Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Updated the Vertx and Snakeyaml dependency #8175

Merged
merged 4 commits into from
Mar 10, 2023
Merged

Conversation

ShubhamRwt
Copy link
Contributor

@ShubhamRwt ShubhamRwt commented Mar 1, 2023

Type of change

Select the type of your PR

  • Task

Description

This PR updates the vertx dependency to 4.3.8 and also updates snakeyaml version to 2.0 to fix a CVE present in snakeyaml 1.33.

Checklist

Please go through this checklist and make sure all applicable tasks have been done

  • Write tests
  • Make sure all tests pass
  • Update documentation
  • Check RBAC rights for Kubernetes / OpenShift roles
  • Try your changes from Pod inside your Kubernetes and OpenShift cluster, not just locally
  • Reference relevant issue(s) and close them after merging
  • Update CHANGELOG.md
  • Supply screenshots for visual changes, such as Grafana dashboards

Signed-off-by: ShubhamRwt <[email protected]>
@ShubhamRwt ShubhamRwt requested review from scholzj and ppatierno and removed request for scholzj March 1, 2023 17:36
Copy link
Member

@scholzj scholzj left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

LGTM if it works 🤔

Copy link
Member

@scholzj scholzj left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

But it doesn't. :-/

@ShubhamRwt
Copy link
Contributor Author

ShubhamRwt commented Mar 1, 2023

To update the snakeyaml version it will require code changes and I am not sure if it will be backwards compatible so should we leave the snakeyaml version as it is? Wdyt @ppatierno @scholzj.

[UPDATE] Bumping the jackson deps helped me resolve the unit tests locally

Signed-off-by: ShubhamRwt <[email protected]>
@scholzj scholzj self-requested a review March 1, 2023 23:48
@fvaleri
Copy link
Contributor

fvaleri commented Mar 7, 2023

Signed-off-by: ShubhamRwt <[email protected]>
@ppatierno ppatierno added this to the 0.34.0 milestone Mar 10, 2023
pom.xml Outdated Show resolved Hide resolved
Signed-off-by: ShubhamRwt <[email protected]>
@ShubhamRwt ShubhamRwt requested a review from ppatierno March 10, 2023 13:20
@scholzj
Copy link
Member

scholzj commented Mar 10, 2023

/azp run regression

@azure-pipelines
Copy link

Azure Pipelines successfully started running 1 pipeline(s).

@scholzj scholzj merged commit 93d4f3f into strimzi:main Mar 10, 2023
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Labels
None yet
Projects
None yet
Development

Successfully merging this pull request may close these issues.

4 participants