Greetings,
I’ve been using the Patreon java client in my project to allow my patrons to have access to extra benefits. Recently I introduced a scanner to make sure none of my dependencies have serious security concerns. The Patreon java client depends on several libraries that have very serious security concerns.
I created a fork to upgrade all the dependencies. Sadly, one of those dependency upgrades was backwards incompatible, so I also needed to change the client library code a little bit. This is the fork:
I’d rather not depend on a fork of this library, as I need to manage it myself. Wondering what it would take for the maintainers to pull in the pull request I created to get my fork integrated? This is the PR: Fix security vulnerabilities by coreagile · Pull Request #45 · Patreon/patreon-java · GitHub
Thanks so much!
Stephen.