Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Update dependency org.springframework.amqp:spring-rabbit to v2 #204

Open
wants to merge 1 commit into
base: vp-rem
Choose a base branch
from

Conversation

dev-mend-for-github-com[bot]
Copy link

@dev-mend-for-github-com dev-mend-for-github-com bot commented May 30, 2024

This PR contains the following updates:

Package Type Update Change
org.springframework.amqp:spring-rabbit compile major 1.7.1.RELEASE -> 2.1.0.RELEASE

By merging this PR, the below issues will be automatically resolved and closed:

Severity CVSS Score CVE Reachability GitHub Issue
Critical 10.0 CVE-2018-14721 #41
Critical 9.8 CVE-2017-15095 #114
Critical 9.8 CVE-2017-17485 #154
Critical 9.8 CVE-2017-7525 #115
Critical 9.8 CVE-2017-8045 #102
Critical 9.8 CVE-2018-11307 #129
Critical 9.8 CVE-2018-1270 #112
Critical 9.8 CVE-2018-1275 #106
Critical 9.8 CVE-2018-14718 #95
Critical 9.8 CVE-2018-14719 #94
Critical 9.8 CVE-2018-14720 #40
Critical 9.8 CVE-2018-18753 #189
Critical 9.8 CVE-2018-19360 #141
Critical 9.8 CVE-2018-19361 #140
Critical 9.8 CVE-2018-19362 #138
Critical 9.8 CVE-2018-7489 #163
Critical 9.8 CVE-2019-10202 #73
Critical 9.8 CVE-2019-14379 #90
Critical 9.8 CVE-2019-14540 #33
Critical 9.8 CVE-2019-14892 #86
Critical 9.8 CVE-2019-14893 #84
Critical 9.8 CVE-2019-16335 #44
Critical 9.8 CVE-2019-16942 #68
Critical 9.8 CVE-2019-16943 #72
Critical 9.8 CVE-2019-17267 #47
Critical 9.8 CVE-2019-17531 #36
Critical 9.8 CVE-2019-20330 #156
Critical 9.8 CVE-2020-8840 #69
Critical 9.8 CVE-2020-9546 #88
Critical 9.8 CVE-2020-9547 #91
Critical 9.8 CVE-2020-9548 #92
High 8.8 CVE-2020-10672 #96
High 8.8 CVE-2020-10673 #98
High 8.8 CVE-2020-10968 #122
High 8.8 CVE-2020-10969 #125
High 8.8 CVE-2020-11111 #75
High 8.8 CVE-2020-11112 #78
High 8.8 CVE-2020-11113 #77
High 8.1 CVE-2018-5968 #61
High 8.1 CVE-2020-10650 #170
High 8.1 CVE-2020-11619 #45
High 8.1 CVE-2020-11620 #54
High 8.1 CVE-2020-14060 #81
High 8.1 CVE-2020-14061 #82
High 8.1 CVE-2020-14062 #83
High 8.1 CVE-2020-14195 #100
High 8.1 CVE-2020-24616 #147
High 8.1 CVE-2020-24750 #151
High 8.1 CVE-2020-36179 #145
High 8.1 CVE-2020-36180 #56
High 8.1 CVE-2020-36181 #55
High 8.1 CVE-2020-36182 #59
High 8.1 CVE-2020-36183 #58
High 8.1 CVE-2020-36184 #63
High 8.1 CVE-2020-36185 #60
High 8.1 CVE-2020-36186 #65
High 8.1 CVE-2020-36187 #64
High 8.1 CVE-2020-36188 #53
High 8.1 CVE-2020-36189 #52
High 8.1 CVE-2021-20190 #74
High 7.5 CVE-2018-12022 #42
High 7.5 CVE-2018-12023 #43
High 7.5 CVE-2019-12086 #34
High 7.5 CVE-2019-14439 #48
High 7.5 CVE-2020-36518 #172
High 7.5 CVE-2022-42003 #182
High 7.5 CVE-2022-42004 #181
Medium 6.5 CVE-2018-1257 #148
Medium 6.5 WS-2019-0379 #39
Medium 5.9 CVE-2018-11087 #161
Medium 5.9 CVE-2018-11087 #161
Medium 5.9 CVE-2018-11087 #161
Medium 5.9 CVE-2019-12384 #134
Medium 5.9 CVE-2019-12814 #51
Medium 5.3 CVE-2020-13956 #178
Medium 5.3 WS-2017-3734 #150

