Fix third-party lib CVEs & Upgrade core spring libs version . (2021.0) (#263)

* Fix third-party lib CVEs & Upgrade core spring libs version .

* Update CHANGELOG.md

Co-authored-by: Haotian Zhang <928016560@qq.com>
pull/271/head
VOPEN.XYZ 2 years ago committed by GitHub
parent afa87770bd
commit 046ca66f62
No known key found for this signature in database
GPG Key ID: 4AEE18F83AFDEB23

@ -1,4 +1,5 @@
# Change Log
---
- [Upgrade: fix third-party lib CVEs & upgrade core spring libs version](https://github.com/Tencent/spring-cloud-tencent/pull/263)
- [feat:support reading configuration from application.yml or application.properties.](https://github.com/Tencent/spring-cloud-tencent/pull/262)

@ -5,7 +5,7 @@
<parent>
<groupId>org.springframework.cloud</groupId>
<artifactId>spring-cloud-build</artifactId>
<version>3.1.2</version>
<version>3.1.3</version>
<relativePath/>
</parent>
<modelVersion>4.0.0</modelVersion>
@ -86,10 +86,13 @@
<properties>
<!-- Project revision -->
<revision>1.6.0-2021.0.2-SNAPSHOT</revision>
<revision>1.6.0-2021.0.3-SNAPSHOT</revision>
<!-- Spring Cloud -->
<spring.cloud.version>2021.0.2</spring.cloud.version>
<spring.cloud.version>2021.0.3</spring.cloud.version>
<!-- Spring Framework -->
<spring.framework.version>5.3.21</spring.framework.version>
<!-- Maven Plugin Versions -->
<jacoco.version>0.8.3</jacoco.version>
@ -123,6 +126,15 @@
<type>pom</type>
<scope>import</scope>
</dependency>
<!-- Spring Framework Dependencies -->
<dependency>
<groupId>org.springframework</groupId>
<artifactId>spring-framework-bom</artifactId>
<version>${spring.framework.version}</version>
<type>pom</type>
<scope>import</scope>
</dependency>
</dependencies>
</dependencyManagement>

@ -14,9 +14,8 @@
<name>Spring Cloud Tencent Commons</name>
<properties>
<commons.collections.version>3.2.2</commons.collections.version>
<commons.lang.version>2.5</commons.lang.version>
<commons.io.version>2.7</commons.io.version>
<commons.lang.version>2.6</commons.lang.version>
<commons.io.version>2.11.0</commons.io.version>
</properties>
<dependencies>
@ -47,12 +46,6 @@
<artifactId>spring-cloud-starter</artifactId>
</dependency>
<dependency>
<groupId>commons-collections</groupId>
<artifactId>commons-collections</artifactId>
<version>${commons.collections.version}</version>
</dependency>
<dependency>
<groupId>commons-lang</groupId>
<artifactId>commons-lang</artifactId>

@ -5,7 +5,7 @@
<parent>
<groupId>org.springframework.cloud</groupId>
<artifactId>spring-cloud-dependencies-parent</artifactId>
<version>3.1.2</version>
<version>3.1.3</version>
<relativePath/>
</parent>
<modelVersion>4.0.0</modelVersion>
@ -70,12 +70,16 @@
</developers>
<properties>
<revision>1.6.0-2021.0.2-SNAPSHOT</revision>
<revision>1.6.0-2021.0.3-SNAPSHOT</revision>
<!-- Dependencies -->
<polaris.version>1.6.1</polaris.version>
<guava.version>31.1-jre</guava.version>
<logback.version>1.2.7</logback.version>
<guava.version>31.0.1-jre</guava.version>
<logback.version>1.2.11</logback.version>
<mocktio.version>4.5.1</mocktio.version>
<byte-buddy.version>1.12.10</byte-buddy.version>
<protobuf-java.version>3.16.1</protobuf-java.version>
<bcprov-jdk15on.version>1.69</bcprov-jdk15on.version>
<!-- Maven Plugin Versions -->
<maven-source-plugin.version>3.2.0</maven-source-plugin.version>
@ -152,6 +156,26 @@
<groupId>com.google.guava</groupId>
<artifactId>guava</artifactId>
<version>${guava.version}</version>
<exclusions>
<exclusion>
<artifactId>jsr305</artifactId>
<groupId>com.google.code.findbugs</groupId>
</exclusion>
<exclusion>
<artifactId>animal-sniffer-annotations</artifactId>
<groupId>org.codehaus.mojo</groupId>
</exclusion>
<exclusion>
<artifactId>error_prone_annotations</artifactId>
<groupId>com.google.errorprone</groupId>
</exclusion>
</exclusions>
</dependency>
<dependency>
<groupId>ch.qos.logback</groupId>
<artifactId>logback-core</artifactId>
<version>${logback.version}</version>
</dependency>
<dependency>
@ -160,6 +184,18 @@
<version>${logback.version}</version>
</dependency>
<dependency>
<groupId>com.google.protobuf</groupId>
<artifactId>protobuf-java</artifactId>
<version>${protobuf-java.version}</version>
</dependency>
<dependency>
<groupId>org.bouncycastle</groupId>
<artifactId>bcprov-jdk15on</artifactId>
<version>${bcprov-jdk15on.version}</version>
</dependency>
<dependency>
<groupId>org.mockito</groupId>
<artifactId>mockito-inline</artifactId>

@ -27,10 +27,10 @@ import com.tencent.polaris.api.pojo.DefaultServiceInstances;
import com.tencent.polaris.api.pojo.Instance;
import com.tencent.polaris.api.pojo.ServiceInstances;
import com.tencent.polaris.api.pojo.ServiceKey;
import org.apache.commons.collections.CollectionUtils;
import reactor.core.publisher.Flux;
import org.springframework.cloud.client.ServiceInstance;
import org.springframework.util.CollectionUtils;
/**
* load balancer utils.
@ -54,7 +54,7 @@ public class LoadBalancerUtils {
}).collect(Collectors.toList());
String serviceName = null;
if (CollectionUtils.isNotEmpty(instances)) {
if (!CollectionUtils.isEmpty(instances)) {
serviceName = instances.get(0).getService();
}

Loading…
Cancel
Save