remove httpclient-4.5.12.jar from engine as runtime dependency
Closed this issue · 1 comments
venetrius commented
Acceptance Criteria (Required on creation)
Remove httpclient-4.5.12.jar from engine as runtime dependency
Hints
In #4193 httpclient-4.5.12.jar is introduced to engine as a runtime dependency. Before it was used as a test dependency.
This created a hit in the vulnerability scaner
Links
Breakdown
Dev2QA handover
- Does this ticket need a QA test and the testing goals are not clear from the description? Add a Dev2QA handover comment
venetrius commented
Changes were successful, httpclient-4.5.12.jar is not part of the packaged jar anymore. Dependency scanner closed the vulnerability issue: https://github.com/camunda/automation-platform-vulnerability-scan/issues/3209.
QA note: @gbetances089 no specific testing required for this issue, as this reverts a change in a packaged dependency.
I will do a smoke test for all distro-s for the parent issue.
Closing this issue.