Introduce jackson-databind constraint for 2.12.7.1 (#2733)

Fixes CVE-2022-42003
author: Ryan Lewis <ryan@rlew.io> 2022-11-10 08:01:34 +0000
committer: GitHub <noreply@github.com> 2022-11-10 09:01:34 +0100
commit: 7c3b40397d5b5922f7ac03d1153163011b988610 (patch)
tree: 03e1c2e77d9919a6c88347a5a531918763fb0b7f /plugins/versioning
parent: 631934363a02e06b5f7dcb7a8141223c6363f2bb (diff)
download: dokka-7c3b40397d5b5922f7ac03d1153163011b988610.tar.gz
dokka-7c3b40397d5b5922f7ac03d1153163011b988610.tar.bz2
dokka-7c3b40397d5b5922f7ac03d1153163011b988610.zip
1 files changed, 6 insertions, 0 deletions
diff --git a/plugins/versioning/build.gradle.kts b/plugins/versioning/build.gradle.kts
index f838399b..7d585a44 100644
--- a/plugins/versioning/build.gradle.kts
+++ b/plugins/versioning/build.gradle.kts
@@ -12,6 +12,12 @@ dependencies {
     implementation("org.jetbrains.kotlinx:kotlinx-coroutines-core:$coroutines_version")
     val jackson_version: String by project
     implementation("com.fasterxml.jackson.module:jackson-module-kotlin:$jackson_version")
+    val jackson_databind_version: String by project
+    constraints {
+        implementation("com.fasterxml.jackson.core:jackson-databind:$jackson_databind_version") {
+            because("CVE-2022-42003")
+        }
+    }
     val kotlinx_html_version: String by project
     implementation("org.jetbrains.kotlinx:kotlinx-html-jvm:$kotlinx_html_version")
author	Ryan Lewis <ryan@rlew.io>	2022-11-10 08:01:34 +0000
committer	GitHub <noreply@github.com>	2022-11-10 09:01:34 +0100
commit	7c3b40397d5b5922f7ac03d1153163011b988610 (patch)
tree	03e1c2e77d9919a6c88347a5a531918763fb0b7f /plugins/versioning
parent	631934363a02e06b5f7dcb7a8141223c6363f2bb (diff)
download	dokka-7c3b40397d5b5922f7ac03d1153163011b988610.tar.gz dokka-7c3b40397d5b5922f7ac03d1153163011b988610.tar.bz2 dokka-7c3b40397d5b5922f7ac03d1153163011b988610.zip