[BUG] Dependency security breach in your openapi-generator-maven-plugin

[soleanos]

Hello, I am contacting you because after passing my professional application to the XRAY scan, it appears that your application has multiple dependencies which open up major flaws:

The version of org.sonatype.plexus:plexus-build-api:jar (0.0.7) which is very old (from 2011) and contains org.codehaus.plexus:plexus-utils:jar:1.5.8:compile reassembled by xray. In addition, your jar also contains a version of maven-core which is obsolete and also contains a major security flaw. Could you please modify your pom to include versions not affected by the flaws I just told you about? Thank you very much in advance

[wing328]

@soleanos thanks for reporting the issue. I wonder if you have time file a PR to update those dependencies.

(otherwise, we'll take a look later this week)

[soleanos]

Hello, thanks u for anwser => i did a PR in 11881 but i cant fix plexus api build version => there is no new version since 2007 Could you use another lib instead ? If you wants use plexus utils you can take last versions like https://mvnrepository.com/artifact/org.codehaus.plexus/plexus-utils ? Thanks you

[soleanos]

@wing328