Fix third-party lib CVEs & Upgrade core spring libs version . (#237)

pull/264/head
VOPEN.XYZ 2 years ago committed by GitHub
parent 750e5fd415
commit c1b31a73e2
No known key found for this signature in database
GPG Key ID: 4AEE18F83AFDEB23

@ -5,3 +5,4 @@
[Feature: Support spring cloud gateway routers](https://github.com/Tencent/spring-cloud-tencent/pull/230) [Feature: Support spring cloud gateway routers](https://github.com/Tencent/spring-cloud-tencent/pull/230)
[Feature: Add instance metadata spi for registration](https://github.com/Tencent/spring-cloud-tencent/pull/244) [Feature: Add instance metadata spi for registration](https://github.com/Tencent/spring-cloud-tencent/pull/244)
[Bugfix: fix guava version conflict bug & fix router strong dependency on LoadBalancerClientFilter](https://github.com/Tencent/spring-cloud-tencent/pull/236) [Bugfix: fix guava version conflict bug & fix router strong dependency on LoadBalancerClientFilter](https://github.com/Tencent/spring-cloud-tencent/pull/236)
[Upgrade: fix third-party lib CVEs & upgrade core spring libs version](https://github.com/Tencent/spring-cloud-tencent/pull/237)

@ -5,7 +5,7 @@
<parent> <parent>
<groupId>org.springframework.cloud</groupId> <groupId>org.springframework.cloud</groupId>
<artifactId>spring-cloud-build</artifactId> <artifactId>spring-cloud-build</artifactId>
<version>2.3.1.RELEASE</version> <version>2.3.5.RELEASE</version>
<relativePath/> <relativePath/>
</parent> </parent>
<modelVersion>4.0.0</modelVersion> <modelVersion>4.0.0</modelVersion>
@ -86,10 +86,13 @@
<properties> <properties>
<!-- Project revision --> <!-- Project revision -->
<revision>1.6.0-Hoxton.SR9-SNAPSHOT</revision> <revision>1.6.0-Hoxton.SR12-SNAPSHOT</revision>
<!-- Spring Cloud --> <!-- Spring Cloud -->
<spring.cloud.version>Hoxton.SR9</spring.cloud.version> <spring.cloud.version>Hoxton.SR12</spring.cloud.version>
<!-- Spring Framework -->
<spring.framework.version>5.2.22.RELEASE</spring.framework.version>
<!-- Maven Plugin Versions --> <!-- Maven Plugin Versions -->
<jacoco.version>0.8.3</jacoco.version> <jacoco.version>0.8.3</jacoco.version>
@ -115,6 +118,15 @@
<scope>import</scope> <scope>import</scope>
</dependency> </dependency>
<!-- Spring Framework Dependencies -->
<dependency>
<groupId>org.springframework</groupId>
<artifactId>spring-framework-bom</artifactId>
<version>${spring.framework.version}</version>
<type>pom</type>
<scope>import</scope>
</dependency>
<!-- Spring Cloud Dependencies --> <!-- Spring Cloud Dependencies -->
<dependency> <dependency>
<groupId>org.springframework.cloud</groupId> <groupId>org.springframework.cloud</groupId>

@ -33,6 +33,12 @@
<optional>true</optional> <optional>true</optional>
</dependency> </dependency>
<dependency>
<groupId>org.springframework.boot</groupId>
<artifactId>spring-boot-starter-web</artifactId>
<optional>true</optional>
</dependency>
<dependency> <dependency>
<groupId>org.springframework.cloud</groupId> <groupId>org.springframework.cloud</groupId>
<artifactId>spring-cloud-starter-openfeign</artifactId> <artifactId>spring-cloud-starter-openfeign</artifactId>

@ -43,7 +43,7 @@ import static org.springframework.boot.test.context.SpringBootTest.WebEnvironmen
@RunWith(SpringRunner.class) @RunWith(SpringRunner.class)
@SpringBootTest(webEnvironment = MOCK, @SpringBootTest(webEnvironment = MOCK,
classes = DecodeTransferMetadataServletFilterTest.TestApplication.class, classes = DecodeTransferMetadataServletFilterTest.TestApplication.class,
properties = { "spring.config.location = classpath:application-test.yml" }) properties = { "spring.config.location = classpath:application-test.yml", "spring.main.web-application-type = reactive" })
public class DecodeTransferMetadataReactiveFilterTest { public class DecodeTransferMetadataReactiveFilterTest {
@Autowired @Autowired

