H2O is an Open Source, Distributed, Fast & Scalable Machine Learning Platform: Deep Learning, Gradient Boosting (GBM) & XGBoost, Random Forest, Generalized Linear Modeling (GLM with Elastic Net), K-Means, PCA, Generalized Additive Models (GAM), RuleFit, Support Vector Machine (SVM), Stacked Ensembles, Automatic Machine Learning (AutoML), etc.
We are using h2o-core, version 3.28.1.2, and on a security scan we are finding that the produced jar contains javascript libraries which have open security issues. The list is as follows:
moment 2.2.1
jquery 1.8.3
org.webjars bootstrap 2.3.1
org.webjars typeahead.js 0.9.3
I was unable to see in the code where these dependencies were coming in.
We are using h2o-core, version 3.28.1.2, and on a security scan we are finding that the produced jar contains javascript libraries which have open security issues. The list is as follows: moment 2.2.1 jquery 1.8.3 org.webjars bootstrap 2.3.1 org.webjars typeahead.js 0.9.3
I was unable to see in the code where these dependencies were coming in.
Could these dependencies be updated?