Skip to content

Commit

Permalink
Remove hardcoded 2.0.0 version (reset to latest)
Browse files Browse the repository at this point in the history
Update 3rd Party Libs
Update OWASP Suppression file
Update CI Jobs (Update Runner and JDK version)
  • Loading branch information
f11h committed Feb 13, 2023
1 parent 23789f5 commit 6e52062
Show file tree
Hide file tree
Showing 8 changed files with 20 additions and 77 deletions.
2 changes: 1 addition & 1 deletion .github/workflows/ci-dependency-check.yml
Original file line number Diff line number Diff line change
Expand Up @@ -15,7 +15,7 @@ jobs:
steps:
- uses: actions/setup-java@v2
with:
java-version: 11
java-version: 17
distribution: adopt
- uses: actions/checkout@v2
with:
Expand Down
4 changes: 2 additions & 2 deletions .github/workflows/ci-main.yml
Original file line number Diff line number Diff line change
Expand Up @@ -6,11 +6,11 @@ on:
- main
jobs:
build:
runs-on: ubuntu-20.04
runs-on: ubuntu-latest
steps:
- uses: actions/setup-java@v2
with:
java-version: 11
java-version: 17
distribution: adopt
- uses: actions/checkout@v2
with:
Expand Down
4 changes: 2 additions & 2 deletions .github/workflows/ci-pullrequest.yml
Original file line number Diff line number Diff line change
Expand Up @@ -7,11 +7,11 @@ on:
- reopened
jobs:
build:
runs-on: ubuntu-20.04
runs-on: ubuntu-latest
steps:
- uses: actions/setup-java@v2
with:
java-version: 11
java-version: 17
distribution: adopt
- uses: actions/checkout@v2
with:
Expand Down
2 changes: 1 addition & 1 deletion .github/workflows/ci-release-notes.yml
Original file line number Diff line number Diff line change
Expand Up @@ -5,7 +5,7 @@ on:
- created
jobs:
release-notes:
runs-on: ubuntu-20.04
runs-on: ubuntu-latest
steps:
- uses: actions/checkout@v2
with:
Expand Down
4 changes: 2 additions & 2 deletions .github/workflows/ci-release.yml
Original file line number Diff line number Diff line change
Expand Up @@ -5,11 +5,11 @@ on:
- created
jobs:
release:
runs-on: ubuntu-20.04
runs-on: ubuntu-latest
steps:
- uses: actions/setup-java@v2
with:
java-version: 11
java-version: 17
distribution: adopt
- uses: actions/checkout@v2
with:
Expand Down
4 changes: 2 additions & 2 deletions .github/workflows/ci-sonar.yml
Original file line number Diff line number Diff line change
Expand Up @@ -10,11 +10,11 @@ on:
- reopened
jobs:
sonar:
runs-on: ubuntu-20.04
runs-on: ubuntu-latest
steps:
- uses: actions/setup-java@v2
with:
java-version: 11
java-version: 17
distribution: adopt
- uses: actions/checkout@v2
with:
Expand Down
26 changes: 2 additions & 24 deletions owasp/suppressions.xml
Original file line number Diff line number Diff line change
@@ -1,29 +1,7 @@
<?xml version="1.0" encoding="UTF-8"?>
<suppressions xmlns="https://jeremylong.github.io/DependencyCheck/dependency-suppression.1.3.xsd">
<suppress>
<notes>see https://github.com/jeremylong/DependencyCheck/issues/1827></notes>
<cve>CVE-2018-1258</cve>
</suppress>
<suppress>
<notes>see https://github.com/jeremylong/DependencyCheck/issues/2952</notes>
<cve>CVE-2011-2732</cve>
<cve>CVE-2011-2731</cve>
<cve>CVE-2012-5055</cve>
</suppress>
<suppress>
<notes>see https://tomcat.apache.org/security-9.html#Apache_Tomcat_9.x_vulnerabilities vulnerability is fixed in tomcat 9.0.38</notes>
<cve>CVE-2020-13943</cve>
</suppress>
<suppress>
<notes>H2 is not used by this project.</notes>
<cve>CVE-2021-23463</cve>
</suppress>
<suppress>
<notes>False Positive, Should match only up to 5.3.2 (excluding) but we have 5.6.3 </notes>
<cve>CVE-2020-5408</cve>
</suppress>
<suppress>
<notes>False Positive, Should match only up to 1.32 (excluding) but we have 1.33</notes>
<cve>CVE-2022-38752</cve>
<notes>no YAML content from users is parsed within this service</notes>
<cve>CVE-2022-1471</cve>
</suppress>
</suppressions>
51 changes: 8 additions & 43 deletions pom.xml
Original file line number Diff line number Diff line change
Expand Up @@ -13,7 +13,7 @@

