From 13c3ee31b5954bfe6ba4a64f1292e73ab5959f3e Mon Sep 17 00:00:00 2001 From: Pascal Christoph Date: Fri, 26 Nov 2021 09:05:26 +0100 Subject: [PATCH 1/3] Fix build release (#397) Add gradle.properties to gitignore: The gradle.properties is used when doing releases. Doing releases is only possible with a clean git repo. Adding gradle.properties to gitignore provides both. Add "developers" into pom: The nexus repository manager insists on having the developers section in the pom. This commit reverts parts of 8710014c49abc94e98a1ec7bee4d14ac7c37aeb1 to have the developers section again. --- .gitignore | 2 ++ build.gradle | 22 ++++++++++++++++++++++ 2 files changed, 24 insertions(+) diff --git a/.gitignore b/.gitignore index 41256e67d..dccb3a8b0 100644 --- a/.gitignore +++ b/.gitignore @@ -48,3 +48,5 @@ buildbot.keyring # Ignore VS code/codium config files .vscode +# Ignore files with sensitive data +gradle.properties diff --git a/build.gradle b/build.gradle index 8e497d8fd..a84e7ee95 100644 --- a/build.gradle +++ b/build.gradle @@ -143,6 +143,28 @@ gradle.projectsEvaluated { } url 'https://github.com/metafacture/metafacture-core' inceptionYear '2011' + developers { + developer { + id 'mgeipel' + name 'Markus M. Geipel' + email 'm.geipel@dnb.de' + url 'https://github.com/mgeipel' + roles { + role 'architect' + role 'developer' + } + } + developer { + id 'cboehme' + name 'Christoph Böhme' + email 'c.boehme@dnb.de' + url 'https://github.com/cboehme' + roles { + role 'architect' + role 'developer' + } + } + } organization { name 'Metafacture' url 'https://github.com/metafacture' From 88ca5fcaaea9a0ca4ea827242b5a0391a403d9a3 Mon Sep 17 00:00:00 2001 From: Pascal Christoph Date: Fri, 26 Nov 2021 11:50:03 +0100 Subject: [PATCH 2/3] Add dependency task This allows to also list the dependencies of the subprojects. --- build.gradle | 2 ++ 1 file changed, 2 insertions(+) diff --git a/build.gradle b/build.gradle index a84e7ee95..9f34bfb71 100644 --- a/build.gradle +++ b/build.gradle @@ -88,6 +88,8 @@ subprojects { group 'build' } + task allDeps(type: DependencyReportTask) {} + javadoc { options { addBooleanOption 'Xwerror', true From a81f2bf54fe4c8f09b5502d896a56f224c15634d Mon Sep 17 00:00:00 2001 From: Pascal Christoph Date: Fri, 26 Nov 2021 12:11:19 +0100 Subject: [PATCH 3/3] Update dependencies Updated commons-compress, log4j & jackson-databind to close some critical and high threats. --- metafacture-biblio/build.gradle | 2 +- metafacture-elasticsearch/build.gradle | 2 +- metafacture-html/build.gradle | 2 +- metafacture-io/build.gradle | 2 +- metafacture-json/build.gradle | 4 ++-- metafacture-xml/build.gradle | 2 +- 6 files changed, 7 insertions(+), 7 deletions(-) diff --git a/metafacture-biblio/build.gradle b/metafacture-biblio/build.gradle index 7faf64733..aa1ca6520 100644 --- a/metafacture-biblio/build.gradle +++ b/metafacture-biblio/build.gradle @@ -27,7 +27,7 @@ dependencies { exclude group: 'xercesImpl', module: 'xercesImpl' exclude group: 'xml-apis', module: 'xml-apis' } - implementation 'log4j:log4j:1.2.12' + implementation 'org.apache.logging.log4j:log4j-core:2.14.1' testImplementation 'junit:junit:4.12' testImplementation 'org.mockito:mockito-core:2.5.5' } diff --git a/metafacture-elasticsearch/build.gradle b/metafacture-elasticsearch/build.gradle index 8f942de23..64b80bc44 100644 --- a/metafacture-elasticsearch/build.gradle +++ b/metafacture-elasticsearch/build.gradle @@ -19,7 +19,7 @@ description = 'Modules for sending data to an Elasticsearch instance' dependencies { api project(':metafacture-framework') - implementation 'com.fasterxml.jackson.core:jackson-databind:2.8.5' + implementation 'com.fasterxml.jackson.core:jackson-databind:2.13.0' testImplementation 'junit:junit:4.12' testImplementation 'org.mockito:mockito-core:2.5.5' } diff --git a/metafacture-html/build.gradle b/metafacture-html/build.gradle index e8c8ab2f0..a076e3371 100644 --- a/metafacture-html/build.gradle +++ b/metafacture-html/build.gradle @@ -21,7 +21,7 @@ dependencies { api project(':metafacture-framework') implementation project(':metafacture-commons') implementation 'org.slf4j:slf4j-api:1.7.21' - implementation 'org.apache.commons:commons-compress:1.12' + implementation 'org.apache.commons:commons-compress:1.21' implementation 'commons-io:commons-io:2.6' implementation 'org.jsoup:jsoup:1.12.1' testImplementation 'junit:junit:4.12' diff --git a/metafacture-io/build.gradle b/metafacture-io/build.gradle index e568fe090..3de8b53ce 100644 --- a/metafacture-io/build.gradle +++ b/metafacture-io/build.gradle @@ -21,7 +21,7 @@ dependencies { api project(':metafacture-framework') implementation project(':metafacture-commons') implementation 'commons-io:commons-io:2.5' - implementation 'org.apache.commons:commons-compress:1.20' + implementation 'org.apache.commons:commons-compress:1.21' runtimeOnly 'org.tukaani:xz:1.6' testImplementation 'junit:junit:4.12' testImplementation 'org.mockito:mockito-core:2.5.5' diff --git a/metafacture-json/build.gradle b/metafacture-json/build.gradle index ea49dabfa..1ffa26d2b 100644 --- a/metafacture-json/build.gradle +++ b/metafacture-json/build.gradle @@ -19,8 +19,8 @@ description = 'Modules for processing JSON data in Metafacture' dependencies { api project(':metafacture-framework') - implementation 'com.fasterxml.jackson.core:jackson-core:2.8.5' - implementation 'com.fasterxml.jackson.core:jackson-databind:2.8.5' + implementation 'com.fasterxml.jackson.core:jackson-core:2.13.0' + implementation 'com.fasterxml.jackson.core:jackson-databind:2.13.0' implementation 'com.jayway.jsonpath:json-path:2.6.0' testImplementation 'junit:junit:4.12' testImplementation 'org.mockito:mockito-core:2.5.5' diff --git a/metafacture-xml/build.gradle b/metafacture-xml/build.gradle index c91c82c8e..c2bd2c255 100644 --- a/metafacture-xml/build.gradle +++ b/metafacture-xml/build.gradle @@ -21,7 +21,7 @@ dependencies { api project(':metafacture-framework') implementation project(':metafacture-commons') implementation 'org.slf4j:slf4j-api:1.7.21' - implementation 'org.apache.commons:commons-compress:1.12' + implementation 'org.apache.commons:commons-compress:1.21' testImplementation 'junit:junit:4.12' testImplementation 'org.mockito:mockito-core:2.5.5' testRuntimeOnly 'org.slf4j:slf4j-simple:1.7.21'