Hi Andy, > On 3 Feb 2023, at 16:40, Andreas Schaefer <schaef...@me.com.INVALID> wrote: > > Hi > > I am tasked with upgrading grqaphql-java for AEM to at least 17.4 because of > a vulnerability https://nvd.nist.gov/vuln/detail/CVE-2022-37734 > > I saw that Radu created a ticket for upgrading to graphql-java 17: > https://github.com/graphql-java/graphql-java/releases/tag/v17.0 > > I assigned that ticket to me and will see what needs to be done to make this > work in Sling as well as in AEM. > > Let me know if you have any objections or already worked on it. > > Thanks - Andy Schaefer
No objections on my side. I started looking into this [0], but didn’t get to commit anything. I remember I had issues with dynamically registering our Sling directives [1], but I had to switch to a different task and forgot about [0]. Thanks, Radu [0] - https://issues.apache.org/jira/browse/SLING-10900 [1] - https://github.com/apache/sling-org-apache-sling-graphql-core/blob/0b1c1dd72ed04324ea84d2227c3223ec65b0b21e/src/main/java/org/apache/sling/graphql/core/directives/Directives.java
