skeleton
skeleton copied to clipboard
veryyoung
Java Web Skeleton(Java Web 开发脚手架)
Bumps [hibernate-core](https://github.com/hibernate/hibernate-orm) from 4.3.8.Final to 5.3.20.Final. Release notes Sourced from hibernate-core's releases. Hibernate ORM 5.2.0 5.2.0 includes many improvements and bug-fixes. For a complete list of changes, see https://hibernate.atlassian.net/projects/HHH/versions/23150/tab/release-report-done. Many...
![dependabot[bot] avatar](https://avatars.githubusercontent.com/in/29110?v=4 "dependabot[bot] avatar"){kind=avatar}
Bumps [jackson-databind](https://github.com/FasterXML/jackson) from 2.5.1 to 2.12.7.1. Commits See full diff in compare view [](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores) Dependabot will resolve any conflicts with this PR as long as you don't alter...
Bumps [mysql-connector-java](https://github.com/mysql/mysql-connector-j) from 5.1.34 to 8.0.28. Changelog Sourced from mysql-connector-java's changelog. Changelog https://dev.mysql.com/doc/relnotes/connector-j/8.0/en/ Version 8.0.29 Fix for Bug#21978230, COMMENT PARSING NOT PROPER IN PREPSTMT.EXECUTEBATCH(). Fix for Bug#81468 (23312764), MySQL server...
Bumps [spring-webmvc](https://github.com/spring-projects/spring-framework) from 4.1.5.RELEASE to 5.3.18. Release notes Sourced from spring-webmvc's releases. v5.3.18 :star: New Features Restrict access to property paths on Class references #28261 Introduce cancel(boolean mayInterruptIfRunning) in ScheduledTask...
检测到 veryyoung/skeleton 一共引入了50个开源组件,存在69个漏洞 ``` 漏洞标题:Oracle MySQL 输入验证错误漏洞 缺陷组件:mysql:[email protected] 漏洞编号:CVE-2021-2471 漏洞描述:Oracle MySQL是美国甲骨文(Oracle)公司的一套开源的关系数据库管理系统。 Oracle MySQL 的 MySQL Connectors 产品中存在输入验证错误漏洞,该漏洞允许高特权攻击者通过多种协议访问网络来破坏 MySQL 连接器。成功攻击此漏洞会导致对关键数据的未授权访问或对所有 MySQL 连接器可访问数据的完全访问,以及导致 MySQL 连接器挂起或频繁重复崩溃。 影响范围:(∞, 8.0.27) 最小修复版本:8.0.27 缺陷组件引入路径:me.veryyoung:[email protected]>mysql:[email protected] ``` 另外还有69个漏洞,详细报告:https://mofeisec.com/jr?p=id09ea
Bumps logback-classic from 1.1.2 to 1.2.0. [](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores) Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a...
Bumps httpclient from 4.4 to 4.5.13. [](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores) Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a...
Bumps [junit](https://github.com/junit-team/junit4) from 4.12 to 4.13.1. Release notes Sourced from junit's releases. JUnit 4.13.1 Please refer to the release notes for details. JUnit 4.13 Please refer to the release notes...
Bumps [hibernate-validator](https://github.com/hibernate/hibernate-validator) from 5.2.0.Alpha1 to 5.3.5.Final. Changelog Sourced from hibernate-validator's changelog. 5.3.5.Final (15-03-2017) ** Bug * HV-1284 - build - Reenable testing under the security manager * HV-1220 - engine...
Bumps [spring-webmvc](https://github.com/spring-projects/spring-framework) from 4.1.5.RELEASE to 5.2.20.RELEASE. Release notes Sourced from spring-webmvc's releases. v5.2.20.RELEASE :star: New Features Restrict access to property paths on Class references #28262 Improve diagnostics in SpEL for...