I just updated in svn trunk the dependency Apache Commons BeanUtils from 1.9.2 to 1.9.3.
My hope is to see the community: - Release Apache Commons Release Maven Pplugin 1.1 (this one is DONE :-) - Release Apache Commons Parent 45 (referencing Apache Commons Release plugin 1.1) - Release other Apache Commons components like Validator. Gary On Wed, Feb 14, 2018 at 2:11 PM, Jon Champlin <[email protected]> wrote: > We have an internal product that we use that includes the > commons-validator package from the central Maven repository and when > running a third-party library scanner (Black Duck) on the jar file it > flagged commons-beanutils and commons-collections as having security > vulnerabilities. I was wondering if there were plans in the near future to > release a new version of commons-validator that had the latest version of > compile dependencies for commons-beanutils, commons-collections and > commons-digester? >
