9.4.0 has an incorrect dependency #1016
Labels
Comments
|
I couldn't figure out how to label this issue, so I've labeled it for a human to triage. Hang tight. |
|
I agree this wrongly scoped dependency should be removed and a new release should be created asap.. not only is it in the wrong scope it is also flagged with a CVE stopping our local pipelines (CVE-2021-32827) , how did it even get through? |
timpeeters
added a commit
to timpeeters/firebase-admin-java
that referenced
this issue
Oct 12, 2024
Fixes firebase#1016 by defining mockserver-junit-rule-no-dependencies as a test scoped dependency.
|
I've created #1018 to (at least) move it to test scope already. |
Merged
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
The 9.4.0 release has a dependency to org.mock-server:mockserver-junit-rule-no-dependencies:5.14.0 which is lacking the 'test' scope, therefore it is pulled alongside the firebase-admin dependency. This causes an issue with the SLF4J library because of the org.slf4j.helpers.NOPLoggerFactory included in this incorrect dependency taking precedence over the Logback LoggerFactory.
The text was updated successfully, but these errors were encountered: