Rafiullah Hamedy

Hi guys, The version of json-lib available in mavenrepository https://mvnrepository.com/artifact/net.sf.json-lib/json-lib (2.4 latest) has a commons-collection3.2.1 dependency which has a security vulnerability https://www.cvedetails.com/cve/CVE-2017-15708/ and is fixed in commons-collection3.2.2. Is there any plan address this? Raf.

Hi guys, I noticed that the maven central https://mvnrepository.com/artifact/org.olap4j/olap4j only have 1.2.0 release and not the 1.3.0 at least. Curious why the new release is not published? In addition to the above, the Apache Xerces version 2.11.0 used in olap4j/1.2.0 has security vulnerabilities see https://github.com/olap4j/olap4j/issues/65 and I have created a PR https://github.com/olap4j/olap4j/pull/66 to up the version provided the newer version of Apache Xerces is compatible. The CI job...