From 6e1ac518da3be513d5fca173b3cb6709cfde420f Mon Sep 17 00:00:00 2001 From: SkyeBeFreeman <928016560@qq.com> Date: Mon, 14 Mar 2022 15:39:39 +0800 Subject: [PATCH] fix:fix [Deserialization of Untrusted Data in logback](https://github.com/Tencent/spring-cloud-tencent/security/dependabot/1). --- pom.xml | 35 ++++++++++++------- .../polaris-circuitbreaker-example-a/pom.xml | 10 ++---- .../polaris-circuitbreaker-example-b/pom.xml | 10 ++---- 3 files changed, 27 insertions(+), 28 deletions(-) diff --git a/pom.xml b/pom.xml index 3848ac857..1bdf9d21b 100644 --- a/pom.xml +++ b/pom.xml @@ -76,12 +76,23 @@ Hoxton.SR9 + + 1.2.7 + 0.8.3 3.2.0 1.2.7 + + + ch.qos.logback + logback-classic + ${logback.version} + + + @@ -232,16 +243,16 @@ - - - nexus-snapshots - https://oss.sonatype.org/content/repositories/snapshots/ - - false - - - true - - - + + + + + + + + + + + + \ No newline at end of file diff --git a/spring-cloud-tencent-examples/polaris-circuitbreaker-example/polaris-circuitbreaker-example-a/pom.xml b/spring-cloud-tencent-examples/polaris-circuitbreaker-example/polaris-circuitbreaker-example-a/pom.xml index 5bf16820e..e365201e4 100644 --- a/spring-cloud-tencent-examples/polaris-circuitbreaker-example/polaris-circuitbreaker-example-a/pom.xml +++ b/spring-cloud-tencent-examples/polaris-circuitbreaker-example/polaris-circuitbreaker-example-a/pom.xml @@ -1,6 +1,6 @@ - polaris-circuitbreaker-example @@ -17,12 +17,6 @@ - - ch.qos.logback - logback-core - 1.2.3 - compile - org.springframework.boot spring-boot-starter-web diff --git a/spring-cloud-tencent-examples/polaris-circuitbreaker-example/polaris-circuitbreaker-example-b/pom.xml b/spring-cloud-tencent-examples/polaris-circuitbreaker-example/polaris-circuitbreaker-example-b/pom.xml index 2c56070ed..5042f175f 100644 --- a/spring-cloud-tencent-examples/polaris-circuitbreaker-example/polaris-circuitbreaker-example-b/pom.xml +++ b/spring-cloud-tencent-examples/polaris-circuitbreaker-example/polaris-circuitbreaker-example-b/pom.xml @@ -1,6 +1,6 @@ - polaris-circuitbreaker-example @@ -17,12 +17,6 @@ - - ch.qos.logback - logback-core - 1.2.3 - compile - org.springframework.boot spring-boot-starter-webflux