From 0c3c79fdc182349ab774412ce21ba07bd31e1d61 Mon Sep 17 00:00:00 2001 From: snyk-bot Date: Sun, 25 Nov 2018 01:48:22 +0000 Subject: [PATCH 1/2] fix: google-cloud-util/google-cloud-compat-checker/pom.xml to reduce vulnerabilities The following vulnerabilities are fixed with an upgrade: - https://snyk.io/vuln/SNYK-JAVA-ORGCODEHAUSPLEXUS-31521 --- google-cloud-util/google-cloud-compat-checker/pom.xml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/google-cloud-util/google-cloud-compat-checker/pom.xml b/google-cloud-util/google-cloud-compat-checker/pom.xml index eea75a7fc27c..6ba8bcc567f1 100644 --- a/google-cloud-util/google-cloud-compat-checker/pom.xml +++ b/google-cloud-util/google-cloud-compat-checker/pom.xml @@ -29,7 +29,7 @@ to not duplicate the logic ourselves --> kr.motd.maven os-maven-plugin - 1.4.0.Final + 1.6.0 org.codehaus.plexus From 2b0ef0852c685597bbe601729d80835d91107de7 Mon Sep 17 00:00:00 2001 From: Jeff Ching Date: Mon, 26 Nov 2018 13:21:06 -0800 Subject: [PATCH 2/2] Add guava dependency in google-cloud-compat-checker Previously, the kr.motd.maven:os-maven-plugin brought in a dependency that brought in guava. This artifact explicitly uses guava collections so we need to add the dependency here. --- google-cloud-util/google-cloud-compat-checker/pom.xml | 7 ++++++- 1 file changed, 6 insertions(+), 1 deletion(-) diff --git a/google-cloud-util/google-cloud-compat-checker/pom.xml b/google-cloud-util/google-cloud-compat-checker/pom.xml index 6ba8bcc567f1..cdf9e6a918b5 100644 --- a/google-cloud-util/google-cloud-compat-checker/pom.xml +++ b/google-cloud-util/google-cloud-compat-checker/pom.xml @@ -29,12 +29,17 @@ to not duplicate the logic ourselves --> kr.motd.maven os-maven-plugin - 1.6.0 + 1.6.1 org.codehaus.plexus plexus-utils + + com.google.guava + guava + 26.0-android + io.netty netty-handler