Remove commons-io dependency

**Describe the bug**
There seems to be a security (?) issue with commons-io 2.7 - see https://github.com/pmd/pmd/issues/4691

After googling (VULNDB-239195 is behind a paywall) I found this:

https://issues.apache.org/jira/browse/FLINK-22747

> VULNDB-239195
> "Vendor Specific News/Changelog Entry
> https://commons.apache.org/proper/commons-io/changes-report.html#a2.8.0
> Vendor Specific Solution URL
> https://github.com/apache/commons-io/commit/0de91c048fb575b9e7906e966a4428574fd03695
> Vendor Specific Solution URL
> https://github.com/apache/commons-io/commit/97ae01c95837f50a2e9be34c370b271c4d8fc88b
> Bug Tracker
> https://issues.apache.org/jira/browse/IO-675"

In PMD, we already removed commons-io some time ago. I think, we should do the same in pmd-designer.


Provide feedback

Saved searches

Use saved searches to filter your results more quickly

Remove commons-io dependency #73

Metadata

Assignees

Labels

Type

Fields

Projects

Milestone

Relationships

Development

Remove commons-io dependency #73

Description

Metadata

Metadata

Assignees

Labels

Type

Fields

Projects

Milestone

Relationships

Development

Issue actions