Skip to content

Commit

Permalink
Merge pull request #389 from XeroAPI/PETOSS-516-Find-package-vulnerab…
Browse files Browse the repository at this point in the history 
…ilities-and-update-dependent-packages-for-Java

Petoss 516 find package vulnerabilities and update dependent packages for java
  • Loading branch information
@vigneshk-tw
vigneshk-tw authored Oct 4, 2024
2 parents 09a5166 + 9481ae0 commit 304be26
Show file tree
Hide file tree
Showing 2 changed files with 22 additions and 24 deletions.
3 changes: 1 addition & 2 deletions .github/workflows/build-lint-test.yml
View file
Original file line number Diff line number Diff line change
Expand Up @@ -20,7 +20,6 @@ jobs:
distribution: 'temurin'
java-version: '11'
cache: maven
gpg-passphrase: GPG_PASSPHRASE

- name: Import GPG Key
run: |
Expand All @@ -33,5 +32,5 @@ jobs:
export GPG_TTY=$(tty)
mvn clean verify -DskipTests=true
env:
GPG_PASSPHRASE: ${{ secrets.GPG_PASSPHRASE }}
MAVEN_GPG_PASSPHRASE: ${{ secrets.GPG_PASSPHRASE }}
working-directory: Xero-Java
43 changes: 21 additions & 22 deletions pom.xml
View file
Original file line number Diff line number Diff line change
Expand Up @@ -41,7 +41,7 @@
<dependency>
<groupId>com.auth0</groupId>
<artifactId>java-jwt</artifactId>
<version>3.19.4</version>
<version>4.4.0</version>
</dependency>
<dependency>
<groupId>com.auth0</groupId>
Expand All @@ -68,17 +68,17 @@
<dependency>
<groupId>commons-io</groupId>
<artifactId>commons-io</artifactId>
<version>2.7</version>
<version>2.17.0</version>
</dependency>
<dependency>
<groupId>jakarta.servlet</groupId>
<artifactId>jakarta.servlet-api</artifactId>
<version>6.0.0</version>
<version>6.1.0</version>
</dependency>
<dependency>
<groupId>org.mockito</groupId>
<artifactId>mockito-core</artifactId>
<version>5.10.0</version>
<version>5.14.1</version>
<scope>test</scope>
</dependency>

Expand All @@ -92,7 +92,7 @@
<dependency>
<groupId>org.slf4j</groupId>
<artifactId>slf4j-api</artifactId>
<version>1.7.30</version>
<version>2.0.16</version>
</dependency>

<!-- JSON processing: jackson -->
Expand Down Expand Up @@ -159,7 +159,7 @@
<plugins>
<plugin>
<artifactId>maven-deploy-plugin</artifactId>
<version>2.8.2</version>
<version>3.1.3</version>
</plugin>
<plugin>
<groupId>org.apache.maven.plugins</groupId>
Expand All @@ -173,7 +173,7 @@
<plugin>
<groupId>org.apache.maven.plugins</groupId>
<artifactId>maven-source-plugin</artifactId>
<version>3.0.1</version>
<version>3.3.1</version>
<executions>
<execution>
<id>attach-sources</id>
Expand Down Expand Up @@ -203,17 +203,17 @@
<plugin>
<groupId>org.apache.maven.plugins</groupId>
<artifactId>maven-pmd-plugin</artifactId>
<version>3.8</version>
<version>3.25.0</version>
</plugin>
<plugin>
<groupId>org.codehaus.mojo</groupId>
<artifactId>findbugs-maven-plugin</artifactId>
<version>3.0.4</version>
<version>3.0.5</version>
</plugin>
<plugin>
<groupId>org.apache.maven.plugins</groupId>
<artifactId>maven-war-plugin</artifactId>
<version>3.1.0</version>
<version>3.4.0</version>
<configuration>
<webXml>example/src/main/webapp/WEB-INF/web.xml</webXml>
<webResources>
Expand All @@ -232,7 +232,7 @@
<plugin>
<groupId>org.apache.maven.plugins</groupId>
<artifactId>maven-javadoc-plugin</artifactId>
<version>3.3.2</version>
<version>3.10.1</version>
<configuration>
<source>8</source>
</configuration>
Expand All @@ -248,7 +248,7 @@
<plugin>
<groupId>org.apache.maven.plugins</groupId>
<artifactId>maven-gpg-plugin</artifactId>
<version>1.6</version>
<version>3.2.7</version>
<executions>
<execution>
<id>sign-artifacts</id>
Expand All @@ -261,15 +261,14 @@
<arg>--pinentry-mode</arg>
<arg>loopback</arg>
</gpgArguments>
<passphraseServerId>gpg.passphrase</passphraseServerId>
</configuration>
</execution>
</executions>
</plugin>
<plugin>
<groupId>org.sonatype.plugins</groupId>
<artifactId>nexus-staging-maven-plugin</artifactId>
<version>1.6.13</version>
<version>1.7.0</version>
<extensions>true</extensions>
<configuration>
<serverId>ossrh</serverId>
Expand All @@ -280,7 +279,7 @@
<plugin>
<groupId>org.apache.maven.plugins</groupId>
<artifactId>maven-surefire-plugin</artifactId>
<version>3.0.0-M4</version>
<version>3.5.0</version>
<configuration>
<argLine>-Duser.timezone=GMT-08:00</argLine>
</configuration>
Expand All @@ -292,12 +291,12 @@
<plugin>
<groupId>org.apache.maven.plugins</groupId>
<artifactId>maven-pmd-plugin</artifactId>
<version>3.8</version>
<version>3.25.0</version>
</plugin>
<plugin>
<groupId>org.codehaus.mojo</groupId>
<artifactId>findbugs-maven-plugin</artifactId>
<version>3.0.4</version>
<version>3.0.5</version>
<configuration>
<!-- Enables analysis which takes more memory but finds more bugs. If
you run out of memory, changes the value of the effort element to 'low'. -->
Expand All @@ -316,12 +315,12 @@
<project.build.sourceEncoding>UTF-8</project.build.sourceEncoding>
<project.reporting.outputEncoding>UTF-8</project.reporting.outputEncoding>
<java.version>11</java.version>
<swagger-annotations-version>1.6.3</swagger-annotations-version>
<google-api-client-version>2.3.0</google-api-client-version>
<swagger-annotations-version>1.6.14</swagger-annotations-version>
<google-api-client-version>2.7.0</google-api-client-version>
<jersey-common-version>2.25.1</jersey-common-version>
<jackson-version>2.16.1</jackson-version>
<jackson-databind-version>2.16.1</jackson-databind-version>
<jackson-threetenbp-version>2.12.5</jackson-threetenbp-version>
<jackson-version>2.18.0</jackson-version>
<jackson-databind-version>2.18.0</jackson-databind-version>
<jackson-threetenbp-version>2.15.2</jackson-threetenbp-version>
<junit-version>4.13.2</junit-version>
<org-apache-httpcomponents>4.5.3</org-apache-httpcomponents>
<jersey-version>3.1.5</jersey-version>
Expand Down

0 comments on commit 304be26

Please sign in to comment.