How to update package version in external libraries
I want to update this package's version, but I didn't find this package in my pom file under root directory
How can I update this package's version? Do I need to do it directly in the pom file under the Maven package?
This is my dependency tree, and I want to upgrade to 1.31
If you don’t use it directly, then it is coming from one of your dependencies. You can check which one using
mvn dependency:tree
With IntelliJ IDEA, you can also open the Maven view, then right-click the project and select “Analyze Dependencies…” to get the same information.
Ideally, you should keep it as a transitive dependency, otherwise you will have to take care of its upgrade every time you upgrade the library that actually depends on it. Moreover, there can be issues if you upgrade only the transitive dependency and not the intermediate one (e.g. for Spring).
The best solution would thus be to upgrade that intermediate dependency, assuming that they have released a new version of it (SnakeYAML 1.29 being affected by CVE-2022-25857, there are good chances).
Only if you can’t do that, you should add the dependency in the <dependencyManagement> section of your pom.xml, but don’t forget tot maintain it from now on (and remove it once the intermediate dependency is upgraded).
- In Java, avoiding null dereferences when calling super(...) in constructor
- Record patterns in java without instanceof nor switch
- How do I set the HttpClient proxy?
- Are leap seconds catered for by Calendar?
- Cartesian product of an arbitrary number of sets
- org.postgresql.util.PSQLException: FATAL: sorry, too many clients already
- javax.xml.bind cannot be resolved
- Java/gradle project that builds locally doesn't build in AWS/CodeBuild/Docker
- What to do with "java: No enum constant javax.lang.model.element.Modifier.SEALED" build error?
- How do I locate a Google SpreadSheet ID?
- Custom annotation as Interceptor for a method logging
- Comparing two hashmaps for equal values and same key sets?
- Getting 301 while doing HTTP get call using Java but getting 200 while doing same using Postman
- How can I efficiently use nested configuration classes to inject dependencies when I have many SpringBootTest classes
- Illegal Character when trying to compile java code
- Can't import MPAndroidChart libraries into Activity declaring in TOML and build.gradle (app)
- Intellij + Spring + Cucumber: A method annotated with Before, After, BeforeStep or AfterStep must have one of these signatures
- How to stack custom annotation in Java with @Inject annotation
- incorrect week_of_year
- In JPA 2, using a CriteriaQuery, how to count results
- How to correctly convert a timestring to a date object
- Why do I have ClassNotFoundException: javax.servlet.http.HttpFilter for a .war after updating from Spring Boot 2.5.5 to 2.6.0?
- Unable to set month in Java.util.Calendar
- Which method is proposed for split date string?
- RMI over SSL with single port on server
- PriorityQueue Comparator weird behavior when sort order is fetched from hashmap
- Why is my date not being set correctly to 30 days in the future?
- How is Java Path converted to e.g. InputStream
- How to define a TestConfiguration for TestContainers?
- What's the difference between String.format() and str.formatted() in Java?