search

scylladb / scylla-tools-java

Apache Cassandra, supplying tools for Scylla
Apache License 2.0
53 stars 85 forks source link

Old version of snakeyaml dependency #350

Closed avelanarius closed 1 year ago

avelanarius commented 1 year ago

scylla-tools-java (as of 86a200e324fac3b4a47b7954e30de6e05a4e7ce0) uses snakeyaml in version 1.26. This dependency is flagged by security scanners and should be updated.

The fix should be backported to older Scylla versions.

avelanarius commented 1 year ago

Sorry for issue spam, just being thorough in preparing for backporting those fixes to older Scylla versions.