Hi All,
I’m using the jira-maven-plugin to build our own plugin. But I found the latest jira-maven-plugin 9.1.1 uses 3.1.1 maven-core jar which has vulnerabilities when generating rest docs. But when I see the dependency in pom files, there are no dependency is using maven-core 3.1.1 but when compiling the plugin, it still uses the maven-core 3.1.1. Could you please tell what is the reason for this? Thanks!
[INFO] — jira:9.1.1:generate-rest-docs (default-generate-rest-docs) @ jira-workflow-migrator —
[INFO] Scanning all of C:\Users\yaoqih\Projects\jira-workflow-migrator\src\main\java for REST resources
Downloading from ms-artifactory: ****/org/apache/maven/maven-core/3.1.1/maven-core-3.1.1.pom
Downloaded from ms-artifactory: ****/org/apache/maven/maven-core/3.1.1/maven-core-3.1.1.pom (7.3 kB at 28 kB/s)
Downloading from ms-artifactory: ****/org/apache/maven/maven-core/3.1.1/maven-core-3.1.1.jar
Downloaded from ms-artifactory: ****/org/apache/maven/maven-core/3.1.1/maven-core-3.1.1.jar (557 kB at 293 kB/s)
Regards,
Yaoqi