首页 > 其他分享 >通过 chatgpt 修复org.springframework:spring-webmvc 安全漏洞过程记录(chatgpt有时候会乱说或者提不出最优方案)

通过 chatgpt 修复org.springframework:spring-webmvc 安全漏洞过程记录(chatgpt有时候会乱说或者提不出最优方案)

时间:2024-10-15 18:04:17浏览次数:6  
标签:webmvc java spring boot springframework SpringApplication org chatgpt

1,首先我把这个安全漏洞的trivy完整描述send给了chatgpt并且随后把我的pom.xml也完整的send给了它。

chatgpt给出的答案还算比较靠谱。

 

图一

 

图二

 

图三

 图四

 2,根据chatgpt的回复,我把

<parent>
    <groupId>org.springframework.boot</groupId>
    <artifactId>spring-boot-starter-parent</artifactId>
    <version>3.1.7</version>
    <relativePath/>
</parent>

升级到了
<parent>
    <groupId>org.springframework.boot</groupId>
    <artifactId>spring-boot-starter-parent</artifactId>
    <version>3.2.10</version>
    <relativePath/>
</parent>

然后我直接替换了jar包重启程序报错,如下图:

图五

 



3,然后根据这个提示我知道了spring-core-6.0.22不兼容问题,其实chatgpt之前已经提到了,我没注意到,所以我删除了如下的配置,使用
spring-boot-starter-parent自带的







<!-- https://mvnrepository.com/artifact/org.springframework/spring-core -->
<dependency>
    <groupId>org.springframework</groupId>
    <artifactId>spring-core</artifactId>
    <version>6.0.22</version>
</dependency>

<!-- https://mvnrepository.com/artifact/org.springframework/spring-web -->
<dependency>
    <groupId>org.springframework</groupId>
    <artifactId>spring-web</artifactId>
    <version>6.0.22</version>
</dependency>

4,然后再次打包重启,这次报另外一个错误了



Error starting ApplicationContext. To display the condition evaluation report re-run your application with 'debug' enabled.
2024-10-15 16:37:38.507 [] [main] ERROR org.springframework.boot.SpringApplication.reportFailure [859] : Application run failed
org.springframework.beans.factory.BeanDefinitionStoreException: Invalid bean definition with name 'commonDVODao' defined in URL [jar:nested:/usr/novaback/nova-back-java-0.0.1-SNAPSHOT.jar/!BOOT-INF/classes/!/com/hp/novaback/dao/CommonDVODao.class]: Invalid value type for attribute 'factoryBeanObjectType': java.lang.String
        at org.springframework.beans.factory.support.AbstractAutowireCapableBeanFactory.getTypeForFactoryBean(AbstractAutowireCapableBeanFactory.java:857)
        at org.springframework.beans.factory.support.AbstractBeanFactory.getType(AbstractBeanFactory.java:743)
        at org.springframework.beans.factory.support.DefaultListableBeanFactory.findAnnotationOnBean(DefaultListableBeanFactory.java:735)
        at org.springframework.boot.sql.init.dependency.AnnotationDependsOnDatabaseInitializationDetector.detect(AnnotationDependsOnDatabaseInitializationDetector.java:36)
        at org.springframework.boot.sql.init.dependency.DatabaseInitializationDependencyConfigurer$DependsOnDatabaseInitializationPostProcessor.detectDependsOnInitializationBeanNames(DatabaseInitializationDependencyConfigurer.java:152)
        at org.springframework.boot.sql.init.dependency.DatabaseInitializationDependencyConfigurer$DependsOnDatabaseInitializationPostProcessor.postProcessBeanFactory(DatabaseInitializationDependencyConfigurer.java:115)
        at org.springframework.context.support.PostProcessorRegistrationDelegate.invokeBeanFactoryPostProcessors(PostProcessorRegistrationDelegate.java:363)
        at org.springframework.context.support.PostProcessorRegistrationDelegate.invokeBeanFactoryPostProcessors(PostProcessorRegistrationDelegate.java:197)
        at org.springframework.context.support.AbstractApplicationContext.invokeBeanFactoryPostProcessors(AbstractApplicationContext.java:789)
        at org.springframework.context.support.AbstractApplicationContext.refresh(AbstractApplicationContext.java:607)
        at org.springframework.boot.web.servlet.context.ServletWebServerApplicationContext.refresh(ServletWebServerApplicationContext.java:146)
        at org.springframework.boot.SpringApplication.refresh(SpringApplication.java:754)
        at org.springframework.boot.SpringApplication.refreshContext(SpringApplication.java:456)
        at org.springframework.boot.SpringApplication.run(SpringApplication.java:335)
        at org.springframework.boot.SpringApplication.run(SpringApplication.java:1363)
        at org.springframework.boot.SpringApplication.run(SpringApplication.java:1352)
        at com.hp.novaback.NovaBackApplication.main(NovaBackApplication.java:24)
        at java.base/jdk.internal.reflect.NativeMethodAccessorImpl.invoke0(Native Method)
        at java.base/jdk.internal.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:77)
        at java.base/jdk.internal.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:43)
        at java.base/java.lang.reflect.Method.invoke(Method.java:568)
        at org.springframework.boot.loader.launch.Launcher.launch(Launcher.java:102)
        at org.springframework.boot.loader.launch.Launcher.launch(Launcher.java:64)
        at org.springframework.boot.loader.launch.JarLauncher.main(JarLauncher.java:40)
2024-10-15 16:49:03.691 [] [main] INFO  com.hp.novaback.NovaBackApplication.logStarting [50] : Starting NovaBackApplication v0.0.1-SNAPSHOT using Java 17.0.11 with PID 401410 (/usr/novaback/nova-back-java-0.0.1-SNAPSHOT.jar started by root in /usr/novaback)



 


 图六




 


5,我再次把报错信息send给chatgpt这次它的答案不太准确


 


图七




 


图八


 




 


图九


 




 


图十


 




 







标签:webmvc,java,spring,boot,springframework,SpringApplication,org,chatgpt	

From: https://www.cnblogs.com/xiaohanlin/p/18468080
      

      




      

      

        
相关文章

        

          
        

      

    

    

      
赞助商

      




      

      
阅读排行

      

        
      

    

  





  
 
    
网站主页关于我们联系我们网站地图 

    
本网站内容转载自其他媒体,侵权联系[admin##ips99.com]。 

    
Copyright © 2020-2023  IPS99  版权所有 IPS99