Bump to spring boot3 #319
Bump to spring boot3 #319
Conversation
VolkerHartmann
commented
May 26, 2023
•
VolkerHartmann
commented
- Bump SpringBoot to Version 3
- Update dependencies
- compile Code
- Test code
- Fix SecurityFilter
- Update README.md
- Update CHANGELOG.md
appropriate access rights.
![sonatype-lift[bot]](https://avatars.githubusercontent.com/in/9843?s=60&v=4){kind=small}
| if (!enableCsrf) { | ||
| logger.info("CSRF disabled!"); | ||
| httpSecurity = httpSecurity.csrf().disable(); | ||
| httpSecurity = httpSecurity.csrf(csrf -> csrf.disable()); |
There was a problem hiding this comment.
SPRING_CSRF_PROTECTION_DISABLED: Disabling Spring Security's CSRF protection is unsafe for standard web applications
ℹ️ Expand to see all @sonatype-lift commands
You can reply with the following commands. For example, reply with @sonatype-lift ignoreall to leave out all findings.
| Command | Usage |
|---|---|
@sonatype-lift ignore |
Leave out the above finding from this PR |
@sonatype-lift ignoreall |
Leave out all the existing findings from this PR |
@sonatype-lift exclude <file|issue|path|tool> |
Exclude specified file|issue|path|tool from Lift findings by updating your config.toml file |
Note: When talking to LiftBot, you need to refresh the page to see its response.
Click here to add LiftBot to another repo.
| @@ -75,7 +75,7 @@ public class MetadataRecord implements EtagSupport, Serializable { | |||
| private Long recordVersion; | |||
|
|
|||
| @NotNull(message = "A list of access control entries for resticting access.") | |||
| @OneToMany(cascade = javax.persistence.CascadeType.ALL, orphanRemoval = true) | |||
| @OneToMany(cascade = jakarta.persistence.CascadeType.ALL, orphanRemoval = true) | |||
There was a problem hiding this comment.
UnnecessarilyFullyQualified: This fully qualified name is unambiguous to the compiler if imported.
| @OneToMany(cascade = jakarta.persistence.CascadeType.ALL, orphanRemoval = true) | |
| @OneToMany(cascade = CascadeType.ALL, orphanRemoval = true) |
ℹ️ Expand to see all @sonatype-lift commands
You can reply with the following commands. For example, reply with @sonatype-lift ignoreall to leave out all findings.
| Command | Usage |
|---|---|
@sonatype-lift ignore |
Leave out the above finding from this PR |
@sonatype-lift ignoreall |
Leave out all the existing findings from this PR |
@sonatype-lift exclude <file|issue|path|tool> |
Exclude specified file|issue|path|tool from Lift findings by updating your config.toml file |
Note: When talking to LiftBot, you need to refresh the page to see its response.
Click here to add LiftBot to another repo.
🛠 Lift Auto-fixSome of the Lift findings in this PR can be automatically fixed. You can download and apply these changes in your local project directory of your branch to review the suggestions before committing.1 # Download the patch
curl https://lift.sonatype.com/api/patch/github.com/kit-data-manager/metastore2/319.diff -o lift-autofixes.diff
# Apply the patch with git
git apply lift-autofixes.diff
# Review the changes
git diffWant it all in a single command? Open a terminal in your project's directory and copy and paste the following command: curl https://lift.sonatype.com/api/patch/github.com/kit-data-manager/metastore2/319.diff | git applyOnce you're satisfied, commit and push your changes in your project. Footnotes |
Codecov Report
@@ Coverage Diff @@
## development #319 +/- ##
=================================================
- Coverage 88.07% 86.47% -1.61%
+ Complexity 921 914 -7
=================================================
Files 73 73
Lines 3229 3245 +16
Branches 394 396 +2
=================================================
- Hits 2844 2806 -38
- Misses 254 309 +55
+ Partials 131 130 -1
... and 2 files with indirect coverage changes 📣 We’re building smart automated test selection to slash your CI/CD build times. Learn more |
VolkerHartmann
merged commit 05d10ac
into
kit-data-manager:development
