Open cmhodgson opened 2 weeks ago
Hi Chris, looks like the spring security version is dropped to 5.2. Is that ok?
Yes, it is to keep it in line with the minor version of the main spring library. It is still a "newer" version in terms of date of release. You can see that 5.2.15 is the latest version of the 5.2.x series released and is identified as having no vulnerabilities: https://mvnrepository.com/artifact/org.springframework.security/spring-security-web
updated spring lib versions and app version