File tree Expand file tree Collapse file tree 1 file changed +6
-0
lines changed
buildSrc/src/main/groovy/org/apache/beam/gradle Expand file tree Collapse file tree 1 file changed +6
-0
lines changed Original file line number Diff line number Diff line change @@ -631,6 +631,7 @@ class BeamModulePlugin implements Plugin<Project> {
631631 def everit_json_version = " 1.14.2"
632632 def kafka_version = " 2.4.1"
633633 def log4j2_version = " 2.20.0"
634+ def logback_version = " 1.5.20"
634635 def nemo_version = " 0.1"
635636 // [bomupgrader] determined by: io.grpc:grpc-netty, consistent with: google_cloud_platform_libraries_bom
636637 def netty_version = " 4.1.110.Final"
@@ -1287,6 +1288,11 @@ class BeamModulePlugin implements Plugin<Project> {
12871288 // the same classes as hamcrest.
12881289 force " org.hamcrest:hamcrest-core:$hamcrest_version "
12891290 force " org.hamcrest:hamcrest-library:$hamcrest_version "
1291+
1292+ // hadoop uses an old version of logback with CVE reports
1293+ // force all transitive logback deps to a newer one
1294+ force " ch.qos.logback:logback-classic:$logback_version "
1295+ force " ch.qos.logback:logback-core:$logback_version "
12901296 }
12911297 }
12921298 }
You can’t perform that action at this time.
0 commit comments