Release Notes

spring-projects/spring-amqp (org.springframework.amqp:spring-rabbit)

v2.1.0.RELEASE

Compare Source

Change log:

c71252f (HEAD -> master) Upgrade to SF-5.1.1
2480b17 AMQP-836: SMLC queuesChanged() via Queue
e09ca96 GH-794: add after-receive-post-processors for XML
4cf27c9 Fix PDF overflow in what's new
74354d4 GH-824: Fix Log4j2Appender with headers exchange

Also see change logs for previous Milestones in this version:

2.1.0.RC1
2.1.0.M3
2.1.0.M2
2.1.0.M1

v2.0.14.RELEASE

Compare Source

Change log:

5c52abb GH-923: Fix start delay for @​Lazy @​RabbitListener
0ce50eb Make sendTo.replies test queue args consistent
f4c970e GH-1062: Fix missing queues log message

v2.0.13.RELEASE

Compare Source

Change log:

5b37b26 Upgrade Spring Versions
c3d17f4 Add HTTPS entries for XSD into spring.schemas
89dac79 Sleep for failed declaration out of warn block
d04a20a GH-1034: DMLC: Detect target channel changed
ba6875d GH-1034: DMLC: Cancel consumer after failed ack
47c5baa GH-1038: RT: Fix evaluatedFastReplyTo
ff8a5da Fix SmartLifecycle.stop(Runnable) usage
4167e93 GH-1026: Fix Delay with CacheMode.CONNECTION
af76b70 GH-1014: Add addMdcAsHeaders into appenders
68a6411 DMLC: Publish event for connection failure
bfd023f Upgrade Jackson

v2.0.12.RELEASE: 2.0.12.RELEASE

Compare Source

c4003d9 Upgrade Spring Framework to 5.0.13
99f4ee2 URL Cleanup
7df972a URL Cleanup
ff31381 URL Cleanup
9839336 GH-935: Handle all exceptions in handleDelivery
e65135d URL Cleanup
f62b435 GH-918: Handle null correlationId
88ee0f4 GH-905: Fix @​RabbitListener Thread Names
2e96222 Fix concurrency in test case

v2.0.11.RELEASE: 2.0.11.RELEASE

Compare Source

Change log:

5bba72a Upgrade Spring Framework to 5.0.12
bd54663 GH-865: Fix previous cherry-pick
b41cbfb GH-865: Restart DirMLC for any consume exception
08f54ce AMQP-849: RT and DRTMLC - add ErrorHandler
f1cc5d7 More doc polishing - replyAddress
bef51bd Remove AssertJ usage
73e5f2f AMQP-848: RT with DRTMLC - always release consumer
373732e AMQP-847: Close channel in RabbitTemplate.receive
639bddf AMQP-845: SSL Doc Polishing

v2.0.10.RELEASE

Compare Source

Change log

ed962a3 (HEAD -> 2.0.x) Upgrade dependencies to prepare for release
47ad785 DirectMessageListenerContainerMockTests: Fix race
c582e1a GH-849: Pub. Confirm/Return defensive code
1317215 GH-846: Fix send and receive with confirms

v2.0.9.RELEASE: 2.0.9.RELEASE

Compare Source

Change Log

af6cb5d GH-837: Fix DMLC Recovery with queue removal
5f3a3ac AMQP-837: Log Exceptions thrown by ErrorHandlers
fadd54d AMQP-838: Deprecate container.setMessageConverter

v2.0.8.RELEASE: 2.0.8.RELEASE

Compare Source

Change log:

ce326b9 AMQP-836: Revert

v2.0.7.RELEASE

Compare Source

Change log:

9f0d325 (2.0.x) Upgrade to SF-5.0.10
a98e9da AbstractMLC: remove final from overrode methods
ce9c147 AMQP-836: SMLC queuesChanged() via Queue
ae7b72d GH-824: Fix Log4j2Appender with headers exchange
04c8e9c Close auto-recovering connection

v2.0.6.RELEASE

Compare Source

v2.0.5.RELEASE: 2.0.5.RELEASE

Compare Source

Change log:

0128de5 Upgrade Spring Framework to 5.0.8
bd6451d Upgrade to Gradle 4.9
8c38774 Fix compilation error
f14a894 AMQP-824: Name for deferredCloseExec thread pool
4af4db4 Fix test race condition
6b2f48c AMQP-821: Repub Recoverer limit stack trace header

v2.0.4.RELEASE: 2.0.4

Compare Source

Change Log:

