Skip to content

Bump io.springfox.version from 2.9.2 to 3.0.0 in /src/backend #4

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Open
wants to merge 1 commit into
base: master
Choose a base branch
from
Open

Bump io.springfox.version from 2.9.2 to 3.0.0 in /src/backend #4

wants to merge 1 commit into from

Conversation

@dependabot
Copy link

@dependabot dependabot bot commented on behalf of github Feb 8, 2021

Bumps io.springfox.version from 2.9.2 to 3.0.0.
Updates springfox-swagger2 from 2.9.2 to 3.0.0

Release notes

Sourced from springfox-swagger2's releases.

3.0.0

Release Notes

image Picture Credit National Geographic

First and foremost a big thank you to the community for keeping me motivated to work on this project. There have been some really amazing contributions in this release in terms of code, comments, bug reports and it is humbling to see people jumping in to solve problems on the issue forum. It sure motivated me to get over the "hump" and start working on in earnest. What better way to lose the COVID blues!

Thank you! 🥳 🍾

Also please welcome the newest maintainer to the springfox team @MaksimOrlov. A lot of the great work you see in the model generation support is due to his efforts, collaborating tirelessly on weekends and not giving up while ensuring the model generation engine is performant 👏

NOTE: This is a breaking change release, I've tried to maintain backwards compatibility with earlier versions of springfox as much as possible. Deprecated APIs prior to 2.9 have been aggressively removed and new APIs that will go away in the near future have been marked. So please look out for those and do report anything that has been missed.

Highlights of this release include

  • Spring 5, Webflux support (only request mapping support, functional endpoints aren't supported yet)
  • Spring Integration support (feedback is much appreciated)
  • Spring Boot support springfox-boot-starter dependency (Zero Config, Autoconfiguration support)
  • Documented Configuration Properties with autocomplete
  • Better specification compatibility with 2.0
  • Support for OpenApi 3.0.3
  • Zero Dependency (almost, the only libraries needed are spring-plugin, pswagger-core](https://github.com/swagger-api/swagger-core)
  • Existing swagger2 annotations will continue to work and enrich open api 3.0 specification

Compatibility Notes

  • Requires Java 8
  • Requires Spring 5.x (not tested with earlier versions
  • Requires SpringBoot 2.2+ (not tested with earlier versions)

Contributions

Significant contributions that come to mind (and please remind me of others in this list cos' my memory is weak)

  • @MaksimOrlov for his work on better model generation (json view, validation groups, request/response models)
  • @dschulten for introducing spring integration support
  • @deblockt and @ligasgr for their work on webflux support
  • @ile for spring 5 support
  • @neil1hart for removing the guava dependencies
  • and @cbornet for the occasional nudges to working on this release :)

Pull Requests

... (truncated)

Commits
  • bc9d0ca Updated the documentation
  • d92928f Sorted the model properties by position and name
  • 4f4aa54 Added anchors for section links.
  • 9ffb648 Merge branch 'bug/3030-fix-base-path-with-plugins'
  • af99ca6 Added documentation about the avilability of the plugins
  • fb979a8 Added webmvc/webflux varaints of transformation filter plugins
  • dd47e4f Added two plugins to help customize the host/basePath
  • a9cf914 Added auto-startup property to the properties
  • a66b9a0 Fixed issue rendering file input as model attribute
  • 6b34f42 Merge branch 'bug/3353-form-variables-are-not-visible'
  • Additional commits viewable in compare view

Updates springfox-swagger-ui from 2.9.2 to 3.0.0

Release notes

Sourced from springfox-swagger-ui's releases.

3.0.0

Release Notes

image Picture Credit National Geographic

First and foremost a big thank you to the community for keeping me motivated to work on this project. There have been some really amazing contributions in this release in terms of code, comments, bug reports and it is humbling to see people jumping in to solve problems on the issue forum. It sure motivated me to get over the "hump" and start working on in earnest. What better way to lose the COVID blues!

Thank you! 🥳 🍾

Also please welcome the newest maintainer to the springfox team @MaksimOrlov. A lot of the great work you see in the model generation support is due to his efforts, collaborating tirelessly on weekends and not giving up while ensuring the model generation engine is performant 👏

NOTE: This is a breaking change release, I've tried to maintain backwards compatibility with earlier versions of springfox as much as possible. Deprecated APIs prior to 2.9 have been aggressively removed and new APIs that will go away in the near future have been marked. So please look out for those and do report anything that has been missed.

