fix 修复 snakeyaml 漏洞 强制升级依赖版本(临时处理等boot升级)

疯狂的狮子li

2022-09-26 0d188d6a3932fdd47e69790b72c0531a63a11c5c

fix 修复 snakeyaml 漏洞 强制升级依赖版本(临时处理等boot升级)

 pom.xml

@@ -40,6 +40,8 @@

        <!-- 统一 guava 版本 解决隐式漏洞问题 -->
        <guava.version>31.1-jre</guava.version>
        <!-- 临时修复 snakeyaml 漏洞 -->
        <snakeyaml.version>1.31</snakeyaml.version>

        <!-- OSS 配置 -->
        <aws-java-sdk-s3.version>1.12.300</aws-java-sdk-s3.version>
@@ -254,6 +256,13 @@
                <version>${guava.version}</version>
            </dependency>

            <!-- 临时修复 snakeyaml 漏洞 -->
            <dependency>
                <groupId>org.yaml</groupId>
                <artifactId>snakeyaml</artifactId>
                <version>${snakeyaml.version}</version>
            </dependency>

            <!-- 定时任务 -->
            <dependency>
                <groupId>com.ruoyi</groupId>