From 12d846c23a84dd8211ace371f26931d1023703cc Mon Sep 17 00:00:00 2001 From: "renovate[bot]" <29139614+renovate[bot]@users.noreply.github.com> Date: Wed, 21 Aug 2024 19:02:03 +0000 Subject: [PATCH] Update Spring All --- build.gradle | 12 ++++++------ 1 file changed, 6 insertions(+), 6 deletions(-) diff --git a/build.gradle b/build.gradle index 31583ec7a..e1da3344e 100644 --- a/build.gradle +++ b/build.gradle @@ -5,7 +5,7 @@ plugins { id 'jacoco' id 'info.solidsoft.pitest' version '1.9.11' id 'io.spring.dependency-management' version '1.0.12.RELEASE' - id 'org.springframework.boot' version '2.5.15' + id 'org.springframework.boot' version '3.3.2' id 'uk.gov.hmcts.java' version '0.12.12' id 'org.owasp.dependencycheck' version '10.0.3' id 'com.github.ben-manes.versions' version '0.46.0' @@ -214,7 +214,7 @@ dependencies { implementation group: 'org.springframework.boot', name: 'spring-boot-starter-validation', version: springBoot.class.package.implementationVersion // https://mvnrepository.com/artifact/org.springframework.retry/spring-retry - implementation group: 'org.springframework.retry', name: 'spring-retry', version: '1.3.4' + implementation group: 'org.springframework.retry', name: 'spring-retry', version: '2.0.8' implementation group: 'me.xdrop', name: 'fuzzywuzzy', version: '1.4.0' implementation group: 'io.rest-assured', name: 'rest-assured', version: '4.3.3' @@ -309,7 +309,7 @@ dependencyManagement { } //CVE-2021-22112 - dependencySet(group: 'org.springframework.security', version: '5.7.10') { + dependencySet(group: 'org.springframework.security', version: '6.3.3') { entry 'spring-security-crypto' } @@ -325,7 +325,7 @@ dependencyManagement { dependency group: 'org.yaml', name: 'snakeyaml', version: '2.0' //CVE-2021-22118 - dependencySet(group: 'org.springframework', version: '5.3.28') { + dependencySet(group: 'org.springframework', version: '6.1.12') { entry 'spring-aop' entry 'spring-aspects' entry 'spring-beans' @@ -351,7 +351,7 @@ dependencyManagement { } imports { - mavenBom "org.springframework.cloud:spring-cloud-dependencies:2020.0.6" + mavenBom "org.springframework.cloud:spring-cloud-dependencies:2023.0.3" } //CVE-2021-28170 dependency group: 'org.glassfish', name: 'jakarta.el', version: '4.0.2' @@ -373,7 +373,7 @@ dependencyManagement { } // CVE-2023-34042 - dependency group: 'org.springframework.security', name: 'spring-security-crypto', version: '5.8.10' + dependency group: 'org.springframework.security', name: 'spring-security-crypto', version: '6.3.3' } }