Pr springboot migration final cxflow

[satyamchaurasiapersistent]

By submitting a PR to this repository, you agree to the terms within the Checkmarx Code of Conduct. Please see the contributing guidelines for how to create and submit a high-quality PR for this repo.

Description

Describe the purpose of this PR along with any background information and the impacts of the proposed change.

References

Include supporting link to GitHub Issue/PR number

Testing

Describe how this change was tested. Be specific about anything not tested and reasons why. If this solution has unit and/or integration testing, tests should be added for new functionality and existing tests should complete without errors.

Please include any manual steps for testing end-to-end or functionality not covered by unit/integration tests.

Checklist

• [ ] I have added documentation for new/changed functionality in this PR (if applicable). If documentation is a Wiki Update, please indicate desired changes within PR MD Comment
• [ ] All active GitHub checks for tests, formatting, and security are passing
• [ ] The correct base branch is being used
• [ ] Verified that SCA and SAST scan results are as expected

[AvivCx]

Checkmarx One – Scan Summary & Details – 65a007cf-c09e-47aa-85a1-6b87f3866658

New Issues

Severity	Issue	Source File / Package	Checkmarx Insight
	WORKDIR Path Not Absolute	/Dockerfile: 3	For clarity and reliability, you should always use absolute paths for your WORKDIR
	Unpinned Package Version in Apk Add	/Dockerfile: 10	Package version pinning reduces the range of versions that can be installed, reducing the chances of failure due to unanticipated changes
	Unpinned Package Version in Apk Add	/Dockerfile: 11	Package version pinning reduces the range of versions that can be installed, reducing the chances of failure due to unanticipated changes
	Unpinned Package Version in Apk Add	/Dockerfile: 12	Package version pinning reduces the range of versions that can be installed, reducing the chances of failure due to unanticipated changes
	Unpinned Package Version in Apk Add	/Dockerfile: 9	Package version pinning reduces the range of versions that can be installed, reducing the chances of failure due to unanticipated changes
	Update Instruction Alone	/Dockerfile: 4	Instruction 'RUN update' should always be followed by ' install' in the same RUN statement

Fixed Issues

Severity	Issue	Source File / Package
	CVE-2016-1000027	Maven-org.springframework:spring-webmvc-5.3.31
	CVE-2016-1000027	Maven-org.springframework:spring-web-5.3.31
	CVE-2023-3635	Maven-com.squareup.okio:okio-2.8.0
	WORKDIR Path Not Absolute	/Dockerfile: 3
	WORKDIR Path Not Absolute	/Dockerfile: 21
	CVE-2023-33201	Maven-org.bouncycastle:bcprov-jdk15on-1.70
	CVE-2023-51074	Maven-com.jayway.jsonpath:json-path-2.7.0
	Unpinned Package Version in Apk Add	/Dockerfile: 27
	Unpinned Package Version in Apk Add	/Dockerfile: 26
	Unpinned Package Version in Apk Add	/Dockerfile: 9
	Unpinned Package Version in Apk Add	/Dockerfile: 28
	Unpinned Package Version in Apk Add	/Dockerfile: 12
	Unpinned Package Version in Apk Add	/Dockerfile: 29
	Unpinned Package Version in Apk Add	/Dockerfile: 10
	Unpinned Package Version in Apk Add	/Dockerfile: 11
	Update Instruction Alone	/Dockerfile: 22
	Update Instruction Alone	/Dockerfile: 4