Closed julianladisch closed 4 months ago
@ppatierno is this ok to merge? Should we consider backporting?
Thanks for taking a look @ppatierno . What about backporting to 4.x
?
Thanks for taking a look @ppatierno . What about backporting to 4.x?
I would say yes if 4.x will be still around for long. Do you want me to open a PR against the 4.x branch?
@ppatierno go ahead, we are planning a 4.5.x release next week
@vietj here the PR https://github.com/vert-x3/vertx-kafka-client/pull/266
The kafka-clients upgrade indirectly upgrades snappy-java from 1.1.10.0 to 1.1.10.5 fixing these snappy-java vulnerablities:
kafka-clients 3.7.0 requires to bump the test dependency debezium from 2.1.4.Final to 2.6.1.Final.