From 5c084c00d42ad87fdc290be285a9db4a5601a802 Mon Sep 17 00:00:00 2001
From: Andrea Guarino
<38876543+andrea-guarino-sonarsource@users.noreply.github.com>
Date: Tue, 11 Jan 2022 17:31:59 +0100
Subject: [PATCH] Bump analyzer-commons and orchestrator versions; cleanup
pom.xml (#1052)
---
check-license-compliance.sh | 3 +-
override-dep-licenses.properties | 4 ++
pom.xml | 45 ++++++++++---------
.../regex/duplicatesInCharacterClassCheck.py | 4 +-
4 files changed, 32 insertions(+), 24 deletions(-)
create mode 100644 override-dep-licenses.properties
diff --git a/check-license-compliance.sh b/check-license-compliance.sh
index de09f1f564..9caeef6bd7 100755
--- a/check-license-compliance.sh
+++ b/check-license-compliance.sh
@@ -3,4 +3,5 @@ set -euo pipefail
# See https://xtranet.sonarsource.com/display/DEV/Open+Source+Licenses
-mvn org.codehaus.mojo:license-maven-plugin:aggregate-add-third-party
+mvn org.codehaus.mojo:license-maven-plugin:aggregate-add-third-party \
+ -Dlicense.overrideUrl=file://$(pwd)/override-dep-licenses.properties
diff --git a/override-dep-licenses.properties b/override-dep-licenses.properties
new file mode 100644
index 0000000000..9b568baafb
--- /dev/null
+++ b/override-dep-licenses.properties
@@ -0,0 +1,4 @@
+# Override license defined in parent POM
+# See check-license-compatibility.sh
+
+com.google.code.gson--gson--2.8.9=apache_v2
diff --git a/pom.xml b/pom.xml
index 79ccd3645b..c47767faa9 100644
--- a/pom.xml
+++ b/pom.xml
@@ -90,11 +90,12 @@
2.2.1
3.9.0
8.9.0.43852
- 3.35.1.2719
- 1.21.0.829
+ 3.36.0.63
+ 1.22.0.848
6.0.0.32513
1.23
3.17.3
+ 6.2.7
@@ -136,16 +137,12 @@
sonar-regex-parsing
${sonar-analyzer-commons.version}
+
org.codehaus.staxmate
staxmate
2.0.1
-
- org.sonarsource.orchestrator
- sonar-orchestrator
- ${sonar.orchestrator.version}
-
commons-lang
commons-lang
@@ -156,18 +153,25 @@
commons-io
${commons.io.version}
+
org.codehaus.woodstox
woodstox-core-lgpl
${woodstox.version}
- ch.qos.logback
- logback-classic
- ${logback.version}
+ com.google.guava
+ guava
+ 30.1.1-jre
+
+ org.sonarsource.orchestrator
+ sonar-orchestrator
+ ${sonar.orchestrator.version}
+ test
+
org.sonarsource.sonarqube
sonar-testing-harness
@@ -211,26 +215,25 @@
provided
- com.google.guava
- guava
- 30.1.1-jre
+ ch.qos.logback
+ logback-classic
+ ${logback.version}
+ test
-
-
-
org.sonarsource.sonarqube
- sonar-plugin-api
+ sonar-plugin-api-impl
${sonar.version}
- provided
+ test
+
+
org.sonarsource.sonarqube
- sonar-plugin-api-impl
+ sonar-plugin-api
${sonar.version}
- test
+ provided
-
diff --git a/python-checks/src/test/resources/checks/regex/duplicatesInCharacterClassCheck.py b/python-checks/src/test/resources/checks/regex/duplicatesInCharacterClassCheck.py
index cd39d80325..acb00bd5fd 100644
--- a/python-checks/src/test/resources/checks/regex/duplicatesInCharacterClassCheck.py
+++ b/python-checks/src/test/resources/checks/regex/duplicatesInCharacterClassCheck.py
@@ -81,8 +81,8 @@ def compliant(input):
re.match(r"[aa", input) # Check should not run on syntactically invalid regexen
re.match(r"(?U)[\wä]", input) # False negative because we don't support Unicode characters in \w and \W
re.match(r"[[a-z&&b-e]c]", input) # FN because we don't support intersections
- re.match(r"(?i)[A-_d-{]", input) # FN because we ignore case insensitivity unless both ends of the ranges are letters
- re.match(r"(?i)[A-z_]", input) # FN because A-z gets misinterpreted as A-Za-z due to the way we handle case insensitivity
+ re.match(r"(?i)[A-_d-{]", input) # Noncompliant
+ re.match(r"(?i)[A-z_]", input) # Noncompliant
re.match(r"[\abc]", input)
re.match(r'[\s\'"\:\{\}\[\],&\*\#\?]', input)
re.match(r"[0-9\\d]", input) # Compliant