feat:upgrade to 2023.0.5. (#1588)

CHANGELOG.md

@@ -3,3 +3,4 @@
 
 - [fix: add gateway context config example.](https://github.com/Tencent/spring-cloud-tencent/pull/1564)
 - [feat:support config empty protection.](https://github.com/Tencent/spring-cloud-tencent/pull/1586)
+- [feat:upgrade to 2023.0.5.](https://github.com/Tencent/spring-cloud-tencent/pull/1588)

pom.xml

@@ -5,7 +5,7 @@
 	<parent>
 		<groupId>org.springframework.cloud</groupId>
 		<artifactId>spring-cloud-build</artifactId>
-		<version>4.1.3</version>
+		<version>4.1.5</version>
 		<relativePath/>
 	</parent>
 	<modelVersion>4.0.0</modelVersion>
@@ -90,16 +90,16 @@
 
 	<properties>
 		<!-- Project revision -->
-		<revision>2.0.2.0-2023.0.3-SNAPSHOT</revision>
+		<revision>2.0.2.0-2023.0.5-SNAPSHOT</revision>
 
 		<!-- Spring Framework -->
-		<spring.framework.version>6.1.14</spring.framework.version>
+		<spring.framework.version>6.1.20</spring.framework.version>
 
 		<!-- Spring Boot -->
-		<spring.boot.version>3.3.5</spring.boot.version>
+		<spring.boot.version>3.3.12</spring.boot.version>
 
 		<!-- Spring Cloud -->
-		<spring.cloud.version>2023.0.3</spring.cloud.version>
+		<spring.cloud.version>2023.0.5</spring.cloud.version>
 
 		<!-- Maven Plugin Versions -->
 		<jacoco.version>0.8.12</jacoco.version>

spring-cloud-tencent-dependencies/pom.xml

@@ -5,7 +5,7 @@
 	<parent>
 		<groupId>org.springframework.cloud</groupId>
 		<artifactId>spring-cloud-dependencies-parent</artifactId>
-		<version>4.1.3</version>
+		<version>4.1.5</version>
 		<relativePath/>
 	</parent>
 	<modelVersion>4.0.0</modelVersion>
@@ -71,7 +71,7 @@
 
 	<properties>
 		<!-- Project revision -->
-		<revision>2.0.2.0-2023.0.3-SNAPSHOT</revision>
+		<revision>2.0.2.0-2023.0.5-SNAPSHOT</revision>
 
 		<!-- Polaris SDK version -->
 		<polaris.version>2.0.2.0-SNAPSHOT</polaris.version>
@@ -207,12 +207,6 @@
 				<version>${revision}</version>
 			</dependency>
 
-			<dependency>
-				<groupId>com.tencent.cloud</groupId>
-				<artifactId>spring-cloud-tencent-security-protection-plugin</artifactId>
-				<version>${revision}</version>
-			</dependency>
-
 			<!-- third part framework dependencies -->
 			<dependency>
 				<groupId>org.springdoc</groupId>

spring-cloud-tencent-plugin-starters/pom.xml

@@ -21,7 +21,6 @@
 		<module>spring-cloud-starter-tencent-threadlocal-plugin</module>
 		<module>spring-cloud-starter-tencent-trace-plugin</module>
 		<module>spring-cloud-starter-tencent-fault-tolerance</module>
-		<module>spring-cloud-tencent-security-protection-plugin</module>
 	</modules>
 
 </project>

spring-cloud-tencent-plugin-starters/spring-cloud-tencent-security-protection-plugin/pom.xml

@@ -1,59 +0,0 @@
-<?xml version="1.0" encoding="UTF-8"?>
-<project xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
-		 xmlns="http://maven.apache.org/POM/4.0.0"
-		 xsi:schemaLocation="http://maven.apache.org/POM/4.0.0 http://maven.apache.org/xsd/maven-4.0.0.xsd">
-	<parent>
-		<artifactId>spring-cloud-tencent-plugin-starters</artifactId>
-		<groupId>com.tencent.cloud</groupId>
-		<version>${revision}</version>
-		<relativePath>../pom.xml</relativePath>
-	</parent>
-	<modelVersion>4.0.0</modelVersion>
-
-	<artifactId>spring-cloud-tencent-security-protection-plugin</artifactId>
-	<name>Spring Cloud Tencent Lossless Plugin</name>
-
-
-	<dependencies>
-		<dependency>
-			<groupId>org.springframework.boot</groupId>
-			<artifactId>spring-boot-autoconfigure</artifactId>
-		</dependency>
-
-		<dependency>
-			<groupId>org.springframework</groupId>
-			<artifactId>spring-beans</artifactId>
-		</dependency>
-
-		<dependency>
-			<groupId>org.slf4j</groupId>
-			<artifactId>slf4j-api</artifactId>
-		</dependency>
-
-		<dependency>
-			<groupId>org.springframework</groupId>
-			<artifactId>spring-webmvc</artifactId>
-			<optional>true</optional>
-		</dependency>
-
-		<dependency>
-			<groupId>org.springframework</groupId>
-			<artifactId>spring-webflux</artifactId>
-			<optional>true</optional>
-		</dependency>
-
-		<dependency>
-			<groupId>org.springframework.boot</groupId>
-			<artifactId>spring-boot-starter-test</artifactId>
-			<scope>test</scope>
-		</dependency>
-
-		<dependency>
-			<groupId>org.mockito</groupId>
-			<artifactId>mockito-inline</artifactId>
-			<scope>test</scope>
-		</dependency>
-
-	</dependencies>
-
-</project>

spring-cloud-tencent-plugin-starters/spring-cloud-tencent-security-protection-plugin/src/main/java/com/tencent/cloud/plugin/protection/ExitUtils.java