Highlights of this release include

  • Spring 5, Webflux support (only request mapping support, functional endpoints aren't supported yet)
  • Spring Integration support (feedback is much appreciated)
  • Spring Boot support springfox-boot-starter dependency (Zero Config, Autoconfiguration support)
  • Documented Configuration Properties with autocomplete
  • Better specification compatibility with 2.0
  • Support for OpenApi 3.0.3
  • Zero Dependency (almost, the only libraries needed are spring-plugin, pswagger-core](https://github.com/swagger-api/swagger-core)
  • Existing swagger2 annotations will continue to work and enrich open api 3.0 specification

Compatibility Notes

  • Requires Java 8
  • Requires Spring 5.x (not tested with earlier versions
  • Requires SpringBoot 2.2+ (not tested with earlier versions)

Contributions

Significant contributions that come to mind (and please remind me of others in this list cos' my memory is weak)

  • @MaksimOrlov for his work on better model generation (json view, validation groups, request/response models)
  • @dschulten for introducing spring integration support
  • @deblockt and @ligasgr for their work on webflux support
  • @ile for spring 5 support
  • @neil1hart for removing the guava dependencies
  • and @cbornet for the occasional nudges to working on this release :)

Pull Requests

... (truncated)

Commits
  • bc9d0ca Updated the documentation
  • d92928f Sorted the model properties by position and name
  • 4f4aa54 Added anchors for section links.
  • 9ffb648 Merge branch 'bug/3030-fix-base-path-with-plugins'
  • af99ca6 Added documentation about the avilability of the plugins
  • fb979a8 Added webmvc/webflux varaints of transformation filter plugins
  • dd47e4f Added two plugins to help customize the host/basePath
  • a9cf914 Added auto-startup property to the properties
  • a66b9a0 Fixed issue rendering file input as model attribute
  • 6b34f42 Merge branch 'bug/3353-form-variables-are-not-visible'
  • Additional commits viewable in compare view

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

  • @dependabot rebase will rebase this PR
  • @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
  • @dependabot merge will merge this PR after your CI passes on it
  • @dependabot squash and merge will squash and merge this PR after your CI passes on it
  • @dependabot cancel merge will cancel a previously requested merge and block automerging
  • @dependabot reopen will reopen this PR if it is closed
  • @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
  • @dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
  • @dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
  • @dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)

@dependabot
Bump io.springfox.version from 2.9.2 to 3.0.0 in /src/backend
b775619 
Bumps `io.springfox.version` from 2.9.2 to 3.0.0.

Updates `springfox-swagger2` from 2.9.2 to 3.0.0
- [Release notes](https://github.com/springfox/springfox/releases)
- [Changelog](https://github.com/springfox/springfox/blob/master/docs/release-notes.md)
- [Commits](springfox/springfox@2.9.2...3.0.0)

Updates `springfox-swagger-ui` from 2.9.2 to 3.0.0
- [Release notes](https://github.com/springfox/springfox/releases)
- [Changelog](https://github.com/springfox/springfox/blob/master/docs/release-notes.md)
- [Commits](springfox/springfox@2.9.2...3.0.0)

Signed-off-by: dependabot[bot] <support@github.com>
@dependabot dependabot bot added dependencies Pull requests that update a dependency file java Pull requests that update Java code labels Feb 8, 2021
mergebase-codegreen[bot]
mergebase-codegreen bot approved these changes Feb 8, 2021
View reviewed changes
Copy link

@mergebase-codegreen mergebase-codegreen bot left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Mergebase Code Green

Congrats! You removed some vulnerabilities.

Vulnerabilities removed

Vulnerability Dependency Source Path
CVE-2018-10237, GOOGLE-GUAVA-4011, CVE-2020-8908 com.google.guava/guava:20.0 src/backend/libs/efiling-bom/pom.xml
CVE-2016-5007 org.springframework/spring-aop:4.0.9.RELEASE src/backend/libs/efiling-bom/pom.xml
CVE-2016-5007 org.springframework/spring-beans:4.0.9.RELEASE src/backend/libs/efiling-bom/pom.xml
CVE-2016-5007 org.springframework/spring-context:4.0.9.RELEASE src/backend/libs/efiling-bom/pom.xml
CVE-2018-1272, CVE-2016-5007 org.springframework/spring-core:4.0.9.RELEASE src/backend/libs/efiling-bom/pom.xml
CVE-2016-5007 org.springframework/spring-expression:4.0.9.RELEASE src/backend/libs/efiling-bom/pom.xml

Updated Vulnerability Report

The report below shows the state of the repository after the pull request.

