[Snyk] Security upgrade org.springframework.security:spring-security-oauth2-client from 5.7.8 to 7.0.0

[officialmofabs]

Snyk has created this PR to fix 1 vulnerabilities in the maven dependencies of this project.

Snyk changed the following file(s):

• samples/client/petstore/spring-cloud-date-time/pom.xml

Vulnerabilities that will be fixed with an upgrade:

	Issue	Score	Upgrade
	Uncontrolled Recursion SNYK-JAVA-COMNIMBUSDS-10691768	666	org.springframework.security:spring-security-oauth2-client: 5.7.8 -> 7.0.0 Major version upgrade Proof of Concept

---

Important

• Check the changes in this PR to ensure they won't cause issues with your project.
• Max score is 1000. Note that the real score may have changed since the PR was raised.
• This PR was automatically created by Snyk using the credentials of a real user.

---

Note: You are seeing this because you or someone else with access to this repository has authorized Snyk to open fix PRs.

For more information:
🧐 View latest project report
📜 Customise PR templates
🛠 Adjust project settings
📚 Read about Snyk's upgrade logic

---

Learn how to fix vulnerabilities with free interactive lessons:

🦉 Learn about vulnerability in an interactive lesson of Snyk Learn.

[socket-security]

Review the following changes in direct dependencies. Learn more about Socket for GitHub.

Diff	Package	Supply Chain Security	Vulnerability	Quality	Maintenance	License
	maven/​com.fasterxml.jackson.datatype/​jackson-datatype-guava@​2.17.1
	maven/​commons-io/​commons-io@​2.16.1
	maven/​org.junit.support/​testng-engine@​1.0.5
	maven/​org.springframework.boot/​spring-boot-test@​2.5.14
	maven/​com.tngtech.archunit/​archunit@​1.3.0
	maven/​com.github.joschi.jackson/​jackson-datatype-threetenbp@​2.15.2
	maven/​org.apache.maven/​maven-core@​3.9.6
	maven/​jakarta.validation/​jakarta.validation-api@​2.0.2
	maven/​org.codehaus.janino/​janino@​3.1.9
	maven/​com.googlecode.lambdaj/​lambdaj@​2.3.3
	maven/​com.google.guava/​guava@​32.1.3-jre
	maven/​io.airlift/​airline@​0.9
	maven/​org.mockito/​mockito-core@​4.10.0
	maven/​org.codehaus.plexus/​plexus-utils@​3.5.1
	maven/​com.github.javaparser/​javaparser-core@​3.24.9
	maven/​org.codehaus.plexus/​plexus-archiver@​4.8.0
	maven/​com.fasterxml.jackson.dataformat/​jackson-dataformat-xml@​2.17.1
	maven/​org.apache.maven/​maven-compat@​3.9.6
	maven/​com.github.jknack/​handlebars@​4.3.1
	maven/​com.googlecode.java-diff-utils/​diffutils@​1.3.0
	maven/​org.sonatype.plexus/​plexus-build-api@​0.0.7
	maven/​com.github.mifmif/​generex@​1.0.2
	maven/​org.apache.maven.plugin-testing/​maven-plugin-testing-harness@​3.3.0
	maven/​org.apache.maven.shared/​maven-verifier@​1.8.0
	maven/​org.apache.maven/​maven-resolver-provider@​3.9.6
	maven/​com.tngtech.archunit/​archunit-junit5@​1.3.0
	maven/​org.apache.maven/​maven-plugin-api@​3.9.6
	maven/​org.apache.maven/​maven-artifact@​3.9.6
	maven/​org.apache.commons/​commons-text@​1.10.0
	maven/​org.slf4j/​slf4j-ext@​1.7.36
	maven/​com.github.curious-odd-man/​rgxgen@​1.4
	maven/​org.apache.maven.plugin-tools/​maven-plugin-annotations@​3.9.0
See 5 more rows in the dashboard

View full report

[openhands-ai]

Looks like there are a few issues preventing this PR from being merged!

• GitHub Actions are failing:
  • OpenAPI Generator
  • Windows tests
  • Linux tests
  • Samples Java Spring
  • .github/workflows/samples-r.yaml

If you'd like me to help, just leave a comment, like

@OpenHands please fix the failing actions on PR #731 at branch `snyk-fix-4832133c4bceec405bff02cff2a647c5`

Feel free to include any additional details that might help me get this PR into a better state.

_{^{You can manage your notification settings}}