Hi ,
I have been looking into uplifting the Jersey dependency in the
`zookeeper-contrib/zookeeper-contrib-rest` module from 1.1.5.1 to 3.1.11,
mainly to address several CVEs (example: CVE-2014-3643 in jersey-core,
multiple CVEs in jettison 1.1). The security scan for this module shows
5 HIGH and 1 MEDIUM issues that would be resolved with an upgrade.
While working on this, I noticed that the tests for the contrib-rest
module are marked as skipped in the POM and not run as part of the
standard build. This made me wonder:
1.
Is this module (`zookeeper-contrib-rest`) still considered important and
actively maintained, or is it deprecated/optional?
1.
Should efforts to fix CVEs and modernize dependencies (e.g., Jersey 3.x)
be invested here, or is it not a priority for the project?
1.
If it is relevant, would patches to enable and fix its tests be welcome?
I want to make sure the work aligns with the community’s direction before
investing more time into this.
Thanks a lot for your guidance!
Best regards,
Sanaya Gupta
