fix(Templates): Update aws-lambda-java-log4j2
#10383
Conversation
Updated aws-lambda-java-log4j2 to 1.4.0 to address log4j vulnerability
Codecov Report
@@ Coverage Diff @@
## master #10383 +/- ##
=======================================
Coverage 85.37% 85.37%
=======================================
Files 340 340
Lines 14005 14005
=======================================
Hits 11957 11957
Misses 2048 2048 Continue to review full report at Codecov.
|
|
Thanks a lot @MarinaMeza 🙇 I've run a quick grep over the repo and it seems like there are some additional templates that use this package that could also use an upgrade:
Would you be interested in upgrading them too? It would be much appreciated to cover all of them as a single commit with an upgrade. |
|
@pgrzesik Yes, no problem! I'll upgrade those too |
|
Hi @MarinaMeza, thanks for updating those. I am having the same issue at my company and saw that this file has indirect reference to log4j.I'm not sure how it will impact the repo, but if it's a simple update then perhaps it can be updated within this commit as well? |
There was a problem hiding this comment.
Hey @MarinaMeza, thanks a lot for your PR, I think it needs to be rebased and updated a bit and we're good to go, please see my comments 🙇
lib/plugins/create/templates/aws-kotlin-jvm-gradle/build.gradle
Outdated
Show resolved
Hide resolved
|
I've updated all references to aws-lambda-java-log4j2. |
There was a problem hiding this comment.
Thank you @MarinaMeza, it looks great, but there seem to be a conflict - could you rebase your branch on top of current master branch?
pgrzesik
changed the title
aws-lambda-java-log4j2
Updated aws-lambda-java-log4j2 to 1.4.0 to address log4j vulnerability
Issue 10370
Addresses: #10370