mbien commented on code in PR #7001: URL: https://github.com/apache/netbeans/pull/7001#discussion_r1466971400
########## java/maven.embedder/external/binaries-list: ########## @@ -17,3 +17,4 @@ DC15DFF8F701B227EE523EEB7A17F77C10EAFE2F org.jdom:jdom2:2.0.6.1 5D9CE6ADD7B714B8095F0E3E396C5E9F8C5DCFEF org.apache.maven.shared:maven-dependency-tree:2.2 FC5C01A07E4A2DDF84AF0DFADF382E6F7993462D org.apache.maven:apache-maven:3.9.6:bin@zip +C4A06A64E650562F30B7BF9AAEC1BFED43ACA12B com.google.guava:failureaccess:1.0.2 Review Comment: i believe `failureaccess` is a dependency of guava which is part of the maven distribution zip from the line above. Is there a reason to upgrade/manually patch a single transitive dependency from that maven distribution bundle? Keep in mind maven was not tested with that library version. it is likely that the next maven point release will update it automatically - they typically keep their dependencies up to date. -- This is an automated message from the Apache Git Service. To respond to the message, please log on to GitHub and use the URL above to go to the specific comment. To unsubscribe, e-mail: [email protected] For queries about this service, please contact Infrastructure at: [email protected] --------------------------------------------------------------------- To unsubscribe, e-mail: [email protected] For additional commands, e-mail: [email protected] For further information about the NetBeans mailing lists, visit: https://cwiki.apache.org/confluence/display/NETBEANS/Mailing+lists
