This is an automated email from the ASF dual-hosted git repository.
ningjiang pushed a commit to branch master
in repository https://gitbox.apache.org/repos/asf/servicecomb-pack.git
commit f53e77330929560cbd37e243fc15f151283d6471
Author: Willem Jiang <willem.ji...@gmail.com>
AuthorDate: Fri Feb 25 18:09:32 2022 +0800
SCB-2368 Fixed the CVE issues with CVSS 9
---
pom.xml | 6 +++---
1 file changed, 3 insertions(+), 3 deletions(-)
diff --git a/pom.xml b/pom.xml
index 6b3b6cd..71b9c2b 100644
--- a/pom.xml
+++ b/pom.xml
@@ -47,7 +47,7 @@
<java.version>1.8</java.version>
<log4j.version>2.17.1</log4j.version>
<disruptor.version>3.3.7</disruptor.version>
- <dubbo.version>2.6.4</dubbo.version>
+ <dubbo.version>2.6.12</dubbo.version>
<spring.boot.version>2.1.6.RELEASE</spring.boot.version>
<spring.cloud.version>2.1.1.RELEASE</spring.cloud.version>
<spring.cloud.starter.consul.discovery.version>2.1.1.RELEASE</spring.cloud.starter.consul.discovery.version>
@@ -65,7 +65,7 @@
<kryo.version>4.0.1</kryo.version>
<javax.transaction.version>1.2</javax.transaction.version>
<eclipse.link.version>2.7.1</eclipse.link.version>
- <jackson.version>2.13.2</jackson.version>
+ <jackson.version>2.13.1</jackson.version>
<byteman.version>4.0.1</byteman.version>
<jaxb.version>2.3.0</jaxb.version>
<javax.activation.version>1.1.1</javax.activation.version>
@@ -886,7 +886,7 @@
<configuration>
<name>notifier-dependency-check</name>
<format>HTML</format>
- <failBuildOnCVSS>10</failBuildOnCVSS>
+ <failBuildOnCVSS>9</failBuildOnCVSS>
<failOnError>false</failOnError>
<skipProvidedScope>true</skipProvidedScope>
<skipRuntimeScope>true</skipRuntimeScope>
