Upgrade Guava to the latest version #3931
Assignees
Labels
type: process
A process-related concern. May include testing, release, or the like.
Comments
chingor13
added
the
type: process
|
@elharo, can you please chime in? |
|
A more recent version of grpc-java is using guava 26.0-android now, so we should bump to that. |
|
I feel like we should upgrade everything or nothing. 26.0-android is likely strictly better but there's more than grpc to fix here. |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Spring Cloud GCP uses
google-cloud-bomfor the common dependencies. We have recently turned on Snyk vulnerability detection, and it found a deserialization issue with Guava 20.0.The recommended remediation step is to upgrade to 24.1.1 or higher.
Would it be possible to upgrade Guava version in google-cloud-clients POM?
Spring Cloud GCP tracking issue: spring-attic/spring-cloud-gcp#1207
The text was updated successfully, but these errors were encountered: