From 9f8ba4aaa78128e7dda82b7beda322d43589d75f Mon Sep 17 00:00:00 2001 From: Oliver Bertuch Date: Mon, 16 May 2022 15:58:42 +0200 Subject: [PATCH 01/84] build: add Sonarcloud coverage and quality checks --- .github/workflows/maven-branch-checks.yml | 36 +++++++++++++++ .github/workflows/maven-pr-checks.yml | 14 +++++- pom.xml | 54 ++++++++++++++++++++--- 3 files changed, 96 insertions(+), 8 deletions(-) create mode 100644 .github/workflows/maven-branch-checks.yml diff --git a/.github/workflows/maven-branch-checks.yml b/.github/workflows/maven-branch-checks.yml new file mode 100644 index 0000000..56bdcb3 --- /dev/null +++ b/.github/workflows/maven-branch-checks.yml @@ -0,0 +1,36 @@ +name: Branch Push Verification and Security Scan +on: + push: + branches: + - main + - jakarta +jobs: + verify: + runs-on: ubuntu-latest + strategy: + matrix: + java: [11,17] + steps: + - uses: actions/checkout@v3 + - name: Set up Maven Central Repository + uses: actions/setup-java@v3 + with: + java-version: ${{ matrix.java }} + distribution: 'adopt' + - name: Cache SonarCloud packages + uses: actions/cache@v1 + with: + path: ~/.sonar/cache + key: ${{ runner.os }}-sonar + restore-keys: ${{ runner.os }}-sonar + - name: Cache Maven packages + uses: actions/cache@v3 + with: + path: ~/.m2 + key: ${{ runner.os }}-m2-${{ hashFiles('**/pom.xml') }} + restore-keys: ${{ runner.os }}-m2 + - name: Scan with Sonarcloud + env: + GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }} # Needed to get PR information, if any + SONAR_TOKEN: ${{ secrets.SONAR_TOKEN }} + run: mvn -B -Pcoverage -Djdk.version=${{ matrix.java }} verify org.sonarsource.scanner.maven:sonar-maven-plugin:sonar diff --git a/.github/workflows/maven-pr-checks.yml b/.github/workflows/maven-pr-checks.yml index edc772d..9fae0af 100644 --- a/.github/workflows/maven-pr-checks.yml +++ b/.github/workflows/maven-pr-checks.yml @@ -14,15 +14,25 @@ jobs: with: java-version: ${{ matrix.java }} distribution: 'adopt' + - name: Cache SonarCloud packages + uses: actions/cache@v1 + with: + path: ~/.sonar/cache + key: ${{ runner.os }}-sonar + restore-keys: ${{ runner.os }}-sonar - name: Cache Maven packages uses: actions/cache@v3 with: path: ~/.m2 key: ${{ runner.os }}-m2-${{ hashFiles('**/pom.xml') }} restore-keys: ${{ runner.os }}-m2 - - name: Build, test, verify - run: mvn -B verify -Djdk.version=${{ matrix.java }} + - name: Build, test, verify and send to Sonarcloud + env: + GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }} # Needed to get PR information, if any + SONAR_TOKEN: ${{ secrets.SONAR_TOKEN }} + run: mvn -B -Pcoverage -Djdk.version=${{ matrix.java }} verify org.sonarsource.scanner.maven:sonar-maven-plugin:sonar - name: Scan with OWASP + if: always() # do not skip this step if Sonarcloud/verify fails the mvn build run: mvn -B -Powasp dependency-check:check - name: Upload scan results as SARIF report to GitHub Security Tab uses: github/codeql-action/upload-sarif@v2 diff --git a/pom.xml b/pom.xml index d0c428a..4ece8cb 100644 --- a/pom.xml +++ b/pom.xml @@ -248,9 +248,6 @@ **/it/** - - ${project.build.directory}/test-reports/unit - @@ -275,9 +272,6 @@ **/it/** - - ${project.build.directory}/test-reports/it - @@ -418,6 +412,54 @@ + + coverage + + https://sonarcloud.io + gdcc + gdcc_sword2 + ${project.groupId}:${project.artifactId} + 0.8.8 + 3.9.1.2184 + + + + + + org.sonarsource.scanner.maven + sonar-maven-plugin + ${sonar.version} + + + + + + org.jacoco + jacoco-maven-plugin + ${jacoco.version} + + + prepare-agent + + prepare-agent + + + + report + + report + + + + XML + + + + + + + + From 451c7ccee8c817320d6600ded2f3dff9b87aada3 Mon Sep 17 00:00:00 2001 From: Oliver Bertuch Date: Mon, 16 May 2022 16:41:22 +0200 Subject: [PATCH 02/84] ci(verify): do not use a shallow clone to enable better Sonarcloud analysis --- .github/workflows/maven-branch-checks.yml | 2 ++ .github/workflows/maven-pr-checks.yml | 2 ++ 2 files changed, 4 insertions(+) diff --git a/.github/workflows/maven-branch-checks.yml b/.github/workflows/maven-branch-checks.yml index 56bdcb3..9071e78 100644 --- a/.github/workflows/maven-branch-checks.yml +++ b/.github/workflows/maven-branch-checks.yml @@ -12,6 +12,8 @@ jobs: java: [11,17] steps: - uses: actions/checkout@v3 + with: + fetch-depth: 0 # Shallow clones should be disabled for a better relevancy of analysis - name: Set up Maven Central Repository uses: actions/setup-java@v3 with: diff --git a/.github/workflows/maven-pr-checks.yml b/.github/workflows/maven-pr-checks.yml index 9fae0af..d1bd393 100644 --- a/.github/workflows/maven-pr-checks.yml +++ b/.github/workflows/maven-pr-checks.yml @@ -9,6 +9,8 @@ jobs: java: [11,17] steps: - uses: actions/checkout@v3 + with: + fetch-depth: 0 # Shallow clones should be disabled for a better relevancy of analysis - name: Set up Maven Central Repository uses: actions/setup-java@v3 with: From 6cf87479379889dc3d5c0e507babd2a72b93500a Mon Sep 17 00:00:00 2001 From: Renovate Bot Date: Sat, 28 May 2022 12:09:41 +0000 Subject: [PATCH 03/84] chore(deps): update pmd.version to v6.46.0 --- pom.xml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/pom.xml b/pom.xml index 4ece8cb..98db2aa 100644 --- a/pom.xml +++ b/pom.xml @@ -41,7 +41,7 @@ 3.0.0-M5 3.0.1 7.1.0 - 6.45.0 + 6.46.0 scm:git:https://github.com/gdcc/${project.artifactId}.git From bde16deca6365f4fcd24571f69fda3e1b66ae811 Mon Sep 17 00:00:00 2001 From: Renovate Bot Date: Sun, 29 May 2022 15:33:32 +0000 Subject: [PATCH 04/84] chore(deps): update dependency com.puppycrawl.tools:checkstyle to v10.3 --- pom.xml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/pom.xml b/pom.xml index 4ece8cb..ef3a4b3 100644 --- a/pom.xml +++ b/pom.xml @@ -218,7 +218,7 @@ com.puppycrawl.tools checkstyle - 10.2 + 10.3 From 1830b49579b94ae620eca7857342418f1664c517 Mon Sep 17 00:00:00 2001 From: Renovate Bot Date: Sat, 4 Jun 2022 18:16:21 +0000 Subject: [PATCH 05/84] chore(deps): update dependency org.apache.maven.plugins:maven-pmd-plugin to v3.17.0 --- pom.xml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/pom.xml b/pom.xml index f8ea4dc..bcd5978 100644 --- a/pom.xml +++ b/pom.xml @@ -174,7 +174,7 @@ org.apache.maven.plugins maven-pmd-plugin - 3.16.0 + 3.17.0 pmd.xml From 871ada3e9e52d2c914dff685e9ab4908d4b56a72 Mon Sep 17 00:00:00 2001 From: Renovate Bot Date: Tue, 7 Jun 2022 00:14:47 +0000 Subject: [PATCH 06/84] chore(deps): update dependency org.apache.maven.plugins:maven-failsafe-plugin to v3.0.0-m7 --- pom.xml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/pom.xml b/pom.xml index f8ea4dc..d9ed1cc 100644 --- a/pom.xml +++ b/pom.xml @@ -37,7 +37,7 @@ 3.3.0 3.12.0 3.0.0-M6 - 3.0.0-M6 + 3.0.0-M7 3.0.0-M5 3.0.1 7.1.0 From 59591b97e0861a54bffe014186d48babada15f3e Mon Sep 17 00:00:00 2001 From: Renovate Bot Date: Sun, 12 Jun 2022 14:28:40 +0000 Subject: [PATCH 07/84] chore(deps): update dependency org.owasp:dependency-check-maven to v7.1.1 --- pom.xml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/pom.xml b/pom.xml index f8ea4dc..2900b84 100644 --- a/pom.xml +++ b/pom.xml @@ -40,7 +40,7 @@ 3.0.0-M6 3.0.0-M5 3.0.1 - 7.1.0 + 7.1.1 6.46.0 From 7532c7fa378110817a85ed6d52c09dd8f1029b32 Mon Sep 17 00:00:00 2001 From: "renovate[bot]" <29139614+renovate[bot]@users.noreply.github.com> Date: Sat, 25 Jun 2022 09:42:03 +0000 Subject: [PATCH 08/84] chore(deps): update pmd.version to v6.47.0 --- pom.xml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/pom.xml b/pom.xml index 2900b84..1048d1b 100644 --- a/pom.xml +++ b/pom.xml @@ -41,7 +41,7 @@ 3.0.0-M5 3.0.1 7.1.1 - 6.46.0 + 6.47.0 scm:git:https://github.com/gdcc/${project.artifactId}.git From 76ddc886a08acd9749192b2bedbd0f3363653195 Mon Sep 17 00:00:00 2001 From: "renovate[bot]" <29139614+renovate[bot]@users.noreply.github.com> Date: Sun, 24 Jul 2022 18:30:26 +0000 Subject: [PATCH 09/84] chore(deps): update dependency com.github.spotbugs:spotbugs-maven-plugin to v4.7.1.1 --- pom.xml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/pom.xml b/pom.xml index 1048d1b..a88204f 100644 --- a/pom.xml +++ b/pom.xml @@ -156,7 +156,7 @@ com.github.spotbugs spotbugs-maven-plugin - 4.6.0.0 + 4.7.1.1 ${skipAnalysis} spotbugsExcludeFilter.xml From 6a547720c70ee3bb4b665bfd0acac1842c023836 Mon Sep 17 00:00:00 2001 From: "renovate[bot]" <29139614+renovate[bot]@users.noreply.github.com> Date: Tue, 26 Jul 2022 19:34:24 +0000 Subject: [PATCH 10/84] chore(deps): update dependency org.junit.jupiter:junit-jupiter to v5.9.0 --- pom.xml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/pom.xml b/pom.xml index 1048d1b..05eac4f 100644 --- a/pom.xml +++ b/pom.xml @@ -521,7 +521,7 @@ org.junit.jupiter junit-jupiter - 5.8.2 + 5.9.0 test From c54013057e938cf45872a15ca2521bfcead18e8d Mon Sep 17 00:00:00 2001 From: "renovate[bot]" <29139614+renovate[bot]@users.noreply.github.com> Date: Sat, 30 Jul 2022 12:15:54 +0000 Subject: [PATCH 11/84] chore(deps): update pmd.version to v6.48.0 --- pom.xml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/pom.xml b/pom.xml index 555b296..8cf753a 100644 --- a/pom.xml +++ b/pom.xml @@ -41,7 +41,7 @@ 3.0.0-M5 3.0.1 7.1.1 - 6.47.0 + 6.48.0 scm:git:https://github.com/gdcc/${project.artifactId}.git From eb5c285294ecfe8a1c89c230573f3b9732aa81bf Mon Sep 17 00:00:00 2001 From: "renovate[bot]" <29139614+renovate[bot]@users.noreply.github.com> Date: Sun, 31 Jul 2022 16:18:21 +0000 Subject: [PATCH 12/84] chore(deps): update dependency com.puppycrawl.tools:checkstyle to v10.3.2 --- pom.xml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/pom.xml b/pom.xml index 8cf753a..4aef125 100644 --- a/pom.xml +++ b/pom.xml @@ -218,7 +218,7 @@ com.puppycrawl.tools checkstyle - 10.3 + 10.3.2 From 719c7416a8ca420332a348ea2913f4f06d79c8e1 Mon Sep 17 00:00:00 2001 From: "renovate[bot]" <29139614+renovate[bot]@users.noreply.github.com> Date: Sun, 31 Jul 2022 18:43:06 +0000 Subject: [PATCH 13/84] chore(deps): update dependency org.apache.maven.plugins:maven-release-plugin to v3.0.0-m6 --- pom.xml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/pom.xml b/pom.xml index 4aef125..5797c48 100644 --- a/pom.xml +++ b/pom.xml @@ -296,7 +296,7 @@ org.apache.maven.plugins maven-release-plugin - 3.0.0-M5 + 3.0.0-M6 From 749022a3ff6bd49190db34351a25e8ab3c3f44a2 Mon Sep 17 00:00:00 2001 From: "renovate[bot]" <29139614+renovate[bot]@users.noreply.github.com> Date: Thu, 4 Aug 2022 12:00:50 +0000 Subject: [PATCH 14/84] chore(deps): update dependency org.apache.maven.plugins:maven-site-plugin to v3.12.1 --- pom.xml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/pom.xml b/pom.xml index 5797c48..6ff89d6 100644 --- a/pom.xml +++ b/pom.xml @@ -35,7 +35,7 @@ 3.10.1 3.2.2 3.3.0 - 3.12.0 + 3.12.1 3.0.0-M6 3.0.0-M6 3.0.0-M5 From ec2717ef6a487b814ada7930927d2bd8b8b3fa4e Mon Sep 17 00:00:00 2001 From: "renovate[bot]" <29139614+renovate[bot]@users.noreply.github.com> Date: Tue, 9 Aug 2022 08:22:14 +0000 Subject: [PATCH 15/84] chore(deps): update dependency org.apache.maven.plugins:maven-surefire-plugin to v3.0.0-m7 --- pom.xml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/pom.xml b/pom.xml index b1339c0..7f4b8b8 100644 --- a/pom.xml +++ b/pom.xml @@ -36,7 +36,7 @@ 3.2.2 3.3.0 3.12.1 - 3.0.0-M6 + 3.0.0-M7 3.0.0-M7 3.0.0-M5 3.0.1 From 124089999d049da30cd81d52a0a565bb79d9611e Mon Sep 17 00:00:00 2001 From: "renovate[bot]" <29139614+renovate[bot]@users.noreply.github.com> Date: Sat, 13 Aug 2022 22:11:19 +0000 Subject: [PATCH 16/84] chore(deps): update dependency org.apache.maven.plugins:maven-javadoc-plugin to v3.4.1 --- pom.xml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/pom.xml b/pom.xml index 1a7710d..9554b14 100644 --- a/pom.xml +++ b/pom.xml @@ -323,7 +323,7 @@ org.apache.maven.plugins maven-javadoc-plugin - 3.4.0 + 3.4.1 attach-javadocs From ee3177ba3463882883e52f619754afe2f3ef5e0c Mon Sep 17 00:00:00 2001 From: "renovate[bot]" <29139614+renovate[bot]@users.noreply.github.com> Date: Tue, 16 Aug 2022 22:43:56 +0000 Subject: [PATCH 17/84] chore(deps): update dependency org.codehaus.mojo:flatten-maven-plugin to v1.3.0 --- pom.xml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/pom.xml b/pom.xml index 9554b14..b18aacd 100644 --- a/pom.xml +++ b/pom.xml @@ -353,7 +353,7 @@ org.codehaus.mojo flatten-maven-plugin - 1.2.7 + 1.3.0 true oss From 3a642bf0a6cec237d7f81bc1454b8c94bb58ca42 Mon Sep 17 00:00:00 2001 From: "renovate[bot]" <29139614+renovate[bot]@users.noreply.github.com> Date: Sat, 20 Aug 2022 12:56:54 +0000 Subject: [PATCH 18/84] chore(deps): update dependency org.owasp:dependency-check-maven to v7.1.2 --- pom.xml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/pom.xml b/pom.xml index b18aacd..c133823 100644 --- a/pom.xml +++ b/pom.xml @@ -40,7 +40,7 @@ 3.0.0-M7 3.0.0-M5 3.0.1 - 7.1.1 + 7.1.2 6.48.0 From e4fbe6fc7b0cb2fee91d187faa491474e6280059 Mon Sep 17 00:00:00 2001 From: "renovate[bot]" <29139614+renovate[bot]@users.noreply.github.com> Date: Tue, 23 Aug 2022 21:16:37 +0000 Subject: [PATCH 19/84] chore(deps): update dependency org.apache.maven.plugins:maven-checkstyle-plugin to v3.2.0 --- pom.xml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/pom.xml b/pom.xml index c133823..c2a9146 100644 --- a/pom.xml +++ b/pom.xml @@ -207,7 +207,7 @@ org.apache.maven.plugins maven-checkstyle-plugin - 3.1.2 + 3.2.0 checkstyle.xml UTF-8 From 26398d6d7a2bb305da5475b2c93b93e417dc41cc Mon Sep 17 00:00:00 2001 From: "renovate[bot]" <29139614+renovate[bot]@users.noreply.github.com> Date: Sun, 28 Aug 2022 14:58:36 +0000 Subject: [PATCH 20/84] chore(deps): update dependency com.puppycrawl.tools:checkstyle to v10.3.3 --- pom.xml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/pom.xml b/pom.xml index c133823..4c241e3 100644 --- a/pom.xml +++ b/pom.xml @@ -218,7 +218,7 @@ com.puppycrawl.tools checkstyle - 10.3.2 + 10.3.3 From 8d26970550ffe35ebdcd1afb7cb3a4dbb3ce2246 Mon Sep 17 00:00:00 2001 From: "renovate[bot]" <29139614+renovate[bot]@users.noreply.github.com> Date: Wed, 31 Aug 2022 20:55:38 +0000 Subject: [PATCH 21/84] chore(deps): update pmd.version to v6.49.0 --- pom.xml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/pom.xml b/pom.xml index c133823..2b6ce94 100644 --- a/pom.xml +++ b/pom.xml @@ -41,7 +41,7 @@ 3.0.0-M5 3.0.1 7.1.2 - 6.48.0 + 6.49.0 scm:git:https://github.com/gdcc/${project.artifactId}.git From c534e0471c7251b0f35824c65b64984135581390 Mon Sep 17 00:00:00 2001 From: "renovate[bot]" <29139614+renovate[bot]@users.noreply.github.com> Date: Mon, 5 Sep 2022 20:03:32 +0000 Subject: [PATCH 22/84] chore(deps): update dependency org.apache.maven.plugins:maven-pmd-plugin to v3.19.0 --- pom.xml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/pom.xml b/pom.xml index c133823..40d760a 100644 --- a/pom.xml +++ b/pom.xml @@ -174,7 +174,7 @@ org.apache.maven.plugins maven-pmd-plugin - 3.17.0 + 3.19.0 pmd.xml From 98bcbeda0910038a52614a87252b04436d48fe92 Mon Sep 17 00:00:00 2001 From: "renovate[bot]" <29139614+renovate[bot]@users.noreply.github.com> Date: Tue, 6 Sep 2022 06:36:56 +0000 Subject: [PATCH 23/84] chore(deps): update dependency com.github.spotbugs:spotbugs-maven-plugin to v4.7.2.0 --- pom.xml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/pom.xml b/pom.xml index c133823..7da924b 100644 --- a/pom.xml +++ b/pom.xml @@ -156,7 +156,7 @@ com.github.spotbugs spotbugs-maven-plugin - 4.7.1.1 + 4.7.2.0 ${skipAnalysis} spotbugsExcludeFilter.xml From a379078f83df4145b6b642395949846fdd3e3a1a Mon Sep 17 00:00:00 2001 From: "renovate[bot]" <29139614+renovate[bot]@users.noreply.github.com> Date: Wed, 7 Sep 2022 17:37:55 +0000 Subject: [PATCH 24/84] fix(deps): update dependency org.apache.jena:jena-core to v4.6.1 --- pom.xml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/pom.xml b/pom.xml index c133823..3d49d61 100644 --- a/pom.xml +++ b/pom.xml @@ -25,7 +25,7 @@ 4.0.4 1.1.3 1.4 - 4.5.0 + 4.6.1 1.7.36 From f71c0dc19f776ccc7c3ced95db0583f6e50dfae8 Mon Sep 17 00:00:00 2001 From: "renovate[bot]" <29139614+renovate[bot]@users.noreply.github.com> Date: Thu, 8 Sep 2022 06:05:59 +0000 Subject: [PATCH 25/84] chore(deps): update actions/cache action to v3 --- .github/workflows/maven-branch-checks.yml | 2 +- .github/workflows/maven-pr-checks.yml | 2 +- 2 files changed, 2 insertions(+), 2 deletions(-) diff --git a/.github/workflows/maven-branch-checks.yml b/.github/workflows/maven-branch-checks.yml index 9071e78..914a508 100644 --- a/.github/workflows/maven-branch-checks.yml +++ b/.github/workflows/maven-branch-checks.yml @@ -20,7 +20,7 @@ jobs: java-version: ${{ matrix.java }} distribution: 'adopt' - name: Cache SonarCloud packages - uses: actions/cache@v1 + uses: actions/cache@v3 with: path: ~/.sonar/cache key: ${{ runner.os }}-sonar diff --git a/.github/workflows/maven-pr-checks.yml b/.github/workflows/maven-pr-checks.yml index d1bd393..a2a1b2d 100644 --- a/.github/workflows/maven-pr-checks.yml +++ b/.github/workflows/maven-pr-checks.yml @@ -17,7 +17,7 @@ jobs: java-version: ${{ matrix.java }} distribution: 'adopt' - name: Cache SonarCloud packages - uses: actions/cache@v1 + uses: actions/cache@v3 with: path: ~/.sonar/cache key: ${{ runner.os }}-sonar From 5e04467a85686c49610fac69231d30da4d5932ee Mon Sep 17 00:00:00 2001 From: "renovate[bot]" <29139614+renovate[bot]@users.noreply.github.com> Date: Wed, 14 Sep 2022 18:48:02 +0000 Subject: [PATCH 26/84] chore(deps): update dependency org.owasp:dependency-check-maven to v7.2.0 --- pom.xml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/pom.xml b/pom.xml index 17a35b0..b2e6bb5 100644 --- a/pom.xml +++ b/pom.xml @@ -40,7 +40,7 @@ 3.0.0-M7 3.0.0-M5 3.0.1 - 7.1.2 + 7.2.0 6.49.0 From 423d0a343bd2cf3628b2a2da51bd516536c33d3f Mon Sep 17 00:00:00 2001 From: "renovate[bot]" <29139614+renovate[bot]@users.noreply.github.com> Date: Fri, 16 Sep 2022 09:58:17 +0000 Subject: [PATCH 27/84] chore(deps): update dependency org.apache.maven.plugins:maven-jar-plugin to v3.3.0 --- pom.xml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/pom.xml b/pom.xml index 17a35b0..222e1ac 100644 --- a/pom.xml +++ b/pom.xml @@ -33,7 +33,7 @@ 3.10.1 - 3.2.2 + 3.3.0 3.3.0 3.12.1 3.0.0-M7 From 11b2227b7c4936d13e011d0f15f08992b97919a9 Mon Sep 17 00:00:00 2001 From: "renovate[bot]" <29139614+renovate[bot]@users.noreply.github.com> Date: Sat, 17 Sep 2022 17:23:23 +0000 Subject: [PATCH 28/84] chore(deps): update dependency org.kordamp.maven:pomchecker-maven-plugin to v1.3.0 --- pom.xml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/pom.xml b/pom.xml index 17a35b0..aaac738 100644 --- a/pom.xml +++ b/pom.xml @@ -291,7 +291,7 @@ org.kordamp.maven pomchecker-maven-plugin - 1.2.0 + 1.3.0 org.apache.maven.plugins From 98cd4dd96adb5ba86fcfd59b405432ec82e7abc3 Mon Sep 17 00:00:00 2001 From: "renovate[bot]" <29139614+renovate[bot]@users.noreply.github.com> Date: Tue, 20 Sep 2022 11:45:05 +0000 Subject: [PATCH 29/84] chore(deps): update dependency org.owasp:dependency-check-maven to v7.2.1 --- pom.xml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/pom.xml b/pom.xml index 3a37551..1d1ef22 100644 --- a/pom.xml +++ b/pom.xml @@ -40,7 +40,7 @@ 3.0.0-M7 3.0.0-M5 3.0.1 - 7.2.0 + 7.2.1 6.49.0 From 99aad10008a7c7bd3babd0d6d82d4ef9d373111d Mon Sep 17 00:00:00 2001 From: "renovate[bot]" <29139614+renovate[bot]@users.noreply.github.com> Date: Tue, 20 Sep 2022 20:39:43 +0000 Subject: [PATCH 30/84] chore(deps): update dependency org.junit.jupiter:junit-jupiter to v5.9.1 --- pom.xml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/pom.xml b/pom.xml index 3a37551..b658443 100644 --- a/pom.xml +++ b/pom.xml @@ -521,7 +521,7 @@ org.junit.jupiter junit-jupiter - 5.9.0 + 5.9.1 test From e4dfcde37575b3c870e8d89a36bf19737b829efc Mon Sep 17 00:00:00 2001 From: "renovate[bot]" <29139614+renovate[bot]@users.noreply.github.com> Date: Mon, 26 Sep 2022 01:33:13 +0000 Subject: [PATCH 31/84] chore(deps): update dependency com.puppycrawl.tools:checkstyle to v10.3.4 --- pom.xml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/pom.xml b/pom.xml index 1494742..f1e629f 100644 --- a/pom.xml +++ b/pom.xml @@ -218,7 +218,7 @@ com.puppycrawl.tools checkstyle - 10.3.3 + 10.3.4 From 838d8b78bb049e27f6cc1c7ea44333758f553af6 Mon Sep 17 00:00:00 2001 From: "renovate[bot]" <29139614+renovate[bot]@users.noreply.github.com> Date: Sat, 8 Oct 2022 04:47:58 +0000 Subject: [PATCH 32/84] chore(deps): update dependency com.github.spotbugs:spotbugs-maven-plugin to v4.7.2.1 --- pom.xml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/pom.xml b/pom.xml index 1494742..586b6bc 100644 --- a/pom.xml +++ b/pom.xml @@ -156,7 +156,7 @@ com.github.spotbugs spotbugs-maven-plugin - 4.7.2.0 + 4.7.2.1 ${skipAnalysis} spotbugsExcludeFilter.xml From 8fd130b8df92023824048ba1d278f55407b5d872 Mon Sep 17 00:00:00 2001 From: "renovate[bot]" <29139614+renovate[bot]@users.noreply.github.com> Date: Wed, 19 Oct 2022 13:29:09 +0000 Subject: [PATCH 33/84] chore(deps): update dependency org.owasp:dependency-check-maven to v7.3.0 --- pom.xml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/pom.xml b/pom.xml index 1494742..211c88b 100644 --- a/pom.xml +++ b/pom.xml @@ -40,7 +40,7 @@ 3.0.0-M7 3.0.0-M5 3.0.1 - 7.2.1 + 7.3.0 6.49.0 From 3aa721e7b69fc3b11d5ee25a7b82f780dd67c954 Mon Sep 17 00:00:00 2001 From: "renovate[bot]" <29139614+renovate[bot]@users.noreply.github.com> Date: Sat, 29 Oct 2022 09:25:38 +0000 Subject: [PATCH 34/84] chore(deps): update pmd.version to v6.51.0 --- pom.xml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/pom.xml b/pom.xml index 211c88b..a2b29a7 100644 --- a/pom.xml +++ b/pom.xml @@ -41,7 +41,7 @@ 3.0.0-M5 3.0.1 7.3.0 - 6.49.0 + 6.51.0 scm:git:https://github.com/gdcc/${project.artifactId}.git From 01186b1db65112b053564a651b5375fc49b781de Mon Sep 17 00:00:00 2001 From: "renovate[bot]" <29139614+renovate[bot]@users.noreply.github.com> Date: Sun, 30 Oct 2022 19:52:09 +0000 Subject: [PATCH 35/84] chore(deps): update dependency com.puppycrawl.tools:checkstyle to v10.4 --- pom.xml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/pom.xml b/pom.xml index 44e8b59..0815375 100644 --- a/pom.xml +++ b/pom.xml @@ -218,7 +218,7 @@ com.puppycrawl.tools checkstyle - 10.3.4 + 10.4 From 81de96707a6eca6256e3eedeca40b10f465ff25c Mon Sep 17 00:00:00 2001 From: "renovate[bot]" <29139614+renovate[bot]@users.noreply.github.com> Date: Mon, 31 Oct 2022 19:33:29 +0000 Subject: [PATCH 36/84] chore(deps): update dependency org.kordamp.maven:pomchecker-maven-plugin to v1.4.0 --- pom.xml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/pom.xml b/pom.xml index 0815375..be7ad54 100644 --- a/pom.xml +++ b/pom.xml @@ -291,7 +291,7 @@ org.kordamp.maven pomchecker-maven-plugin - 1.3.0 + 1.4.0 org.apache.maven.plugins From 4d0d962e7664867d8481f9bce91f69a05fb3f78b Mon Sep 17 00:00:00 2001 From: "renovate[bot]" <29139614+renovate[bot]@users.noreply.github.com> Date: Wed, 2 Nov 2022 22:46:35 +0000 Subject: [PATCH 37/84] chore(deps): update dependency org.apache.maven.plugins:maven-release-plugin to v3.0.0-m7 --- pom.xml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/pom.xml b/pom.xml index be7ad54..211a7fd 100644 --- a/pom.xml +++ b/pom.xml @@ -296,7 +296,7 @@ org.apache.maven.plugins maven-release-plugin - 3.0.0-M6 + 3.0.0-M7 From 14135f72ac3f7d80e0d60eb3009453624eb03b2c Mon Sep 17 00:00:00 2001 From: "renovate[bot]" <29139614+renovate[bot]@users.noreply.github.com> Date: Tue, 8 Nov 2022 01:26:54 +0000 Subject: [PATCH 38/84] chore(deps): update dependency com.github.spotbugs:spotbugs-maven-plugin to v4.7.3.0 --- pom.xml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/pom.xml b/pom.xml index 211a7fd..d117ba2 100644 --- a/pom.xml +++ b/pom.xml @@ -156,7 +156,7 @@ com.github.spotbugs spotbugs-maven-plugin - 4.7.2.1 + 4.7.3.0 ${skipAnalysis} spotbugsExcludeFilter.xml From 5139f38863d6d03e5f2d5de762038348f69e60c9 Mon Sep 17 00:00:00 2001 From: "renovate[bot]" <29139614+renovate[bot]@users.noreply.github.com> Date: Sat, 26 Nov 2022 11:23:38 +0000 Subject: [PATCH 39/84] chore(deps): update pmd.version to v6.52.0 --- pom.xml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/pom.xml b/pom.xml index 211a7fd..5e67eef 100644 --- a/pom.xml +++ b/pom.xml @@ -41,7 +41,7 @@ 3.0.0-M5 3.0.1 7.3.0 - 6.51.0 + 6.52.0 scm:git:https://github.com/gdcc/${project.artifactId}.git From 374538312962141a336e25dd27d163545aedc069 Mon Sep 17 00:00:00 2001 From: "renovate[bot]" <29139614+renovate[bot]@users.noreply.github.com> Date: Sun, 27 Nov 2022 21:31:37 +0000 Subject: [PATCH 40/84] chore(deps): update dependency com.puppycrawl.tools:checkstyle to v10.5.0 --- pom.xml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/pom.xml b/pom.xml index 211a7fd..5458031 100644 --- a/pom.xml +++ b/pom.xml @@ -218,7 +218,7 @@ com.puppycrawl.tools checkstyle - 10.4 + 10.5.0 From 3011b186f041630e0800a5667ec201f5937084d6 Mon Sep 17 00:00:00 2001 From: "renovate[bot]" <29139614+renovate[bot]@users.noreply.github.com> Date: Tue, 29 Nov 2022 22:02:54 +0000 Subject: [PATCH 41/84] chore(deps): update dependency org.apache.maven.plugins:maven-dependency-plugin to v3.4.0 --- pom.xml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/pom.xml b/pom.xml index 211a7fd..db3b07a 100644 --- a/pom.xml +++ b/pom.xml @@ -34,7 +34,7 @@ 3.10.1 3.3.0 - 3.3.0 + 3.4.0 3.12.1 3.0.0-M7 3.0.0-M7 From b29489ed3ef4d4e7f2955ff332a8661fef3dfab5 Mon Sep 17 00:00:00 2001 From: "renovate[bot]" <29139614+renovate[bot]@users.noreply.github.com> Date: Mon, 5 Dec 2022 07:51:09 +0000 Subject: [PATCH 42/84] chore(deps): update dependency org.owasp:dependency-check-maven to v7.4.0 --- pom.xml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/pom.xml b/pom.xml index effe661..7bf4f62 100644 --- a/pom.xml +++ b/pom.xml @@ -40,7 +40,7 @@ 3.0.0-M7 3.0.0-M5 3.0.1 - 7.3.0 + 7.4.0 6.52.0 From ed248306d924fa4aa6eea2222a298d6e2d8c4976 Mon Sep 17 00:00:00 2001 From: "renovate[bot]" <29139614+renovate[bot]@users.noreply.github.com> Date: Fri, 9 Dec 2022 12:58:06 +0000 Subject: [PATCH 43/84] chore(deps): update dependency org.owasp:dependency-check-maven to v7.4.1 --- pom.xml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/pom.xml b/pom.xml index 7bf4f62..b4545c3 100644 --- a/pom.xml +++ b/pom.xml @@ -40,7 +40,7 @@ 3.0.0-M7 3.0.0-M5 3.0.1 - 7.4.0 + 7.4.1 6.52.0 From 2df3a8a135056612e1e09a54483cdfedd7c6f4cc Mon Sep 17 00:00:00 2001 From: "renovate[bot]" <29139614+renovate[bot]@users.noreply.github.com> Date: Thu, 29 Dec 2022 12:47:35 +0000 Subject: [PATCH 44/84] chore(deps): update dependency org.owasp:dependency-check-maven to v7.4.3 --- pom.xml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/pom.xml b/pom.xml index b4545c3..459234b 100644 --- a/pom.xml +++ b/pom.xml @@ -40,7 +40,7 @@ 3.0.0-M7 3.0.0-M5 3.0.1 - 7.4.1 + 7.4.3 6.52.0 From 48c0fcdfd86f7cb22eba26af51644a475ba70d24 Mon Sep 17 00:00:00 2001 From: "renovate[bot]" <29139614+renovate[bot]@users.noreply.github.com> Date: Sat, 31 Dec 2022 21:09:12 +0000 Subject: [PATCH 45/84] chore(deps): update dependency com.puppycrawl.tools:checkstyle to v10.6.0 --- pom.xml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/pom.xml b/pom.xml index 459234b..7dd002a 100644 --- a/pom.xml +++ b/pom.xml @@ -218,7 +218,7 @@ com.puppycrawl.tools checkstyle - 10.5.0 + 10.6.0 From eda8a01017ecc931fc60adf5d397b3fa12c3f241 Mon Sep 17 00:00:00 2001 From: "renovate[bot]" <29139614+renovate[bot]@users.noreply.github.com> Date: Tue, 3 Jan 2023 13:19:54 +0000 Subject: [PATCH 46/84] fix(deps): update dependency org.apache.jena:jena-core to v4.7.0 --- pom.xml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/pom.xml b/pom.xml index 459234b..2f97d3e 100644 --- a/pom.xml +++ b/pom.xml @@ -25,7 +25,7 @@ 4.0.4 1.1.3 1.4 - 4.6.1 + 4.7.0 1.7.36 From f775ef4467b7bc97bd834ae26e67c4271376b27a Mon Sep 17 00:00:00 2001 From: "renovate[bot]" <29139614+renovate[bot]@users.noreply.github.com> Date: Fri, 6 Jan 2023 21:15:25 +0000 Subject: [PATCH 47/84] chore(deps): update dependency org.owasp:dependency-check-maven to v7.4.4 --- pom.xml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/pom.xml b/pom.xml index 459234b..a0ac79f 100644 --- a/pom.xml +++ b/pom.xml @@ -40,7 +40,7 @@ 3.0.0-M7 3.0.0-M5 3.0.1 - 7.4.3 + 7.4.4 6.52.0 From b1244ba88f0bebeb6855a9702fd94a7fe66e0133 Mon Sep 17 00:00:00 2001 From: "renovate[bot]" <29139614+renovate[bot]@users.noreply.github.com> Date: Sat, 7 Jan 2023 22:58:15 +0000 Subject: [PATCH 48/84] chore(deps): update dependency org.kordamp.maven:pomchecker-maven-plugin to v1.5.0 --- pom.xml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/pom.xml b/pom.xml index 459234b..00a4380 100644 --- a/pom.xml +++ b/pom.xml @@ -291,7 +291,7 @@ org.kordamp.maven pomchecker-maven-plugin - 1.4.0 + 1.5.0 org.apache.maven.plugins From 0c6c50da1cde64dcbb4e23ea46f1fbb6f93cb9ae Mon Sep 17 00:00:00 2001 From: "renovate[bot]" <29139614+renovate[bot]@users.noreply.github.com> Date: Mon, 9 Jan 2023 06:27:16 +0000 Subject: [PATCH 49/84] chore(deps): update pmd.version to v6.53.0 --- pom.xml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/pom.xml b/pom.xml index 2ead8b5..79507ab 100644 --- a/pom.xml +++ b/pom.xml @@ -41,7 +41,7 @@ 3.0.0-M5 3.0.1 7.4.4 - 6.52.0 + 6.53.0 scm:git:https://github.com/gdcc/${project.artifactId}.git From 98ab838e726e50f77a43425697fa59120dd05a15 Mon Sep 17 00:00:00 2001 From: "renovate[bot]" <29139614+renovate[bot]@users.noreply.github.com> Date: Tue, 10 Jan 2023 13:52:01 +0000 Subject: [PATCH 50/84] chore(deps): update dependency org.junit.jupiter:junit-jupiter to v5.9.2 --- pom.xml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/pom.xml b/pom.xml index ab2ff3a..e18bf14 100644 --- a/pom.xml +++ b/pom.xml @@ -521,7 +521,7 @@ org.junit.jupiter junit-jupiter - 5.9.1 + 5.9.2 test From 5d06f605ee3187f4b8d0a8279288c3c7201fd014 Mon Sep 17 00:00:00 2001 From: "renovate[bot]" <29139614+renovate[bot]@users.noreply.github.com> Date: Thu, 12 Jan 2023 00:39:36 +0000 Subject: [PATCH 51/84] chore(deps): update dependency org.apache.maven.plugins:maven-checkstyle-plugin to v3.2.1 --- pom.xml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/pom.xml b/pom.xml index e18bf14..5e45276 100644 --- a/pom.xml +++ b/pom.xml @@ -207,7 +207,7 @@ org.apache.maven.plugins maven-checkstyle-plugin - 3.2.0 + 3.2.1 checkstyle.xml UTF-8 From f5cc64111870763401b35d10e2e7408dad9fd4f9 Mon Sep 17 00:00:00 2001 From: "renovate[bot]" <29139614+renovate[bot]@users.noreply.github.com> Date: Thu, 12 Jan 2023 04:32:27 +0000 Subject: [PATCH 52/84] chore(deps): update dependency org.apache.maven.plugins:maven-surefire-plugin to v3.0.0-m8 --- pom.xml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/pom.xml b/pom.xml index e18bf14..cbc45d2 100644 --- a/pom.xml +++ b/pom.xml @@ -36,7 +36,7 @@ 3.3.0 3.4.0 3.12.1 - 3.0.0-M7 + 3.0.0-M8 3.0.0-M7 3.0.0-M5 3.0.1 From e87a8dd85689d240482dcc7c26361801190afffd Mon Sep 17 00:00:00 2001 From: "renovate[bot]" <29139614+renovate[bot]@users.noreply.github.com> Date: Thu, 12 Jan 2023 04:32:33 +0000 Subject: [PATCH 53/84] chore(deps): update dependency org.apache.maven.plugins:maven-dependency-plugin to v3.5.0 --- pom.xml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/pom.xml b/pom.xml index e18bf14..676928b 100644 --- a/pom.xml +++ b/pom.xml @@ -34,7 +34,7 @@ 3.10.1 3.3.0 - 3.4.0 + 3.5.0 3.12.1 3.0.0-M7 3.0.0-M7 From 69b0f4364b878ba36d97789721d4cc2aca2d0306 Mon Sep 17 00:00:00 2001 From: "renovate[bot]" <29139614+renovate[bot]@users.noreply.github.com> Date: Thu, 12 Jan 2023 07:05:31 +0000 Subject: [PATCH 54/84] chore(deps): update dependency org.apache.maven.plugins:maven-failsafe-plugin to v3.0.0-m8 --- pom.xml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/pom.xml b/pom.xml index cbc45d2..75d18fc 100644 --- a/pom.xml +++ b/pom.xml @@ -37,7 +37,7 @@ 3.4.0 3.12.1 3.0.0-M8 - 3.0.0-M7 + 3.0.0-M8 3.0.0-M5 3.0.1 7.4.4 From cd6edd04a2d9ac9e9f6dd97ef8bbc34dfe0dd3fa Mon Sep 17 00:00:00 2001 From: "renovate[bot]" <29139614+renovate[bot]@users.noreply.github.com> Date: Thu, 12 Jan 2023 07:05:35 +0000 Subject: [PATCH 