@ -45,7 +45,9 @@ import static org.springframework.boot.test.context.SpringBootTest.WebEnvironmen
@RunWith(SpringRunner.class) @RunWith(SpringRunner.class)
@SpringBootTest(webEnvironment = RANDOM_PORT, @SpringBootTest(webEnvironment = RANDOM_PORT,
classes = DecodeTransferMetadataServletFilterTest.TestApplication.class, classes = DecodeTransferMetadataServletFilterTest.TestApplication.class,
properties = { "spring.config.location = classpath:application-test.yml" }) properties = { "spring.config.location = classpath:application-test.yml",
"spring.main.web-application-type = servlet",
"spring.cloud.gateway.enabled = false" })
public class DecodeTransferMetadataServletFilterTest { public class DecodeTransferMetadataServletFilterTest {
@Autowired @Autowired

@ -53,7 +53,9 @@ import static org.springframework.boot.test.context.SpringBootTest.WebEnvironmen
@SpringBootTest(webEnvironment = DEFINED_PORT, @SpringBootTest(webEnvironment = DEFINED_PORT,
classes = EncodeTransferMedataFeignInterceptorTest.TestApplication.class, classes = EncodeTransferMedataFeignInterceptorTest.TestApplication.class,
properties = {"server.port=8081", properties = {"server.port=8081",
"spring.config.location = classpath:application-test.yml"}) "spring.config.location = classpath:application-test.yml",
"spring.main.web-application-type = servlet",
"spring.cloud.gateway.enabled = false"})
public class EncodeTransferMedataFeignInterceptorTest { public class EncodeTransferMedataFeignInterceptorTest {
@Autowired @Autowired

@ -52,7 +52,7 @@ import static org.springframework.boot.test.context.SpringBootTest.WebEnvironmen
@RunWith(SpringRunner.class) @RunWith(SpringRunner.class)
@SpringBootTest(webEnvironment = RANDOM_PORT, @SpringBootTest(webEnvironment = RANDOM_PORT,
classes = EncodeTransferMedataRestTemplateInterceptorTest.TestApplication.class, classes = EncodeTransferMedataRestTemplateInterceptorTest.TestApplication.class,
properties = { "spring.config.location = classpath:application-test.yml" }) properties = { "spring.config.location = classpath:application-test.yml", "spring.main.web-application-type = reactive" })
public class EncodeTransferMedataRestTemplateInterceptorTest { public class EncodeTransferMedataRestTemplateInterceptorTest {
@Autowired @Autowired

@ -14,7 +14,6 @@
<name>Spring Cloud Tencent Commons</name> <name>Spring Cloud Tencent Commons</name>
<properties> <properties>
<commons.collections.version>3.2.2</commons.collections.version>
<commons.lang.version>2.5</commons.lang.version> <commons.lang.version>2.5</commons.lang.version>
<commons.io.version>2.7</commons.io.version> <commons.io.version>2.7</commons.io.version>
</properties> </properties>
@ -47,12 +46,6 @@
<artifactId>spring-cloud-starter</artifactId> <artifactId>spring-cloud-starter</artifactId>
</dependency> </dependency>
<dependency>
<groupId>commons-collections</groupId>
<artifactId>commons-collections</artifactId>
<version>${commons.collections.version}</version>
</dependency>
<dependency> <dependency>
<groupId>commons-lang</groupId> <groupId>commons-lang</groupId>
<artifactId>commons-lang</artifactId> <artifactId>commons-lang</artifactId>

@ -37,7 +37,7 @@ import org.springframework.test.context.junit4.SpringRunner;
@RunWith(SpringRunner.class) @RunWith(SpringRunner.class)
@SpringBootTest(webEnvironment = SpringBootTest.WebEnvironment.RANDOM_PORT, @SpringBootTest(webEnvironment = SpringBootTest.WebEnvironment.RANDOM_PORT,
classes = MetadataContextHolderTest.TestApplication.class, classes = MetadataContextHolderTest.TestApplication.class,
properties = { "spring.config.location = classpath:application-test.yml" }) properties = { "spring.config.location = classpath:application-test.yml", "spring.main.web-application-type = reactive" })
public class MetadataContextHolderTest { public class MetadataContextHolderTest {
@Test @Test

@ -34,7 +34,7 @@ import org.springframework.test.context.junit4.SpringRunner;
@RunWith(SpringRunner.class) @RunWith(SpringRunner.class)
@SpringBootTest(webEnvironment = SpringBootTest.WebEnvironment.RANDOM_PORT, @SpringBootTest(webEnvironment = SpringBootTest.WebEnvironment.RANDOM_PORT,
classes = MetadataLocalPropertiesTest.TestApplication.class, classes = MetadataLocalPropertiesTest.TestApplication.class,
properties = { "spring.config.location = classpath:application-test.yml" }) properties = { "spring.config.location = classpath:application-test.yml", "spring.main.web-application-type = reactive" })
public class MetadataLocalPropertiesTest { public class MetadataLocalPropertiesTest {
@Autowired @Autowired

@ -5,7 +5,7 @@
<parent> <parent>
<groupId>org.springframework.cloud</groupId> <groupId>org.springframework.cloud</groupId>
<artifactId>spring-cloud-dependencies-parent</artifactId> <artifactId>spring-cloud-dependencies-parent</artifactId>
<version>2.3.1.RELEASE</version> <version>2.3.5.RELEASE</version>
<relativePath/> <relativePath/>
</parent> </parent>
<modelVersion>4.0.0</modelVersion> <modelVersion>4.0.0</modelVersion>
@ -70,11 +70,14 @@
</developers> </developers>
<properties> <properties>
<revision>1.6.0-Hoxton.SR9-SNAPSHOT</revision> <revision>1.6.0-Hoxton.SR12-SNAPSHOT</revision>
<polaris.version>1.6.1</polaris.version> <polaris.version>1.6.1</polaris.version>
<logback.version>1.2.7</logback.version> <logback.version>1.2.11</logback.version>
<mocktio.version>4.5.1</mocktio.version> <mocktio.version>4.5.1</mocktio.version>
<byte-buddy.version>1.12.10</byte-buddy.version> <byte-buddy.version>1.12.10</byte-buddy.version>
<jackson.version>2.12.7</jackson.version>
<protobuf-java.version>3.16.1</protobuf-java.version>
<bcprov-jdk15on.version>1.69</bcprov-jdk15on.version>
<guava.version>31.0.1-jre</guava.version> <guava.version>31.0.1-jre</guava.version>
<!-- Maven Plugin Versions --> <!-- Maven Plugin Versions -->
@ -169,12 +172,48 @@
</exclusions> </exclusions>
</dependency> </dependency>
<dependency>
<groupId>ch.qos.logback</groupId>
<artifactId>logback-core</artifactId>
<version>${logback.version}</version>
</dependency>
<dependency> <dependency>
<groupId>ch.qos.logback</groupId> <groupId>ch.qos.logback</groupId>
<artifactId>logback-classic</artifactId> <artifactId>logback-classic</artifactId>
<version>${logback.version}</version> <version>${logback.version}</version>
</dependency> </dependency>
<dependency>
<groupId>com.fasterxml.jackson.core</groupId>
<artifactId>jackson-annotations</artifactId>
<version>${jackson.version}</version>
</dependency>
<dependency>
<groupId>com.fasterxml.jackson.core</groupId>
<artifactId>jackson-core</artifactId>
<version>${jackson.version}</version>
</dependency>
<dependency>
<groupId>com.fasterxml.jackson.core</groupId>
<artifactId>jackson-databind</artifactId>
<version>${jackson.version}</version>
</dependency>
<dependency>
<groupId>com.google.protobuf</groupId>
<artifactId>protobuf-java</artifactId>
<version>${protobuf-java.version}</version>
</dependency>
<dependency>
<groupId>org.bouncycastle</groupId>
<artifactId>bcprov-jdk15on</artifactId>
<version>${bcprov-jdk15on.version}</version>
</dependency>
<dependency> <dependency>
<groupId>org.mockito</groupId> <groupId>org.mockito</groupId>
<artifactId>mockito-inline</artifactId> <artifactId>mockito-inline</artifactId>

@ -42,9 +42,10 @@ import com.tencent.polaris.api.pojo.ServiceInstances;
import com.tencent.polaris.api.pojo.ServiceKey; import com.tencent.polaris.api.pojo.ServiceKey;
import com.tencent.polaris.api.rpc.GetHealthyInstancesRequest; import com.tencent.polaris.api.rpc.GetHealthyInstancesRequest;
import com.tencent.polaris.api.rpc.InstancesResponse; import com.tencent.polaris.api.rpc.InstancesResponse;
import org.apache.commons.collections.CollectionUtils;
import org.apache.commons.lang.StringUtils; import org.apache.commons.lang.StringUtils;
import org.springframework.util.CollectionUtils;
/** /**
* Routing load balancer of polaris. * Routing load balancer of polaris.
* *

Loading…
Cancel
Save