root
/
spring-framework
mirror of https://github.com/spring-projects/spring-framework.git
1
0
Fork 0
Code Issues Actions Packages Projects Releases Wiki Activity
6,628 Commits 17 Branches 354 Tags 372 MiB
Java 97.7%
Kotlin 2.1%
Go to file
Arjen Poutsma 434735fbf6 Fix potential security risk when using Spring OXM 
Disable by default external entity resolution when using Spring OXM
with jaxb. This prevents a XML entity from being able to resolve a
local file on the host system.

See:
https://www.owasp.org/index.php/XML_External_Entity_(XXE)_Processing

Issue: SPR-10806
(cherry picked from commit 7576274)
 		2013-08-06 15:10:05 -07:00
.settings/gradle
buildSrc/src/main Upgradle to gradle 1.6 2013-07-30 13:29:05 -07:00
gradle Upgradle to gradle 1.6 2013-07-30 09:29:44 -07:00
spring-aop/src Fixed ClassFilterAwareUnionMethodMatcher equals implementation 2013-08-05 22:23:10 +02:00
spring-aspects Upgradle to gradle 1.6 2013-07-30 13:29:05 -07:00
spring-beans/src Skip abstract beans in getBeansWithAnnotation() 2013-07-25 11:27:57 +02:00
spring-context Polishing 2013-08-06 01:58:46 +02:00
spring-context-support/src Updated Quartz version range in javadoc 2013-07-30 23:27:34 +02:00
spring-core/src Fixed misunderstanding with respect to excludeUnlistedClasses default in JPA 2.0 2013-07-31 23:40:59 +02:00
spring-expression Include argument types in MethodReference cache 2013-07-25 11:28:03 +02:00
spring-instrument/src
spring-instrument-tomcat/src Optimized TomcatInstrumentableClassLoader implementation 2013-08-01 15:49:58 +02:00
spring-jdbc/src Fix SimpleJdbcCall and SimpleJdbcInsert Javadoc 2013-08-06 14:44:01 -07:00
spring-jms/src Added javadoc note on the use of CachingConnectionFactory 2013-08-06 00:31:18 +02:00
spring-orm/src Fixed misunderstanding with respect to excludeUnlistedClasses default in JPA 2.0 2013-07-31 23:40:59 +02:00
spring-orm-hibernate4/src Resource-based PlatformTransactionManager implementations defensively catch Throwable in doBegin in order to reliably close resource in case of OutOfMemoryError 2013-07-25 10:45:58 +02:00
spring-oxm Consistent use of varargs; deprecated setAnnotatedClass method 2013-08-06 00:31:06 +02:00
spring-struts/src
spring-test
spring-test-mvc/src Add attributeDoesNotExist ModelResultMatcher 2013-07-30 15:41:55 -04:00
spring-tx/src Refined javadoc for WebLogic/WebSphere transaction setup 2013-08-01 17:24:24 +02:00
spring-web/src Fix potential security risk when using Spring OXM 2013-08-06 15:10:05 -07:00
spring-webmvc/src Polishing 2013-08-01 00:35:51 +02:00
spring-webmvc-portlet/src Replaced Map synchronization with ConcurrentHashMap to avoid session access deadlocks 2013-05-16 14:34:38 +02:00
spring-webmvc-tiles3/src
src Further 3.2.4 changelog entries 2013-08-06 00:32:59 +02:00
.gitignore
CONTRIBUTING.md
README.md
build.gradle Fix TestNG build settings 2013-07-30 14:21:28 -07:00
gradle.properties 2013-05-20 10:18:53 -07:00
gradlew
gradlew.bat
import-into-eclipse.bat
import-into-eclipse.sh
import-into-idea.md
settings.gradle

README.md

Spring Framework

The Spring Framework provides a comprehensive programming and configuration model for modern Java-based enterprise applications - on any kind of deployment platform. A key element of Spring is infrastructural support at the application level: Spring focuses on the "plumbing" of enterprise applications so that teams can focus on application-level business logic, without unnecessary ties to specific deployment environments.

The framework also serves as the foundation for Spring Integration, Spring Batch and the rest of the Spring family of projects. Browse the repositories under the SpringSource organization on GitHub for a full list.

.NET and Python variants are available as well.

Downloading artifacts

See downloading Spring artifacts for Maven repository information. Unable to use Maven or other transitive dependency management tools? See building a distribution with dependencies.

Documentation

See the current Javadoc and reference docs.

Getting support

Check out the Spring forums and the spring and spring-mvc tags on Stack Overflow. Commercial support is available too.

Issue Tracking

Report issues via the Spring Framework JIRA. Understand our issue management process by reading about the lifecycle of an issue. Think you've found a bug? Please consider submitting a reproduction project via the spring-framework-issues GitHub repository. The readme there provides simple step-by-step instructions.

Building from source

The Spring Framework uses a Gradle-based build system. In the instructions below, ./gradlew is invoked from the root of the source tree and serves as a cross-platform, self-contained bootstrap mechanism for the build. The only prerequisites are Git and JDK 1.7+.

check out sources

git clone git://github.com/SpringSource/spring-framework.git

compile and test, build all jars, distribution zips and docs

./gradlew build

install all spring-* jars into your local Maven cache

./gradlew install

import sources into your IDE

Run ./import-into-eclipse.sh or read import-into-idea.md as appropriate.

... and discover more commands with ./gradlew tasks. See also the Gradle build and release FAQ.

Contributing

Pull requests are welcome; see the contributor guidelines for details.

Staying in touch

Follow @springframework and its team members on Twitter. In-depth articles can be found at the SpringSource team blog, and releases are announced via our news feed.

License

The Spring Framework is released under version 2.0 of the Apache License.