Rocketmq-acl introduces fastjson

[Hintic]

Before Creating the Bug Report

• [X] I found a bug, not just asking a question, which should be created in GitHub Discussions.

• [X] I have searched the GitHub Issues and GitHub Discussions of this repository and believe that this is not a duplicate.

• [X] I have confirmed that this bug belongs to the current repository, not other repositories of RocketMQ.

Programming Language of the Client

Java

Runtime Platform Environment

Linux

RocketMQ Version of the Client/Server

rocketmq-acl: 4.9.6; rocketmq-client 4.9.6

Run or Compiler Version

No response

Describe the Bug

Rocket-acl java client introduced fastjson, vulnerability number: CNVD-2022-40233

1. We upgraded acl and found that fastjson was removed after version 5.3.0, but rocketmq-client in version 5.3.0 introduced fastjson in common
2. We now remove it through exclusion in maven, and would like to consult whether it will affect the overall function

Steps to Reproduce

null

What Did You Expect to See?

null

What Did You See Instead?

null

Additional Context

No response

[github-actions[bot]]

This issue is stale because it has been open for 30 days with no activity. It will be closed in 3 days if no further activity occurs.

[github-actions[bot]]

This issue was closed because it has been inactive for 3 days since being marked as stale.