...

• CVE mismatch for Google HTTP Client, mistaken for Apache’s. [BUILD-411]

• CVE mismatch for Jackson version shaded by DL4J. [BUILD-425]

• animal-sniffer failure because of non-existent signatures on modern JDKs. [BUILD-426]

• CVE mismatches for Guava version shaded by DL4J [BUILD-429], dhowden/tag [BUILD-430], FlatBuffers [BUILD-432], Magnolia Tasks app [BUILD-440]

Known limitations

•  API compatibility checks may be inconsistent for reactors [BUILD-438]

Upgrading

Upgrading should be straightforward. Core artifacts start being updated with the Magnolia 6.2.7 release.