[ https://issues.apache.org/jira/browse/FLINK-35038?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ]
Martijn Visser updated FLINK-35038: ----------------------------------- Summary: Bump test dependency org.yaml:snakeyaml to 2.2 for Flink Kafka connector (was: Bump test dependency org.yaml:snakeyaml to 2.2 ) > Bump test dependency org.yaml:snakeyaml to 2.2 for Flink Kafka connector > ------------------------------------------------------------------------ > > Key: FLINK-35038 > URL: https://issues.apache.org/jira/browse/FLINK-35038 > Project: Flink > Issue Type: Technical Debt > Components: Connectors / Kafka > Affects Versions: 3.1.0 > Reporter: Ufuk Celebi > Assignee: Ufuk Celebi > Priority: Minor > Labels: pull-request-available > Fix For: kafka-4.0.0, kafka-3.1.1 > > > Usage of SnakeYAML via {{flink-shaded}} was replaced by an explicit test > scope dependency on {{org.yaml:snakeyaml:1.31}} with FLINK-34193. > This outdated version of SnakeYAML triggers security warnings. These should > not be an actual issue given the test scope, but we should consider bumping > the version for security hygiene purposes. -- This message was sent by Atlassian Jira (v8.20.10#820010)