1 Reply Latest reply on May 5, 2016 1:13 AM by ankitgr8

why we are using plexus-cipher-1.4.jar.What is this component user for?

ankitgr8 May 3, 2016 10:42 PM

why we are using plexus-cipher-1.4.jar.

1. What is this component user for?

2. The requested version was released in 2009. The latest version was released in 2011. The team certainly had opportunity to use the latest version, why isn't it using the latest version?

1. Re: why we are using plexus-cipher-1.4.jar.What is this component user for?

ankitgr8 May 5, 2016 1:13 AM (in response to ankitgr8)

This file is used in embedded maven for jbpm, but we have seen some security issues with this file. Is there any plan to upgrade to higher version. or can we exclude this jar dependency
Actions