From 1f23d296988850cfeef17325cdfddeadc6303403 Mon Sep 17 00:00:00 2001 From: seedscoder Date: Fri, 11 Nov 2022 13:33:04 +0800 Subject: [PATCH] [Improvement-12029][dolphinscheduler-api] Upgrade the snakeyaml version to avoid vulnerabilities (#12726) --- dolphinscheduler-bom/pom.xml | 2 +- dolphinscheduler-dist/release-docs/LICENSE | 2 +- tools/dependencies/known-dependencies.txt | 2 +- 3 files changed, 3 insertions(+), 3 deletions(-) diff --git a/dolphinscheduler-bom/pom.xml b/dolphinscheduler-bom/pom.xml index f33032e880..75053784c5 100644 --- a/dolphinscheduler-bom/pom.xml +++ b/dolphinscheduler-bom/pom.xml @@ -94,7 +94,7 @@ 1.1.8.4 3.2.2 3.0.16 - 1.31 + 1.33 4.1.1 2.17.282 1.6.9 diff --git a/dolphinscheduler-dist/release-docs/LICENSE b/dolphinscheduler-dist/release-docs/LICENSE index fc1ae6aa65..7443c8a2e4 100644 --- a/dolphinscheduler-dist/release-docs/LICENSE +++ b/dolphinscheduler-dist/release-docs/LICENSE @@ -352,7 +352,7 @@ The text of each license is also included at licenses/LICENSE-[project].txt. poi-ooxml-schemas-4.1.2: https://mvnrepository.com/artifact/org.apache.poi/poi-ooxml-schemas/4.1.2, Apache 2.0 quartz 2.3.2: https://mvnrepository.com/artifact/org.quartz-scheduler/quartz/2.3.2, Apache 2.0 reload4j 1.2.18.3: https://mvnrepository.com/artifact/ch.qos.reload4j/reload4j/1.2.18.3, Apache 2.0 - snakeyaml 1.31: https://mvnrepository.com/artifact/org.yaml/snakeyaml/1.31, Apache 2.0 + snakeyaml 1.33: https://mvnrepository.com/artifact/org.yaml/snakeyaml/1.33, Apache 2.0 snappy-java 1.1.8.4: https://github.com/xerial/snappy-java, Apache 2.0 SparseBitSet 1.2: https://mvnrepository.com/artifact/com.zaxxer/SparseBitSet/1.2, Apache 2.0 spring-aop 5.3.13: https://mvnrepository.com/artifact/org.springframework/spring-aop/5.3.13, Apache 2.0 diff --git a/tools/dependencies/known-dependencies.txt b/tools/dependencies/known-dependencies.txt index 73cc2d603b..f7e755298a 100644 --- a/tools/dependencies/known-dependencies.txt +++ b/tools/dependencies/known-dependencies.txt @@ -276,7 +276,7 @@ simpleclient_tracer_common-0.15.0.jar simpleclient_tracer_otel-0.15.0.jar simpleclient_tracer_otel_agent-0.15.0.jar slf4j-api-1.7.36.jar -snakeyaml-1.31.jar +snakeyaml-1.33.jar snappy-java-1.1.8.4.jar spring-aop-5.3.22.jar spring-beans-5.3.22.jar