This is an automated email from the ASF dual-hosted git repository. onichols pushed a commit to branch support/1.12 in repository https://gitbox.apache.org/repos/asf/geode.git
The following commit(s) were added to refs/heads/support/1.12 by this push: new ed47063062 GEODE-10355: Bump spring-security from 5.2.12 to 5.5.8 (#7770) ed47063062 is described below commit ed47063062b3d93c6c65f2be9ce6b58b731d4048 Author: Owen Nichols <34043438+onichols-pivo...@users.noreply.github.com> AuthorDate: Mon Jun 13 14:49:02 2022 -0700 GEODE-10355: Bump spring-security from 5.2.12 to 5.5.8 (#7770) Geode endeavors to update to the latest version of 3rd-party dependencies on develop wherever possible. Doing so increases the shelf life of releases and increases security and reliability. Doing so regularly makes the occasional hiccups this can cause easier to pinpoint and address. Dependency bumps in this batch: * Bump spring-security from 5.2.12.RELEASE to 5.5.8 --- boms/geode-all-bom/src/test/resources/expected-pom.xml | 10 +++++----- .../apache/geode/gradle/plugins/DependencyConstraints.groovy | 2 +- geode-assembly/src/integrationTest/resources/expected_jars.txt | 1 + 3 files changed, 7 insertions(+), 6 deletions(-) diff --git a/boms/geode-all-bom/src/test/resources/expected-pom.xml b/boms/geode-all-bom/src/test/resources/expected-pom.xml index e4674ce20f..b3e6277bea 100644 --- a/boms/geode-all-bom/src/test/resources/expected-pom.xml +++ b/boms/geode-all-bom/src/test/resources/expected-pom.xml @@ -706,31 +706,31 @@ <dependency> <groupId>org.springframework.security</groupId> <artifactId>spring-security-config</artifactId> - <version>5.2.12.RELEASE</version> + <version>5.5.8</version> <scope>compile</scope> </dependency> <dependency> <groupId>org.springframework.security</groupId> <artifactId>spring-security-core</artifactId> - <version>5.2.12.RELEASE</version> + <version>5.5.8</version> <scope>compile</scope> </dependency> <dependency> <groupId>org.springframework.security</groupId> <artifactId>spring-security-ldap</artifactId> - <version>5.2.12.RELEASE</version> + <version>5.5.8</version> <scope>compile</scope> </dependency> <dependency> <groupId>org.springframework.security</groupId> <artifactId>spring-security-test</artifactId> - <version>5.2.12.RELEASE</version> + <version>5.5.8</version> <scope>compile</scope> </dependency> <dependency> <groupId>org.springframework.security</groupId> <artifactId>spring-security-web</artifactId> - <version>5.2.12.RELEASE</version> + <version>5.5.8</version> <scope>compile</scope> </dependency> <dependency> diff --git a/buildSrc/src/main/groovy/org/apache/geode/gradle/plugins/DependencyConstraints.groovy b/buildSrc/src/main/groovy/org/apache/geode/gradle/plugins/DependencyConstraints.groovy index 8997f5d788..0368e6b749 100644 --- a/buildSrc/src/main/groovy/org/apache/geode/gradle/plugins/DependencyConstraints.groovy +++ b/buildSrc/src/main/groovy/org/apache/geode/gradle/plugins/DependencyConstraints.groovy @@ -231,7 +231,7 @@ class DependencyConstraints implements Plugin<Project> { entry('selenium-support') } - dependencySet(group: 'org.springframework.security', version: '5.2.12.RELEASE') { + dependencySet(group: 'org.springframework.security', version: '5.5.8') { entry('spring-security-config') entry('spring-security-core') entry('spring-security-ldap') diff --git a/geode-assembly/src/integrationTest/resources/expected_jars.txt b/geode-assembly/src/integrationTest/resources/expected_jars.txt index 2fdc874d96..092aa81af2 100644 --- a/geode-assembly/src/integrationTest/resources/expected_jars.txt +++ b/geode-assembly/src/integrationTest/resources/expected_jars.txt @@ -105,6 +105,7 @@ spring-plugin-core spring-plugin-metadata spring-security-config spring-security-core +spring-security-crypto spring-security-ldap spring-security-web spring-shell