[
https://issues.apache.org/jira/browse/NIFI-2516?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=15412550#comment-15412550
]
ASF GitHub Bot commented on NIFI-2516:
--------------------------------------
Github user pvillard31 commented on a diff in the pull request:
https://github.com/apache/nifi/pull/809#discussion_r73963178
--- Diff: pom.xml ---
@@ -781,6 +786,16 @@ language governing permissions and limitations under
the License. -->
<artifactId>curator-recipes</artifactId>
<version>2.11.0</version>
</dependency>
+ <dependency>
+ <groupId>org.slf4j</groupId>
+ <artifactId>slf4j-api</artifactId>
+ <version>1.7.12</version>
+ </dependency>
+ <dependency>
+ <groupId>org.slf4j</groupId>
+ <artifactId>slf4j-log4j12</artifactId>
+ <version>1.7.12</version>
--- End diff --
For consistency, I would use the available property : ${org.slf4j.version}
> Extract version info into parent pom, upgrade to commons-io 2.5
> ---------------------------------------------------------------
>
> Key: NIFI-2516
> URL: https://issues.apache.org/jira/browse/NIFI-2516
> Project: Apache NiFi
> Issue Type: Sub-task
> Reporter: Bryan Rosander
> Assignee: Bryan Rosander
>
> Parent pom at root of nifi project should contain the dependency versions.
> commons-io 2.5 is required for its BoundedReader which facilitates putting a
> cap on the amount of bytes read during the payload deserialization. This is
> useful in avoiding an arbitrarily large payload sent by a malicious client.
--
This message was sent by Atlassian JIRA
(v6.3.4#6332)