@@ -1,52 +0,0 @@
-/*
- * Tencent is pleased to support the open source community by making spring-cloud-tencent available.
- *
- * Copyright (C) 2021 THL A29 Limited, a Tencent company. All rights reserved.
- *
- * Licensed under the BSD 3-Clause License (the "License");
- * you may not use this file except in compliance with the License.
- * You may obtain a copy of the License at
- *
- * https://opensource.org/licenses/BSD-3-Clause
- *
- * Unless required by applicable law or agreed to in writing, software distributed
- * under the License is distributed on an "AS IS" BASIS, WITHOUT WARRANTIES OR
- * CONDITIONS OF ANY KIND, either express or implied. See the License for the
- * specific language governing permissions and limitations under the License.
- */
-
-package com.tencent.cloud.plugin.protection;
-
-import org.springframework.context.ApplicationContext;
-import org.springframework.context.ConfigurableApplicationContext;
-
-/**
- * ExitUtils.
- *
- * @author Shedfree Wu
- */
-public final class ExitUtils {
-
-	private ExitUtils() {
-
-	}
-
-	public static void exit(ApplicationContext context) {
-		exit(context, 3000);
-	}
-
-	public static void exit(ApplicationContext context, int delay) {
-		if (context instanceof ConfigurableApplicationContext) {
-			ConfigurableApplicationContext configurableContext = (ConfigurableApplicationContext) context;
-			configurableContext.close();
-		}
-
-		try {
-			Thread.sleep(delay);
-		}
-		catch (InterruptedException e) {
-			// do nothing
-		}
-		System.exit(0);
-	}
-}

spring-cloud-tencent-plugin-starters/spring-cloud-tencent-security-protection-plugin/src/main/java/com/tencent/cloud/plugin/protection/SecurityProtectionAutoConfiguration.java

@@ -1,87 +0,0 @@
-/*
- * Tencent is pleased to support the open source community by making spring-cloud-tencent available.
- *
- * Copyright (C) 2021 THL A29 Limited, a Tencent company. All rights reserved.
- *
- * Licensed under the BSD 3-Clause License (the "License");
- * you may not use this file except in compliance with the License.
- * You may obtain a copy of the License at
- *
- * https://opensource.org/licenses/BSD-3-Clause
- *
- * Unless required by applicable law or agreed to in writing, software distributed
- * under the License is distributed on an "AS IS" BASIS, WITHOUT WARRANTIES OR
- * CONDITIONS OF ANY KIND, either express or implied. See the License for the
- * specific language governing permissions and limitations under the License.
- */
-
-package com.tencent.cloud.plugin.protection;
-
-
-import java.util.List;
-
-import org.slf4j.Logger;
-import org.slf4j.LoggerFactory;
-
-import org.springframework.beans.factory.InitializingBean;
-import org.springframework.beans.factory.annotation.Autowired;
-import org.springframework.boot.autoconfigure.condition.ConditionalOnClass;
-import org.springframework.boot.autoconfigure.condition.ConditionalOnProperty;
-import org.springframework.context.ApplicationContext;
-import org.springframework.context.annotation.Configuration;
-import org.springframework.web.servlet.function.RouterFunction;
-
-/**
- * SecurityProtectionAutoConfiguration.
- *
- * @author Shedfree Wu
- */
-@Configuration
-public class SecurityProtectionAutoConfiguration {
-
-	private static final Logger LOGGER = LoggerFactory.getLogger(SecurityProtectionAutoConfiguration.class);
-
-	@Configuration
-	@ConditionalOnProperty(name = "spring.cloud.tencent.security.protection.servlet.enabled", matchIfMissing = true)
-	@ConditionalOnClass(name = {"org.springframework.web.servlet.function.RouterFunction"})
-	static class ServletProtectionConfiguration implements InitializingBean {
-
-		@Autowired(required = false)
-		List<RouterFunction> routerFunctions;
-
-		@Autowired
-		ApplicationContext applicationContext;
-
-		@Override
-		public void afterPropertiesSet() {
-			if (routerFunctions != null && !routerFunctions.isEmpty()) {
-				LOGGER.error("Detected the presence of webmvc RouterFunction-related beans, which may trigger the CVE-2024-38819 vulnerability. The program will soon exit.");
-				LOGGER.error("routerFunctions:{}: ", routerFunctions);
-
-				ExitUtils.exit(applicationContext);
-			}
-		}
-	}
-
-	@Configuration
-	@ConditionalOnProperty(name = "spring.cloud.tencent.security.protection.reactive.enabled", matchIfMissing = true)
-	@ConditionalOnClass(name = {"org.springframework.web.reactive.function.server.RouterFunction"})
-	static class ReactiveProtectionConfiguration implements InitializingBean {
-
-		@Autowired(required = false)
-		List<org.springframework.web.reactive.function.server.RouterFunction> routerFunctions;
-
-		@Autowired
-		ApplicationContext applicationContext;
-
-		@Override
-		public void afterPropertiesSet() {
-			if (routerFunctions != null && !routerFunctions.isEmpty()) {
-				LOGGER.error("Detected the presence of webflux RouterFunction-related beans, which may trigger the CVE-2024-38819 vulnerability. The program will soon exit.");
-				LOGGER.error("routerFunctions:{}: ", routerFunctions);
-				ExitUtils.exit(applicationContext);
-			}
-		}
-	}
-
-}

spring-cloud-tencent-plugin-starters/spring-cloud-tencent-security-protection-plugin/src/main/resources/META-INF/spring/org.springframework.boot.autoconfigure.AutoConfiguration.imports

@@ -1 +0,0 @@
-com.tencent.cloud.plugin.protection.SecurityProtectionAutoConfiguration