Hi all, while working on updating to language level 6 (RAT-244) I stumbled upon available updates and used security warnings from github to perform updates.
The archive walker uses Zip-functionality from commons-compress that seems to have security issues (https://nvd.nist.gov/vuln/detail/CVE-2018-1324 and https://nvd.nist.gov/vuln/detail/CVE-2018-11771). Would you mind us updating to JDK7 as language level in order to fix these vulnerable dependencies and be able to update other deps as well? Any opinions? Phil
