Details
-
Improvement
-
Status: Closed
-
Major
-
Resolution: Fixed
-
None
-
None
-
None
Description
The RCP bundle should not depend on any Sling bundles. This would also fix the vulnerability issue currently detected in Sling API failing the build:
One or more dependencies were identified with known vulnerabilities in Apache Jackrabbit FileVault RCP Server Bundle: org.apache.sling.api-2.16.4.jar (pkg:maven/org.apache.sling/org.apache.sling.api@2.16.4, cpe:2.3:a:apache:sling:2.16.4:*:*:*:*:*:*:*, cpe:2.3:a:apache:sling_api:2.16.4:*:*:*:*:*:*:*) : CVE-2022-32549
Attachments
Issue Links
- links to