From 22613bb91c63fc70ee2c1e444897e0ca4aa5fa6d Mon Sep 17 00:00:00 2001 From: Steve Marion Date: Thu, 27 Jun 2024 18:34:30 +0200 Subject: [PATCH] SONAR-22447 move back all dependency management into the main build.gradle files --- build.gradle | 13 +++++++++++++ server/sonar-ce-task-projectanalysis/build.gradle | 2 +- server/sonar-main/build.gradle | 1 - server/sonar-webserver-webapi-v2/build.gradle | 2 +- sonar-testing-ldap/build.gradle | 11 ++++------- sonar-ws-generator/build.gradle | 5 +---- test-monitoring/build.gradle | 2 +- 7 files changed, 21 insertions(+), 15 deletions(-) diff --git a/build.gradle b/build.gradle index 30428f78a8a..f11f215e06c 100644 --- a/build.gradle +++ b/build.gradle @@ -382,13 +382,21 @@ subprojects { dependency 'org.xmlunit:xmlunit-matchers:2.10.0' dependency 'org.lz4:lz4-java:1.8.0' dependency 'org.littleshoot:littleproxy:1.1.2' + dependency 'net.sf.trove4j:core:3.1.0' dependency 'org.awaitility:awaitility:4.2.1' dependency 'org.apache.commons:commons-collections4:4.4' dependency 'org.apache.commons:commons-csv:1.11.0' dependency 'org.apache.commons:commons-lang3:3.14.0' dependency 'org.apache.commons:commons-email:1.6.0' dependency 'org.apache.commons:commons-text:1.12.0' + dependency 'org.apache.mina:mina-core:2.2.3' + dependency 'org.apache.kerby:kerb-simplekdc:2.0.3' + dependency 'org.apache.kerby:ldap-backend:2.0.3' + dependency 'commons-logging:commons-logging:1.3.1' dependency 'com.zaxxer:HikariCP:5.1.0' + dependency ('org.apache.directory.server:apacheds-server-integ:2.0.0.AM27') { + exclude 'log4j:log4j' + } dependency('org.apache.httpcomponents:httpclient:4.5.14') { exclude 'commons-logging:commons-logging' } @@ -473,6 +481,11 @@ subprojects { dependency 'org.glassfish:jakarta.el:3.0.4' dependency 'org.kohsuke:github-api:1.322' dependency 'org.wiremock:wiremock-standalone:3.7.0' + dependency 'org.skyscreamer:jsonassert:1.5.1' + // to be used only in sonar-ws-generator + dependency ("org.apache.velocity:velocity:1.7") { + dependency 'commons-collections:commons-collections:3.2.2' + } // please keep this list alphabetically ordered } diff --git a/server/sonar-ce-task-projectanalysis/build.gradle b/server/sonar-ce-task-projectanalysis/build.gradle index 604a1026213..f5cd00d6393 100644 --- a/server/sonar-ce-task-projectanalysis/build.gradle +++ b/server/sonar-ce-task-projectanalysis/build.gradle @@ -19,7 +19,7 @@ dependencies { api 'org.slf4j:jul-to-slf4j' api 'org.slf4j:slf4j-api' - api 'net.sf.trove4j:core:3.1.0' + api 'net.sf.trove4j:core' api 'commons-codec:commons-codec' api 'commons-io:commons-io' api 'org.apache.commons:commons-lang3' diff --git a/server/sonar-main/build.gradle b/server/sonar-main/build.gradle index e1e567a0e9a..a1483151742 100644 --- a/server/sonar-main/build.gradle +++ b/server/sonar-main/build.gradle @@ -18,7 +18,6 @@ dependencies { api 'org.apache.logging.log4j:log4j-to-slf4j' api 'org.apache.logging.log4j:log4j-api' api 'org.elasticsearch.client:elasticsearch-rest-high-level-client' - api 'org.elasticsearch:elasticsearch' api 'org.slf4j:slf4j-api' api 'org.yaml:snakeyaml' diff --git a/server/sonar-webserver-webapi-v2/build.gradle b/server/sonar-webserver-webapi-v2/build.gradle index 2acb3187201..19e6fb4d0a8 100644 --- a/server/sonar-webserver-webapi-v2/build.gradle +++ b/server/sonar-webserver-webapi-v2/build.gradle @@ -20,7 +20,7 @@ dependencies { testImplementation 'org.junit.jupiter:junit-jupiter-params' testImplementation 'org.mockito:mockito-core' testImplementation 'org.mockito:mockito-junit-jupiter' - testImplementation 'org.skyscreamer:jsonassert:1.5.1' + testImplementation 'org.skyscreamer:jsonassert' testImplementation 'org.sonarsource.api.plugin:sonar-plugin-api-test-fixtures' testImplementation 'com.tngtech.java:junit-dataprovider' testImplementation project(':sonar-testing-harness') diff --git a/sonar-testing-ldap/build.gradle b/sonar-testing-ldap/build.gradle index 1900ce7ef7b..e3bedf7a54f 100644 --- a/sonar-testing-ldap/build.gradle +++ b/sonar-testing-ldap/build.gradle @@ -5,13 +5,10 @@ sonar { } dependencies { - api 'org.apache.mina:mina-core:2.2.3' - implementation ('org.apache.directory.server:apacheds-server-integ:2.0.0.AM27') { - exclude group: 'log4j', module: 'log4j' - } - - implementation 'org.apache.kerby:kerb-simplekdc:2.0.3' - implementation 'org.apache.kerby:ldap-backend:2.0.3' + api 'org.apache.mina:mina-core' + implementation 'org.apache.directory.server:apacheds-server-integ' + implementation 'org.apache.kerby:kerb-simplekdc' + implementation 'org.apache.kerby:ldap-backend' testImplementation 'junit:junit' testImplementation 'org.assertj:assertj-core' diff --git a/sonar-ws-generator/build.gradle b/sonar-ws-generator/build.gradle index 7ce6a3ad099..a8300876613 100644 --- a/sonar-ws-generator/build.gradle +++ b/sonar-ws-generator/build.gradle @@ -8,10 +8,7 @@ dependencies { api 'com.google.code.gson:gson' api 'com.google.guava:guava' api 'commons-io:commons-io' - // transitive dependency of Velocity that must be upgraded - // in order to fix a vulnerability - api 'commons-collections:commons-collections:3.2.2' - api 'org.apache.velocity:velocity:1.7' + api 'org.apache.velocity:velocity' api 'org.slf4j:log4j-over-slf4j' api 'org.sonarsource.orchestrator:sonar-orchestrator-junit4' diff --git a/test-monitoring/build.gradle b/test-monitoring/build.gradle index a252f4ebdba..ef105873cee 100644 --- a/test-monitoring/build.gradle +++ b/test-monitoring/build.gradle @@ -13,9 +13,9 @@ dependencies { compileOnlyApi 'org.aspectj:aspectjtools' compileOnlyApi 'com.github.spotbugs:spotbugs-annotations' + testImplementation 'org.aspectj:aspectjtools' testImplementation 'org.assertj:assertj-core' testImplementation 'org.mockito:mockito-core' - testImplementation 'org.aspectj:aspectjweaver:1.9.22.1' } tasks.withType(JavaCompile) { -- 2.39.5