This is an automated email from the ASF dual-hosted git repository. yhu pushed a commit to branch master in repository https://gitbox.apache.org/repos/asf/beam.git
The following commit(s) were added to refs/heads/master by this push: new 8fb23eef6dc [Security] Bump org.json:json due to CVE-2022-45688 (#28962) 8fb23eef6dc is described below commit 8fb23eef6dcf6fa8c42975f2d434492623b349ff Author: Bruno Volpato <bvolp...@google.com> AuthorDate: Wed Oct 18 23:11:37 2023 -0400 [Security] Bump org.json:json due to CVE-2022-45688 (#28962) --- .../src/main/groovy/org/apache/beam/gradle/BeamModulePlugin.groovy | 4 ++-- .../src/main/java/org/apache/beam/sdk/schemas/utils/JsonUtils.java | 2 +- 2 files changed, 3 insertions(+), 3 deletions(-) diff --git a/buildSrc/src/main/groovy/org/apache/beam/gradle/BeamModulePlugin.groovy b/buildSrc/src/main/groovy/org/apache/beam/gradle/BeamModulePlugin.groovy index 46968e0e5ad..b13fd00dc24 100644 --- a/buildSrc/src/main/groovy/org/apache/beam/gradle/BeamModulePlugin.groovy +++ b/buildSrc/src/main/groovy/org/apache/beam/gradle/BeamModulePlugin.groovy @@ -602,7 +602,7 @@ class BeamModulePlugin implements Plugin<Project> { def jackson_version = "2.14.1" def jaxb_api_version = "2.3.3" def jsr305_version = "3.0.2" - def everit_json_version = "1.14.1" + def everit_json_version = "1.14.2" def kafka_version = "2.4.1" def log4j2_version = "2.20.0" def nemo_version = "0.1" @@ -809,7 +809,7 @@ class BeamModulePlugin implements Plugin<Project> { joda_time : "joda-time:joda-time:2.10.10", jsonassert : "org.skyscreamer:jsonassert:1.5.0", jsr305 : "com.google.code.findbugs:jsr305:$jsr305_version", - json_org : "org.json:json:20220320", // Keep in sync with everit-json-schema / google_cloud_platform_libraries_bom transitive deps. + json_org : "org.json:json:20230618", // Keep in sync with everit-json-schema / google_cloud_platform_libraries_bom transitive deps. everit_json_schema : "com.github.erosb:everit-json-schema:${everit_json_version}", junit : "junit:junit:4.13.1", jupiter_api : "org.junit.jupiter:junit-jupiter-api:$jupiter_version", diff --git a/sdks/java/core/src/main/java/org/apache/beam/sdk/schemas/utils/JsonUtils.java b/sdks/java/core/src/main/java/org/apache/beam/sdk/schemas/utils/JsonUtils.java index a724664ceaf..18f5813c6cc 100644 --- a/sdks/java/core/src/main/java/org/apache/beam/sdk/schemas/utils/JsonUtils.java +++ b/sdks/java/core/src/main/java/org/apache/beam/sdk/schemas/utils/JsonUtils.java @@ -58,7 +58,7 @@ import org.json.JSONObject; * }</pre> * * <p><b>Note:</b> This functionality has been tested with {@code everit-json-schema} version - * 1.14.1. + * 1.14.2. * * <h3>JSON-Schema supported features</h3> *