Upgrade to MySQL 8.3.0 #39081
Comments
spring-projects-issues
added
the
status: waiting-for-triage
|
Generally speaking, we don't upgrade to a new minor version of a dependency in a maintenance version of Spring Boot. At this time, it's not clear if 8.1.0 is completely end of life so I don't think an exception to this policy is warranted at the moment. We have already upgraded to MySQL driver 8.2.0 for this month's 3.3.0-M1 release. You can use 8.2.0 with Spring Boot 3.2 by overriding the |
wilkinsona
added
status: declined
|
Duplicates #38423 |
bclozel
added
status: duplicate
|
Hi @bclozel , I ask that as we have a security vulnerability in 8.1.0 version as follows: https://security.snyk.io/vuln/SNYK-JAVA-COMMYSQL-6075938 Which is recommended upgrade to 8.2.0. |
|
Reopening for team discussion. I'm wondering if we should adopt the same approach as #38901 because the official website says:
It sounds like the CVE fix will not be backported and we shouldn't expect maintenance versions in the 8.2.x line. |
bclozel
added
for: team-attention
philwebb
changed the title
philwebb
added
type: dependency-upgrade
wilkinsona
added
the
status: noteworthy
|
MySQL 8.3.0 is out ! |
|
We can't consider this now as the release notes state:
|
|
The release appearing on Maven Central doesn't invalidate what Brian has said. We can't consider an upgrade to 8.3.0 until it has been announced, its content including any CVE fixes has been described, and information about whether or not it supersedes 8.2 has been provided. |
|
The page is now updated:
|
Even updated to version 3.2.2-SNAPSHOT version, this version uses MySQL driver 8.1.0 when we have a new one available (8.2.0) https://mvnrepository.com/artifact/com.mysql/mysql-connector-j/8.2.0 .
Any chance to use 8.2.0 version on 3.2.2 Spring boot version?
Thanks in advance.
The text was updated successfully, but these errors were encountered: