Bump guava from 30.1.1-jre to 32.1.2-jre #146

julianladisch · 2023-09-24T13:18:26Z

This fixes insecure permissions of files created in the temporary directory: https://nvd.nist.gov/vuln/detail/CVE-2023-2976

Version 32 is binary compatible with version 30 because only the GWT jar has breaking changes:
google/guava#2575 (comment)

I run CI for these repositories and found no regressions:

The failures in vertx-zookeeper are not regressions because they exist with 30.1.1-jre.

I found no other Vert.x repository that uses Guava and hasn't been removed for Vert.x 5.

Obsoletes #118

This fixes insecure permissions of files created in the temporary directory: https://nvd.nist.gov/vuln/detail/CVE-2023-2976 Version 32 is binary compatible with version 30 because only the GWT jar has breaking changes: google/guava#2575 (comment) I run CI for these repositories and found no regressions: * vertx-config: https://github.com/julianladisch/vertx-config/actions/runs/6289869333 * vertx-grpc: https://github.com/julianladisch/vertx-grpc/actions/runs/6289478128 * vertx-zookeeper: https://github.com/julianladisch/vertx-zookeeper/actions/workflows/ci-5.x.yml The failures in vertx-zookeeper are not regressions because they exist with 30.1.1-jre. I found no other Vert.x repository that uses Guava and hasn't been removed for Vert.x 5. Obsoletes vert-x3#118

vietj merged commit 5da532a into vert-x3:master Oct 6, 2023
3 checks passed

vietj added this to the 5.0.0 milestone Oct 6, 2023

Provide feedback