What is snakeyaml used for?
keilw opened this issue · comments
Werner Keil commented
There's just been a security warning about the snakeyaml dependency: https://github.com/eclipse/jnosql/security/dependabot/1
@otaviojava Where is it used?
Otávio Santana commented
Hey @keilw, there is no "artemis-configuration" anymore.
https://github.com/eclipse/jnosql/tree/main/jnosql-mapping
It was before we decided to go to Eclipse MicroProfile Configuration.
Werner Keil commented
Then we can simply remove the dependency to remove the threat.
Of course MP-Config was also a temporary solution ;-)