Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

DFR-1492 divorce patching #605

Open
wants to merge 9 commits into
base: master
Choose a base branch
from
Open

DFR-1492 divorce patching #605

Show file tree
Hide file tree
Changes from all commits
Commits
Show all changes
9 commits
Select commit Hold shift + click to select a range
fb01e58
DFR-1712 bump dependencies
Michael1142 Jan 11, 2023
0a3e335
DFR-1712 update supressions
Michael1142 Jan 11, 2023
11a6610
DFR-1712 update supressions
Michael1142 Jan 11, 2023
a7200a9
DFR-1712 bump dependencies
Michael1142 Jan 11, 2023
7328f1d
DFR-1492 bump dependencies and update suppressions
Michael1142 Jan 15, 2023
d27430f
DFR-1492 restore pitest version
Michael1142 Jan 15, 2023
d816c4d
merge master
Michael1142 Jan 17, 2023
f61d0d0
DFR-1492 bump chart version
Michael1142 Jan 18, 2023
73df6bd
DFR-1492 bump chart version
Michael1142 Jan 18, 2023
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
20 changes: 10 additions & 10 deletions build.gradle
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -20,11 +20,11 @@ plugins {
id 'com.github.ben-manes.versions' version '0.39.0'
id 'io.spring.dependency-management' version '1.0.10.RELEASE'
id 'jacoco'
id 'org.owasp.dependencycheck' version '6.2.2'
id 'org.sonarqube' version '3.2.0'
id 'org.owasp.dependencycheck' version '7.1.1'
id 'org.sonarqube' version '3.4.0.2513'
id 'org.springframework.boot' version '2.3.11.RELEASE'
id 'info.solidsoft.pitest' version '1.6.0'
id 'au.com.dius.pact' version '4.2.0'
id 'au.com.dius.pact' version '4.3.10'
}

apply plugin: 'net.serenity-bdd.aggregator'
Expand Down Expand Up @@ -162,9 +162,9 @@ def versions = [
unirest: '1.4.9',
wiremockVersion: '2.27.2',
springSecurityCrypto: '5.4.5',
tomcatEmbedCore: '9.0.68',
tomcatEmbedWebsocket: '9.0.68',
tomcatEmbedEl: '9.0.68',
tomcatEmbedCore: '9.0.69',
tomcatEmbedWebsocket: '9.0.69',
tomcatEmbedEl: '9.0.69',
pact_version: '4.1.11',
httpComponents: '4.5.13',
bouncycastle: '1.61'
Expand Down Expand Up @@ -217,7 +217,7 @@ dependencies {

implementation group: 'org.springframework.security', name: 'spring-security-crypto', version: versions.springSecurityCrypto

implementation group: 'com.sun.xml.bind', name: 'jaxb-osgi', version: '2.3.3'
implementation group: 'com.sun.xml.bind', name: 'jaxb-osgi', version: '4.0.0'
implementation group: 'org.springframework.boot', name: 'spring-boot-starter-actuator', version: versions.springBoot
implementation group: 'org.bouncycastle', name: 'bcprov-jdk15on', version: versions.bouncycastle

Expand Down Expand Up @@ -290,8 +290,8 @@ dependencies {
contractTestRuntimeOnly group: 'au.com.dius.pact.consumer', name: 'java8', version: versions.pact_version

contractTestImplementation group: 'org.springframework.boot', name: 'spring-boot-starter-test'
contractTestImplementation("org.junit.jupiter:junit-jupiter-api:5.7.2")
contractTestRuntimeOnly("org.junit.jupiter:junit-jupiter-engine:5.7.2")
contractTestImplementation("org.junit.jupiter:junit-jupiter-api:5.9.1")
contractTestRuntimeOnly("org.junit.jupiter:junit-jupiter-engine:5.9.1")

contractTestImplementation sourceSets.main.runtimeClasspath
contractTestImplementation sourceSets.test.runtimeClasspath
Expand All @@ -307,7 +307,7 @@ dependencyManagement {
entry 'jackson-annotations'
}

dependencySet(group: 'org.apache.logging.log4j', version: '2.17.1') {
dependencySet(group: 'org.apache.logging.log4j', version: '2.19.0') {
entry 'log4j-api'
entry 'log4j-to-slf4j'
}
Expand Down
4 changes: 2 additions & 2 deletions charts/div-dgs/Chart.yaml
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -2,8 +2,8 @@ apiVersion: v2
appVersion: "1.0"
description: Divorce - Document Generator Service
name: div-dgs
version: 2.0.10
version: 2.0.12
dependencies:
- name: java
version: 4.0.1
version: 4.0.9
repository: "https://hmctspublic.azurecr.io/helm/v1/repo/"
10 changes: 0 additions & 10 deletions dependency-check-suppressions.xml
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -130,14 +130,4 @@
<cve>CVE-2022-22976</cve>
<cve>CVE-2021-22119</cve>
</suppress>
<suppress>
<notes><![CDATA[file name: tomcat-embed-core-9.0.68.jar]]></notes>
<packageUrl regex="true">^pkg:maven/org\.apache\.tomcat\.embed/tomcat\-embed\-core@.*$</packageUrl>
<cve>CVE-2022-45143</cve>
</suppress>
<suppress>
<notes><![CDATA[file name: tomcat-embed-websocket-9.0.68.jar]]></notes>
<packageUrl regex="true">^pkg:maven/org\.apache\.tomcat\.embed/tomcat\-embed\-websocket@.*$</packageUrl>
<cve>CVE-2022-45143</cve>
</suppress>
</suppressions>