fh https://github.com/advisories/GHSA-5v34-g2px-j4fw Update comomons-compress to resolve https://github.com/advisories/GHSA-cgwf-w82q-5jrr Update jose4j to 0.9.3 to resolve https://github.com/advisories/GHSA-7g24-qg88-p43q https://github.com/advisories/GHSA-jgvc-jfgh-rjvv Update kotlin-stdlib to 1.4.21 to resolve https://github.com/advisories/GHSA-cqj8-47ch-rvvq This PR has: - [ ] been self-reviewed. - [ ] using the [concurrency checklist](https://github.com/apache/druid/blob/master/dev/code-review/concurrency.md) (Remove this item if the PR doesn't have any relation to concurrency.) - [ ] added documentation for new or modified features or behaviors. - [ ] a release note entry in the PR description. - [ ] added Javadocs for most classes and all non-trivial methods. Linked related entities via Javadoc links. - [ ] added or updated version, license, or notice information in [licenses.yaml](https://github.com/apache/druid/blob/master/dev/license.md) - [ ] added comments explaining the "why" and the intent of the code wherever would not be obvious for an unfamiliar reader. - [ ] added unit tests or modified existing tests to cover new code paths, ensuring the threshold for [code coverage](https://github.com/apache/druid/blob/master/dev/code-review/code-coverage.md) is met. - [ ] added integration tests. - [ ] been tested in a test Druid cluster. -- This is an automated message from the Apache Git Service. To respond to the message, please log on to GitHub and use the URL above to go to the specific comment. To unsubscribe, e-mail: [email protected] For queries about this service, please contact Infrastructure at: [email protected] --------------------------------------------------------------------- To unsubscribe, e-mail: [email protected] For additional commands, e-mail: [email protected]