54b7dd8 Add more debug/trace logging
3a55ede Add licence and notice to all artifacts
00bd3dc AMQP-818: Fix Class-level listener properties
0e07457 AMQP-815: Fix typo in doc for ConnectionFB
4658798 AMQP-814: Add retry to RabbitAdmin
a470463 Make ConditionalRejectingErrorHandler extendable
00fd577 Upgrade Gradle to 4.7
83f4871 AMQP-810: Fix adjust consumers when max present
1d014d6 Fix doc typo

v2.0.3.RELEASE: 2.0.3.RELEASE

Compare Source

Change log:

6dc3228 Fix serial compiler warning on new exception
2180db2 Align versions with Boot/Platform.Cairo
44dcb37 Upgrade to SF-5.0.5
92d9d11 AMQP-809: Fix typo in the amqp.adoc
19513e6 GH-723: Add AmqpResourceNotAvailableException (#​737)
9e3e5b6 Remove @​Override from the RabbitAdmin.initialize
80fd0fd GH-734: Option to suppress declaring Collections
8e9fee7 GH-730: Fix NPE in the MessageProperties
fdd98d5 AMQP-805: protected postProcessMessageBeforeSend
f8de68e Small fixes in documentation
827de8d Fix code format errors
1d38c14 GH-719: Container Factory: Add replyPostProcessor
5ce8529 AMQP-801-2: Introduce ConsumerDecorator
d547a86 Updgrade rabbitmq http-client, retry
9b43c06 AMQP-801: Move ConsumeOkEvent to handleConsumeOk
059fe5e Upgrade wrapper
2564567 Remove JUnit Gradle Plugin
0578418 Upgrade to Gradle 4.6
493aa4e Connection name strategy was backported to 1.7.x
a2d86fb Doc Polishing
f806c94 AMQP-800: Destroy test default connection factory
f32b358 AMQP-800: LocalizedQueueConnectionFactory Fix
fecd0ba AMQP-799: Default @​RabbitHandler Docs
ee61179 Upgrade to Spring Framework 5.0.4
f649d11 AMQP-799: Add default @​RabbitHandler support
84ca73e Improve rabbit template
18b2090 Fix Doc to highlight code snippet as Java

v2.0.2.RELEASE: 2.0.2.RELEASE

Compare Source

Change Log:

b0968ee Bump SF and amqp-client versions
af7ee3f AMQP-796: Fix Admin Transaction
6761ab5 GH-703: DLC.adjustConsumers: Fix remove algorithm
71af6b1 Improve Test Run Times
b0cbc35 Use log4j-slf4j-impl instead wrong slf4j-log4j12
d8f2fa5 Doc Copyright 2018
802a741 Fix Race in DMLC Events test
822593b Fix JUnit dependencies
d73f4ff AMQP-791: Support JUnit5
48412b9 Bump HOP Version to 1.3.1.RELEASE
221e3a9 AMQP-793: Exception on ack for closed Channel
2626930 AMQP-794: CRErrorHandler: Traverse cause tree
4b78c20 AMQP-788 Add delegate publisher connection factory
c576b27 AMQP-790: Fix after receive MPPs with send/receive
dc0bbc4 More Sonar Polishing
86eb43f Fix Sonar false positives

v2.0.1.RELEASE

Compare Source

v2.0.0.RELEASE

Compare Source

v1.7.15.RELEASE

Compare Source

Change log:

ef72f80 Upgrade Spring Version; prepare for final release
d4b7578 GH-1236: Handle non-String contentType
efcba3a GH-1237: RCFB Close key/trust store input streams
028b28a GH-1225: Fix Log4j2 Appender Termination
11c4367 Fix another exchange declaration
1eb4b35 Fix test exchange declaration
eeaeb68 Fix Appender Test
304832d Remove unnecessary slf4j dependency
3b96745 Artifactory compatibility: Gradle to 4.10.2
16a87df GH-1219: Fix header mapping for replies (@​SendTo)
c1566ff Make sendTo.replies test queue args consistent

v1.7.14.RELEASE

Compare Source

Change log:

7a72347 Upgrade to Spring Framework 4.3.25, retry 1.2.4
080aeab Add HTTPS entries for XSD into spring.schemas
d968682 Sleep for failed declaration out of warn block
beb208c GH-1038: RT: Fix evaluatedFastReplyTo
fee8a97 GH-1026: Fix Delay with CacheMode.CONNECTION
34e614a GH-1014: Add addMdcAsHeaders into appenders

v1.7.13.RELEASE: 1.7.13.RELEASE

Compare Source

Change log:

bde9424 Upgrade Spring Framework to 4.3.23
b74a688 URL Cleanup
33797aa URL Cleanup
f08b536 URL Cleanup
e535c33 GH-935: Handle all exceptions in handleDelivery
a3cd733 URL Cleanup
723499f GH-905: Fix @​RabbitListener Thread Names
9f7b65b GH-905: Fix @​RabbitListener Thread Names
1fc6fc1 Fix concurrency in test case

v1.7.12.RELEASE: 1.7.12.RELEASE

Compare Source

Change log:

70fd9c8 Upgrade Spring Framework to 4.3.22
f68fbfc Upgrade Jackson version
41a61eb AMQP-847: Close channel in RabbitTemplate.receive

v1.7.11.RELEASE

Compare Source

Change log:

1283edf Close auto-recovering connection

v1.7.10.RELEASE

Compare Source

v1.7.9.RELEASE: 1.7.9.RELEASE

Compare Source

Change log:

9d1b267 Upgrade Spring Framework to 4.3.18
7bf27de AMQP-824: Name for deferredCloseExec thread pool
922994f Fix test race condition
7b475d5 Fix SimpleMessageListenerContainerLongTests fails
8d21242 Add more debug/trace logging
8124e9e Add licence and notice to all artifacts

v1.7.8.RELEASE: 1.7.8

Compare Source

Change Log:

4eba5ae AMQP-815: Fix typo in doc for ConnectionFB
1ced9ab AMQP-814: Add retry to RabbitAdmin
daa78ff Make ConditionalRejectingErrorHandler extendable
8e0cd40 AMQP-810: Fix adjust consumers when max present
7368f43 Fix doc typo

v1.7.7.RELEASE: 1.7.7.RELEASE

Compare Source

Change log:

13074f3 Align versions with Boot/Platform.Brussels
0ba19a0 Upgrade to SF-4.3.15 and Retry-1.2.2
f69f54e GH-723: Add AmqpResourceNotAvailableException (#​737)
6498219 Honor Java 7 language level
adcfef4 Remove @​Override from the RabbitAdmin.initialize
539af7f GH-734: Option to suppress declaring Collections
d6a5a75 GH-730: Fix NPE in the MessageProperties
c8d66d2 AMQP-805: protected postProcessMessageBeforeSend
e50cb89 AMQP-801-2: Introduce ConsumerDecorator
3dba703 @​Ignore testDeleteExchange
8fc94eb AMQP-801: Move ConsumeOkEvent to handleConsumeOk
e2fb3f8 Doc Copyright 2018

v1.7.6.RELEASE: 1.7.6.RELEASE

Compare Source

Change Log:

1e8986e Decrease logging level to the WARN
f786c5b AMQP-796: Fix Admin Transaction
f78d916 AMQP-794: CRErrorHandler: Traverse cause tree
ca32f3f AMQP-790: Fix after receive MPPs with send/receive

v1.7.5.RELEASE

Compare Source

v1.7.4.RELEASE

Compare Source

v1.7.3.RELEASE

Compare Source

v1.7.2.RELEASE

Compare Source


  • If you want to rebase/retry this PR, check this box

@dev-mend-for-github-com dev-mend-for-github-com bot added the security fix Security fix generated by Mend label May 30, 2024
@dev-mend-for-github-com dev-mend-for-github-com bot changed the title Update dependency org.springframework.amqp:spring-rabbit to v2 Update dependency org.springframework.amqp:spring-rabbit to v2 - autoclosed Sep 10, 2024
@dev-mend-for-github-com dev-mend-for-github-com bot deleted the whitesource-remediate/org.springframework.amqp-spring-rabbit-2.x branch September 10, 2024 15:33
@dev-mend-for-github-com dev-mend-for-github-com bot restored the whitesource-remediate/org.springframework.amqp-spring-rabbit-2.x branch September 11, 2024 07:06
@dev-mend-for-github-com dev-mend-for-github-com bot changed the title Update dependency org.springframework.amqp:spring-rabbit to v2 - autoclosed Update dependency org.springframework.amqp:spring-rabbit to v2 Sep 11, 2024
@dev-mend-for-github-com dev-mend-for-github-com bot force-pushed the whitesource-remediate/org.springframework.amqp-spring-rabbit-2.x branch from 768faf8 to aacf4e5 Compare September 11, 2024 07:07
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Labels
security fix Security fix generated by Mend
Projects
None yet
Development

Successfully merging this pull request may close these issues.

0 participants