[Snyk] Fix for 1 vulnerable dependencies (kr.motd.maven:os-maven-plug…

…in) (#4097) * fix: google-cloud-util/google-cloud-compat-checker/pom.xml to reduce vulnerabilities The following vulnerabilities are fixed with an upgrade: - https://snyk.io/vuln/SNYK-JAVA-ORGCODEHAUSPLEXUS-31521 * Add guava dependency in google-cloud-compat-checker Previously, the kr.motd.maven:os-maven-plugin brought in a dependency that brought in guava. This artifact explicitly uses guava collections so we need to add the dependency here.
googleapis · Nov 26, 2018 · d50e7d8 · d50e7d8
1 parent 53e21eb
commit d50e7d8
Showing 1 changed file with 6 additions and 1 deletion.
diff --git a/google-cloud-util/google-cloud-compat-checker/pom.xml b/google-cloud-util/google-cloud-compat-checker/pom.xml
@@ -29,12 +29,17 @@
 	   to not duplicate the logic ourselves -->
       <groupId>kr.motd.maven</groupId>
       <artifactId>os-maven-plugin</artifactId>
-      <version>1.4.0.Final</version>
+      <version>1.6.1</version>
     </dependency>
     <dependency>
       <groupId>org.codehaus.plexus</groupId>
       <artifactId>plexus-utils</artifactId>
     </dependency>
+    <dependency>
+      <groupId>com.google.guava</groupId>
+      <artifactId>guava</artifactId>
+      <version>26.0-android</version>
+    </dependency>
     <dependency>
       <groupId>io.netty</groupId>
       <artifactId>netty-handler</artifactId>