This is an automated email from the ASF dual-hosted git repository.
tzimanyi pushed a commit to branch main
in repository https://gitbox.apache.org/repos/asf/incubator-kie-tools.git
The following commit(s) were added to refs/heads/main by this push:
new 2df1e032c03 [NO-ISSUE] Update vertx-web to 4.5.22 and add version
declarations for other version overrides. (#3320)
2df1e032c03 is described below
commit 2df1e032c035c7c03d33dd97dbc2eb8a198c1ecb
Author: Tibor Zimányi <[email protected]>
AuthorDate: Mon Oct 27 08:17:14 2025 +0100
[NO-ISSUE] Update vertx-web to 4.5.22 and add version declarations for
other version overrides. (#3320)
---
packages/maven-base/pom.xml | 37 +++++++++++++++++++++++++++++++++++++
1 file changed, 37 insertions(+)
diff --git a/packages/maven-base/pom.xml b/packages/maven-base/pom.xml
index bf7b291ae60..ee06d285b92 100644
--- a/packages/maven-base/pom.xml
+++ b/packages/maven-base/pom.xml
@@ -145,12 +145,49 @@
<version.apache.commons.lang3>3.18.0</version.apache.commons.lang3>
<version.angus.mail>2.0.5</version.angus.mail>
<version.nimbus.jose.jwt>9.37.4</version.nimbus.jose.jwt>
+ <version.io.vertx>4.5.22</version.io.vertx>
<!-- End of various transitive overrides. -->
</properties>
<dependencyManagement>
<dependencies>
+ <!-- These versions are overrides for transitive dependencies, to fix
security vulnerabilities.
+ They need to be checked with Quarkus and Spring Boot upgrades and
eventually removed, if they are not needed anymore. -->
+ <dependency>
+ <groupId>org.eclipse.angus</groupId>
+ <artifactId>angus-mail</artifactId>
+ <version>${version.angus.mail}</version>
+ </dependency>
+ <dependency>
+ <groupId>com.nimbusds</groupId>
+ <artifactId>nimbus-jose-jwt</artifactId>
+ <version>${version.nimbus.jose.jwt}</version>
+ </dependency>
+ <dependency>
+ <groupId>io.vertx</groupId>
+ <artifactId>vertx-web</artifactId>
+ <version>${version.io.vertx}</version>
+ </dependency>
+ <!-- End of various transitive overrides. -->
+
+ <!-- Not directly used, but used to override transitive versions from
other dependencies to fix vulnerabilities -->
+ <dependency>
+ <groupId>org.apache.tomcat.embed</groupId>
+ <artifactId>tomcat-embed-core</artifactId>
+ <version>${version.tomcat.embed.core}</version>
+ </dependency>
+ <dependency>
+ <groupId>org.apache.commons</groupId>
+ <artifactId>commons-lang3</artifactId>
+ <version>${version.apache.commons.lang3}</version>
+ </dependency>
+
<!-- Apache KIE -->
+ <dependency>
+ <groupId>io.vertx</groupId>
+ <artifactId>vertx-web</artifactId>
+ <version>${version.io.vertx}</version>
+ </dependency>
<dependency>
<groupId>org.kie.kogito</groupId>
---------------------------------------------------------------------
To unsubscribe, e-mail: [email protected]
For additional commands, e-mail: [email protected]
