update version of ant from 1.10.5 to 1.10.9

sbt / sbt-native-packager

sbt Native Packager

https://sbt-native-packager.readthedocs.io/en/stable/

BSD 2-Clause "Simplified" License

1.59k stars 439 forks source link

update version of ant from 1.10.5 to 1.10.9 #1390

Closed divyanshu-labs closed 3 years ago

divyanshu-labs commented 3 years ago

@muuki88 Sent you the invitation to add as a collaborator, Please accept it so as I can add you as a reviewer. Thank you

muuki88 commented 3 years ago

Hi @Divyanshu075

Thanks for keeping the dependencies up to date. Does this solve an issue that you had in your build?

Sent you the invitation to add as a collaborator, Please accept it so as I can add you as a reviewer

Not sure what you mean by that, but pinging me is also fine :wink:

divyanshu-labs commented 3 years ago

@muuki88 Thank you so much and really appreciate your fast response.

ant-1.10.5 version is vulnerable to a security risk, and the only way it's injected into my build is via sbt-native-packager so I fixed them at both places.

I hope this explains the reason for updating the ant version.

Thank you :)

muuki88 commented 3 years ago

That makes perfect sense. Thanks for the pull request 🥰