[Snyk] Upgrade org.hibernate.orm:hibernate-jpamodelgen from 6.6.17.Final to 7.2.1.Final#1063
[Snyk] Upgrade org.hibernate.orm:hibernate-jpamodelgen from 6.6.17.Final to 7.2.1.Final#1063akilarootcode wants to merge 1 commit intomainfrom
Conversation
…al to 7.2.1.Final Snyk has created this PR to upgrade org.hibernate.orm:hibernate-jpamodelgen from 6.6.17.Final to 7.2.1.Final. See this package in maven: org.hibernate.orm:hibernate-jpamodelgen See this project in Snyk: https://app.snyk.io/org/thinuwanw/project/49ad18c7-223c-4e47-8fe8-4360657b6ac2?utm_source=github&utm_medium=referral&page=upgrade-pr
|
|
|
There was a problem hiding this comment.
Pull request overview
Updates the backend Maven build to use a newer Hibernate JPA metamodel generator version, as part of dependency maintenance/security hygiene.
Changes:
- Bumps
org.hibernate.orm:hibernate-jpamodelgenfrom6.6.17.Finalto7.2.1.Finalinbackend/pom.xml.
💡 Add Copilot custom instructions for smarter, more guided reviews. Learn how to get started.
| <groupId>org.hibernate.orm</groupId> | ||
| <artifactId>hibernate-jpamodelgen</artifactId> | ||
| <version>6.6.17.Final</version> | ||
| <version>7.2.1.Final</version> |
There was a problem hiding this comment.
The Hibernate JPA modelgen version is now set to 7.2.1.Final here, but the Maven compiler plugin still configures hibernate-jpamodelgen under annotationProcessorPaths using ${hibernate.version} (defined by the Spring Boot parent). That means the annotation processor used during compilation may remain on the Spring Boot-managed Hibernate version (likely 6.x), while the compile classpath pulls in 7.2.1—leading to inconsistent metamodel generation and potential classpath/version conflicts. Consider using a single version source for both (e.g., set the dependency version to ${hibernate.version} or update the annotationProcessorPaths entry to 7.2.1.Final and ensure the runtime Hibernate ORM stack is upgraded/compatible as well).
| <version>7.2.1.Final</version> | |
| <version>${hibernate.version}</version> |
3 participants
Snyk has created this PR to upgrade org.hibernate.orm:hibernate-jpamodelgen from 6.6.17.Final to 7.2.1.Final.
ℹ️ Keep your dependencies up-to-date. This makes it easier to fix existing vulnerabilities and to more quickly identify and fix newly disclosed vulnerabilities when they affect your project.
The recommended version is 68 versions ahead of your current version.
The recommended version was released a month ago.
Important
Note: You are seeing this because you or someone else with access to this repository has authorized Snyk to open upgrade PRs.
For more information: