THIS IS A TEST INSTANCE. ALL YOUR CHANGES WILL BE LOST!!!!
...
You can also check in the main build.gradle, that the libs are not directly used by OFBiz but by libs used by plugins. As of 2019-10-09, there are no libs directly used by OFBiz with security issues.
Libs that can't be updated in their last version
So we keep the current version in OFBiz trunk. You may try newer version thatn below but most of the time it does not work either
- at.bxm.svntools:at.bxm.svntools.gradle.plugin [2.2.1 -> 3.0]
- com.lowagie:itext [2.1.7 -> 4.2.2]
- org.apache.derby:derby [10.14.2.0 -> 10.15.2.0]
- org.apache.sshd:sshd-core [1.7.0 -> 2.4.0]
- org.apache.tomcat:tomcat-catalina-ha [9.0.34 -> 10.0.0-M3]
- org.apache.tomcat:tomcat-jasper [9.0.34 -> 10.0.0-M3]
- org.apache.tomcat.embed:tomcat-embed-websocket [9.0.34 -> 10.0.0-M3]
- org.apache.xmlgraphics:fop [2.3 -> 2.4]
- org.codehaus.groovy:groovy-all [2.5.8 -> 3.0.3]
- org.jasig.cas:cas-server-core [3.3.5 -> 4.2.7]
- org.apache.shiro:shiro-core [1.4.1 -> 1.5.3]