From 58fca720a977e06ebba322f8fdecc3a5279d5313 Mon Sep 17 00:00:00 2001
From: RuoYi <yzz_ivy@163.com>
Date: Fri, 08 Nov 2024 16:24:14 +0800
Subject: [PATCH] 升级pom依赖到安全版本
---
pom.xml | 65 ++++++++++++++++++++++++++++++--
1 files changed, 60 insertions(+), 5 deletions(-)
diff --git a/pom.xml b/pom.xml
index 4088b75..8460039 100644
--- a/pom.xml
+++ b/pom.xml
@@ -6,34 +6,57 @@
<groupId>com.ruoyi</groupId>
<artifactId>ruoyi</artifactId>
- <version>3.8.7</version>
+ <version>3.8.8</version>
<name>ruoyi</name>
<url>http://www.ruoyi.vip</url>
<description>若依管理系统</description>
<properties>
- <ruoyi.version>3.8.7</ruoyi.version>
+ <ruoyi.version>3.8.8</ruoyi.version>
<project.build.sourceEncoding>UTF-8</project.build.sourceEncoding>
<project.reporting.outputEncoding>UTF-8</project.reporting.outputEncoding>
<java.version>1.8</java.version>
<maven-jar-plugin.version>3.1.1</maven-jar-plugin.version>
- <druid.version>1.2.20</druid.version>
+ <druid.version>1.2.23</druid.version>
<bitwalker.version>1.21</bitwalker.version>
<swagger.version>3.0.0</swagger.version>
<kaptcha.version>2.3.3</kaptcha.version>
<pagehelper.boot.version>1.4.7</pagehelper.boot.version>
- <fastjson.version>2.0.43</fastjson.version>
- <oshi.version>6.5.0</oshi.version>
+ <fastjson.version>2.0.53</fastjson.version>
+ <oshi.version>6.6.5</oshi.version>
<commons.io.version>2.13.0</commons.io.version>
<poi.version>4.1.2</poi.version>
<velocity.version>2.3</velocity.version>
<jwt.version>0.9.1</jwt.version>
+ <!-- override dependency version -->
+ <tomcat.version>9.0.96</tomcat.version>
+ <logback.version>1.2.13</logback.version>
+ <spring-security.version>5.7.12</spring-security.version>
+ <spring-framework.version>5.3.39</spring-framework.version>
</properties>
<!-- 依赖声明 -->
<dependencyManagement>
<dependencies>
+
+ <!-- 覆盖SpringFramework的依赖配置-->
+ <dependency>
+ <groupId>org.springframework</groupId>
+ <artifactId>spring-framework-bom</artifactId>
+ <version>${spring-framework.version}</version>
+ <type>pom</type>
+ <scope>import</scope>
+ </dependency>
+
+ <!-- 覆盖SpringSecurity的依赖配置-->
+ <dependency>
+ <groupId>org.springframework.security</groupId>
+ <artifactId>spring-security-bom</artifactId>
+ <version>${spring-security.version}</version>
+ <type>pom</type>
+ <scope>import</scope>
+ </dependency>
<!-- SpringBoot的依赖配置-->
<dependency>
@@ -44,6 +67,38 @@
<scope>import</scope>
</dependency>
+ <!-- 覆盖logback的依赖配置-->
+ <dependency>
+ <groupId>ch.qos.logback</groupId>
+ <artifactId>logback-core</artifactId>
+ <version>${logback.version}</version>
+ </dependency>
+
+ <dependency>
+ <groupId>ch.qos.logback</groupId>
+ <artifactId>logback-classic</artifactId>
+ <version>${logback.version}</version>
+ </dependency>
+
+ <!-- 覆盖tomcat的依赖配置-->
+ <dependency>
+ <groupId>org.apache.tomcat.embed</groupId>
+ <artifactId>tomcat-embed-core</artifactId>
+ <version>${tomcat.version}</version>
+ </dependency>
+
+ <dependency>
+ <groupId>org.apache.tomcat.embed</groupId>
+ <artifactId>tomcat-embed-el</artifactId>
+ <version>${tomcat.version}</version>
+ </dependency>
+
+ <dependency>
+ <groupId>org.apache.tomcat.embed</groupId>
+ <artifactId>tomcat-embed-websocket</artifactId>
+ <version>${tomcat.version}</version>
+ </dependency>
+
<!-- 阿里数据库连接池 -->
<dependency>
<groupId>com.alibaba</groupId>
--
Gitblit v1.9.2