File tree Expand file tree Collapse file tree 2 files changed +11
-11
lines changed
Expand file tree Collapse file tree 2 files changed +11
-11
lines changed Original file line number Diff line number Diff line change @@ -27,17 +27,6 @@ subprojects {
2727 apply (plugin = " org.hypertrace.code-style-plugin"
2828 }
2929 }
30-
31- // Handle lz4-java redirect capability conflict:
32- // Sonatype added a redirect from org.lz4:lz4-java:1.8.1 -> at.yawk.lz4:lz4-java:1.8.1 to address CVE-2025-12183.
33- // Both artifacts declare the same capability, causing a conflict when upgrading from Kafka's org.lz4:lz4-java:1.8.0.
34- // This resolution strategy tells Gradle to automatically select the highest version when this conflict occurs.
35- configurations.all {
36- resolutionStrategy.capabilitiesResolution.withCapability(" org.lz4:lz4-java"
37- select(" at.yawk.lz4:lz4-java:1.8.1"
38- because(" Both org.lz4 and at.yawk.lz4 provide lz4-java due to Sonatype redirect"
39- }
40- }
4130}
4231
4332dependencyCheck {
Original file line number Diff line number Diff line change @@ -40,3 +40,14 @@ dependencies {
4040 api(" org.apache.avro:avro:1.12.0"
4141 }
4242}
43+
44+ // Handle lz4-java redirect capability conflict:
45+ // Sonatype added a redirect from org.lz4:lz4-java:1.8.1 -> at.yawk.lz4:lz4-java:1.8.1 to address CVE-2025-12183.
46+ // Both artifacts declare the same capability, causing a conflict when upgrading from Kafka's org.lz4:lz4-java:1.8.0.
47+ // This resolution strategy tells Gradle to automatically select the highest version when this conflict occurs.
48+ configurations.all {
49+ resolutionStrategy.capabilitiesResolution.withCapability(" org.lz4:lz4-java"
50+ select(" at.yawk.lz4:lz4-java:1.8.1"
51+ because(" Both org.lz4 and at.yawk.lz4 provide lz4-java due to Sonatype redirect"
52+ }
53+ }
You can’t perform that action at this time.
0 commit comments