r-sidd opened a new pull request, #894: URL: https://github.com/apache/flink-kubernetes-operator/pull/894
## What is the purpose of the change Bump commons-io from 2.11.0 to 2.17.0 ## Brief change log Commons-io version 2.11.0 has a direct vulnerability and bumping it to the newer version (2.17.0) will remediate this finding. **Direct vulnerabilities:** [CVE-2024-47554](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-47554) **Package details:** https://mvnrepository.com/artifact/commons-io/commons-io/2.17.0 ## Verifying this change This change is a trivial rework / code cleanup without any test coverage. ## Does this pull request potentially affect one of the following parts: - Dependencies (does it add or upgrade a dependency): yes - The public API, i.e., is any changes to the `CustomResourceDescriptors`: no - Core observer or reconciler logic that is regularly executed: no ## Documentation - Does this pull request introduce a new feature? no - If yes, how is the feature documented? not applicable -- This is an automated message from the Apache Git Service. To respond to the message, please log on to GitHub and use the URL above to go to the specific comment. To unsubscribe, e-mail: issues-unsubscr...@flink.apache.org For queries about this service, please contact Infrastructure at: us...@infra.apache.org