We've release Dropwizard 1.3.15 which addresses CVE-2019-14540 and CVE-2019-16335 with Jackson 2.9.10.

We currently have a small problem with our domain dropwizard.io.

Docs should be available at dropwizard.github.io/dropwizar in a short while and Javadoc can be found at javadoc.io/doc/io.dropwizard/d

And another one: We've just released Dropwizard 2.0.0-rc10. Please test it thoroughly and give us feedback at github.com/dropwizard/dropwiza

According to an online poll of @JavaMagazin@twitter.com, Dropwizard is the 3rd most popular Java micro framework.

If you're working on a Dropwizard module, consider adding it to our modules directory at modules.dropwizard.io/thirdpar.

If your project or your company is using Dropwizard, please add them to the "Who's using Dropwizard" page in the wiki:

We've released Dropwizard 2.0.0-rc9. Unless we find some critical bug, this will become Dropwizard 2.0.0 GA, so please test it thoroughly.
Make sure to read the migration guide with regards to the changed behavior of "dropwizard-bom".

We've released Dropwizard 1.3.14 with jackson-databind

RT @fasterxml@twitter.com

UPDATE: due to clerical error, actual bom to use needs to be `` (first attempt incorrectly referred to earlier micro-patch)

🐦🔗: twitter.com/fasterxml/status/1

We've just released Dropwizard 1.3.13 with a security fix for Jackson Databind and a small feature, see github.com/dropwizard/dropwiza for details.
The artifacts should hit Maven Central within the next hour.

In other news, we've released Dropwizard 2.0.0-rc2 and published it on Maven Central. Please give it a try and report any bugs or missing documentation at github.com/dropwizard/dropwiza

Dropwizard 1.3.12 has been released with a small security fix for Jackson. Update strongly recommended.


Fosstodon is a Mastodon instance that is open to anyone who is interested in technology; particularly free & open source software.