search

openzipkin / brave

Java distributed tracing implementation compatible with Zipkin backend services.
Apache License 2.0
2.36k stars 713 forks source link

fix(sec): upgrade io.undertow:undertow-core to #1350

Closed pen4 closed 9 months ago

pen4 commented 1 year ago

What happened?

There are 1 security vulnerabilities found in io.undertow:undertow-core 2.2.3.Final

What did I do?

Upgrade io.undertow:undertow-core from 2.2.3.Final to for vulnerability fix

What did you expect to happen?

Ideally, no insecure libs should be used.

The specification of the pull request

PR Specification from OSCS Signed-off-by:pen4948453219@qq.com

jcchavezs commented 1 year ago

I am reluctant to use Alpha. Is this still the case?

codefromthecrypt commented 9 months ago

reverted to the last version that doesn't break compat and added a comment why