Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Update dependency org.springframework.amqp:spring-rabbit to v2 - autoclosed #80

Closed
wants to merge 1 commit into from
Closed

Update dependency org.springframework.amqp:spring-rabbit to v2 - autoclosed #80

wants to merge 1 commit into from

Conversation

dev-mend-for-github-com[bot]
Copy link

@dev-mend-for-github-com dev-mend-for-github-com bot commented Jan 12, 2025
edited
Loading

This PR contains the following updates:

Package Type Update Change
org.springframework.amqp:spring-rabbit compile major 1.7.1.RELEASE -> 2.3.7

By merging this PR, the below issues will be automatically resolved and closed:

Severity CVSS Score CVE Reachability GitHub Issue
Critical 10.0 CVE-2022-22965 #71
Critical 9.8 CVE-2015-4473 #68
Critical 9.8 CVE-2016-1000027 #25
Critical 9.8 CVE-2017-8045 #57
Critical 9.8 CVE-2018-1275 #17
Critical 9.8 CVE-2019-17571 #67
Critical 9.8 CVE-2020-14195 #48
Critical 9.2 CVE-2018-1270 #26
High 8.1 CVE-2020-36184 #59
High 8.1 CVE-2020-36185 #56
High 8.1 CVE-2020-36186 #61
High 8.1 CVE-2020-36187 #60
High 8.1 CVE-2020-36189 #45
High 7.5 CVE-2020-25649 #31
High 7.5 CVE-2020-36518 #69
High 7.5 CVE-2022-25857 #79
High 7.5 CVE-2022-42003 #66
High 7.5 CVE-2022-42004 #65
Medium 6.5 CVE-2018-1257 #35
Medium 6.5 CVE-2022-22950 #73
Medium 6.5 CVE-2023-20861 #77
Medium 6.5 CVE-2023-20863 #78
Medium 6.2 CVE-2018-7273 #63
Medium 5.9 CVE-2018-11087 #51
Medium 5.3 CVE-2022-22968 #70
Medium 5.3 WS-2017-3734 #37
Medium 4.3 CVE-2021-22060 #76
Medium 4.3 CVE-2021-22096 #75
Medium 4.3 CVE-2021-22096 #75
Medium 4.3 CVE-2022-22970 #72
Medium 4.3 CVE-2022-22970 #72

Release Notes

spring-projects/spring-amqp (org.springframework.amqp:spring-rabbit)

v2.3.7

Compare Source

Change log:

0f525e1 Upgrade dependencies; prepare for release
e8e1b86 GH-1295: Reduce Method Complexity
c577fbb GH-1295: Validation for @​RabbitHandler
d63b3ca GH-1335: Reduce Method Complexity
682f2fe GH-1335: RejectAndDontRequeueRecoverer Improvement
09f8b89 GH-1312: Fix Deprecation Warnings in Tests
e787950 GH-1312: Correlation on Channel with Direct Reply
1d56763 Move Central Sync Workflows and Fix Secret Name
980110a Fix Race in Kotlin Test
9ad176f GH-1331: Fix Sonar Issues
bd9989f GH-1331: Fix Test for Gradle Test Worker Thread
d269a32 GH-1331: ThreadChannelConnFactory Improvements
28d6445 Resolve Sonar Issue
52cb898 GH-1329: Document Multi-Threaded Strict Ordering
7b48913 Fix Possible NPE in Deprecated Code
f52a671 Fix Issues Reported by Sonar
2cded99 GH-1325: Queue API Deprecations and Improvements
0757aac Use current main branch in docs instead of master (#​1322)
00f0efa Add Maven Publish Workflows
9120c3e GH-1320: AlwaysDecompress true in DelegatingDecomp
e190e53 GH-1318: Support the Global Flag in basicQos
c1f01f4 Fix Reference to Old master Branch
8317005 GH-1315: Add onFailed() to ConnectionListener
fad17a3 GH-1317: Change Shutdown Ignored Log to Debug
866868c Fix link in doc
5e412de (upstream/master) GH-1313: Remove more unnecessary null checks
8de660b GH-1313: Add Message CTOR with default Props

v2.3.4

Compare Source

Change log:

1b56b84 GH-1293: Fix regression

v2.3.3

Compare Source

Change log:

d835e9a Upgrade Versions; Prepare for Release
c8e0521 GH-1296: Fix Race in Test
0fcb772 Resolve Sonar Issue
2c929ff GH-1296: Fix DMLC Recovery: Missing Queue at Start
d5f81a6 GH-1293: Confirms/Returns with Republish Recoverer
d89f10d @​RabbitListener property improvements
2d0763e GH-1289: Fix whitespace in test
e382f67 GH-1289: Confirms and Returns with Routing CF
072e8ac GH-1285: Fix @​RabbitListener with @​Headers

v2.3.2

Compare Source

Change log:

72df861 Upgrade versions; prepare for release
6c7ac67 Use management tag for RabbitMQ image on GH actions (#​1283)
ab5df7d Some build and docs fixes
4b69594 Add GH Actions integration
90aee11 GH-1729: Fix JSON Regression
18bd707 Fix Spelling errors in the amqp.adoc
189847d fix asyncrabbittemplate section
eac3be3 Fix more false null check warnings
0c677e6 Fix false Sonar null check warnings
99ccb1b Fix Sonar issues and other refactoring
39c9c44 GH-1269: @​RabbitListener: Allow other Annotations
fed2f31 GH-1268: New Factories: Call ConnectionListener(s)
60b7a58 Fix missing class-level @SendTo for CGLib proxy
a6241bb Fix repositories in Gradle build script

v2.3.1

Compare Source

Change log:

c2f4de7 Upgrade versions; prepare for release
b94fdc5 Fix Sonar Issues
58820af New Conn. Factories - Honor Physical Close Request

v2.3.0

Compare Source

Change log:

6ad2fd1 Upgrade Micrometer Version
195dcfc Upgrade Versions; Prepare for Release
ef03b70 GH-891: Docs for Multi RabbitMQ Support
0a0cfe4 GH-1261: Remove unnecessary volatile modifiers
0401051 GH-1258: Fix javadoc
310f950 GH-1258: Change OOMHandler to JavaLangErrorHandler
14dee1f Consumer Batching Polishing
6ed9925 Resolve Sonar Issues
2c3f26e GH-1258: Add OOMHandler to the listener containers

v2.2.22.RELEASE

Compare Source

Change log:

7e8e4ce Upgrade Log4j to 2.17.1
af5fb7a GH-1415: Fix Use of Routing Connection Factory
04ddbbd GH-1412: Fix Messaging Template

v2.2.21.RELEASE

Compare Source

Change log:

ec2ee80 Upgrade versions; prepare for release
aa3589c GH-1409: Fix Nacks for Async Replies
d11841a Upgrade Log4j to 2.17.0
a36e411 Improve Mock Test Runtime
82be9c3 Fix missed imports after cherry-picking
be32a89 GH-1406: Fix Possible Double Ack in Consumer Batch
78c7b45 Upgrade Log4j to 2.16.0
79fdf04 Upgrade Log4j to 2.15.0

v2.2.20.RELEASE

Compare Source

Change log:

bbe797f Fix DEBUG Logging for Projection
bde294d Message toString() Improvement
14f993f GH-1099: Fix Javadocs for Publisher Connection

v2.2.19.RELEASE

Compare Source

Change log:

5fced8b Upgrade versions; prepare for release
3224404 Remove Incorrect Doc Re Prefetch with MANUAL Acks
f1b1d59 Fix Checkstyle violation in JavaDocs
61f9195 Do not deserialize in Message.toString()
e29cd03 GH-1732: Fix Listener Container Parser
2ab561b Fix Possible NPE
00a19b0 GH-1359: After Receive Post Processor Invoked x2
39e22b8 GH-1339: Fix NPEs with returns after conversion ex

v2.2.18.RELEASE

Compare Source

Change log:

7e5e88f remove unused import from the test
e481891 GH-1347: DMLC Ignored Authentication Failures
38d07c1 GH-1339: Fix RLErrorHandler with Conversion Ex. (#​1346)
7299583 Fix imports for previous commit
b77384f GH-1341: Move Tx Synch Cleanup to a finally block

v2.2.17.RELEASE

Compare Source

Change log:

dcbc45e (2.2.x) Fix serial warning in TX tests
9092fe3 Upgrade dependencies prepare for release
ec1ef81 GH-1320: AlwaysDecompress true in DelegatingDecomp
dcaa696 GH-1318: Support the Global Flag in basicQos
d06e75e Fix new test class for the current state of code
de1cf7e GH-1315: Add onFailed() to ConnectionListener
d12cb45 GH-1317: Change Shutdown Ignored Log to Debug
12116ad GH-1313: Add Message CTOR with default Props

v2.2.14.RELEASE

Compare Source

Change log:

15bd3fc Upgrade Reactor Version; Prepare for Release
e9da112 GH-1296: Fix Race in Test
b52a549 GH-1296: Fix DMLC Recovery: Missing Queue at Start
cad3bd7 Add mavenCentral to repositories
19360e0 GH-1289: Fix whitespace in test
73e1874 GH-1289: Fix test for back port
c72298f GH-1289: Confirms and Returns with Routing CF
917d6e9 GH-1285: Fix @​RabbitListener with @​Headers

v2.2.13.RELEASE

Compare Source

Change log:

863a77a Upgrade versions; prepare for release
7819ce4 GH-1729: Fix JSON Regression
048ca4e GH-1269: @​RabbitListener: Allow other Annotations
1d669cd Fix missing class-level @SendTo for CGLib proxy

v2.2.12.RELEASE

Compare Source

Change log:

41abb8a Upgrade Versions; Prepare for Release
3c5aef5 GH-1258: Change OOMHandler to JavaLangErrorHandler
3879496 GH-1258: Add OOMHandler to the listener containers
d73e6ae Fix Compressed contentEncoding Delimiter

v2.2.11.RELEASE

Compare Source

Change log:

61c0446 Catch exception when EventSender stopped (#​1248)
2a8bb4a Upgrade versions; prepare for release
6bc9f79 GH-1246: SMLC: Fix addQueueNames
647a7fa Fix race in test

v2.2.10.RELEASE

Compare Source

Change log:

75c3a29 GH-1236: Handle non-String contentType
6b01c9a GH-1237: RCFB Close key/trust store input streams
88d98df GH-1230: Fix return/confirm delivery order
78d2eac GH-1225: Fix Log4j2 Appender Termination

v2.2.9.RELEASE

Compare Source

Change log:

fb91dc6 Upgrade versions; prepare for release
e34783d GH-1226: Fix Test Harness
3b5d225 GH-1219: Fix header mapping for replies (@​SendTo)
0d544f1 GH-1218: Backport Schema Fixes

v2.2.8.RELEASE

Compare Source

Change log:

20b23b7 Upgrade versions; Prepare for Release
fe05179 GH-1215: Allow Abstract Class Deserialization
709a34b GH-1214: Fix NPE When no Container id or Bean name
519a2c9 GH-1207: Fix NPE
48edfb9 GH-1208: Allow SpEL in all @​RabbitListener Props
5923d67 Remove unused import for Assume
73e2b20 Fix BrokerRunning for skipping tests

v2.2.7.RELEASE

Compare Source

Change log:

a2119b3 GH-1201: Fix for ChannelAwareBatchMessageListener
6abdd27 GH-1201: Native BatchMessageListener Support
664f470 GH-1198: Support AddressResolver
bb3b8c8 GH-1157: Defer spy stubs to original bean
a0cc7b4 GH-1194: Address new Sonar issues
ab7f08f GH-1194: Fix cache limit with Pub Confirms channel
568854b GH-1190: Remove reference to Junit4 Assume

v2.2.6.RELEASE

Compare Source

Change log:

49b8e31 Upgrade dependencies; prepare for release
15f1ed5 GH-1181: Fix memory leak with user correlation
ed41369 Upgrade versions

v2.2.5.RELEASE

Compare Source

Channge log:

c470590 Upgrade Jackson, Micrometer versions
2be77e8 Upgrade reactor, spring-data versions
7f6b457 Fix duplicated literals
8622db9 GH-1162: Reinstate GH-1148 Log4j Appender Change
e4c523b Add @​RabbitListener replyPostProcessor
abec859 Always default to TLSv1.2
6d2809d GH-1166: Fix NPE in RepublishMessageRecoverer

v2.2.4.RELEASE

Compare Source

Change log:

9fbc3da Upgrade versions for release
7af0f90 Revert "GH-1148: Revert Log4j Appender Change"
fdda7a9 Move Batch Listener check to start()
667a738 Add isConsumerBatchEnabled() to listener container
5e9ec03 GH-1156: Fix default error handler in javadoc
7941596 GH-1152: Fix Sonar issue
bb83aa7 GH-1148: Revert Log4j Appender Change
0344524 GH-1152: Use contentEncoding in Message.toString()
9e4ba4f GH-1148: Log4jAppender - fix initialization cycle
fb32210 [#​1145] Fix generic parameter type detection for batch listeners … (#​1146)
abc96cf Use of PluginBuilderFactory on AmqpAppender (Log4j2) (#​1144)

v2.2.3.RELEASE

Compare Source

Change log:

30570a2 GH-1140: RabbitTemplate and CGLIB Proxies
2557338 GH-1138: Support @​Repeatable user annotations
d0483b9 GH-1136: Fix Sonar Issue (complexity)
3793fc1 GH-1136: Support Meta Annotations with AliasFor
1b173a4 Fix Sonar issue.
0695d05 Remove super()
e779d5c GH-1133: Sonar issue
bb965f7 GH-1133: Check for null reply before applying MPPs
79d27bc GH-1133: Add called bean/method to reply msg props
2874cd2 Mockito Answers: Capture any exceptions
e37e9aa Fix new Sonar smells in RepublishMessageRecoverer
67bba39 GH-1130: Repub Recoverer include ex. message size

v2.2.2.RELEASE

Compare Source

Change log:

439346f Upgrade Spring Data Commons
49d07ee Upgrade Spring, Micrometer versions
a9dc7e9 GH-1127: Add MessageBatchRecoverer
e6e659a GH-1125: Add DeclarableCustomizer
24a9388 Fix the wrong method return type in documentation
20943cc Add ContainerCustomizer
e707f51 Upgrade gradle
7cda694 Upgrade AssertJ, Hamcrest
a722040 Revert "Disable quorum test temporarily"
179fcd8 Disable quorum test temporarily
6edcac7 Support quorum queues in QueueBuilder
23d35b6 Ignore AlreadyClosedException in SimpleConnection
c32ebda GH-1116: LQCF Doc Polishing

v2.2.1.RELEASE

Compare Source

Change log:

d4fb41d Upgrade Spring, Reactor versions
98c6abc GH-1113: Clean up cals to basicCancel
ceac6b0 Upgrade some dependencies
4074b56 Fix test
8ca2cbb GH-1108: @​QueueBinding.key recursive resolution
c939c58 GH-1106: Fix Use Publisher CF with RT.invoke()
287977e Fixed small smelling mistake

v2.2.0.RELEASE

Compare Source

Change log:

34e423f GH-1085: spring-rabbit-junit -> spring-rabbit-test
2f632eb Upgrade Micrometer version
ba44cf1 Upgrade some dependencies
148dace Upgrade to Jackson 2.10
3851b19 Fix Sonar issue
ff03c53 GH-1101: Message Listener Micrometer Timers
dc88048 Upgrade dependencies (#​1098)
e6929a0 GH-1093: Remove redundant isInterface() call
9c25d17 Fix race in test
9c1bdcd GH-1093: @​RabbitListener fix abstract return type
af7c32f GH-1094: Add Deflater and Inflator PostProcessors
c746497 GH-1091: Fix DMLC with Routing Connection Factory
3f65fc0 GH-1087: RabbitTemplate: improvement debug logging
1a17848 Fix possibleAuthenticationFailureFatal
30d257b GH-1086: XML: Properly parse type attr
ccd177c Fix new Sonar smell: no CloneNotSupportedException
3fa278b Fix new Sonar smells

v2.1.18.RELEASE

Compare Source

Change log:

7dc129a GH-1296: Fix Race in Test
69ec278 GH-1296: Fix DMLC Recovery: Missing Queue at Start
a9f7830 GH-1289: Fix import in back-ported test
ad612a8 GH-1289: Confirms and Returns with Routing CF

v2.1.17.RELEASE

Compare Source

Change log:

e56c883 Upgrade Spring Version
9a84951 GH-1246: SMLC: Fix addQueueNames
3a8e95f GH-1236: Handle non-String contentType
a9a23ca GH-1237: RCFB Close key/trust store input streams
3be802f GH-1225: Fix Log4j2 Appender Termination

v2.1.16.RELEASE

Compare Source

Change log:

d304541 Upgrade versions; preparation for release
db576ce Fix Checkstyle violations
a141ede GH-1226: Fix Test Harness
144bf81 GH-1219: Fix header mapping for replies (@​SendTo)

v2.1.15.RELEASE

Compare Source

Change log:

445bd27 Fix addressResolver afte merge conflict
8d72e57 Make test method public for JUnit 4
127281b Fix typo in the test
1c4fc55 Fix test for JUnit 4
8e615d0 GH-1198: Support AddressResolver
2496b53 GH-1157: Defer spy stubs to original bean
fefb1f2 GH-1194: Address new Sonar issues
4a3c427 Fix test to use setPublisherConfirms(true)
404d53b GH-1194: Fix cache limit with Pub Confirms channel

v2.1.14.RELEASE

Compare Source

Change log:

10fd86f Upgrade dependencies; prepare for release
ef00f2d GH-1148: Revert Log4j Appender Change
028550c GH-1148: Log4jAppender - fix initialization cycle

v2.1.13.RELEASE

Compare Source

Change log:

828e6b1 Apply aRPPs for replies with a listener container
5cadcc3 GH-1130: Repub Recoverer include ex. message size
ce677bf Ignore AlreadyClosedException in SimpleConnection
ecbc388 GH-1116: LQCF Doc Polishing

v2.1.12.RELEASE

Compare Source

Change log:

af9729f Upgrade Spring Framework in prep for release
04c598b GH-1113: Clean up calls to basicCancel
00ef68c Upgrade some dependencies
[53c9150](https://redirect.g

@dev-mend-for-github-com dev-mend-for-github-com bot added the security fix Security fix generated by Mend label Jan 12, 2025
@dev-mend-for-github-com dev-mend-for-github-com bot changed the title Update dependency org.springframework.amqp:spring-rabbit to v2 Update dependency org.springframework.amqp:spring-rabbit to v2 - autoclosed Jan 20, 2025
@dev-mend-for-github-com dev-mend-for-github-com bot deleted the whitesource-remediate/org.springframework.amqp-spring-rabbit-2.x branch January 20, 2025 15:23
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers
No reviews
Assignees
No one assigned
Labels
security fix Security fix generated by Mend
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
0 participants