Critical

Vulnerability Dependency Source Path
CVE-2020-15256 npm:object-path:0.11.4 src/frontend/efiling-demo/yarn.lock
CVE-2020-15256 npm:object-path:0.11.4 src/frontend/efiling-frontend/yarn.lock
NSWG-ECO-0433 npm:open:7.3.0 src/frontend/efiling-demo/yarn.lock
NSWG-ECO-0433 npm:open:7.3.0 src/frontend/efiling-frontend/yarn.lock
CVE-2019-12900 org.apache.commons/commons-compress:1.18 tests/pom.xml
CVE-2016-4464 org.apache.cxf/cxf-rt-bindings-soap:3.4.1 src/backend/libs/efiling-bom/pom.xml
CVE-2016-6809 org.apache.tika/tika-core:UNKNOWN.VERSION src/backend/efiling-api/pom.xml

Extra High

Vulnerability Dependency Source Path
CVE-2021-20190, CVE-2020-36189, CVE-2020-36188, CVE-2020-36187, CVE-2020-36186, CVE-2020-36185, CVE-2020-36184, CVE-2020-36183, CVE-2020-36182, CVE-2020-36181, CVE-2020-36180, CVE-2020-36179, CVE-2020-35728, CVE-2020-35491, CVE-2020-35490, CVE-2020-24750 com.fasterxml.jackson.core/jackson-annotations:2.9.5 src/backend/libs/efiling-bom/pom.xml
CVE-2020-8265 npm:@types/node:14.11.5 src/frontend/efiling-demo/yarn.lock
CVE-2020-8265 npm:@types/node:14.14.0 src/frontend/efiling-frontend/yarn.lock
CVE-2017-7662, CVE-2017-7661, CVE-2017-12631 org.apache.cxf/cxf-rt-bindings-soap:3.4.1 src/backend/libs/efiling-bom/pom.xml
CVE-2018-1335 org.apache.tika/tika-core:UNKNOWN.VERSION src/backend/efiling-api/pom.xml

