Details
-
Question
-
Status: Resolved
-
Minor
-
Resolution: Not A Problem
-
3.2.1
-
None
-
None
Description
I am using spark-sql_2.12 dependency version 3.2.1 in my project. My dependency tracker highlights the transitive dependency "unused" from spark-sql_2.12 as vulnerable. I check there is no update for this artifacts since 2014. Is the artifact used anywhere in spark ?
To resolve this vulnerability, can I exclude this "unused" artifact from spark-sql_2.12 ? Will it cause any issues in my project ?