From acb48179ab00e167747fa4a3e4fd3b94c78aeda5 Mon Sep 17 00:00:00 2001
From: zhangdaiscott <zhangdaiscott@163.com>
Date: Tue, 15 Aug 2023 17:45:07 +0800
Subject: [PATCH] =?UTF-8?q?=E3=80=90=E6=BC=8F=E6=B4=9E=E5=A4=84=E7=90=86?=
 =?UTF-8?q?=E3=80=91freemarker=E6=A8=A1=E6=9D=BF=E6=B3=A8=E5=85=A5?=
 =?UTF-8?q?=E9=97=AE=E9=A2=98=20=E7=A6=81=E6=AD=A2=E8=A7=A3=E6=9E=90Object?=
 =?UTF-8?q?Constructor=EF=BC=8CExecute?=
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit

（提示：部分依赖尚未上传maven官仓，依赖下载失败请配置jeecg私服）
---
 .../util/dynamic/db/FreemarkerParseFactory.java      | 10 +++++-----
 pom.xml                                              | 12 ++++++------
 2 files changed, 11 insertions(+), 11 deletions(-)

diff --git a/jeecg-boot-base-core/src/main/java/org/jeecg/common/util/dynamic/db/FreemarkerParseFactory.java b/jeecg-boot-base-core/src/main/java/org/jeecg/common/util/dynamic/db/FreemarkerParseFactory.java
index 90b7c446..f59f4057 100644
--- a/jeecg-boot-base-core/src/main/java/org/jeecg/common/util/dynamic/db/FreemarkerParseFactory.java
+++ b/jeecg-boot-base-core/src/main/java/org/jeecg/common/util/dynamic/db/FreemarkerParseFactory.java
@@ -34,11 +34,11 @@ public class FreemarkerParseFactory {
     /**
      * 文件缓存
      */
-    private static final Configuration TPL_CONFIG = new Configuration();
+    private static final Configuration TPL_CONFIG = new Configuration(Configuration.DEFAULT_INCOMPATIBLE_IMPROVEMENTS);
     /**
      * SQL 缓存
      */
-    private static final Configuration SQL_CONFIG = new Configuration();
+    private static final Configuration SQL_CONFIG = new Configuration(Configuration.DEFAULT_INCOMPATIBLE_IMPROVEMENTS);
 
     private static StringTemplateLoader stringTemplateLoader = new StringTemplateLoader();
 
@@ -47,8 +47,7 @@ public class FreemarkerParseFactory {
             .compile("(?ms)/\\*.*?\\*/|^\\s*//.*?$");
 
     static {
-        TPL_CONFIG.setClassForTemplateLoading(
-                new FreemarkerParseFactory().getClass(), "/");
+        TPL_CONFIG.setClassForTemplateLoading(new FreemarkerParseFactory().getClass(), "/");
         TPL_CONFIG.setNumberFormat("0.#####################");
         SQL_CONFIG.setTemplateLoader(stringTemplateLoader);
         SQL_CONFIG.setNumberFormat("0.#####################");
@@ -57,6 +56,7 @@ public class FreemarkerParseFactory {
 
         //update-begin-author:taoyan date:2022-8-10 for: freemarker模板注入问题 禁止解析ObjectConstructor，Execute和freemarker.template.utility.JythonRuntime。
         //https://ackcent.com/in-depth-freemarker-template-injection/
+        TPL_CONFIG.setNewBuiltinClassResolver(TemplateClassResolver.SAFER_RESOLVER);
         SQL_CONFIG.setNewBuiltinClassResolver(TemplateClassResolver.SAFER_RESOLVER);
         //update-end-author:taoyan date:2022-8-10 for: freemarker模板注入问题 禁止解析ObjectConstructor，Execute和freemarker.template.utility.JythonRuntime。
     }
@@ -169,7 +169,7 @@ public class FreemarkerParseFactory {
         //"where and"
         String whereAnd = DataBaseConstant.SQL_WHERE+" and";
         //", where"
-        String commaWhere = SymbolConstant.COMMA+" "+DataBaseConstant.SQL_WHERE;
+        String commaWhere = SymbolConstant.COMMA+" "+ DataBaseConstant.SQL_WHERE;
         //", "
         String commaSpace = SymbolConstant.COMMA + " ";
         if (sql.endsWith(DataBaseConstant.SQL_WHERE) || sql.endsWith(whereSpace)) {
diff --git a/pom.xml b/pom.xml
index 867a9e14..2d974692 100644
--- a/pom.xml
+++ b/pom.xml
@@ -49,13 +49,13 @@
 		<hutool.version>5.3.8</hutool.version>
 
 		<!-- 持久层 -->
-		<mybatis-plus.version>3.5.1</mybatis-plus.version>
+		<mybatis-plus.version>3.5.3</mybatis-plus.version>
 		<dynamic-datasource-spring-boot-starter.version>3.2.0</dynamic-datasource-spring-boot-starter.version>
 		<druid.version>1.1.22</druid.version>
-		<minidao.version>1.9.1</minidao.version>
+		<minidao.version>1.9.2</minidao.version>
 
 		<!-- 积木报表-->
-		<jimureport-spring-boot-starter.version>1.5.9</jimureport-spring-boot-starter.version>
+		<jimureport-spring-boot-starter.version>1.6.1</jimureport-spring-boot-starter.version>
 		<commons.version>2.6</commons.version>
 		<aliyun-java-sdk-dysmsapi.version>2.1.0</aliyun-java-sdk-dysmsapi.version>
 		<aliyun.oss.version>3.11.2</aliyun.oss.version>
@@ -63,7 +63,7 @@
 		<shiro.version>1.12.0</shiro.version>
 		<java-jwt.version>3.11.0</java-jwt.version>
 		<shiro-redis.version>3.1.0</shiro-redis.version>
-		<codegenerate.version>1.4.3</codegenerate.version>
+		<codegenerate.version>1.4.4</codegenerate.version>
 		<autopoi-web.version>1.4.5</autopoi-web.version>
 		<minio.version>8.0.3</minio.version>
 		<justauth-spring-boot-starter.version>1.3.4</justauth-spring-boot-starter.version>
@@ -235,7 +235,7 @@
 			<dependency>
 				<groupId>org.jeecgframework.boot</groupId>
 				<artifactId>hibernate-re</artifactId>
-				<version>3.5.3-beta</version>
+				<version>3.5.3</version>
 			</dependency>
 
 			<!--mongon db-->
@@ -317,7 +317,7 @@
 			<dependency>
 				<groupId>org.jeecgframework</groupId>
 				<artifactId>jeewx-api</artifactId>
-				<version>1.5.1</version>
+				<version>1.5.2</version>
 				<exclusions>
 					<exclusion>
 						<artifactId>commons-beanutils</artifactId>