High

Vulnerability Dependency Source Path
CVE-2020-8277 npm:@types/node:14.11.5 src/frontend/efiling-demo/yarn.lock
CVE-2020-8277 npm:@types/node:14.14.0 src/frontend/efiling-frontend/yarn.lock
CVE-2020-7788 npm:ini:1.3.5 src/frontend/efiling-demo/yarn.lock
CVE-2020-7788 npm:ini:1.3.5 src/frontend/efiling-frontend/yarn.lock
CVE-2019-20149 npm:kind-of:2.0.1 src/frontend/efiling-demo/yarn.lock
CVE-2019-20149 npm:kind-of:2.0.1 src/frontend/efiling-frontend/yarn.lock
CVE-2019-20149 npm:kind-of:3.2.2 src/frontend/efiling-demo/yarn.lock
CVE-2019-20149 npm:kind-of:3.2.2 src/frontend/efiling-frontend/yarn.lock
CVE-2019-20149 npm:kind-of:4.0.0 src/frontend/efiling-demo/yarn.lock
CVE-2019-20149 npm:kind-of:4.0.0 src/frontend/efiling-frontend/yarn.lock
CVE-2019-20149 npm:kind-of:5.1.0 src/frontend/efiling-demo/yarn.lock
CVE-2019-20149 npm:kind-of:5.1.0 src/frontend/efiling-frontend/yarn.lock
CVE-2019-20149 npm:kind-of:6.0.3 src/frontend/efiling-demo/yarn.lock
CVE-2019-20149 npm:kind-of:6.0.3 src/frontend/efiling-frontend/yarn.lock
NSWG-ECO-0516 npm:lodash._reinterpolate:3.0.0 src/frontend/efiling-demo/yarn.lock
NSWG-ECO-0516 npm:lodash._reinterpolate:3.0.0 src/frontend/efiling-frontend/yarn.lock
NSWG-ECO-0516 npm:lodash.escape:4.0.1 src/frontend/efiling-demo/yarn.lock
NSWG-ECO-0516 npm:lodash.escape:4.0.1 src/frontend/efiling-frontend/yarn.lock
NSWG-ECO-0516 npm:lodash.flattendeep:4.4.0 src/frontend/efiling-demo/yarn.lock
NSWG-ECO-0516 npm:lodash.flattendeep:4.4.0 src/frontend/efiling-frontend/yarn.lock
NSWG-ECO-0516 npm:lodash.includes:4.3.0 src/frontend/efiling-demo/yarn.lock
NSWG-ECO-0516 npm:lodash.includes:4.3.0 src/frontend/efiling-frontend/yarn.lock
NSWG-ECO-0516 npm:lodash.isboolean:3.0.3 src/frontend/efiling-demo/yarn.lock
NSWG-ECO-0516 npm:lodash.isboolean:3.0.3 src/frontend/efiling-frontend/yarn.lock
NSWG-ECO-0516 npm:lodash.isequal:4.5.0 src/frontend/efiling-demo/yarn.lock
NSWG-ECO-0516 npm:lodash.isequal:4.5.0 src/frontend/efiling-frontend/yarn.lock
NSWG-ECO-0516 npm:lodash.isinteger:4.0.4 src/frontend/efiling-demo/yarn.lock
NSWG-ECO-0516 npm:lodash.isinteger:4.0.4 src/frontend/efiling-frontend/yarn.lock
NSWG-ECO-0516 npm:lodash.isnumber:3.0.3 src/frontend/efiling-demo/yarn.lock
NSWG-ECO-0516 npm:lodash.isnumber:3.0.3 src/frontend/efiling-frontend/yarn.lock
