Closed cherylking closed 2 years ago
Can one of the admins verify this patch?
@eclipse-lsp4j-bot run tests
@eclipse-lsp4j-bot rerun tests
So will this go into 0.17.0
? And is there any timeline for that release?
thx @cherylking
So will this go into
0.17.0
? And is there any timeline for that release?
Lets discuss in #671
Fixes #672
By updating the xtend_lib version to
2.28.0
, the guava version used in the transitive dependencies is updated to a30.0
+ version that does not contain the CVE-2020-8908 vulnerability. In order to get the build to pass locally, I also had to remove the rule that was forcing an older guava version.