Updated dependency versions to reduce security problems
Using snyk.io tools we found several dependencies had security vulnerabilities
and could be updated. This does not remove all of them, but the remaining CVEs
are in transitive dependencies brought in by 3rd party code.
CVEs remain in:
async-thumbnails example (low priority to fix) through
minio
wiremock
fn-spring-cloud-function through
spring-cloud-function-context
Additional changes were needed to adjust for API changes in updated dependencies:
async-thumbnails example:
new minio client uses chunked file uploads so assertions needed changing
fn-spring-cloud-function:
Several breaking API changes, and it seems now that Consumer behaviour is broken.
zootalures
commented
6 years ago
Updated dependency versions to reduce security problems
Using snyk.io tools we found several dependencies had security vulnerabilities and could be updated. This does not remove all of them, but the remaining CVEs are in transitive dependencies brought in by 3rd party code.
CVEs remain in:
async-thumbnails example (low priority to fix) through
fn-spring-cloud-function through
Additional changes were needed to adjust for API changes in updated dependencies:
async-thumbnails example:
fn-spring-cloud-function: