keycloak-config-cli
keycloak-config-cli copied to clipboard
adorsys
Update logback to 1.2.13
What this PR does / why we need it: spring-boot-starter-logging:2.7.13 uses logback-classic:jar:1.2.12 and logback-core:jar:1.2.12 which are affected by CVE-2023-6378 and CVE-2023-6481. logback 1.2.13 contains the backport of this fix: https://github.com/qos-ch/logback/issues/745
Which issue this PR fixes (optional, in fixes #<issue number>(, fixes #<issue_number>, ...) format, will close that issue when PR gets merged): fixes #
Special notes for your reviewer:
PR Readiness Checklist:
Complete these before marking the PR as ready to review:
- [x] the
CHANGELOG.mdrelease notes have been updated to reflect any significant (and particularly user-facing) changes introduced by this PR
Quality Gate passed
Issues
0 New issues
Measures
0 Security Hotspots
No data about Coverage
0.0% Duplication on New Code
See analysis details on SonarCloud
![sonarqubecloud[bot] avatar](https://avatars.githubusercontent.com/in/12526?v=4 "Published by a pub.dev verified publisher"){kind=small}
Codecov Report
All modified and coverable lines are covered by tests :white_check_mark:
Comparison is base (
efc3bfa) 95.76% compared to head (d066c15) 95.78%.
Additional details and impacted files
@@ Coverage Diff @@
## main #990 +/- ##
============================================
+ Coverage 95.76% 95.78% +0.02%
Complexity 1366 1366
============================================
Files 80 80
Lines 4367 4367
Branches 491 491
============================================
+ Hits 4182 4183 +1
+ Misses 92 90 -2
- Partials 93 94 +1
:umbrella: View full report in Codecov by Sentry.
:loudspeaker: Have feedback on the report? Share it here.
![codecov[bot] avatar](https://avatars.githubusercontent.com/in/254?v=4 "Published by a pub.dev verified publisher"){kind=small}
Hi @m-rcl,
through the Spring update logback has been updated to version 1.4.14 😉
Best Regards Jonas