<groupId>eu.europa.ec.dgc</groupId>
<artifactId>dgc-lib</artifactId>
<version>2.0.0</version>
<version>latest</version>
<packaging>jar</packaging>

<name>dgc-lib</name>
Expand All @@ -30,18 +30,16 @@
<project.build.sourceEncoding>UTF-8</project.build.sourceEncoding>
<project.reporting.outputEncoding>UTF-8</project.reporting.outputEncoding>
<!-- dependencies -->
<owasp.version>7.3.0</owasp.version>
<feign.version>11.10</feign.version>
<bcpkix.version>1.70</bcpkix.version>
<owasp.version>8.0.2</owasp.version>
<bcpkix.version>1.72</bcpkix.version>
<lombok.version>1.18.24</lombok.version>
<mapstruct.version>1.5.3.Final</mapstruct.version>
<commonsio.version>2.11.0</commonsio.version>
<cbor.version>4.5.2</cbor.version>
<jackson.version>2.13.4</jackson.version>
<jackson.databind.version>2.13.4.2</jackson.databind.version>
<mockwebserver.version>4.10.0</mockwebserver.version>
<plugin.checkstyle.version>3.2.0</plugin.checkstyle.version>
<plugin.surefire.version>3.0.0-M7</plugin.surefire.version>
<plugin.checkstyle.version>3.2.1</plugin.checkstyle.version>
<plugin.sonar.version>3.9.1.2184</plugin.sonar.version>
<plugin.surefire.version>3.0.0-M8</plugin.surefire.version>
<plugin.jacoco.version>0.8.8</plugin.jacoco.version>

<!-- license -->
Expand Down Expand Up @@ -78,24 +76,8 @@
<dependencies>
<dependency>
<groupId>org.springframework.boot</groupId>
<artifactId>spring-boot-starter-web</artifactId>
<artifactId>spring-boot-starter</artifactId>
<optional>true</optional>
<exclusions>
<exclusion>
<groupId>org.yaml</groupId>
<artifactId>snakeyaml</artifactId>
</exclusion>
<exclusion>
<groupId>com.fasterxml.jackson.core</groupId>
<artifactId>jackson-databind</artifactId>
</exclusion>
</exclusions>
</dependency>
<!-- Explicit inclusion of SnakeYaml because of CVE -->
<dependency>
<groupId>org.yaml</groupId>
<artifactId>snakeyaml</artifactId>
<version>1.33</version>
</dependency>
<dependency>
<groupId>org.springframework.boot</groupId>
Expand All @@ -105,17 +87,10 @@
<dependency>
<groupId>org.springframework.cloud</groupId>
<artifactId>spring-cloud-starter-openfeign</artifactId>
<exclusions>
<exclusion>
<groupId>org.springframework</groupId>
<artifactId>spring-web</artifactId>
</exclusion>
</exclusions>
</dependency>
<dependency>
<groupId>io.github.openfeign</groupId>
<artifactId>feign-httpclient</artifactId>
<version>${feign.version}</version>
</dependency>
<dependency>
<groupId>org.mapstruct</groupId>
Expand All @@ -126,11 +101,10 @@
<groupId>org.projectlombok</groupId>
<artifactId>lombok</artifactId>
<scope>provided</scope>
<version>${lombok.version}</version>
</dependency>
<dependency>
<groupId>org.bouncycastle</groupId>
<artifactId>bcpkix-jdk15on</artifactId>
<artifactId>bcpkix-jdk18on</artifactId>
<version>${bcpkix.version}</version>
</dependency>
<dependency>
Expand All @@ -146,20 +120,11 @@
<dependency>
<groupId>com.fasterxml.jackson.core</groupId>
<artifactId>jackson-databind</artifactId>
<version>${jackson.databind.version}</version>
</dependency>
<dependency>
<groupId>com.fasterxml.jackson.datatype</groupId>
<artifactId>jackson-datatype-jsr310</artifactId>
<version>${jackson.version}</version>
<exclusions>
<exclusion>
<groupId>com.fasterxml.jackson.core</groupId>
<artifactId>jackson-databind</artifactId>
</exclusion>
</exclusions>
</dependency>

<dependency>
<groupId>org.springframework.boot</groupId>
<artifactId>spring-boot-starter-test</artifactId>
Expand Down

0 comments on commit 6e52062

Please sign in to comment.