Skip to content

Commit

Permalink
fix CVE-2023-2976 and upgrade guava
Browse files Browse the repository at this point in the history 
Signed-off-by: jowg-amazon <[email protected]>
  • Loading branch information
@jowg-amazon
jowg-amazon committed Feb 6, 2024
1 parent 3c50f7d commit 5133d75
Show file tree
Hide file tree
Showing 2 changed files with 6 additions and 2 deletions.
6 changes: 5 additions & 1 deletion build.gradle
View file
Original file line number Diff line number Diff line change
Expand Up @@ -54,6 +54,10 @@ configurations {
force "ch.qos.logback:logback-core:1.3.14"
}
}

configurations.all {
resolutionStrategy.force "com.google.guava:guava:32.1.2-jre"
}
}

dependencies {
Expand Down Expand Up @@ -118,4 +122,4 @@ task updateVersion {
}
ant.replaceregexp(file:'build.gradle', match: '"opensearch.version", "\\d.*"', replace: '"opensearch.version", "' + newVersion.tokenize('-')[0] + '-SNAPSHOT"', flags:'g', byline:true)
}
}
}
2 changes: 1 addition & 1 deletion core/build.gradle
View file
Original file line number Diff line number Diff line change
Expand Up @@ -18,7 +18,7 @@ dependencies {
implementation('com.google.googlejavaformat:google-java-format:1.10.0') {
exclude group: 'com.google.guava'
}
implementation 'com.google.guava:guava:32.0.1-jre'
implementation 'com.google.guava:guava:32.1.2-jre'
api "org.opensearch:common-utils:${common_utils_version}@jar"
implementation 'commons-validator:commons-validator:1.7'

Expand Down

0 comments on commit 5133d75

Please sign in to comment.