dsorenes
commented
5 months ago I think you can bump the cdf-sdk-java version in pom.xml in this PR and a new version will be deployed to maven, if I'm not mistaken!
Closed amorken closed 5 months ago
dsorenes
commented
5 months ago I think you can bump the cdf-sdk-java version in pom.xml in this PR and a new version will be deployed to maven, if I'm not mistaken!
The maven package com.lowagie:itext:2.1.7, which is a dependency of an old spring boot test version which is a test dependency of opensaml which is an optional dependency of oauth2-oidc-sdk, may contain unlicensed copyrighted code. We do not have a dependency on it, and it should not be pulled in as it's an optional dependency, but just to be explicit about it we can add an exclude.