[CAMEL-16268] camel-xstream - Test dependency of junit-vintage-engine not set to scope test - ASF JIRA

XML

Word

Printable

JSON

Details

Type: Task
Status: Resolved
Priority: Minor
Resolution: Fixed
Affects Version/s: 3.4.5, 3.7.2
Fix Version/s: 3.7.3, 3.9.0
Component/s: camel-xstream
Labels:
None

Estimated Complexity:
Novice

Description

When using the component 'camel-xstream' the dependency for junit-vintage-engine and with that Junit 4.13 comes along.

This seems to be caused because the dependency for junit-vintage-engine isn't set to the scope test (like the other test dependencies).

Given that test dependencies shouldn't be in production builds (and junit 4.13 contains a vulnerability (see ossindex.sonatype.org)), please set the scope to test.

Attachments

Issue Links

links to

GitHub Pull Request #5140

Activity

People

Assignee:: Unassigned

Reporter:: Maarten Donderwinkel

Votes:: 0 Vote for this issue

Watchers:: 2 Start watching this issue

Dates

Created:: 26/Feb/21 12:38

Updated:: 26/Feb/21 13:46

Resolved:: 26/Feb/21 13:46