Skip to content

Commit

Permalink
security: upgrade Spring related dependencies (#6362)
Browse files Browse the repository at this point in the history
  • Loading branch information
@slievrly
slievrly committed Feb 20, 2024
1 parent b557a47 commit c08345e
Show file tree
Hide file tree
Showing 4 changed files with 29 additions and 27 deletions.
4 changes: 2 additions & 2 deletions build/pom.xml
View file
Original file line number Diff line number Diff line change
Expand Up @@ -76,8 +76,8 @@
<project.reporting.outputEncoding>UTF-8</project.reporting.outputEncoding>

<!-- The version of spring-boot for 'spring-boot-dependencies' and 'spring-boot-maven-plugin' -->
<spring-boot.version>2.5.13</spring-boot.version>
<spring-framework.version>5.3.20</spring-framework.version>
<spring-boot.version>2.5.15</spring-boot.version>
<spring-framework.version>5.3.27</spring-framework.version>

<!-- server side dependency-->
<kafka-appender.version>0.2.0-RC2</kafka-appender.version>
Expand Down
1 change: 1 addition & 0 deletions changes/en-us/2.x.md
View file
Original file line number Diff line number Diff line change
Expand Up @@ -103,6 +103,7 @@ Add changes here for all PR submitted to the 2.x branch.
- [[#6340](https://github.com/apache/incubator-seata/pull/6340)] upgrade and tidy some dependencies
- [[#6350](https://github.com/apache/incubator-seata/pull/6350)] remove enableDegrade properties
- [[#6349](https://github.com/apache/incubator-seata/pull/6349)] transfer dockerhub repo
- [[#6362](https://github.com/apache/incubator-seata/pull/6362)] upgrade Spring related dependence

### test:
- [[#6081](https://github.com/apache/incubator-seata/pull/6081)] add `test-os.yml` for testing the OS
Expand Down
4 changes: 3 additions & 1 deletion changes/zh-cn/2.x.md
View file
Original file line number Diff line number Diff line change
Expand Up @@ -92,6 +92,8 @@
- [[#6349](https://github.com/apache/incubator-seata/pull/6349)] 迁移 dockerhub 仓库
- [[#6356](https://github.com/apache/incubator-seata/pull/6356)] 去除健康检查页面的鉴权
- [[#6360](https://github.com/apache/incubator-seata/pull/6360)] 优化部分链接 401 的问题
- [[#6350](https://github.com/apache/incubator-seata/pull/6350)] 移除 enableDegrade 配置


### security:
- [[#6069](https://github.com/apache/incubator-seata/pull/6069)] 升级Guava依赖版本,修复安全漏洞
Expand All @@ -100,7 +102,7 @@
- [[#6147](https://github.com/apache/incubator-seata/pull/6147)] 升级 kafka-clients依赖至3.6.1
- [[#6339](https://github.com/apache/incubator-seata/pull/6339)] 升级 spring mvc 和 tomcat.embed 依赖
- [[#6340](https://github.com/apache/incubator-seata/pull/6340)] 升级和整理依赖
- [[#6350](https://github.com/apache/incubator-seata/pull/6350)] 移除 enableDegrade 配置
- [[#6362](https://github.com/apache/incubator-seata/pull/6362)] 升级 Spring 相关的依赖

### test:
- [[#6081](https://github.com/apache/incubator-seata/pull/6081)] 添加 `test-os.yml` 用于测试seata在各种操作系统下的运行情况
Expand Down
47 changes: 23 additions & 24 deletions compatible/pom.xml
View file
Original file line number Diff line number Diff line change
Expand Up @@ -36,37 +36,31 @@
<groupId>org.apache.seata</groupId>
<artifactId>seata-saga-engine</artifactId>
<version>${project.version}</version>
<scope>compile</scope>
</dependency>
<dependency>
<groupId>org.apache.seata</groupId>
<artifactId>seata-saga-engine-store</artifactId>
<version>${project.version}</version>
<scope>compile</scope>
</dependency>
<dependency>
<groupId>org.apache.seata</groupId>
<artifactId>seata-integration-tx-api</artifactId>
<version>${project.version}</version>
<scope>compile</scope>
</dependency>
<dependency>
<groupId>org.apache.seata</groupId>
<artifactId>seata-metrics-api</artifactId>
<version>${project.version}</version>
<scope>compile</scope>
</dependency>
<dependency>
<groupId>org.apache.seata</groupId>
<artifactId>seata-sqlparser-druid</artifactId>
<version>${project.version}</version>
<scope>compile</scope>
</dependency>
<dependency>
<groupId>org.apache.seata</groupId>
<artifactId>seata-spring</artifactId>
<version>${project.version}</version>
<scope>compile</scope>
</dependency>
<dependency>
<groupId>org.apache.seata</groupId>
Expand All @@ -78,6 +72,21 @@
<artifactId>seata-http-jakarta</artifactId>
<version>${project.version}</version>
</dependency>
<dependency>
<groupId>org.apache.seata</groupId>
<artifactId>seata-grpc</artifactId>
<version>${project.version}</version>
</dependency>
<dependency>
<groupId>org.apache.seata</groupId>
<artifactId>seata-rm-datasource</artifactId>
<version>${project.version}</version>
</dependency>
<dependency>
<groupId>org.apache.seata</groupId>
<artifactId>seata-integration-tx-api</artifactId>
<version>${project.version}</version>
</dependency>
<dependency>
<groupId>org.apache.httpcomponents</groupId>
<artifactId>httpclient</artifactId>
Expand All @@ -87,30 +96,20 @@
<dependency>
<groupId>org.springframework</groupId>
<artifactId>spring-webmvc</artifactId>
<version>5.3.20</version>
</dependency>
<dependency>
<groupId>org.apache.seata</groupId>
<artifactId>seata-grpc</artifactId>
<version>${project.version}</version>
<exclusions>
<exclusion>
<groupId>org.springframework</groupId>
<artifactId>spring-expression</artifactId>
</exclusion>
</exclusions>
<version>5.3.26</version>
<scope>provided</scope>
</dependency>
<dependency>
<groupId>io.grpc</groupId>
<artifactId>grpc-stub</artifactId>
<version>1.27.1</version>
<scope>provided</scope>
</dependency>
<dependency>
<groupId>org.apache.seata</groupId>
<artifactId>seata-rm-datasource</artifactId>
<version>2.1.0-SNAPSHOT</version>
<scope>compile</scope>
</dependency>
<dependency>
<groupId>org.apache.seata</groupId>
<artifactId>seata-integration-tx-api</artifactId>
<version>2.1.0-SNAPSHOT</version>
<scope>compile</scope>
</dependency>
</dependencies>
</project>

0 comments on commit c08345e

Please sign in to comment.