Merge pull request #10 from catenax-ng/spring-security-web-update

Spring security web update
catenax-ng · Apr 24, 2023 · 3dc71de · 3dc71de
2 parents ffba699 + 0af0fdb
commit 3dc71de
Show file tree

Hide file tree

Showing 6 changed files with 22 additions and 8 deletions.
diff --git a/CHANGELOG.md b/CHANGELOG.md
@@ -7,6 +7,13 @@ The format is based on [Keep a Changelog](https://keepachangelog.com/en/1.0.0/),
 ## [Unreleased]
  - NA
 
+
+## [2.0.5] - 2023-04-24
+
+### Fixed
+- Fixed spring security web veracode security by upgrading its version to 6.0.3
+
+
 ## [2.0.4] - 2023-04-19
 
 ### Added

diff --git a/DEPENDENCIES b/DEPENDENCIES
@@ -102,7 +102,7 @@ maven/mavencentral/org.apache.logging.log4j/log4j-api/2.19.0, Apache-2.0, approv
 maven/mavencentral/org.apache.logging.log4j/log4j-to-slf4j/2.19.0, Apache-2.0, approved, #5941
 maven/mavencentral/org.apache.tomcat.embed/tomcat-embed-core/10.1.7, Apache-2.0 AND (EPL-2.0 OR GPL-2.0-only WITH Classpath-exception-2.0) AND (CDDL-1.0 OR GPL-2.0-only WITH Classpath-exception-2.0) AND W3C AND CC0-1.0, approved, #5949
 maven/mavencentral/org.apache.tomcat.embed/tomcat-embed-el/10.1.7, Apache-2.0, approved, #6997
-maven/mavencentral/org.apache.tomcat.embed/tomcat-embed-websocket/10.1.7, Apache-2.0, approved, clearlydefined
+maven/mavencentral/org.apache.tomcat.embed/tomcat-embed-websocket/10.1.7, Apache-2.0, approved, #7920
 maven/mavencentral/org.apache.tomcat/tomcat-annotations-api/10.1.7, Apache-2.0, approved, clearlydefined
 maven/mavencentral/org.apiguardian/apiguardian-api/1.1.2, Apache-2.0, approved, clearlydefined
 maven/mavencentral/org.assertj/assertj-core/3.23.1, Apache-2.0, approved, clearlydefined
@@ -184,7 +184,7 @@ maven/mavencentral/org.springframework.security/spring-security-oauth2-core/6.0.
 maven/mavencentral/org.springframework.security/spring-security-oauth2-jose/6.0.2, Apache-2.0, approved, #7337
 maven/mavencentral/org.springframework.security/spring-security-oauth2-resource-server/6.0.2, Apache-2.0, approved, #7335
 maven/mavencentral/org.springframework.security/spring-security-test/6.0.2, Apache-2.0, approved, #7402
-maven/mavencentral/org.springframework.security/spring-security-web/6.0.2, Apache-2.0, approved, #7328
+maven/mavencentral/org.springframework.security/spring-security-web/6.0.3, Apache-2.0, approved, #7328
 maven/mavencentral/org.springframework/spring-aop/6.0.7, Apache-2.0, approved, #5940
 maven/mavencentral/org.springframework/spring-beans/6.0.7, Apache-2.0, approved, #5937
 maven/mavencentral/org.springframework/spring-context/6.0.7, Apache-2.0, approved, #5936

diff --git a/README.md b/README.md
@@ -13,8 +13,8 @@ further processing.
 ## Software Version
 
 ```shell
-Software version: 2.0.4
-Helm Chart version: 2.0.4
+Software version: 2.0.5
+Helm Chart version: 2.0.5
 
 ```
 

diff --git a/charts/SDFactory/Chart.yaml b/charts/SDFactory/Chart.yaml
@@ -37,13 +37,13 @@ sources:
 # This is the chart version. This version number should be incremented each time you make changes
 # to the chart and its templates, including the app version.
 # Versions are expected to follow Semantic Versioning (https://semver.org/)
-version: 2.0.4
+version: 2.0.5
 
 # This is the version number of the application being deployed. This version number should be
 # incremented each time you make changes to the application. Versions are not expected to
 # follow Semantic Versioning. They should reflect the version the application is using.
 # It is recommended to use it with quotes.
-appVersion: "2.0.4"
+appVersion: "2.0.5"
 
 
 
diff --git a/charts/SDFactory/README.md b/charts/SDFactory/README.md
@@ -1,6 +1,6 @@
 # sdfactory
 
-![Version: 2.0.4](https://img.shields.io/badge/Version-2.0.4-informational?style=flat-square) ![Type: application](https://img.shields.io/badge/Type-application-informational?style=flat-square) ![AppVersion: 2.0.4](https://img.shields.io/badge/AppVersion-2.0.4-informational?style=flat-square)
+![Version: 2.0.5](https://img.shields.io/badge/Version-2.0.5-informational?style=flat-square) ![Type: application](https://img.shields.io/badge/Type-application-informational?style=flat-square) ![AppVersion: 2.0.5](https://img.shields.io/badge/AppVersion-2.0.5-informational?style=flat-square)
 
 Helm Charts for SD Factory application. Self-Description Factory component is responsible for the creation of Self Descriptions.
 

diff --git a/pom.xml b/pom.xml
@@ -10,7 +10,7 @@
     </parent>
     <groupId>com.tsystems</groupId>
     <artifactId>sd-factory</artifactId>
-    <version>2.0.2</version>
+    <version>2.0.5</version>
     <name>factory</name>
     <description>Self-Description Hub Prototype</description>
     <packaging>jar</packaging>
@@ -120,6 +120,13 @@
             <version>6.0.8</version>
         </dependency>
 
+        <dependency>
+            <groupId>org.springframework.security</groupId>
+            <artifactId>spring-security-web</artifactId>
+            <version>6.0.3</version>
+        </dependency>
+
+
 
         <dependency>
             <groupId>io.netty</groupId>