Closed venetrius closed 2 weeks ago
Changes were successful, httpclient-4.5.12.jar is not part of the packaged jar anymore. Dependency scanner closed the vulnerability issue: https://github.com/camunda/automation-platform-vulnerability-scan/issues/3209.
QA note: @gbetances089 no specific testing required for this issue, as this reverts a change in a packaged dependency. I will do a smoke test for all distro-s for the parent issue.
Closing this issue.
Acceptance Criteria (Required on creation)
Remove httpclient-4.5.12.jar from engine as runtime dependency
Hints
In https://github.com/camunda/camunda-bpm-platform/issues/4193 httpclient-4.5.12.jar is introduced to engine as a runtime dependency. Before it was used as a test dependency. This created a hit in the vulnerability scaner
Links
Breakdown
Dev2QA handover