Skip to content
This repository has been archived by the owner on Feb 7, 2025. It is now read-only.

Upgrade Javalin to Latest Version #1441

Closed
3 tasks
jorg3lopez opened this issue Oct 16, 2024 · 1 comment
Closed
3 tasks

Upgrade Javalin to Latest Version #1441

jorg3lopez opened this issue Oct 16, 2024 · 1 comment
Labels
devex/opex A development excellence or operational excellence backlog item.

Comments

@jorg3lopez
Copy link
Contributor

DevEx/OpEx

We are currently using Javalin version 6.3.0. This version uses versions of jetty-server and jetty-http that were flagged by Snyk of having sucurity vulnerabilities. In order to keep using javalin and by pass the vulnerabilities, we pulled the jetty dependencies directly.

Tasks

  • Update to latest version of Javalin
  • Make sure the jetty-server and jetty-http vulnerabilities have been addressed
  • Delete the direct dependency of the jetty bom from the app/build.gradle file

Additional Context

Ref:
Ticket #1437
PR #1440

Add any other context or screenshots about the work here.
Image
@jorg3lopez jorg3lopez added the devex/opex A development excellence or operational excellence backlog item. label Oct 16, 2024
@jorg3lopez
Copy link
Contributor Author

It was decided to ignore the vulnerabilities from Jetty. This ticket will be closed as there is no changes to revert.

Sign up for free to subscribe to this conversation on GitHub. Already have an account? Sign in.
Assignees
No one assigned
Labels
devex/opex A development excellence or operational excellence backlog item.
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
1 participant
@jorg3lopez