Skip to content
This repository was archived by the owner on Dec 4, 2023. It is now read-only.

Update mjsal4j library#1377

Merged
tracyboehrer merged 1 commit into
mainfrom
lparrish/msal4jUpdate
Dec 10, 2021
Merged

Update mjsal4j library#1377
tracyboehrer merged 1 commit into
mainfrom
lparrish/msal4jUpdate

Conversation

@LeeParrishMSFT

Copy link
Copy Markdown
Contributor

Fixes #1376

Description

Updated msal4j to latest version (1.11.0) to handle issues with a dependency having a security vulnerability.

Specific Changes

Updated pom.xml for bot.connector.

Testing

Unit tests all pass.

@LeeParrishMSFT LeeParrishMSFT requested a review from a team as a code owner December 10, 2021 18:17
@tracyboehrer tracyboehrer merged commit 9b6f41c into main Dec 10, 2021
@tracyboehrer tracyboehrer deleted the lparrish/msal4jUpdate branch December 10, 2021 18:46
tracyboehrer pushed a commit that referenced this pull request Dec 10, 2021
# Conflicts:
#	libraries/bot-connector/pom.xml
tracyboehrer added a commit that referenced this pull request Dec 10, 2021
* Update mjsal4j library (#1377)

# Conflicts:
#	libraries/bot-connector/pom.xml

* Bump log4j-api from 2.11.0 to 2.15.0 (#1374)

Bumps log4j-api from 2.11.0 to 2.15.0.

---
updated-dependencies:
- dependency-name: org.apache.logging.log4j:log4j-api
  dependency-type: direct:development
...

Signed-off-by: dependabot[bot] <support@github.com>

Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>

* Bump log4j-core from 2.13.2 to 2.15.0 (#1375)

Bumps log4j-core from 2.13.2 to 2.15.0.

---
updated-dependencies:
- dependency-name: org.apache.logging.log4j:log4j-core
  dependency-type: direct:development
...

Signed-off-by: dependabot[bot] <support@github.com>

Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
Co-authored-by: tracyboehrer <tracyboehrer@users.noreply.github.com>

* Update to 4.14.1

* Updated Connector version

Co-authored-by: Lee Parrish <30470292+LeeParrishMSFT@users.noreply.github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
Sign up for free to subscribe to this conversation on GitHub. Already have an account? Sign in.

Labels

None yet

2 participants