NSWG-ECO-0516 npm:lodash.isplainobject:4.0.6 src/frontend/efiling-demo/yarn.lock
NSWG-ECO-0516 npm:lodash.isplainobject:4.0.6 src/frontend/efiling-frontend/yarn.lock
NSWG-ECO-0516 npm:lodash.isstring:4.0.1 src/frontend/efiling-demo/yarn.lock
NSWG-ECO-0516 npm:lodash.isstring:4.0.1 src/frontend/efiling-frontend/yarn.lock
NSWG-ECO-0516 npm:lodash.memoize:4.1.2 src/frontend/efiling-demo/yarn.lock
NSWG-ECO-0516 npm:lodash.memoize:4.1.2 src/frontend/efiling-frontend/yarn.lock
NSWG-ECO-0516 npm:lodash.once:4.1.1 src/frontend/efiling-demo/yarn.lock
NSWG-ECO-0516 npm:lodash.once:4.1.1 src/frontend/efiling-frontend/yarn.lock
NSWG-ECO-0516 npm:lodash.sortby:4.7.0 src/frontend/efiling-demo/yarn.lock
NSWG-ECO-0516 npm:lodash.sortby:4.7.0 src/frontend/efiling-frontend/yarn.lock
NSWG-ECO-0516 npm:lodash.template:4.5.0 src/frontend/efiling-demo/yarn.lock
NSWG-ECO-0516 npm:lodash.template:4.5.0 src/frontend/efiling-frontend/yarn.lock
NSWG-ECO-0516 npm:lodash.templatesettings:4.2.0 src/frontend/efiling-demo/yarn.lock
NSWG-ECO-0516 npm:lodash.templatesettings:4.2.0 src/frontend/efiling-frontend/yarn.lock
NSWG-ECO-0516 npm:lodash.uniq:4.5.0 src/frontend/efiling-demo/yarn.lock
NSWG-ECO-0516 npm:lodash.uniq:4.5.0 src/frontend/efiling-frontend/yarn.lock
CVE-2020-15138 npm:prismjs:1.17.1 src/frontend/efiling-demo/yarn.lock
CVE-2020-15138 npm:prismjs:1.17.1 src/frontend/efiling-frontend/yarn.lock
CVE-2020-7774 npm:y18n:4.0.0 src/frontend/efiling-demo/yarn.lock
CVE-2020-7774 npm:y18n:4.0.0 src/frontend/efiling-frontend/yarn.lock
CVE-2019-12402 org.apache.commons/commons-compress:1.18 tests/pom.xml
CVE-2018-8038, CVE-2015-5175 org.apache.cxf/cxf-rt-bindings-soap:3.4.1 src/backend/libs/efiling-bom/pom.xml
CVE-2016-4434 org.apache.tika/tika-core:UNKNOWN.VERSION src/backend/efiling-api/pom.xml
CVE-2020-17527 org.apache.tomcat.embed/tomcat-embed-core:9.0.39 src/backend/efiling-api/pom.xml
CVE-2020-17527 org.apache.tomcat.embed/tomcat-embed-core:9.0.39 src/backend/libs/efiling-bambora-api-client/pom.xml
CVE-2020-17527 org.apache.tomcat.embed/tomcat-embed-core:9.0.39 src/backend/libs/efiling-ceis-api-client/pom.xml
CVE-2020-17527 org.apache.tomcat.embed/tomcat-embed-core:9.0.39 src/backend/libs/efiling-diligen-client/pom.xml
CVE-2020-17527 org.apache.tomcat.embed/tomcat-embed-core:9.0.39 tests/pom.xml

