[
https://issues.apache.org/jira/browse/TAP5-2690?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=17459564#comment-17459564
]
D Tim Cummings commented on TAP5-2690:
--------------------------------------
This quickstart uses log4j 2.14.1 which has the very serious log4shell
vulnerability. Please update log4j to at least 2.16.0.
> Update quickstart to make Spring Boot optional
> ----------------------------------------------
>
> Key: TAP5-2690
> URL: https://issues.apache.org/jira/browse/TAP5-2690
> Project: Tapestry 5
> Issue Type: Improvement
> Components: quickstart
> Affects Versions: 5.7.3
> Reporter: picodotdev
> Assignee: Thiago Henrique De Paula Figueiredo
> Priority: Minor
> Fix For: 5.8.0
>
> Attachments: TAP5-2690.patch, gradlew-appRun.out.txt,
> gradlew-spring-boot-run.out.txt, mvn-archetype-generate.out.txt,
> mvn-jetty-run.out.txt, quickstart-screenshot-no-browser.png,
> quickstart-screenshot.png, tree.out.txt
>
>
> On the update to quickstart https://issues.apache.org/jira/browse/TAP5-2608
> the generated app was updated to use Spring Boot.
> Spring Boot is preferred to be optional, use Jetty or Tomcat as default
> option.
--
This message was sent by Atlassian Jira
(v8.20.1#820001)
