projectx
projectx copied to clipboard
ezbz
off the shelf infrastructure
[](https://infosecwriteups.com/want-to-take-over-the-java-ecosystem-all-you-need-is-a-mitm-1fc329d898fb) --- This is a security fix for a high severity vulnerability in your [Apache Maven](https://maven.apache.org/) `pom.xml` file(s). The build files indicate that this project is resolving dependencies over HTTP...
Bumps [spring-webmvc](https://github.com/spring-projects/spring-framework) from 3.0.5.RELEASE to 5.2.20.RELEASE. Release notes Sourced from spring-webmvc's releases. v5.2.20.RELEASE :star: New Features Restrict access to property paths on Class references #28262 Improve diagnostics in SpEL for...
![dependabot[bot] avatar](https://avatars.githubusercontent.com/in/29110?v=4 "dependabot[bot] avatar"){kind=avatar}
Bumps [spring-beans](https://github.com/spring-projects/spring-framework) from 3.0.5.RELEASE to 5.2.20.RELEASE. Release notes Sourced from spring-beans's releases. v5.2.20.RELEASE :star: New Features Restrict access to property paths on Class references #28262 Improve diagnostics in SpEL for...
Bumps [spring-web](https://github.com/spring-projects/spring-framework) from 3.0.5.RELEASE to 6.0.0. Release notes Sourced from spring-web's releases. v6.0.0 See What's New in Spring Framework 6.x and Upgrading to Spring Framework 6.x for upgrade instructions and...
Bumps commons-net from 2.0 to 3.9.0. [](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores) Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a...
Bumps [hibernate-core](https://github.com/hibernate/hibernate-orm) from 3.6.5.Final to 5.3.20.Final. Release notes Sourced from hibernate-core's releases. Hibernate ORM 5.2.0 5.2.0 includes many improvements and bug-fixes. For a complete list of changes, see https://hibernate.atlassian.net/projects/HHH/versions/23150/tab/release-report-done. Many...
Bumps [mysql-connector-java](https://github.com/mysql/mysql-connector-j) from 5.1.11 to 8.0.28. Changelog Sourced from mysql-connector-java's changelog. Changelog https://dev.mysql.com/doc/relnotes/connector-j/8.0/en/ Version 8.0.29 Fix for Bug#21978230, COMMENT PARSING NOT PROPER IN PREPSTMT.EXECUTEBATCH(). Fix for Bug#81468 (23312764), MySQL server...
Bumps jetty from 6.1.22 to 6.1.23. [](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores) Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a...
Bumps [spring-security-core](https://github.com/spring-projects/spring-security) from 3.0.4.RELEASE to 5.5.7. Release notes Sourced from spring-security-core's releases. 5.5.7 :hammer: Dependency Upgrades Update com.fasterxml.jackson.core to 2.13.2.2 #11211 Update com.fasterxml.jackson.datatype to 2.13.2 #11212 Update io.projectreactor to 2020.0.19...
Bumps [spring-core](https://github.com/spring-projects/spring-framework) from 3.0.5.RELEASE to 5.2.22.RELEASE. Release notes Sourced from spring-core's releases. v5.2.22.RELEASE :star: New Features Refine CachedIntrospectionResults property introspection #28446 :lady_beetle: Bug Fixes Ignore invalid STOMP frame #28444 v5.2.21.RELEASE...