Skip to end of banner
Go to start of banner

Dependencies out of support

Skip to end of metadata
Go to start of metadata

You are viewing an old version of this page. View the current version.

Compare with Current View Page History

« Previous Version 2 Next »

Spring 5

Spring Framework 5 Open Source Support ends 2024-08-31: https://spring.io/projects/spring-framework#support

GitHub pom.xml search for Spring 5.3: https://github.com/search?q=org%3Afolio-org+spring+%22%3E5.3%22+language%3A%22Maven+POM%22+NOT+is%3Aarchived&type=code

SECURITY-180 - Getting issue details... STATUS

RMB RAML Module Builder

https://github.com/folio-org/raml-module-builder

RMB has been deprecated, this is mentioned in onOfficially Supported Technologies.

FOLIO’s core-platform team continuously updates all RMB dependencies, including Vert.x and Netty; the only exception is domain-models-maven-plugin.

domain-models-maven-plugin

https://github.com/folio-org/raml-module-builder/blob/master/domain-models-maven-plugin/pom.xml

This plugin runs at compile time only and runs on static data from source code repository only. It generates API documentation and Java code skeleton for APIs. This makes it very unlikely to cause any threat.

org.raml.jaxrs:jaxrs-code-generator has been unsupported since 2019: https://github.com/mulesoft-labs/raml-for-jax-rs/tree/master/raml-to-jaxrs/jaxrs-code-generator

jaxrs-code-generator requires com.google.guava:guava with outdated version 19.0 that has vulnerabilities that don’t affect the code generation.

  • No labels