Not sure what can be done here as BC 1.77 contains a CVE. Maybe Karaf can update its versions…
> On May 29, 2024, at 3:37 PM, Jakub Herkel <[email protected]> wrote: > > -1 (non binding) > > I can see a problem with Apache Karaf 4.4.6 because Karaf contains > bouncycastle 1.77 and shiro needs the version 1.78+. Similar problem > was reported here https://github.com/apache/shiro/issues/1400. > > best regards > > Jakub > > > > Jakub > >> On Wed, May 29, 2024 at 8:40 AM Francois Papon >> <[email protected]> wrote: >> >> +1 (binding) >> >> regards, >> >> François >> >> On 26/05/2024 03:02, [email protected] wrote: >> >> This is a call to vote in favor of releasing Apache Shiro version 2.0.1 >> >> Maven Staging repo: >> https://repository.apache.org/content/repositories/orgapacheshiro-1061 >> https://repository.apache.org/content/repositories/orgapacheshiro-1061/org/apache/shiro/shiro-root/2.0.1/shiro-root-2.0.1-source-release.zip >> >> Dist Staging Repository: >> https://dist.apache.org/repos/dist/dev/shiro/2.0.1 >> >> Project website (just for informational purposes, not to be voted upon): >> http://shiro.apache.org/ >> >> Guide to testing staged releases: >> http://maven.apache.org/guides/development/guide-testing-releases.html >> >> Release Notes: >> https://github.com/apache/shiro/releases/tag/untagged-2a2fbc26921a12c6ed43 >> >> Vote open for 72 hours. >> >> [ ] +1 >> [ ] +0 >> [ ] -1 (please include reasoning) >> >
