-
Notifications
You must be signed in to change notification settings - Fork 463
Commit
This commit does not belong to any branch on this repository, and may belong to a fork outside of the repository.
- Loading branch information
Gary Gregory
committed
Jul 9, 2019
1 parent
cab58b3
commit bf5e458
Showing
1 changed file
with
1 addition
and
1 deletion.
There are no files selected for viewing
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
1 comment
on commit bf5e458
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Hello @forhadmethun
The CVE you refer to is for JUnit and is irrelevant to a production system. Help me understand why you see this as a problem.
The main hold-up feature-wise is the completion of #402
Then, we'll go through any important PRs and JIRA tickets, but at this point, TBH, I'd rather cut a release candidate after #402 and deal with other issues in a 4.5.1 or 4.6.0.
HTH
@garydgregory when the 4.5 will be released, it seems that 4.4 has a vulnerability - https://mvnrepository.com/artifact/org.apache.commons/commons-collections4/4.4
And there has been no major release for the last 4 years, will be be any upcoming release?