jigga
commented
10 months ago That was resolved in version 0.10.0. Closing.
Closed jigga closed 10 months ago
jigga
commented
10 months ago That was resolved in version 0.10.0. Closing.
Problem
The version of Spring used by the plugin has not been updated in a long while, and all vulnerabilities present in the currently used version are transitively inherited by all projects using the plugin. It takes some effort to keep the dependencies up-to-date, hence the fewer dependencies there are the easier it is to maintain the project. When the project using the plugin uses Spring itself and the major version differs from the one used by the plugin, compatibility issues make the plugin unusable (specifically talk about the case where the project uses Spring Boot 3.x/Spring Framework 6.x).
Solution
Drop the dependency on the Spring Framework and try using the functionality offered by the Java standard library. If we upgraded the base Java version to 11, we could for instance use the java.net.http.HttpClient instead of the RestTemplate.