Medium

Vulnerability Dependency Source Path
CVE-2019-10247 com.fasterxml.jackson.core/jackson-annotations:2.11.3 src/backend/efiling-api/pom.xml
CVE-2019-10247 com.fasterxml.jackson.core/jackson-annotations:2.11.3 src/backend/libs/efiling-bambora-api-client/pom.xml
CVE-2019-10247 com.fasterxml.jackson.core/jackson-annotations:2.11.3 src/backend/libs/efiling-ceis-api-client/pom.xml
CVE-2019-10247 com.fasterxml.jackson.core/jackson-annotations:2.11.3 src/backend/libs/efiling-commons/pom.xml
CVE-2019-10247 com.fasterxml.jackson.core/jackson-annotations:2.11.3 src/backend/libs/efiling-cso-starter/pom.xml
CVE-2019-10247 com.fasterxml.jackson.core/jackson-annotations:2.11.3 src/backend/libs/efiling-diligen-client/pom.xml
CVE-2019-10247 com.fasterxml.jackson.core/jackson-annotations:2.11.3 tests/pom.xml
CVE-2019-10247 com.fasterxml.jackson.core/jackson-annotations:2.11.4 src/backend/efiling-reviewer-api/pom.xml
CVE-2019-10247 com.fasterxml.jackson.core/jackson-annotations:2.12.1 src/backend/libs/efiling-bom/pom.xml
CVE-2019-10247 com.fasterxml.jackson.core/jackson-annotations:2.9.5 src/backend/libs/efiling-bom/pom.xml
CVE-2019-10247 com.fasterxml.jackson.core/jackson-core:2.11.3 src/backend/efiling-api/pom.xml
CVE-2019-10247 com.fasterxml.jackson.core/jackson-core:2.11.3 src/backend/libs/efiling-bambora-api-client/pom.xml
CVE-2019-10247 com.fasterxml.jackson.core/jackson-core:2.11.3 src/backend/libs/efiling-ceis-api-client/pom.xml
CVE-2019-10247 com.fasterxml.jackson.core/jackson-core:2.11.3 src/backend/libs/efiling-commons/pom.xml
CVE-2019-10247 com.fasterxml.jackson.core/jackson-core:2.11.3 src/backend/libs/efiling-cso-starter/pom.xml
CVE-2019-10247 com.fasterxml.jackson.core/jackson-core:2.11.3 src/backend/libs/efiling-diligen-client/pom.xml
CVE-2019-10247 com.fasterxml.jackson.core/jackson-core:2.11.3 tests/pom.xml
CVE-2019-10247 com.fasterxml.jackson.core/jackson-core:2.11.4 src/backend/efiling-reviewer-api/pom.xml
CVE-2019-10247 com.fasterxml.jackson.core/jackson-databind:2.11.3 src/backend/efiling-api/pom.xml
CVE-2019-10247 com.fasterxml.jackson.core/jackson-databind:2.11.3 src/backend/libs/efiling-bambora-api-client/pom.xml
CVE-2019-10247 com.fasterxml.jackson.core/jackson-databind:2.11.3 src/backend/libs/efiling-ceis-api-client/pom.xml
CVE-2019-10247 com.fasterxml.jackson.core/jackson-databind:2.11.3 src/backend/libs/efiling-commons/pom.xml
CVE-2019-10247 com.fasterxml.jackson.core/jackson-databind:2.11.3 src/backend/libs/efiling-cso-starter/pom.xml
CVE-2019-10247 com.fasterxml.jackson.core/jackson-databind:2.11.3 src/backend/libs/efiling-diligen-client/pom.xml
CVE-2019-10247 com.fasterxml.jackson.core/jackson-databind:2.11.3 tests/pom.xml
CVE-2019-10247 com.fasterxml.jackson.core/jackson-databind:2.11.4 src/backend/efiling-reviewer-api/pom.xml
CVE-2019-10247 com.fasterxml.jackson.datatype/jackson-datatype-joda:2.11.3 src/backend/libs/efiling-bambora-api-client/pom.xml
CVE-2019-10247 com.fasterxml.jackson.datatype/jackson-datatype-joda:2.11.3 src/backend/libs/efiling-ceis-api-client/pom.xml
CVE-2019-10247 com.fasterxml.jackson.datatype/jackson-datatype-joda:2.11.3 src/backend/libs/efiling-diligen-client/pom.xml
CVE-2019-10247 com.fasterxml.jackson.jaxrs/jackson-jaxrs-base:2.11.3 src/backend/libs/efiling-bambora-api-client/pom.xml
CVE-2019-10247 com.fasterxml.jackson.jaxrs/jackson-jaxrs-base:2.11.3 src/backend/libs/efiling-ceis-api-client/pom.xml
CVE-2019-10247 com.fasterxml.jackson.jaxrs/jackson-jaxrs-base:2.11.3 src/backend/libs/efiling-diligen-client/pom.xml
CVE-2019-10247 com.fasterxml.jackson.jaxrs/jackson-jaxrs-json-provider:2.11.3 src/backend/libs/efiling-bambora-api-client/pom.xml
CVE-2019-10247 com.fasterxml.jackson.jaxrs/jackson-jaxrs-json-provider:2.11.3 src/backend/libs/efiling-ceis-api-client/pom.xml
CVE-2019-10247 com.fasterxml.jackson.jaxrs/jackson-jaxrs-json-provider:2.11.3 src/backend/libs/efiling-diligen-client/pom.xml
