mirror of
https://github.com/qaiu/netdisk-fast-download.git
synced 2026-06-10 07:27:28 +00:00
17460ff271
- 升级 Vert.x 4.5.24 → 4.5.27, postgresql 42.7.3 → 42.7.11, logback 1.5.18 → 1.5.32, axios 1.13.5 → 1.16.1 - 修复 JWT 签名验证和密码比较的时序攻击漏洞 (MessageDigest.isEqual) - 修复 AESUtils 使用不安全 Random 改为 SecureRandom - 修复登录用户枚举和异常信息泄露,统一错误提示 - 修复 RateLimiter count++ 非原子操作 (AtomicInteger) - 修复 JsParserExecutor DCL 模式缺少 volatile - 修复 Token 日志泄露,仅打印前8字符 - 修复 Playground 密码时序攻击和堆栈泄露 - 所有 window.open 添加 noopener,noreferrer - LocalConstant 改用 ConcurrentHashMap 保证线程安全 - Dockerfile 添加非 root 用户运行,secret.yml 加入 .gitignore
74 lines
2.4 KiB
XML
74 lines
2.4 KiB
XML
<?xml version="1.0" encoding="UTF-8"?>
|
|
<project xmlns="http://maven.apache.org/POM/4.0.0"
|
|
xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
|
|
xsi:schemaLocation="http://maven.apache.org/POM/4.0.0 http://maven.apache.org/xsd/maven-4.0.0.xsd">
|
|
<parent>
|
|
<artifactId>netdisk-fast-download</artifactId>
|
|
<groupId>cn.qaiu</groupId>
|
|
<version>${revision}</version>
|
|
</parent>
|
|
<modelVersion>4.0.0</modelVersion>
|
|
|
|
<artifactId>core-database</artifactId>
|
|
|
|
<properties>
|
|
<java.version>17</java.version>
|
|
<project.build.sourceEncoding>UTF-8</project.build.sourceEncoding>
|
|
</properties>
|
|
|
|
<dependencies>
|
|
<dependency>
|
|
<groupId>cn.qaiu</groupId>
|
|
<artifactId>core</artifactId>
|
|
</dependency>
|
|
|
|
<!-- https://mvnrepository.com/artifact/com.h2database/h2 -->
|
|
<dependency>
|
|
<groupId>com.h2database</groupId>
|
|
<artifactId>h2</artifactId>
|
|
<version>2.2.220</version>
|
|
</dependency>
|
|
|
|
<!-- https://mvnrepository.com/artifact/com.zaxxer/HikariCP -->
|
|
<dependency>
|
|
<groupId>com.zaxxer</groupId>
|
|
<artifactId>HikariCP</artifactId>
|
|
<version>5.0.1</version>
|
|
</dependency>
|
|
<dependency>
|
|
<groupId>org.apache.commons</groupId>
|
|
<artifactId>commons-lang3</artifactId>
|
|
<version>3.18.0</version>
|
|
</dependency>
|
|
<dependency>
|
|
<groupId>io.vertx</groupId>
|
|
<artifactId>vertx-codegen</artifactId>
|
|
<scope>compile</scope>
|
|
<version>${vertx.version}</version>
|
|
</dependency>
|
|
<dependency>
|
|
<groupId>io.vertx</groupId>
|
|
<artifactId>vertx-sql-client-templates</artifactId>
|
|
<version>${vertx.version}</version>
|
|
</dependency>
|
|
<dependency>
|
|
<groupId>io.vertx</groupId>
|
|
<artifactId>vertx-jdbc-client</artifactId>
|
|
<version>${vertx.version}</version>
|
|
</dependency>
|
|
<dependency>
|
|
<groupId>com.mysql</groupId>
|
|
<artifactId>mysql-connector-j</artifactId>
|
|
<version>9.2.0</version>
|
|
</dependency>
|
|
<!-- PG驱动-->
|
|
<dependency>
|
|
<groupId>org.postgresql</groupId>
|
|
<artifactId>postgresql</artifactId>
|
|
<version>42.7.11</version>
|
|
</dependency>
|
|
|
|
</dependencies>
|
|
|
|
</project>
|