AP-25728: Bump com.box:box-java-sdk component to 4.16.4#31
Open
AP-25728: Bump com.box:box-java-sdk component to 4.16.4#31
Conversation
3nol
requested review from
Copilot and
knime-ghub-bot
and removed request for
a team and
Copilot
3nol
force-pushed
the
bug/AP-25728-update-com-box-box-java-sdk
branch
from
04a33b9 to
5de57c6
Compare
There was a problem hiding this comment.
Pull request overview
This PR bumps the com.box:box-java-sdk dependency from 4.10.0 to 4.11.1 and replaces the transitive jose4j 0.9.4 dependency with a directly specified 0.9.6 version to address known CVEs (AP-25728).
Changes:
- Updated
box-java-sdkfrom 4.10.0 to 4.11.1 in the Maven POM, and excluded its transitivejose4jdependency to replace it with a CVE-patched version (0.9.6). - Updated all Eclipse/OSGi configuration files (
.classpath,MANIFEST.MF,build.properties) and license CSV to reflect the new library versions consistently. - Fixed indentation (spaces → tabs) in the
copy-src-jarsexecution block of the POM.
Reviewed changes
Copilot reviewed 5 out of 5 changed files in this pull request and generated no comments.
Show a summary per file
| File | Description |
|---|---|
org.knime.ext.box.filehandling/libs/fetch_jars/pom.xml |
Bumped box-java-sdk to 4.11.1, excluded transitive jose4j, added jose4j 0.9.6 directly, fixed indentation |
org.knime.ext.box.filehandling/libraries_license/licenses.csv |
Updated library versions in license tracking file |
org.knime.ext.box.filehandling/build.properties |
Updated jar filenames to new versions |
org.knime.ext.box.filehandling/META-INF/MANIFEST.MF |
Updated Bundle-ClassPath jar references to new versions |
org.knime.ext.box.filehandling/.classpath |
Updated classpath entries to new jar and source jar versions |
💡 Add Copilot custom instructions for smarter, more guided reviews. Learn how to get started.
You can also share your feedback on Copilot code review. Take the survey.
3nol
force-pushed
the
bug/AP-25728-update-com-box-box-java-sdk
branch
from
5de57c6 to
6df4057
Compare
3nol
changed the title
3nol
force-pushed
the
bug/AP-25728-update-com-box-box-java-sdk
branch
from
6df4057 to
7f0a472
Compare
3nol
force-pushed
the
bug/AP-25728-update-com-box-box-java-sdk
branch
from
7f0a472 to
41a3a46
Compare
|
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Add this suggestion to a batch that can be applied as a single commit.This suggestion is invalid because no changes were made to the code.Suggestions cannot be applied while the pull request is closed.Suggestions cannot be applied while viewing a subset of changes.Only one suggestion per line can be applied in a batch.Add this suggestion to a batch that can be applied as a single commit.Applying suggestions on deleted lines is not supported.You must change the existing code in this line in order to create a valid suggestion.Outdated suggestions cannot be applied.This suggestion has been applied or marked resolved.Suggestions cannot be applied from pending reviews.Suggestions cannot be applied on multi-line comments.Suggestions cannot be applied while the pull request is queued to merge.Suggestion cannot be applied right now. Please check back later.
AP-25728 (Update com.box:box-java-sdk to 4.11.1)