On Tue, 28 Apr 2026 at 01:18, Yuya Ebihara <[email protected]> wrote:
> > > - Are there any concerns about introducing a dependency on the Vault > client library? > > > I worry about all dependencies these days -as every library is effectively a CVE subscription. That bettercloud driver is 7 years old and depends on out of date versions of bouncycastle and more https://mvnrepository.com/artifact/com.bettercloud/vault-java-driver/5.1.0/dependencies Those same people now appear to be working on s different project https://mvnrepository.com/artifact/io.github.jopenlibs/vault-java-driver
