SONAR-13155 upgrade commons-collection to fix vulnerability

author Simon Brandhof <simon.brandhof@sonarsource.com>

Wed, 18 Mar 2020 19:40:32 +0000 (20:40 +0100)

committer sonartech <sonartech@sonarsource.com>

Sat, 21 Mar 2020 20:04:03 +0000 (20:04 +0000)
author Simon Brandhof <simon.brandhof@sonarsource.com>
Wed, 18 Mar 2020 19:40:32 +0000 (20:40 +0100)
committer sonartech <sonartech@sonarsource.com>
Sat, 21 Mar 2020 20:04:03 +0000 (20:04 +0000)
diff --git a/sonar-ws-generator/build.gradle b/sonar-ws-generator/build.gradle

index 3c7ae776b085beb1ec659ec3a8412a1a12e1aff7..e872e414c793b5031f60ad9948f3205d32cc00a7 100644 (file)
--- a/sonar-ws-generator/build.gradle
+++ b/sonar-ws-generator/build.gradle
@@ -8,6 +8,9 @@ dependencies {
    compile 'com.google.code.gson:gson'
    compile 'com.google.guava:guava'
    compile 'commons-io:commons-io'
+  // transitive dependency of Velocity that must be upgraded
+  // in order to fix a vulnerability
+  compile 'commons-collections:commons-collections:3.2.2'
    compile 'org.apache.velocity:velocity:1.7'
    compile 'org.slf4j:log4j-over-slf4j'
    compile 'org.sonarsource.orchestrator:sonar-orchestrator'
author	Simon Brandhof <simon.brandhof@sonarsource.com>
	Wed, 18 Mar 2020 19:40:32 +0000 (20:40 +0100)
committer	sonartech <sonartech@sonarsource.com>
	Sat, 21 Mar 2020 20:04:03 +0000 (20:04 +0000)