GEODE-10565: Jackson upgrade due to security vulnerabilities by JinwooHwang · Pull Request #7990 · apache/geode

JinwooHwang · 2026-03-04T11:08:34Z

Upgrade Jackson dependencies and update related integration test resources for GEODE-10565.

This PR upgrades Jackson dependencies and updates integration test resources to ensure compatibility and correctness. See Jira: GEODE-10565.

boms/geode-all-bom/src/test/resources/expected-pom.xml
- Updated expected Maven POM to reflect new Jackson versions and dependency changes.
build-tools/geode-dependency-management/src/main/groovy/org/apache/geode/gradle/plugins/DependencyConstraints.groovy
- Upgraded Jackson and related dependency versions in Gradle plugin constraints.
geode-assembly/src/integrationTest/resources/assembly_content.txt
- Updated list of files included in the assembly for integration tests.
geode-assembly/src/integrationTest/resources/gfsh_dependency_classpath.txt
- Updated GFSH dependency classpath for integration tests to match new dependency versions.
geode-server-all/src/integrationTest/resources/dependency_classpath.txt
- Updated server dependency classpath for integration tests to match new dependency versions.

Is there a JIRA ticket associated with this PR? Is it referenced in the commit message?
Has your PR been rebased against the latest commit within the target branch (typically develop)?
Is your initial contribution a single, squashed commit?
Does gradlew build run cleanly?
Have you written or updated unit tests to verify your changes?
If adding new dependencies to the code, are these dependencies licensed in a way that is compatible for inclusion under ASF 2.0?

jackson upgrade

3e96624

JinwooHwang requested a review from marinov-code March 4, 2026 11:08

Provide feedback