Security issues in Java client library


I’ve been using the Patreon java client in my project to allow my patrons to have access to extra benefits. Recently I introduced a scanner to make sure none of my dependencies have serious security concerns. The Patreon java client depends on several libraries that have very serious security concerns.

I created a fork to upgrade all the dependencies. Sadly, one of those dependency upgrades was backwards incompatible, so I also needed to change the client library code a little bit. This is the fork:

I’d rather not depend on a fork of this library, as I need to manage it myself. Wondering what it would take for the maintainers to pull in the pull request I created to get my fork integrated? This is the PR: Fix security vulnerabilities by coreagile · Pull Request #45 · Patreon/patreon-java · GitHub

Thanks so much!


Java lib is currently not maintained. You could fork it or use its code in your own lib if you wish.