55/84] chore(deps): update dependency org.apache.maven.plugins:maven-pmd-plugin to v3.20.0 --- pom.xml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/pom.xml b/pom.xml index cbc45d2..9ec391f 100644 --- a/pom.xml +++ b/pom.xml @@ -174,7 +174,7 @@ org.apache.maven.plugins maven-pmd-plugin - 3.19.0 + 3.20.0 pmd.xml From 861cb36b3d8b531dc9b70cd82108faabb5b04731 Mon Sep 17 00:00:00 2001 From: "renovate[bot]" <29139614+renovate[bot]@users.noreply.github.com> Date: Sun, 15 Jan 2023 14:17:22 +0000 Subject: [PATCH 56/84] chore(deps): update dependency org.owasp:dependency-check-maven to v8 --- pom.xml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/pom.xml b/pom.xml index 3fa16c3..cb82466 100644 --- a/pom.xml +++ b/pom.xml @@ -40,7 +40,7 @@ 3.0.0-M8 3.0.0-M5 3.0.1 - 7.4.4 + 8.0.0 6.53.0 From 923299143a7b200239abda6356b8cd8f1cccf6a3 Mon Sep 17 00:00:00 2001 From: "renovate[bot]" <29139614+renovate[bot]@users.noreply.github.com> Date: Wed, 18 Jan 2023 12:25:13 +0000 Subject: [PATCH 57/84] chore(deps): update dependency org.owasp:dependency-check-maven to v8.0.1 --- pom.xml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/pom.xml b/pom.xml index cb82466..04b19ac 100644 --- a/pom.xml +++ b/pom.xml @@ -40,7 +40,7 @@ 3.0.0-M8 3.0.0-M5 3.0.1 - 8.0.0 + 8.0.1 6.53.0 From 91cb1f1545a1b4597bcea884e1acbcd4c5653e0f Mon Sep 17 00:00:00 2001 From: "renovate[bot]" <29139614+renovate[bot]@users.noreply.github.com> Date: Sat, 21 Jan 2023 12:17:28 +0000 Subject: [PATCH 58/84] chore(deps): update dependency org.kordamp.maven:pomchecker-maven-plugin to v1.6.0 --- pom.xml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/pom.xml b/pom.xml index 04b19ac..a9d77cd 100644 --- a/pom.xml +++ b/pom.xml @@ -291,7 +291,7 @@ org.kordamp.maven pomchecker-maven-plugin - 1.5.0 + 1.6.0 org.apache.maven.plugins From 2dc4956d8aed75b591f4875fa4d54e3f51004330 Mon Sep 17 00:00:00 2001 From: "renovate[bot]" <29139614+renovate[bot]@users.noreply.github.com> Date: Tue, 31 Jan 2023 17:31:30 +0000 Subject: [PATCH 59/84] chore(deps): update dependency com.puppycrawl.tools:checkstyle to v10.7.0 --- pom.xml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/pom.xml b/pom.xml index a9d77cd..e7b7996 100644 --- a/pom.xml +++ b/pom.xml @@ -218,7 +218,7 @@ com.puppycrawl.tools checkstyle - 10.6.0 + 10.7.0 From 4f5e4752fff397cff9c03e88a773ec6db3689579 Mon Sep 17 00:00:00 2001 From: "renovate[bot]" <29139614+renovate[bot]@users.noreply.github.com> Date: Tue, 14 Feb 2023 03:11:50 +0000 Subject: [PATCH 60/84] chore(deps): update dependency org.apache.maven.plugins:maven-surefire-plugin to v3.0.0-m9 --- pom.xml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/pom.xml b/pom.xml index e7b7996..fab1fe4 100644 --- a/pom.xml +++ b/pom.xml @@ -36,7 +36,7 @@ 3.3.0 3.5.0 3.12.1 - 3.0.0-M8 + 3.0.0-M9 3.0.0-M8 3.0.0-M5 3.0.1 From 768f7db02a157cf8b888821b0ebf2fb308ae6916 Mon Sep 17 00:00:00 2001 From: "renovate[bot]" <29139614+renovate[bot]@users.noreply.github.com> Date: Wed, 15 Feb 2023 12:22:35 +0000 Subject: [PATCH 61/84] chore(deps): update dependency org.apache.maven.plugins:maven-javadoc-plugin to v3.5.0 --- pom.xml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/pom.xml b/pom.xml index e7b7996..85fdb1d 100644 --- a/pom.xml +++ b/pom.xml @@ -323,7 +323,7 @@ org.apache.maven.plugins maven-javadoc-plugin - 3.4.1 + 3.5.0 attach-javadocs From 2ef5550af4b6323ec9954e65b1dd61113fcbb293 Mon Sep 17 00:00:00 2001 From: "renovate[bot]" <29139614+renovate[bot]@users.noreply.github.com> Date: Fri, 17 Feb 2023 18:07:25 +0000 Subject: [PATCH 62/84] chore(deps): update dependency org.kordamp.maven:pomchecker-maven-plugin to v1.8.0 --- pom.xml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/pom.xml b/pom.xml index e7b7996..7dee4e3 100644 --- a/pom.xml +++ b/pom.xml @@ -291,7 +291,7 @@ org.kordamp.maven pomchecker-maven-plugin - 1.6.0 + 1.8.0 org.apache.maven.plugins From 6d9fdd94625d724f6a7476ff838be70985a809aa Mon Sep 17 00:00:00 2001 From: "renovate[bot]" <29139614+renovate[bot]@users.noreply.github.com> Date: Sat, 25 Feb 2023 12:03:05 +0000 Subject: [PATCH 63/84] chore(deps): update pmd.version to v6.55.0 --- pom.xml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/pom.xml b/pom.xml index e7b7996..6e78e60 100644 --- a/pom.xml +++ b/pom.xml @@ -41,7 +41,7 @@ 3.0.0-M5 3.0.1 8.0.1 - 6.53.0 + 6.55.0 scm:git:https://github.com/gdcc/${project.artifactId}.git From 665270c395a4096f21f458acd25200e4ba230d28 Mon Sep 17 00:00:00 2001 From: "renovate[bot]" <29139614+renovate[bot]@users.noreply.github.com> Date: Sun, 26 Feb 2023 03:42:46 +0000 Subject: [PATCH 64/84] chore(deps): update dependency com.github.spotbugs:spotbugs-maven-plugin to v4.7.3.2 --- pom.xml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/pom.xml b/pom.xml index e7b7996..deca474 100644 --- a/pom.xml +++ b/pom.xml @@ -156,7 +156,7 @@ com.github.spotbugs spotbugs-maven-plugin - 4.7.3.0 + 4.7.3.2 ${skipAnalysis} spotbugsExcludeFilter.xml From 5c69258cfb59285cc46d41407687a30e8f11c361 Mon Sep 17 00:00:00 2001 From: "renovate[bot]" <29139614+renovate[bot]@users.noreply.github.com> Date: Mon, 27 Feb 2023 06:20:33 +0000 Subject: [PATCH 65/84] chore(deps): update dependency com.puppycrawl.tools:checkstyle to v10.8.0 --- pom.xml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/pom.xml b/pom.xml index 7aaafa2..4e986f6 100644 --- a/pom.xml +++ b/pom.xml @@ -218,7 +218,7 @@ com.puppycrawl.tools checkstyle - 10.7.0 + 10.8.0 From b7aa31cd69e632e65c4adb7317c730f9565474f8 Mon Sep 17 00:00:00 2001 From: "renovate[bot]" <29139614+renovate[bot]@users.noreply.github.com> Date: Mon, 27 Feb 2023 06:20:40 +0000 Subject: [PATCH 66/84] chore(deps): update dependency org.owasp:dependency-check-maven to v8.1.0 --- pom.xml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/pom.xml b/pom.xml index 7aaafa2..96142cb 100644 --- a/pom.xml +++ b/pom.xml @@ -40,7 +40,7 @@ 3.0.0-M8 3.0.0-M5 3.0.1 - 8.0.1 + 8.1.0 6.55.0 From bbb7ab73771284f23e765799b506417a18e1c52e Mon Sep 17 00:00:00 2001 From: "renovate[bot]" <29139614+renovate[bot]@users.noreply.github.com> Date: Mon, 27 Feb 2023 06:21:08 +0000 Subject: [PATCH 67/84] chore(deps): update dependency org.apache.maven.plugins:maven-failsafe-plugin to v3.0.0-m9 --- pom.xml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/pom.xml b/pom.xml index fa0370e..33a5f3a 100644 --- a/pom.xml +++ b/pom.xml @@ -37,7 +37,7 @@ 3.5.0 