emdash-ie
commented
7 months ago This supersedes PR 297, which is a scala steward PR updating to a slightly less new version. Maybe we should just go with the scala steward PR?
Closed emdash-ie closed 7 months ago
emdash-ie
commented
7 months ago This supersedes PR 297, which is a scala steward PR updating to a slightly less new version. Maybe we should just go with the scala steward PR?
Divs-B
commented
7 months ago This supersedes PR 297, which is a scala steward PR updating to a slightly less new version. Maybe we should just go with the scala steward PR?
Yes I think lets go ahead with Scala-steward PR(s), good to have upgrade anyway across the board, lets see if that fixes ion-java too if not then will take ahead your PR.
gu-scala-library-release[bot]
commented
7 months ago @Divs-B has published a preview version of this PR with release workflow run #13, based on commit c11bcb4e0308567742ade7c404eb8cd6f0241aaf:
5.0.4-PREVIEW.update-aws-java-sdk-s3.2024-03-06T1657.c11bcb4e
What does this change?
There’s a vulnerability in ion-java, which is depended on by the current version of aws-java-sdk-s3, but removed from 1.12.638 forward. This change updates that dependency to its newest version to remove the ion-java dependency and facilitate removal of the vulnerability from projects which depend on this one.
How to test
To test this, I suppose I could make a snapshot release, and then run the tests of each dependent listed below with the snapshot version to make sure the tests pass. Should I?
How can we measure success?
Deployment