security-advisory

Clone Tools
  • last updated a few seconds ago
Constraints
Constraints: committers
 
Constraints: files
Constraints: dates
Merge pull request #2 from MidnightBSD/snyk-fix-9904a690a7058747fefe84dcb1eaa1f4

[Snyk] Fix for 2 vulnerabilities

Merge pull request #4 from JLLeitschuh/fix/JLL/use_https_to_resolve_dependencies

[SECURITY] Use HTTPS to resolve dependencies in Maven Build

Use HTTPS instead of HTTP to resolve dependencies

This fixes a security vulnerability in this project where the `pom.xml`

files were configuring Maven to resolve dependencies over HTTP instead of

HTTPS.

Signed-off-by: Jonathan Leitschuh <Jonathan.Leitschuh@gmail.com>

fix: pom.xml to reduce vulnerabilities

The following vulnerabilities are fixed with an upgrade:

- https://snyk.io/vuln/SNYK-JAVA-ORGWEBJARS-479774

- https://snyk.io/vuln/SNYK-JAVA-ORGWEBJARS-479782

Fix the security advisory client's endpoint by breaking it up into multiple queries rather than one large join. PG 11.x seems to choke on it in RDS although 9.6 is somewhat ok on midnightbsd. all well. Even on 9.6/midnightbsd it's twice as fast this way.

make this a composite key

    • -0
    • +2
    /src/main/resources/db/migration/V1_7__pk_adv_map.sql
Upgrade spring cloud release.

    • -0
    • +3
    /src/main/resources/db/migration/V1_6__index_tweaks.sql
Upgrade to spring boot 2.1.8 (major bump) This also requires updating elasticsearch to 6.4.x

travis update

Code cleanup. Disable a cache that's crashing with some input.

update spring boot and lombok

Merge pull request #1 from fossabot/master

Add license scan report and status

Add license scan report and status

Signed-off-by: fossabot <badges@fossa.io>

update some libraries.

Add travis ci build info

Update lombok and jest client

Update spring boot version for security as well as spring cloud. update copyright year.

    • -1
    • +1
    /src/main/resources/templates/index.html
Fix the readme

Remove some unused javascript. Update the angular-ui-bootrap to 0.12.1 and use a webjar for it

  1. … 268 more files in changeset.
Update to angular 1.4.x

  1. … 149 more files in changeset.
Update angular.js to 1.3.x

Fix the ports

fix the flyway config

No longer needed

Start spring boot 2 upgrade.

    • -10
    • +10
    /src/main/resources/application.yml
switch to vanroy spring-data-jest client.

Upgrade spring cloud

Update spring boot

fix several bugs

    • -12
    • +2
    /src/main/resources/static/views/advisory.html