We are using old versions of Spring Boot, Apache commons io, Apache commons lang and javax.servlet-api. Some of the dependencies included in the version of Spring Boot that we use also have known vulnerabilities.
We also have a dependency on Apache commons collections that could be replaced with standard library classes.
What
Upgrades the Spring version to 2.0.9.RELEASE from 2019, removes the commons-collections and commons-lang dependencies and updates the tests depending on old commons-lang APIs.
Why
We are using old versions of Spring Boot, Apache commons io, Apache commons lang and javax.servlet-api. Some of the dependencies included in the version of Spring Boot that we use also have known vulnerabilities. We also have a dependency on Apache commons collections that could be replaced with standard library classes.
What
Upgrades the Spring version to 2.0.9.RELEASE from 2019, removes the commons-collections and commons-lang dependencies and updates the tests depending on old commons-lang APIs.