DMC/scipro
7
0
Fork 0
Code Issues44 Pull Requests6 Actions Projects1 Releases Wiki Activity

3080 Uppgraderade maven-dependencies förslf4j, log4j, wicket (implicit file-upload som hade vulnerability), mysql (fick bort protobuf som mysql hade uppgraderat), junit, mockito, jersey, jackson, surefire, maven-compiler. Lade till versions-plugin.

Browse Source
This commit is contained in:
nikos dimitrakas 2023-04-28 12:13:28 +02:00
parent 5a3e0f7dc8
commit 76756610ad
1 changed files with 16 additions and 20 deletions

36
pom.xml

@ -20,26 +20,26 @@
<project.reporting.outputEncoding>UTF-8</project.reporting.outputEncoding>
<!-- Dependency versions -->
<slf4j.version>2.0.5</slf4j.version>
<log4j2.version>2.19.0</log4j2.version>
<wicket.version>9.12.0</wicket.version>
<slf4j.version>2.0.7</slf4j.version>
<log4j2.version>2.20.0</log4j2.version>
<wicket.version>9.13.0</wicket.version>
<!-- See https://hibernate.org/orm/releases/ for which version Hibernate implements -->
<jakarta.persistence-api.version>3.1.0</jakarta.persistence-api.version>
<hibernate.version>6.1.5.Final</hibernate.version>
<mysql-connector-java.version>8.0.31</mysql-connector-java.version>
<mysql-connector-java.version>8.0.33</mysql-connector-java.version>
<protobuf-java.version>3.19.6</protobuf-java.version>
<querydsl.version>5.0.0</querydsl.version>
<jakarta.servlet.version>4.0.4</jakarta.servlet.version>
<junit.version>5.9.1</junit.version>
<junit.version>5.9.3</junit.version>
<hsqldb.version>2.7.1</hsqldb.version>
<mockito.version>4.9.0</mockito.version>
<mockito.version>5.3.1</mockito.version>
<flyway.version>4.2.0</flyway.version>
<jersey.version>3.1.0</jersey.version>
<jersey.version>3.1.1</jersey.version>
<guice.version>5.1.0</guice.version>
<poi.version>5.2.3</poi.version>
<jackson.version>2.14.2</jackson.version>
<jackson.version>2.15.0</jackson.version>
<!-- Database stuff -->
<database.showSql>false</database.showSql>
@ -130,15 +130,6 @@
<!-- and upgrade to the appropriate patched version -->
<version>${mysql-connector-java.version}</version>
</dependency>
<dependency>
<!-- transitive dependency of mysql-connector-java -->
<!-- it depends on version 3.19.4 which has a security vulnerability -->
<!-- when updating mysql-connector-java check which version it depends on -->
<!-- and upgrade to the appropriate patched version of protobuf-java -->
<groupId>com.google.protobuf</groupId>
<artifactId>protobuf-java</artifactId>
<version>${protobuf-java.version}</version>
</dependency>
<!--QueryDSL-->
<dependency>
@ -327,12 +318,17 @@
<plugin>
<groupId>org.apache.maven.plugins</groupId>
<artifactId>maven-dependency-plugin</artifactId>
<version>3.3.0</version>
<version>3.5.0</version>
</plugin>
<plugin>
<groupId>org.codehaus.mojo</groupId>
<artifactId>versions-maven-plugin</artifactId>
<version>2.15.0</version>
</plugin>
<plugin>
<groupId>org.apache.maven.plugins</groupId>
<artifactId>maven-surefire-plugin</artifactId>
<version>3.0.0-M5</version>
<version>3.0.0</version>
<configuration>
<systemPropertyVariables>
<wicket.ioc.useByteBuddy>true</wicket.ioc.useByteBuddy>
@ -343,7 +339,7 @@
<groupId>org.apache.maven.plugins</groupId>
<artifactId>maven-compiler-plugin</artifactId>
<inherited>true</inherited>
<version>3.10.1</version>
<version>3.11.0</version>
<configuration>
<release>17</release>
<showDeprecation>true</showDeprecation>