CVE-2019-10247 com.fasterxml.jackson.module/jackson-module-jaxb-annotations:2.10.1 src/backend/libs/efiling-bambora-api-client/pom.xml
CVE-2019-10247 com.fasterxml.jackson.module/jackson-module-jaxb-annotations:2.10.1 src/backend/libs/efiling-ceis-api-client/pom.xml
CVE-2019-10247 com.fasterxml.jackson.module/jackson-module-jaxb-annotations:2.10.1 src/backend/libs/efiling-diligen-client/pom.xml
CVE-2019-10247 com.fasterxml.woodstox/woodstox-core:6.2.1 src/backend/libs/efiling-bom/pom.xml
GOOGLE-GUAVA-4011 com.google.guava/guava:25.0-jre tests/pom.xml
CVE-2020-15250 junit/junit:4.13 tests/pom.xml
CVE-2020-8287 npm:@types/node:14.11.5 src/frontend/efiling-demo/yarn.lock
CVE-2020-8287 npm:@types/node:14.14.0 src/frontend/efiling-frontend/yarn.lock
CVE-2018-6341 npm:@types/prop-types:15.7.3 src/frontend/efiling-demo/yarn.lock
CVE-2018-6341 npm:@types/prop-types:15.7.3 src/frontend/efiling-frontend/yarn.lock
CVE-2018-6341 npm:@types/react-test-renderer:16.9.3 src/frontend/efiling-demo/yarn.lock
CVE-2018-6341 npm:@types/react-test-renderer:16.9.3 src/frontend/efiling-frontend/yarn.lock
CVE-2018-6341 npm:@types/react:16.9.51 src/frontend/efiling-demo/yarn.lock
CVE-2018-6341 npm:@types/react:16.9.53 src/frontend/efiling-frontend/yarn.lock
CVE-2020-7608 npm:@types/yargs-parser:15.0.0 src/frontend/efiling-demo/yarn.lock
CVE-2020-7608 npm:@types/yargs-parser:15.0.0 src/frontend/efiling-frontend/yarn.lock
CVE-2018-6341 npm:eslint-plugin-react-hooks:1.7.0 src/frontend/efiling-demo/yarn.lock
CVE-2018-6341 npm:eslint-plugin-react-hooks:1.7.0 src/frontend/efiling-frontend/yarn.lock
CVE-2018-6341 npm:eslint-plugin-react-hooks:4.1.2 src/frontend/efiling-demo/yarn.lock
CVE-2018-6341 npm:eslint-plugin-react-hooks:4.2.0 src/frontend/efiling-frontend/yarn.lock
CVE-2020-26237 npm:highlight.js:9.15.10 src/frontend/efiling-demo/yarn.lock
CVE-2020-26237 npm:highlight.js:9.15.10 src/frontend/efiling-frontend/yarn.lock
CVE-2018-6341 npm:prop-types:15.7.2 src/frontend/efiling-demo/yarn.lock
CVE-2018-6341 npm:prop-types:15.7.2 src/frontend/efiling-frontend/yarn.lock
CVE-2018-6341 npm:react-dom:16.13.1 src/frontend/efiling-demo/yarn.lock
CVE-2018-6341 npm:react-dom:16.14.0 src/frontend/efiling-frontend/yarn.lock
CVE-2018-6341 npm:react-is:16.13.1 src/frontend/efiling-demo/yarn.lock
CVE-2018-6341 npm:react-is:16.13.1 src/frontend/efiling-frontend/yarn.lock
CVE-2018-6341 npm:react-refresh:0.8.3 src/frontend/efiling-demo/yarn.lock
CVE-2018-6341 npm:react-test-renderer:16.13.1 src/frontend/efiling-demo/yarn.lock
CVE-2018-6341 npm:react-test-renderer:16.14.0 src/frontend/efiling-frontend/yarn.lock
CVE-2018-6341 npm:react:16.13.1 src/frontend/efiling-demo/yarn.lock
CVE-2018-6341 npm:react:16.14.0 src/frontend/efiling-frontend/yarn.lock
CVE-2018-6341 npm:scheduler:0.19.1 src/frontend/efiling-demo/yarn.lock
CVE-2018-6341 npm:scheduler:0.19.1 src/frontend/efiling-frontend/yarn.lock
CVE-2020-13956 org.apache.httpcomponents/httpclient:4.5.3 tests/pom.xml
CVE-2020-9489, CVE-2018-1339, CVE-2018-1338, CVE-2015-3271 org.apache.tika/tika-core:UNKNOWN.VERSION src/backend/efiling-api/pom.xml
CVE-2020-17521 org.codehaus.groovy/groovy:2.4.15 tests/pom.xml
CVE-2019-10247 org.codehaus.woodstox/stax2-api:4.2.1 src/backend/libs/efiling-bom/pom.xml
CVE-2019-10247 org.codehaus.woodstox/woodstox-core-asl:4.4.1 src/backend/libs/efiling-bom/pom.xml
CVE-2020-27218, CVE-2009-3555 org.eclipse.jetty/jetty-continuation:9.4.33.v20201020 src/backend/libs/efiling-bom/pom.xml
CVE-2020-27218, CVE-2009-3555 org.eclipse.jetty/jetty-http:9.4.33.v20201020 src/backend/libs/efiling-bom/pom.xml
CVE-2020-27218, CVE-2009-3555 org.eclipse.jetty/jetty-io:9.4.33.v20201020 src/backend/libs/efiling-bom/pom.xml
CVE-2020-27218, CVE-2009-3555 org.eclipse.jetty/jetty-security:9.4.33.v20201020 src/backend/libs/efiling-bom/pom.xml
CVE-2020-27218, CVE-2009-3555 org.eclipse.jetty/jetty-server:9.4.33.v20201020 src/backend/libs/efiling-bom/pom.xml
CVE-2020-27218, CVE-2009-3555 org.eclipse.jetty/jetty-util:9.4.33.v20201020 src/backend/libs/efiling-bom/pom.xml

Low

Vulnerability Dependency Source Path
CVE-2020-8908 com.google.guava/guava:25.0-jre tests/pom.xml
CVE-2020-10707 io.netty/netty-buffer:4.1.53.Final src/backend/efiling-api/pom.xml
CVE-2020-10707 io.netty/netty-buffer:4.1.53.Final src/backend/libs/efiling-demo-starter/pom.xml
CVE-2020-10707 io.netty/netty-codec:4.1.53.Final src/backend/efiling-api/pom.xml
CVE-2020-10707 io.netty/netty-codec:4.1.53.Final src/backend/libs/efiling-demo-starter/pom.xml
CVE-2020-10707 io.netty/netty-common:4.1.53.Final src/backend/efiling-api/pom.xml
CVE-2020-10707 io.netty/netty-common:4.1.53.Final src/backend/libs/efiling-demo-starter/pom.xml
CVE-2020-10707 io.netty/netty-handler:4.1.53.Final src/backend/efiling-api/pom.xml
CVE-2020-10707 io.netty/netty-handler:4.1.53.Final src/backend/libs/efiling-demo-starter/pom.xml
CVE-2020-10707 io.netty/netty-resolver:4.1.53.Final src/backend/efiling-api/pom.xml
CVE-2020-10707 io.netty/netty-resolver:4.1.53.Final src/backend/libs/efiling-demo-starter/pom.xml
CVE-2020-10707 io.netty/netty-transport:4.1.53.Final src/backend/efiling-api/pom.xml
CVE-2020-10707 io.netty/netty-transport:4.1.53.Final src/backend/libs/efiling-demo-starter/pom.xml
CVE-2013-7035 npm:@types/prop-types:15.7.3 src/frontend/efiling-demo/yarn.lock
CVE-2013-7035 npm:@types/prop-types:15.7.3 src/frontend/efiling-frontend/yarn.lock
CVE-2013-7035 npm:@types/react-test-renderer:16.9.3 src/frontend/efiling-demo/yarn.lock
CVE-2013-7035 npm:@types/react-test-renderer:16.9.3 src/frontend/efiling-frontend/yarn.lock
CVE-2013-7035 npm:@types/react:16.9.51 src/frontend/efiling-demo/yarn.lock
CVE-2013-7035 npm:@types/react:16.9.53 src/frontend/efiling-frontend/yarn.lock
CVE-2013-7035 npm:eslint-plugin-react-hooks:1.7.0 src/frontend/efiling-demo/yarn.lock
CVE-2013-7035 npm:eslint-plugin-react-hooks:1.7.0 src/frontend/efiling-frontend/yarn.lock
CVE-2013-7035 npm:eslint-plugin-react-hooks:4.1.2 src/frontend/efiling-demo/yarn.lock
CVE-2013-7035 npm:eslint-plugin-react-hooks:4.2.0 src/frontend/efiling-frontend/yarn.lock
CVE-2013-7035 npm:prop-types:15.7.2 src/frontend/efiling-demo/yarn.lock
CVE-2013-7035 npm:prop-types:15.7.2 src/frontend/efiling-frontend/yarn.lock
CVE-2013-7035 npm:react-dom:16.13.1 src/frontend/efiling-demo/yarn.lock
CVE-2013-7035 npm:react-dom:16.14.0 src/frontend/efiling-frontend/yarn.lock
CVE-2013-7035 npm:react-is:16.13.1 src/frontend/efiling-demo/yarn.lock
CVE-2013-7035 npm:react-is:16.13.1 src/frontend/efiling-frontend/yarn.lock
CVE-2013-7035 npm:react-refresh:0.8.3 src/frontend/efiling-demo/yarn.lock
CVE-2013-7035 npm:react-test-renderer:16.13.1 src/frontend/efiling-demo/yarn.lock
CVE-2013-7035 npm:react-test-renderer:16.14.0 src/frontend/efiling-frontend/yarn.lock
CVE-2013-7035 npm:react:16.13.1 src/frontend/efiling-demo/yarn.lock
CVE-2013-7035 npm:react:16.14.0 src/frontend/efiling-frontend/yarn.lock
CVE-2013-7035 npm:scheduler:0.19.1 src/frontend/efiling-demo/yarn.lock
CVE-2013-7035 npm:scheduler:0.19.1 src/frontend/efiling-frontend/yarn.lock

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

1 more reviewer

@mergebase-codegreen mergebase-codegreen[bot] mergebase-codegreen[bot] approved these changes

Reviewers whose approvals may not affect merge requirements

Assignees

No one assigned

Labels

dependencies Pull requests that update a dependency file java Pull requests that update Java code

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

1 participant