deps: bump jackson to 2.15.1 #17406
deps: bump jackson to 2.15.1 #17406
Conversation
|
Might be better to wait for v2.15.1. There are some large changes in v2.15 and a few issues being reported. v2.14.3 has many of the security fixes - if you'd prefer to upgrade now but avoid waiting for v2.15.1 |
Sure, but I'm assuming 2.15 also fixes a handful of things still in 2.14. Unless there is something specific we want to avoid in 2.15, I don't think there's a reason to block the upgrade. |
|
Jackson 2.15.1 has been released. https://github.com/FasterXML/jackson/wiki/Jackson-Release-2.15.1 |
If you're curious the release notes for this version can be found in https://github.com/FasterXML/jackson/wiki/Jackson-Release-2.15.
Thanks for the heads up! I've gone ahead and bumped this. |
If you're curious the release notes for this version can be found in
https://github.com/FasterXML/jackson/wiki/Jackson-Release-2.15.
The main reason for this change is that there are some CVEs attatched
to the 2.13.x series that are first fixed in later versions. You can see the
CVEs in the Security tab here on GitHub.