This is an automated email from the ASF dual-hosted git repository.
xxyu pushed a commit to branch kylin5
in repository https://gitbox.apache.org/repos/asf/kylin.git
commit 68bff04e1e400433d342e559c964877083fc770a
Author: huangsheng <huangshen...@163.com>
AuthorDate: Thu May 18 11:35:25 2023 +0800
mirror: Fix vulnerabilities
1. upgrade nimbus-jose-jwt from 7.9 to 9.23
2. upgrade springboot framework from 2.6.14 to 2.7.12
---
pom.xml | 10 ++++++++--
1 file changed, 8 insertions(+), 2 deletions(-)
diff --git a/pom.xml b/pom.xml
index ca0be4943e..4c46f83171 100644
--- a/pom.xml
+++ b/pom.xml
@@ -212,8 +212,8 @@
<!--metric-->
<dropwizard.version>4.1.1</dropwizard.version>
- <spring.cloud.version>2021.0.0</spring.cloud.version>
- <spring.boot.version>2.6.14</spring.boot.version>
+ <spring.cloud.version>2021.0.6</spring.cloud.version>
+ <spring.boot.version>2.7.12</spring.boot.version>
<spring-boot-admin.version>2.6.10</spring-boot-admin.version>
<spring-session.version>2.6.1-kylin-r4</spring-session.version>
<spring.framework.security.extensions.version>1.0.10.RELEASE</spring.framework.security.extensions.version>
@@ -856,6 +856,12 @@
<type>test-jar</type>
</dependency>
+ <dependency>
+ <groupId>com.nimbusds</groupId>
+ <artifactId>nimbus-jose-jwt</artifactId>
+ <version>${nimbus-jose-jwt.version}</version>
+ </dependency>
+
<!-- Hadoop2 dependencies -->
<dependency>
<groupId>org.apache.hadoop</groupId>
