-
Notifications
You must be signed in to change notification settings - Fork 4
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
#188 - Update spring boot #189
Conversation
742fff1
to
d0de0fb
Compare
Codecov Report
@@ Coverage Diff @@
## develop #189 +/- ##
==========================================
Coverage 71.09% 71.09%
Complexity 481 481
==========================================
Files 123 123
Lines 2117 2117
Branches 98 98
==========================================
Hits 1505 1505
Misses 552 552
Partials 60 60
📣 We’re building smart automated test selection to slash your CI/CD build times. Learn more |
d0de0fb
to
43311c9
Compare
I think the benefits from updating spring security outweigh the missing test coverage on the config class. |
- update spring boot to 3.1.3 (including update to spring security 6.1.3) - change request matcher definition according to https://spring.io/security/cve-2023-34035
43311c9
to
fd73911
Compare
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
A unit test for this spring security configuration seems pointless. It should be fully tested in integration tests, which it is currently only for the positive case. But this can be part of new pull request.
Fixes https://avd.aquasec.com/nvd/2023/cve-2023-34035/