Evicted a vulnerable library. Althought the vulnerability does not seem to be triggerable, this should make it future-proof.

2026-01-15 16:23:52 +01:00 · 2016-03-09 10:45:06 +01:00
parent b1f04c3987
commit a580ab6b95
1 changed files with 2 additions and 0 deletions
--- a/build.sbt
+++ b/build.sbt
@@ -81,6 +81,8 @@ libraryDependencies += "com.google.caliper" % "caliper" % "1.0-beta-2"

 libraryDependencies += "org.apache.httpcomponents" % "httpclient" % "4.3.6" // evict the vulnerable version

+libraryDependencies += "commons-collections" % "commons-collections" % "3.2.2" // evict the vulnerable version
+
 routesImport += "binders.QueryBinders._"

 // Uncomment to use Akka