Remove dependency on Jackson
Closed this issue · 1 comments
kaklakariada commented
Jackson is used to map the configuration yaml to a Java class. To avoid unnecessary dependencies we should avoid this dependency and implement reading the yaml format ourself.
ckunki commented
Rejecting ticket as effort for implementation appears to be high and loses benefits of jackson class mapping.
Additionally an exploit requires write access to the source code repository and attempts to inject malicious code will be detected during regular code reviews.