generated from ministryofjustice/hmpps-template-kotlin
-
Notifications
You must be signed in to change notification settings - Fork 1
Commit
This commit does not belong to any branch on this repository, and may belong to a fork outside of the repository.
Browse files
Browse the repository at this point in the history
* SDIT-1677: ⬆️ Upgrade to latest spring boot * SDIT-1677: 🔒️ Remove custom suppressions as spring boot now upgraded
- Loading branch information
1 parent
02de459
commit 4e3ffe0
Showing
5 changed files
with
28 additions
and
40 deletions.
There are no files selected for viewing
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -1,6 +1,15 @@ | ||
# Suppression for spring-security: Broken Access Control With Direct Use of AuthenticatedVoter as we don't use it | ||
CVE-2024-22257 | ||
|
||
# Suppression for springframework: URL Parsing with Host Validation | ||
# Can't upgrade to spring boot 3.2.4 at present - see https://github.com/spring-projects/spring-framework/issues/32510 | ||
CVE-2024-22259 | ||
# WARNING - THIS FILE WAS GENERATED BY THE dps-gradle-spring-boot GRADLE PLUGIN | ||
# AND ANY MANUAL CHANGES WILL BE OVERRIDDEN ON YOUR NEXT BUILD. | ||
# | ||
# To make general changes to the suppressions below, change the gradle plugin dps-gradle-spring-boot, | ||
# publish a new version and update to the new version in your gradle build script | ||
# | ||
# To stop the dps-gradle-spring-boot project from overwriting any project specific customisations here, remove the | ||
# warning at the top of this file. | ||
# | ||
# Suppression for h2 2.1.214 password on command line vulnerability | ||
# can be suppressed as we only run h2 locally and not on build environments | ||
CVE-2022-45868 | ||
# Suppression for logback-classic and logback-core as we don't let third parties control our appenders. | ||
# See https://logback.qos.ch/news.html#1.3.12 for further information. | ||
CVE-2023-6378 |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file was deleted.
Oops, something went wrong.