IOhacker commented on code in PR #3906:
URL: https://github.com/apache/fineract/pull/3906#discussion_r1618328065
##########
buildSrc/src/main/groovy/org.apache.fineract.dependencies.gradle:
##########
@@ -68,7 +68,7 @@ dependencyManagement {
exclude 'org.codehaus.groovy:groovy'
}
dependency 'org.apache.commons:commons-csv:1.10.0'
- dependency 'org.quartz-scheduler:quartz:2.3.2'
+ dependency 'org.quartz-scheduler:quartz:2.5.0-rc1'
Review Comment:
About Quartz library I can see that they have not released any security fix
and project seems to be abandoned
https://github.com/quartz-scheduler/quartz/issues/1134
Anyway the last version is 2.5.0-rc1, so then the question is;
Should we use a Release Candidate version? If not should we keep using a
library version released in 2019 ?
--
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.
To unsubscribe, e-mail: [email protected]
For queries about this service, please contact Infrastructure at:
[email protected]
