【依赖升级】jdk8 版本的 logback 升级到 1.2.13 避免安全漏洞

2024-09-17 20:04:02 +08:00 · 2024-09-17 20:04:02 +08:00 · b91fe96a36
commit b91fe96a36
parent 3420834078
1 changed files with 13 additions and 0 deletions
--- a/yudao-dependencies/pom.xml
+++ b/yudao-dependencies/pom.xml
@ -81,6 +81,8 @@
        <jimureport.version>1.7.8</jimureport.version>
        <xercesImpl.version>2.12.2</xercesImpl.version>
        <weixin-java.version>4.6.0</weixin-java.version>
+        <!-- 专属于 JDK8 安全漏洞升级 -->
+        <logback.version>1.2.13</logback.version> <!-- 无法使用 1.3.X 版本，启动会报错 -->
    </properties>

    <dependencyManagement>
@ -677,6 +679,17 @@
                <version>${xercesImpl.version}</version>
            </dependency>

+            <!-- 专属于 JDK8 安全漏洞升级 -->
+            <dependency>
+                <groupId>ch.qos.logback</groupId>
+                <artifactId>logback-core</artifactId>
+                <version>${logback.version}</version>
+            </dependency>
+            <dependency>
+                <groupId>ch.qos.logback</groupId>
+                <artifactId>logback-classic</artifactId>
+                <version>${logback.version}</version>
+            </dependency>
        </dependencies>
    </dependencyManagement>