3.12.1 3.0.0-M9 - 3.0.0-M8 + 3.0.0-M9 3.0.0-M5 3.0.1 8.0.1 From 58f53574a921e1672474c12d2a808f4d1a153950 Mon Sep 17 00:00:00 2001 From: "renovate[bot]" <29139614+renovate[bot]@users.noreply.github.com> Date: Mon, 27 Feb 2023 10:08:44 +0000 Subject: [PATCH 68/84] chore(deps): update dependency org.apache.maven.plugins:maven-compiler-plugin to v3.11.0 --- pom.xml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/pom.xml b/pom.xml index ba2324f..31fd4c1 100644 --- a/pom.xml +++ b/pom.xml @@ -32,7 +32,7 @@ 2.11.0 - 3.10.1 + 3.11.0 3.3.0 3.5.0 3.12.1 From 9521c332cf57e7d8392f4a23efa1c3064353c209 Mon Sep 17 00:00:00 2001 From: "renovate[bot]" <29139614+renovate[bot]@users.noreply.github.com> Date: Tue, 28 Feb 2023 13:29:52 +0000 Subject: [PATCH 69/84] chore(deps): update dependency org.owasp:dependency-check-maven to v8.1.2 --- pom.xml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/pom.xml b/pom.xml index 31fd4c1..e631522 100644 --- a/pom.xml +++ b/pom.xml @@ -40,7 +40,7 @@ 3.0.0-M9 3.0.0-M5 3.0.1 - 8.1.0 + 8.1.2 6.55.0 From 7935949e47e59365581580b1483b72dbf3b8dac7 Mon Sep 17 00:00:00 2001 From: Oliver Bertuch Date: Fri, 3 Mar 2023 07:45:11 +0100 Subject: [PATCH 70/84] chore(deps): update commons fileupload to v1.5 --- pom.xml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/pom.xml b/pom.xml index 31fd4c1..301f4c9 100644 --- a/pom.xml +++ b/pom.xml @@ -24,7 +24,7 @@ 4.0.4 1.1.3 - 1.4 + 1.5 4.7.0 1.7.36 From e8140526ba41a763b1caf3e4b23a9541234ebc07 Mon Sep 17 00:00:00 2001 From: Oliver Bertuch Date: Fri, 3 Mar 2023 07:46:04 +0100 Subject: [PATCH 71/84] feat(upload): enable max files per upload configuration This is related to CVE-2023-24998 and enables to configure the SWORD servlet to allow only as much files uploaded in one go as specified. As we cannot give another sane default than "no limit", a user of the lib still needs to add a real limit to be on the safe side! --- src/main/java/org/swordapp/server/SwordAPIEndpoint.java | 1 + src/main/java/org/swordapp/server/SwordConfiguration.java | 2 ++ .../org/swordapp/server/SwordConfigurationDefault.java | 7 ++++++- .../java/org/swordapp/server/SwordTestConfiguration.java | 5 +++++ 4 files changed, 14 insertions(+), 1 deletion(-) diff --git a/src/main/java/org/swordapp/server/SwordAPIEndpoint.java b/src/main/java/org/swordapp/server/SwordAPIEndpoint.java index 92e4e44..0836393 100644 --- a/src/main/java/org/swordapp/server/SwordAPIEndpoint.java +++ b/src/main/java/org/swordapp/server/SwordAPIEndpoint.java @@ -384,6 +384,7 @@ protected List getPartsFromRequest(final HttpServletRequest request) t // Create a new file upload handler ServletFileUpload upload = new ServletFileUpload(factory); + upload.setFileCountMax(config.getMaxUploadFiles()); // Parse the request List items = upload.parseRequest(request); diff --git a/src/main/java/org/swordapp/server/SwordConfiguration.java b/src/main/java/org/swordapp/server/SwordConfiguration.java index 6d8a762..815a20d 100644 --- a/src/main/java/org/swordapp/server/SwordConfiguration.java +++ b/src/main/java/org/swordapp/server/SwordConfiguration.java @@ -20,6 +20,8 @@ public interface SwordConfiguration { String getTempDirectory(); int getMaxUploadSize(); + + int getMaxUploadFiles(); String getAlternateUrl(); diff --git a/src/main/java/org/swordapp/server/SwordConfigurationDefault.java b/src/main/java/org/swordapp/server/SwordConfigurationDefault.java index 8460e24..2b9f575 100644 --- a/src/main/java/org/swordapp/server/SwordConfigurationDefault.java +++ b/src/main/java/org/swordapp/server/SwordConfigurationDefault.java @@ -40,7 +40,12 @@ public String getTempDirectory() { public int getMaxUploadSize() { return -1; } - + + @Override + public int getMaxUploadFiles() { + return -1; + } + public String getAlternateUrl() { return null; } diff --git a/src/test/java/org/swordapp/server/SwordTestConfiguration.java b/src/test/java/org/swordapp/server/SwordTestConfiguration.java index 5375d3b..9acf519 100644 --- a/src/test/java/org/swordapp/server/SwordTestConfiguration.java +++ b/src/test/java/org/swordapp/server/SwordTestConfiguration.java @@ -41,6 +41,11 @@ public int getMaxUploadSize() { return 1024; } + @Override + public int getMaxUploadFiles() { + return 1024; + } + public String getAlternateUrl() { return "https://example.org"; } From ca983a5269db1c964d816d4da5eb6affbb705f4f Mon Sep 17 00:00:00 2001 From: Oliver Bertuch Date: Fri, 3 Mar 2023 08:50:09 +0100 Subject: [PATCH 72/84] fix: make XML factories for ErrorDocument disable external entities for security --- src/main/java/org/swordapp/server/ErrorDocument.java | 5 +++++ 1 file changed, 5 insertions(+) diff --git a/src/main/java/org/swordapp/server/ErrorDocument.java b/src/main/java/org/swordapp/server/ErrorDocument.java index eda8269..da3b7d2 100644 --- a/src/main/java/org/swordapp/server/ErrorDocument.java +++ b/src/main/java/org/swordapp/server/ErrorDocument.java @@ -4,6 +4,7 @@ import org.w3c.dom.Element; import javax.servlet.http.HttpServletResponse; +import javax.xml.XMLConstants; import javax.xml.parsers.DocumentBuilder; import javax.xml.parsers.DocumentBuilderFactory; import javax.xml.parsers.ParserConfigurationException; @@ -150,6 +151,10 @@ public void writeTo(final Writer out, final SwordConfiguration config) throws Sw // Actually write the model to a stream TransformerFactory transformerFactory = TransformerFactory.newInstance(); + // Prohibit the use of all protocols by external entities (we don't here, but it's good practice anyway) + transformerFactory.setAttribute(XMLConstants.ACCESS_EXTERNAL_DTD, ""); + transformerFactory.setAttribute(XMLConstants.ACCESS_EXTERNAL_STYLESHEET, ""); + Transformer transformer = transformerFactory.newTransformer(); DOMSource source = new DOMSource(doc); transformer.setOutputProperty(OutputKeys.STANDALONE, "yes"); From 9777155a7d6accad9786ba5bf6d5de7fd7dde349 Mon Sep 17 00:00:00 2001 From: Oliver Bertuch Date: Fri, 3 Mar 2023 09:09:25 +0100 Subject: [PATCH 73/84] fix(util): properly close channels in ChecksumUtils.hashAndCopy() --- src/main/java/org/swordapp/server/ChecksumUtils.java | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/src/main/java/org/swordapp/server/ChecksumUtils.java b/src/main/java/org/swordapp/server/ChecksumUtils.java index 6f0c0fe..1f34df8 100644 --- a/src/main/java/org/swordapp/server/ChecksumUtils.java +++ b/src/main/java/org/swordapp/server/ChecksumUtils.java @@ -56,9 +56,9 @@ public static String hashAndCopy(final InputStream input, final OutputStream out try ( DigestOutputStream digestStream = new DigestOutputStream(output, md); - ) { ReadableByteChannel in = Channels.newChannel(input); WritableByteChannel out = Channels.newChannel(digestStream); + ) { ByteBuffer buffer = ByteBuffer.allocate(LARGE_BUFFER); while (in.read(buffer) != -1) { From 7a5bf1f6f04d75f3f7eeb9942ec5908641f5b4f0 Mon Sep 17 00:00:00 2001 From: Oliver Bertuch Date: Fri, 3 Mar 2023 13:33:41 +0100 Subject: [PATCH 74/84] [maven-release-plugin] prepare release sword2-server-1.2.2 --- pom.xml | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/pom.xml b/pom.xml index 58c5659..4dde93e 100644 --- a/pom.xml +++ b/pom.xml @@ -3,7 +3,7 @@ 4.0.0 io.gdcc sword2-server - 1.2.2-SNAPSHOT + 1.2.2 jar SWORD v2 Common Server Library (forked) @@ -47,7 +47,7 @@ scm:git:https://github.com/gdcc/${project.artifactId}.git scm:git:git@github.com:gdcc/${project.artifactId}.git https://github.com/gdcc/${project.artifactId} - HEAD + sword2-server-1.2.2 From b03fc054f5a2720a2f758f93a828d5ce56267ffe Mon Sep 17 00:00:00 2001 From: Oliver Bertuch Date: Fri, 3 Mar 2023 13:33:44 +0100 Subject: [PATCH 75/84] [maven-release-plugin] prepare for next development iteration --- pom.xml | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/pom.xml b/pom.xml index 4dde93e..0319a00 100644 --- a/pom.xml +++ b/pom.xml @@ -3,7 +3,7 @@ 4.0.0 io.gdcc sword2-server - 1.2.2 + 1.2.3-SNAPSHOT jar SWORD v2 Common Server Library (forked) @@ -47,7 +47,7 @@ scm:git:https://github.com/gdcc/${project.artifactId}.git scm:git:git@github.com:gdcc/${project.artifactId}.git https://github.com/gdcc/${project.artifactId} - sword2-server-1.2.2 + HEAD From 57e233caf5d061edbc1c76c919b25667d950907c Mon Sep 17 00:00:00 2001 From: "renovate[bot]" <29139614+renovate[bot]@users.noreply.github.com> Date: Sun, 28 May 2023 08:59:47 +0000 Subject: [PATCH 76/84] chore(deps): update dependency org.codehaus.mojo:flatten-maven-plugin to v1.5.0 --- pom.xml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/pom.xml b/pom.xml index 0319a00..d7e0aac 100644 --- a/pom.xml +++ b/pom.xml @@ -353,7 +353,7 @@ org.codehaus.mojo flatten-maven-plugin - 1.3.0 + 1.5.0 true oss From e30258de5f8be5531317c74dfbdaf494797d6470 Mon Sep 17 00:00:00 2001 From: "renovate[bot]" <29139614+renovate[bot]@users.noreply.github.com> Date: Sat, 3 Jun 2023 07:57:54 +0000 Subject: [PATCH 77/84] chore(deps): update dependency org.apache.maven.plugins:maven-release-plugin to v3.0.1 --- pom.xml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/pom.xml b/pom.xml index 0319a00..a033b7e 100644 --- a/pom.xml +++ b/pom.xml @@ -296,7 +296,7 @@ org.apache.maven.plugins maven-release-plugin - 3.0.0-M7 + 3.0.1 From 71e79ef9fe17dad01b7ca708cb603cbfd4e8523a Mon Sep 17 00:00:00 2001 From: "renovate[bot]" <29139614+renovate[bot]@users.noreply.github.com> Date: Tue, 6 Jun 2023 18:48:01 +0000 Subject: [PATCH 78/84] chore(deps): update dependency org.apache.maven.plugins:maven-surefire-plugin to v3.1.2 --- pom.xml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/pom.xml b/pom.xml index 0319a00..d9dda36 100644 --- a/pom.xml +++ b/pom.xml @@ -36,7 +36,7 @@ 3.3.0 3.5.0 3.12.1 - 3.0.0-M9 + 3.1.2 3.0.0-M9 3.0.0-M5 3.0.1 From ae785b1e00851b79d1ce2783cce1b67dfa7cbf3c Mon Sep 17 00:00:00 2001 From: "renovate[bot]" <29139614+renovate[bot]@users.noreply.github.com> Date: Mon, 12 Jun 2023 14:13:52 +0000 Subject: [PATCH 79/84] chore(deps): update dependency org.owasp:dependency-check-maven to v8.3.1 --- pom.xml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/pom.xml b/pom.xml index 0319a00..4f7a247 100644 --- a/pom.xml +++ b/pom.xml @@ -40,7 +40,7 @@ 3.0.0-M9 3.0.0-M5 3.0.1 - 8.1.2 + 8.3.1 6.55.0 From ec4317ef49edf632f2c22aa0bf0637695191b45f Mon Sep 17 00:00:00 2001 From: "renovate[bot]" <29139614+renovate[bot]@users.noreply.github.com> Date: Tue, 20 Jun 2023 01:19:08 +0000 Subject: [PATCH 80/84] chore(deps): update dependency com.github.spotbugs:spotbugs-maven-plugin to v4.7.3.5 --- pom.xml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/pom.xml b/pom.xml index 0319a00..5eca494 100644 --- a/pom.xml +++ b/pom.xml @@ -156,7 +156,7 @@ com.github.spotbugs spotbugs-maven-plugin - 4.7.3.2 + 4.7.3.5 ${skipAnalysis} spotbugsExcludeFilter.xml From 7fd25023d3d2ffccdd5b241e518e28d750c52a09 Mon Sep 17 00:00:00 2001 From: "renovate[bot]" <29139614+renovate[bot]@users.noreply.github.com> Date: Sun, 25 Jun 2023 19:58:42 +0000 Subject: [PATCH 81/84] chore(deps): update dependency com.puppycrawl.tools:checkstyle to v10.12.1 --- pom.xml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/pom.xml b/pom.xml index 0319a00..c4c4247 100644 --- a/pom.xml +++ b/pom.xml @@ -218,7 +218,7 @@ com.puppycrawl.tools checkstyle - 10.8.0 + 10.12.1 From 54dff79a71ad078b02d1f470ec974400735c115c Mon Sep 17 00:00:00 2001 From: "renovate[bot]" <29139614+renovate[bot]@users.noreply.github.com> Date: Wed, 28 Jun 2023 18:02:03 +0000 Subject: [PATCH 82/84] chore(deps): update dependency org.junit.jupiter:junit-jupiter to v5.9.3 --- pom.xml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/pom.xml b/pom.xml index c4c4247..f1c5255 100644 --- a/pom.xml +++ b/pom.xml @@ -521,7 +521,7 @@ org.junit.jupiter junit-jupiter - 5.9.2 + 5.9.3 test From 338d21a746b0a4dfe08252e8c6b7b45f66db0f18 Mon Sep 17 00:00:00 2001 From: "renovate[bot]" <29139614+renovate[bot]@users.noreply.github.com> Date: Wed, 28 Jun 2023 18:02:37 +0000 Subject: [PATCH 83/84] chore(deps): update dependency org.apache.maven.plugins:maven-checkstyle-plugin to v3.3.0 --- pom.xml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/pom.xml b/pom.xml index 7a4a64e..61dd7fe 100644 --- a/pom.xml +++ b/pom.xml @@ -207,7 +207,7 @@ org.apache.maven.plugins maven-checkstyle-plugin - 3.2.1 + 3.3.0 checkstyle.xml UTF-8 From 5c2b75ca14922976a5536fa7030f90e317179d19 Mon Sep 17 00:00:00 2001 From: "renovate[bot]" <29139614+renovate[bot]@users.noreply.github.com> Date: Wed, 28 Jun 2023 18:02:42 +0000 Subject: [PATCH 84/84] chore(deps): update dependency org.apache.maven.plugins:maven-failsafe-plugin to v3.1.2 --- pom.xml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/pom.xml b/pom.xml index 7a4a64e..0051663 100644 --- a/pom.xml +++ b/pom.xml @@ -37,7 +37,7 @@ 3.5.0 3.12.1 3.1.2 - 3.0.0-M9 + 3.1.2 3.0.0-M5 3.0.1 8.1.2