search

cashapp / licensee

Gradle plugin which validates the licenses of your dependency graph match what you expect
https://cashapp.github.io/licensee/docs/1.x/
Apache License 2.0
626 stars 29 forks source link

Use Gradle 7.3.2. Log4shell mitigation. #73

Closed autonomousapps closed 2 years ago

autonomousapps commented 2 years ago

Gradle 7.3.2 adds dependency constraints to the build classpath to reject known-bad versions of log4j.

See also https://blog.gradle.org/log4j-vulnerability.