kennknowles commented on a change in pull request #16233:
URL: https://github.com/apache/beam/pull/16233#discussion_r769068298
##########
File path:
buildSrc/src/main/groovy/org/apache/beam/gradle/BeamModulePlugin.groovy
##########
@@ -1149,6 +1149,16 @@ class BeamModulePlugin implements Plugin<Project> {
options.errorprone.errorproneArgs.add("-Xep:UnsafeReflectiveConstructionCast:OFF")
}
+ def log4j_version = "2.15.0"
+ configurations.all {
+ resolutionStrategy {
Review comment:
FWIW I don't _think_ this is supposed to actually add or remove deps,
just resolve the version. It might be useful to users for us to not have any
transitive deps on anything with a vulnerability, but still support older
versions of e.g. elasticsearch.
--
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.
To unsubscribe, e-mail: [email protected]
For queries about this service, please contact Infrastructure at:
[email protected]
