I just updated in svn trunk the dependency Apache Commons BeanUtils from
1.9.2 to 1.9.3.
My hope is to see the community:
- Release Apache Commons Release Maven Pplugin 1.1 (this one is DONE :-)
- Release Apache Commons Parent 45 (referencing Apache Commons Release
- Release other Apache Commons components like Validator.
On Wed, Feb 14, 2018 at 2:11 PM, Jon Champlin <jon.champl...@gmail.com>
> We have an internal product that we use that includes the
> commons-validator package from the central Maven repository and when
> running a third-party library scanner (Black Duck) on the jar file it
> flagged commons-beanutils and commons-collections as having security
> vulnerabilities. I was wondering if there were plans in the near future to
> release a new version of commons-validator that had the latest version of
> compile dependencies for commons-beanutils, commons-collections and