chore: Fix transitive vulnerability in jackson #7

Mahoney · 2024-09-13T11:14:53Z

Set the minimum version to 2.15.0. Version 2.14.2 brought in
transitively by com.auth0:[email protected] has CWE-400.

Submitter checklist

Recommended: Join WireMock Slack to get any help in #help-contributing or a project-specific channel like #wiremock-java
The PR request is well described and justified, including the body and the references
The PR title represents the desired changelog entry
The repository's code style is followed (see the contributing guide)
Test coverage that demonstrates that the change works as expected
For new features, there's necessary documentation in this pull request or in a subsequent PR to wiremock.org

Set the minimum version to 2.15.0. Version 2.14.2 brought in transitively by com.auth0:[email protected] has CWE-400. A gradle constraint does not fix the version, just sets a minimum version: https://www.linen.dev/s/gradle-community/t/22694678/hi-snyk-has-revealed-that-some-deeply-nested-transitive-depe#e46476e5-70e1-49a7-a72f-fa5453374e42

leeturner approved these changes Sep 13, 2024

View reviewed changes

leeturner merged commit 6ed66f7 into main Sep 13, 2024
8 checks passed