Bumps jackson from 2.10.5 to 2.13.2 to fix the security vulnerability in https://github.com/alexa/alexa-skills-kit-sdk-for-java/pull/317
Also adding jackson-annotation in pom file because when bumping to latest version, the tests in ask-sdk-local-debug failed due to NoClassDefException for jackson-annotation.jsonkey. After adding this in runtime pom file, tests passed and build succeeded.
Bumps jackson from 2.10.5 to 2.13.2 to fix the security vulnerability in https://github.com/alexa/alexa-skills-kit-sdk-for-java/pull/317
Description
Bumps jackson from 2.10.5 to 2.13.2 to fix the security vulnerability in https://github.com/alexa/alexa-skills-kit-sdk-for-java/pull/317 Also adding
jackson-annotation
in pom file because when bumping to latest version, the tests inask-sdk-local-debug
failed due toNoClassDefException
forjackson-annotation.jsonkey
. After adding this inruntime
pom file, tests passed and build succeeded.Motivation and Context
mentions here https://github.com/alexa/alexa-skills-kit-sdk-for-java/pull/317. Jackson-databind and others have vulnerability issue
Testing
mvn install
build success.Screenshots (if appropriate)
Types of changes
Checklist
License