1,修复gson版本导致的漏洞

[xuqiu]

修复由小程序云代码扫描报出的漏洞: 危害等级：高危 漏洞类型：反序列化漏洞 漏洞子类型：MPS-2022-12287_com.google.code.gson_gson 漏洞编号: MPS-2022-12287 CVE-2022-25647 漏洞状态： 漏洞提交 首次发现时间：2023-07-21 13:39:52 最近发现时间：2023-08-08 16:02:39 漏洞基因编码：b953014247a1a4716f6d56e1f7e51ad3 漏洞源文件：http://github.com/sofastack/sofa-rpc/blob/master/config/config-apollo/pom.xml 详细内容: { 间接依赖的组件是:

com.google.code.gson

    <artifactId>[H[gson]H]</artifactId>

间接依赖链路如下: com.ctrip.framework.apollo:apollo-client:1.4.0->com.google.code.gson:gson:2.8.0

对应的修复版本为:

2.8.9

}

[nobodyiam]

It may be advisable to upgrade apollo-client to version 2.1.0, as the transitive gson version has been updated to 2.8.9 since the release of version 2.0.1. However, it's important to note that, beginning with the 2.0.0 release, apollo-client has ceased support for Java 1.7, constituting a significant change.

[xuqiu]

got it, working on it

[xuqiu]

upgraded apollo-client to version 2.1.0, gson gone up to 2.8.9 as well.

[codecov[bot]]

Codecov Report

All modified lines are covered by tests :white_check_mark:

Comparison is base (7e7f751) 72.07% compared to head (ac5ed03) 72.00%. Report is 6 commits behind head on master.

Additional details and impacted files

```diff @@ Coverage Diff @@ ## master #1358 +/- ## ============================================ - Coverage 72.07% 72.00% -0.08% + Complexity 784 783 -1 ============================================ Files 416 416 Lines 17661 17661 Branches 2752 2752 ============================================ - Hits 12730 12717 -13 - Misses 3526 3539 +13 Partials 1405 1405 ``` [see 12 files with indirect coverage changes](https://app.codecov.io/gh/sofastack/sofa-rpc/pull/1358/indirect-changes?src=pr&el=tree-more&utm_medium=referral&utm_source=github&utm_content=comment&utm_campaign=pr+comments&utm_term=sofastack)

:umbrella: View full report in Codecov by Sentry.
:loudspeaker: Have feedback on the report? Share it here.