Request: Remove pinning of commons-io:commons-io to 2.4 #73
Comments
|
It's been pinned like that since 17e1b7d that's already included in 2.4.0, not sure why it's only causing problems with 3.x. Checking... |
|
@RSchindler93 3.0.3 is released with some minor dependency updates, including this one. Can you please check that it solves your dependency resolution problem? |
|
I just found time to test again. It is now working without any issues. Thank you for the quick fix! |
# for free
to join this conversation on GitHub.
Already have an account?
# to comment
Hello,
I recently tried to upgrade from version 2.4.0 to version 3.02 and as it turns out 'commons-io:commons-io'
is now pinned to version 2.4. Since we are already using other gradle plugins with commons-io with higher versions this creates a
dependency resolution problem.
I would like to understand why 'commons-io:commons-io' is pinned to 2.4 (maven central shows two vulnerabilities)
and if it would be possible to remove this constraint?
Thank you in advance!
The text was updated successfully, but these errors were encountered: