Open mariuszpala opened 2 weeks ago
Hi @mariuszpala , thanks for notifying us about these. I'll let the dev team know about your request and they should follow up with an update.
Hi @mariuszpala, you can expect the fix to be there as RC version sometime next week on Maven.
Hi @mariuszpala ,
Happy to report that the fix is now included in latest docusign-esign-java SDK:
https://central.sonatype.com/artifact/com.docusign/docusign-esign-java.
Please check and revert so that we can close this github issue.
Thanks, Vinay
Thank you, there is one issue left. In Maven this project has no dependencies although there are many required, why the POM doesn't define any?
https://mvnrepository.com/artifact/com.docusign/docusign-esign-java/5.1.0
The list of the dependencies that library depends on should be rather defined in pom.xml and it also includes outdated version of libraries, e.g. java-jwt is already 4.4 but the library depends on v3.4.1. https://mvnrepository.com/artifact/com.auth0/java-jwt/4.4.0
Due to many vulnerabilities found in v.1.69 can you please upgrade that dependency to 1.78.1?
This is critical issue from the security perspective, we have a number of libraries alredy upgraded to latest version, but docusign fails with that latest version.
https://mvnrepository.com/artifact/org.bouncycastle/bcprov-jdk15on/1.69