Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Set release version to 3.5.5 #1653

Open
wants to merge 2 commits into
base: main
Choose a base branch
from
Open

Set release version to 3.5.5 #1653

wants to merge 2 commits into from
+71 −45

Conversation

kuntzed
Copy link
Collaborator

@kuntzed kuntzed commented Nov 21, 2024
edited
Loading

Release 3.5.5:

  • [token-client] Support CRLF line-endings in PEM formatted service keys

Dependency upgrades:

  • Bump io.projectreactor:reactor-test from 3.6.9 to 3.7.0
  • Update spring versions
    • core to 6.2.0
    • boot to 3.4.0
    • security to 6.4.1
  • Bump org.wiremock:wiremock-standalone from 3.9.1 to 3.9.2
  • Bump uk.org.webcompere:system-stubs-jupiter from 2.1.6 to 2.1.7
  • Bump com.nimbusds:nimbus-jose-jwt from 9.40 to 9.47
  • Bump com.sap.cloud.environment.servicebinding:java-bom from 0.10.5 to 0.20.0
  • Bump log4j2.version from 2.24.1 to 2.24.2
  • Bump org.apache.maven.plugins:maven-pmd-plugin from 3.24.0 to 3.26.0
  • Bump org.apache.maven.plugins:maven-source-plugin from 3.2.1 to 3.3.1
  • Bump net.revelc.code:impsort-maven-plugin from 1.11.0 to 1.12.0
  • Bump org.owasp:dependency-check-maven from 10.0.3 to 11.1.0
  • Bump org.apache.maven.plugins:maven-gpg-plugin from 3.2.5 to 3.2.7
  • Bump org.apache.maven.plugins:maven-javadoc-plugin from 3.8.0 to 3.11.1
  • Bump org.apache.maven.plugins:maven-surefire-plugin from 3.4.0 to 3.5.2
  • Bump com.github.spotbugs:spotbugs-maven-plugin from 4.8.6.2 to 4.8.6.6
  • Bump commons-io:commons-io from 2.16.1 to 2.18.0

@koooooo7
Copy link

koooooo7 commented Nov 22, 2024
edited
Loading

Hi @kuntzed , Please consider to upgrade those outdate dependencies for spring-security-* security issues cve-2024-38827 either, thx in advance.

@kuntzed kuntzed force-pushed the release_355 branch 3 times, most recently from b3a9abc to fe33737 Compare November 25, 2024 07:53
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@finkmanAtSap finkmanAtSap Awaiting requested review from finkmanAtSap

At least 1 approving review is required to merge this pull request.

Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
2 participants
@kuntzed @koooooo7