Declare & update the version of the h2 dependency

turkraft / springfilter

Dynamically filter JPA entities and Mongo collections with a user-friendly query syntax. Seamless integration with Spring APIs. Star to support the project! ⭐️

https://turkraft.com/springfilter

225 stars 38 forks source link

Declare & update the version of the h2 dependency #322

Closed ggomarighetti closed 1 year ago

ggomarighetti commented 1 year ago

Resume

Declare and update H2 dependency version. Vulnerabilities discovered and Dependabot did not recognize it.

Evidence

Reference

Not required

torshid commented 1 year ago

Hi @ggomarighetti,

I think it is more suitable to let Spring Boot define H2's version for consistency between dependencies. The vulnerability comes from here, but it is not important as it only affects the example project. I think that it should be fixed in Spring Boot 3.1.4.