java-sec-code
java-sec-code copied to clipboard
JoyChou93
Java web common vulnerabilities and security code which is base on springboot and spring security
Bumps httpclient from 4.5.12 to 4.5.13. [](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores) Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a...
![dependabot[bot] avatar](https://avatars.githubusercontent.com/in/29110?v=4 "dependabot[bot] avatar"){kind=avatar}
Hi I have done some code cleanup - Removed unused imports - Use try/resource statement for better use of some missing close statement all the best matteo baccan
Bumps [spring-security-web](https://github.com/spring-projects/spring-security) from 4.2.12.RELEASE to 5.2.10.RELEASE. Release notes Sourced from spring-security-web's releases. 5.2.10.RELEASE :beetle: Bug Fixes Add null check in CsrfFilter and CsrfWebFilter #9594 :hammer: Dependency Upgrades Update to nohttp...
Bumps commons-io from 2.5 to 2.7. [](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores) Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a...
Please consider using some account other than 'root', such as 'joychou'. I use MySQL to support a number of services. The following are commands I use to create the environment...
Bumps commons-collections from 3.1 to 3.2.2. [](https://help.github.com/articles/configuring-automated-security-fixes) Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a...
Bumps [dom4j](https://github.com/dom4j/dom4j) from 2.1.0 to 2.1.3. Release notes Sourced from dom4j's releases. version-2.1.3 Improvements Added new factory method org.dom4j.io.SAXReader.createDefault(). It hase more secure defaults than new SAXReader(), which uses system...
为本项目引入 `.gitlab-ci.yml`,包含了 GitLab 内置的多个安全扫描工具,便于大家使用: 克隆之后,直接推送代码到 GitLab,即可看到安全扫描结果。 也提供了极狐 GitLab SaaS 的在线扫描结果。
Bumps [snakeyaml](https://bitbucket.org/asomov/snakeyaml) from 1.21 to 1.26. Commits See full diff in compare view [](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores) Dependabot will resolve any conflicts with this PR as long as you don't alter...