Twitter Util v21.11.0 Release Notes
-
๐ฅ Breaking API Changes
* ๐ util-security: Use snakeyaml to parse yaml instead of a buggy custom yaml parser. This means that thrown IOExceptions have been replaced by YAMLExceptions. Additionally, the parser member has been limited to private visibility. ``PHAB_ID=D617641`` ๐ New Features ~~~~~~~~~~~~ * ๐ util-security: Any valid yaml / json file with string keys and values can be loaded with `com.twitter.util.security.Credentials`. ``PHAB_ID=D617641`` โ Runtime Behavior Changes
โก๏ธ util-cache: Update Caffeine cache library to version 2.9.2
PHAB_ID=D771893
util-jackson: Enable
BLOCK_UNSAFE_POLYMORPHIC_BASE_TYPES
in ScalaObjectMapper to guard against Remote Code Execution (RCE) security vulnerability. This blocks polymorphic deserialization from unsafe base types.PHAB_ID=D780863