Uploaded image for project: 'camunda BPM'
  1. camunda BPM
  2. CAM-11757

Update Spring dependency to Spring 5 in core engine

    XMLWordPrintable

Details

    • Task
    • Resolution: Fixed
    • L3 - Default
    • 7.14.0, 7.14.0-alpha3
    • None
    • None
    • None

    Description

      The core engine has a spring-beans dependency which is used for bootstrapping the engine via camunda.cfg.xml. It currently uses Spring 3, which is out of support for a long time already and has several known vulnerabilities. While the engine can be safely used with Spring 4 and Spring 5 already, by default we pull in an unsafe dependency which then e.g. shows up in vulenerability report tools.

      mgm-controller-panel

        This is the controller panel for Smart Panels app

        Attachments

          Issue Links

            is related to

            Task - A task that needs to be done. CAM-11422 Extract the managed Spring artifacts' version from the parent

            • L3 - Default - Minor issue or issue with existing workaround, feature requests and questions
            • Closed

            Activity

              People

                hariharan.parasuraman Hariharan Parasuraman
                thorben.lindhauer Thorben Lindhauer
                Votes:
                0 Vote for this issue
                Watchers:
                3 Start watching this issue

                Dates

                  Created:
                  Updated:
                  Resolved:

                  Salesforce