Dependency updates to eliminate vulnerabilities discovered by dependency-check
Eliminated all CRITICAL and HIGH except for CVE-2016-1000027 (which more or less forbids the use of Spring since 2016 -- it's moderately controversial.
@road
On December 29, GitLab will be migrating to the next generation Container Registry, which implements automatic garbage collection. See KB news article for edge cases in which you could need to rebuild a container after the migration.
Eliminated all CRITICAL and HIGH except for CVE-2016-1000027 (which more or less forbids the use of Spring since 2016 -- it's moderately controversial.
@road