This is an automated email from the ASF dual-hosted git repository.
xiaoyu pushed a commit to branch master
in repository https://gitbox.apache.org/repos/asf/incubator-shenyu.git
The following commit(s) were added to refs/heads/master by this push:
new a2ab40ae5 upgrade commons-io due to cve (#3269)
a2ab40ae5 is described below
commit a2ab40ae59a01c82ad15cfacd58587a486a9cb02
Author: PJ Fanning <[email protected]>
AuthorDate: Tue Apr 19 04:44:03 2022 +0200
upgrade commons-io due to cve (#3269)
* upgrade commons-io due to cve
* try to centralise commons-io version
---
pom.xml | 1 +
shenyu-plugin/shenyu-plugin-cryptor/pom.xml | 2 +-
2 files changed, 2 insertions(+), 1 deletion(-)
diff --git a/pom.xml b/pom.xml
index 3d7b03faa..ac61d1a04 100644
--- a/pom.xml
+++ b/pom.xml
@@ -118,6 +118,7 @@
<java-websocket.version>1.5.0</java-websocket.version>
<mockito.version>3.5.15</mockito.version>
<awaitility.version>4.0.3</awaitility.version>
+ <commons-io.version>2.11.0</commons-io.version>
<nacos-client.version>2.0.0</nacos-client.version>
<spring-security.version>5.3.10.RELEASE</spring-security.version>
<grpc.version>1.33.1</grpc.version>
diff --git a/shenyu-plugin/shenyu-plugin-cryptor/pom.xml
b/shenyu-plugin/shenyu-plugin-cryptor/pom.xml
index 35108b78e..4579148f0 100644
--- a/shenyu-plugin/shenyu-plugin-cryptor/pom.xml
+++ b/shenyu-plugin/shenyu-plugin-cryptor/pom.xml
@@ -35,7 +35,7 @@
<dependency>
<groupId>commons-io</groupId>
<artifactId>commons-io</artifactId>
- <version>2.4</version>
+ <version>${commons-io.version}</version>
</dependency>
<dependency>
