version upgrade of spring-boot-dependencies,spring-boot-maven-plugin

- Safety version for CVE-2019-3795 - Match the new jetty ecj version because the version of ecj used by tomcat and jetty is different.
6 years ago · f54e72026f
parent 10e90beb30
commit f54e72026f
2 changed files with 8 additions and 2 deletions
--- a/airsonic-main/pom.xml
+++ b/airsonic-main/pom.xml
@ -547,7 +547,7 @@
            <plugin>
                <groupId>org.springframework.boot</groupId>
                <artifactId>spring-boot-maven-plugin</artifactId>
-                <version>1.5.8.RELEASE</version>
+                <version>1.5.20.RELEASE</version>
                <configuration>
                    <mainClass>org.airsonic.player.Application</mainClass>
                    <layout>WAR</layout>
--- a/pom.xml
+++ b/pom.xml
@ -87,7 +87,7 @@
                <!-- Import dependency management from Spring Boot -->
                <groupId>org.springframework.boot</groupId>
                <artifactId>spring-boot-dependencies</artifactId>
-                <version>1.5.18.RELEASE</version>
+                <version>1.5.20.RELEASE</version>
                <type>pom</type>
                <scope>import</scope>
            </dependency>
@ -133,6 +133,12 @@
                <artifactId>guava</artifactId>
                <version>27.1-jre</version>
            </dependency>
+            <dependency>
+                <groupId>org.eclipse.jdt</groupId>
+                <artifactId>ecj</artifactId>
+                <version>3.14.0</version>
+                <scope>provided</scope>
+            </dependency>
        </dependencies>
    </dependencyManagement>