Skip to content

Commit 7dec236

Browse files
SrikarMannepalliSrikarMannepalli
authored
fix: update graphql java version (#137)
* fix: update graphql java version * add suppression
1 parent eb6dc3e commit 7dec236

File tree

2 files changed

+8
-1
lines changed

2 files changed

+8
-1
lines changed

hypertrace-core-graphql-platform/build.gradle.kts

Lines changed: 1 addition & 1 deletion
Original file line numberDiff line numberDiff line change
@@ -22,7 +22,7 @@ dependencies {
2222
api("org.hypertrace.core.attribute.service:attribute-service-api:${attributeServiceVersion}")
2323

2424
api("com.google.inject:guice:5.1.0")
25-
api("com.graphql-java:graphql-java:20.4")
25+
api("com.graphql-java:graphql-java:19.4")
2626
api("io.github.graphql-java:graphql-java-annotations:9.1")
2727
api("org.slf4j:slf4j-api:1.7.36")
2828
api("io.reactivex.rxjava3:rxjava:3.1.6")

owasp-suppressions.xml

Lines changed: 7 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -15,4 +15,11 @@
1515
<packageUrl regex="true">^pkg:maven/io\.github\.graphql\-java/graphql\-java\-annotations@.*$</packageUrl>
1616
<cpe>cpe:/a:graphql-java:graphql-java</cpe>
1717
</suppress>
18+
<suppress until="2023-06-29Z">
19+
<notes><![CDATA[
20+
file name: jackson-databind-2.15.2.jar
21+
]]></notes>
22+
<packageUrl regex="true">^pkg:maven/com\.fasterxml\.jackson\.core/jackson\-databind@.*$</packageUrl>
23+
<cve>CVE-2023-35116</cve>
24+
</suppress>
1825
</suppressions>

0 commit comments

Comments
 (0)