Update Spring dependency to Spring 5 in core engine

XMLWordPrintable

    • Type: Task
    • Resolution: Fixed
    • Priority: L3 - Default
    • 7.14.0, 7.14.0-alpha3
    • Affects Version/s: None
    • Component/s: None
    • None

      The core engine has a spring-beans dependency which is used for bootstrapping the engine via camunda.cfg.xml. It currently uses Spring 3, which is out of support for a long time already and has several known vulnerabilities. While the engine can be safely used with Spring 4 and Spring 5 already, by default we pull in an unsafe dependency which then e.g. shows up in vulenerability report tools.

        This is the controller panel for Smart Panels app

              Assignee:
              Hariharan Parasuraman
              Reporter:
              Thorben Lindhauer
              Votes:
              0 Vote for this issue
              Watchers:
              3 Start watching this issue

                Created:
                Updated:
                Resolved: