This is an automated email from the ASF dual-hosted git repository.
onichols pushed a commit to branch support/1.12
in repository https://gitbox.apache.org/repos/asf/geode.git
The following commit(s) were added to refs/heads/support/1.12 by this push:
new ed47063062 GEODE-10355: Bump spring-security from 5.2.12 to 5.5.8
(#7770)
ed47063062 is described below
commit ed47063062b3d93c6c65f2be9ce6b58b731d4048
Author: Owen Nichols <34043438+onichols-pivo...@users.noreply.github.com>
AuthorDate: Mon Jun 13 14:49:02 2022 -0700
GEODE-10355: Bump spring-security from 5.2.12 to 5.5.8 (#7770)
Geode endeavors to update to the latest version of 3rd-party
dependencies on develop wherever possible. Doing so increases the
shelf life of releases and increases security and reliability.
Doing so regularly makes the occasional hiccups this can cause easier
to pinpoint and address.
Dependency bumps in this batch:
* Bump spring-security from 5.2.12.RELEASE to 5.5.8
---
boms/geode-all-bom/src/test/resources/expected-pom.xml | 10 +++++-----
.../apache/geode/gradle/plugins/DependencyConstraints.groovy | 2 +-
geode-assembly/src/integrationTest/resources/expected_jars.txt | 1 +
3 files changed, 7 insertions(+), 6 deletions(-)
diff --git a/boms/geode-all-bom/src/test/resources/expected-pom.xml
b/boms/geode-all-bom/src/test/resources/expected-pom.xml
index e4674ce20f..b3e6277bea 100644
--- a/boms/geode-all-bom/src/test/resources/expected-pom.xml
+++ b/boms/geode-all-bom/src/test/resources/expected-pom.xml
@@ -706,31 +706,31 @@
<dependency>
<groupId>org.springframework.security</groupId>
<artifactId>spring-security-config</artifactId>
- <version>5.2.12.RELEASE</version>
+ <version>5.5.8</version>
<scope>compile</scope>
</dependency>
<dependency>
<groupId>org.springframework.security</groupId>
<artifactId>spring-security-core</artifactId>
- <version>5.2.12.RELEASE</version>
+ <version>5.5.8</version>
<scope>compile</scope>
</dependency>
<dependency>
<groupId>org.springframework.security</groupId>
<artifactId>spring-security-ldap</artifactId>
- <version>5.2.12.RELEASE</version>
+ <version>5.5.8</version>
<scope>compile</scope>
</dependency>
<dependency>
<groupId>org.springframework.security</groupId>
<artifactId>spring-security-test</artifactId>
- <version>5.2.12.RELEASE</version>
+ <version>5.5.8</version>
<scope>compile</scope>
</dependency>
<dependency>
<groupId>org.springframework.security</groupId>
<artifactId>spring-security-web</artifactId>
- <version>5.2.12.RELEASE</version>
+ <version>5.5.8</version>
<scope>compile</scope>
</dependency>
<dependency>
diff --git
a/buildSrc/src/main/groovy/org/apache/geode/gradle/plugins/DependencyConstraints.groovy
b/buildSrc/src/main/groovy/org/apache/geode/gradle/plugins/DependencyConstraints.groovy
index 8997f5d788..0368e6b749 100644
---
a/buildSrc/src/main/groovy/org/apache/geode/gradle/plugins/DependencyConstraints.groovy
+++
b/buildSrc/src/main/groovy/org/apache/geode/gradle/plugins/DependencyConstraints.groovy
@@ -231,7 +231,7 @@ class DependencyConstraints implements Plugin<Project> {
entry('selenium-support')
}
- dependencySet(group: 'org.springframework.security', version:
'5.2.12.RELEASE') {
+ dependencySet(group: 'org.springframework.security', version: '5.5.8') {
entry('spring-security-config')
entry('spring-security-core')
entry('spring-security-ldap')
diff --git a/geode-assembly/src/integrationTest/resources/expected_jars.txt
b/geode-assembly/src/integrationTest/resources/expected_jars.txt
index 2fdc874d96..092aa81af2 100644
--- a/geode-assembly/src/integrationTest/resources/expected_jars.txt
+++ b/geode-assembly/src/integrationTest/resources/expected_jars.txt
@@ -105,6 +105,7 @@ spring-plugin-core
spring-plugin-metadata
spring-security-config
spring-security-core
+spring-security-crypto
spring-security-ldap
spring-security-web
spring-shell
