diff options
| author | PJ Fanning <pjfanning@users.noreply.github.com> | 2022-06-02 11:49:19 +0100 |
|---|---|---|
| committer | GitHub <noreply@github.com> | 2022-06-02 20:49:19 +1000 |
| commit | 2b331366848df06183912e15482f73de698fb15e (patch) | |
| tree | b95df048af5f235becafdebac5f325ccf5976727 | |
| parent | a1762710cc68fe5acbb5beaee654c42024468b44 (diff) | |
| download | archiva-2b331366848df06183912e15482f73de698fb15e.tar.gz archiva-2b331366848df06183912e15482f73de698fb15e.zip | |
MRM-2051: upgrade dom4j due to cves (#106)
* upgrade dom4j due to cves
9 files changed, 18 insertions, 17 deletions
diff --git a/archiva-modules/archiva-base/archiva-repository-scanner/src/test/resources/repositories/default-repository/org/apache/maven/archiva/archiva-xml-tools/1.0-SNAPSHOT/archiva-xml-tools-1.0-SNAPSHOT.pom b/archiva-modules/archiva-base/archiva-repository-scanner/src/test/resources/repositories/default-repository/org/apache/maven/archiva/archiva-xml-tools/1.0-SNAPSHOT/archiva-xml-tools-1.0-SNAPSHOT.pom index efa42d3f0..b45a5f3a5 100644 --- a/archiva-modules/archiva-base/archiva-repository-scanner/src/test/resources/repositories/default-repository/org/apache/maven/archiva/archiva-xml-tools/1.0-SNAPSHOT/archiva-xml-tools-1.0-SNAPSHOT.pom +++ b/archiva-modules/archiva-base/archiva-repository-scanner/src/test/resources/repositories/default-repository/org/apache/maven/archiva/archiva-xml-tools/1.0-SNAPSHOT/archiva-xml-tools-1.0-SNAPSHOT.pom @@ -34,9 +34,9 @@ <artifactId>archiva-common</artifactId> </dependency> <dependency> - <groupId>dom4j</groupId> + <groupId>org.dom4j</groupId> <artifactId>dom4j</artifactId> - <version>1.6.1</version> + <version>${dom4j.version}</version> </dependency> <dependency> <groupId>jaxen</groupId> diff --git a/archiva-modules/archiva-maven/archiva-maven-repository/src/test/java/org/apache/archiva/maven/repository/metadata/storage/Maven2RepositoryMetadataResolverTest.java b/archiva-modules/archiva-maven/archiva-maven-repository/src/test/java/org/apache/archiva/maven/repository/metadata/storage/Maven2RepositoryMetadataResolverTest.java index 6f5f72c1d..ea46c624a 100644 --- a/archiva-modules/archiva-maven/archiva-maven-repository/src/test/java/org/apache/archiva/maven/repository/metadata/storage/Maven2RepositoryMetadataResolverTest.java +++ b/archiva-modules/archiva-maven/archiva-maven-repository/src/test/java/org/apache/archiva/maven/repository/metadata/storage/Maven2RepositoryMetadataResolverTest.java @@ -225,7 +225,7 @@ public class Maven2RepositoryMetadataResolverTest assertDependency( dependencies.get( 3 ), "org.codehaus.plexus", "plexus-component-api", "1.0-alpha-22" ); assertDependency( dependencies.get( 4 ), "org.codehaus.plexus", "plexus-spring", "1.2", "test" ); assertDependency( dependencies.get( 5 ), "xalan", "xalan", "2.7.0" ); - assertDependency( dependencies.get( 6 ), "dom4j", "dom4j", "1.6.1", "test" ); + assertDependency( dependencies.get( 6 ), "org.dom4j", "dom4j", "${dom4j.version}", "test" ); assertDependency( dependencies.get( 7 ), "junit", "junit", "3.8.1", "test" ); assertDependency( dependencies.get( 8 ), "easymock", "easymock", "1.2_Java1.3", "test" ); assertDependency( dependencies.get( 9 ), "easymock", "easymockclassextension", "1.2", "test" ); @@ -682,8 +682,8 @@ public class Maven2RepositoryMetadataResolverTest assertArtifact( artifacts.get( 0 ), "plexus-spring-1.2-sources.jar", 0, EMPTY_SHA1, EMPTY_MD5 ); assertArtifact( artifacts.get( 1 ), "plexus-spring-1.2.jar", 0, EMPTY_SHA1, EMPTY_MD5 ); - assertArtifact( artifacts.get( 2 ), "plexus-spring-1.2.pom", 7407, "96b14cf880e384b2d15e8193c57b65c5420ca4c5", - "f83aa25f016212a551a4b2249985effc" ); + assertArtifact( artifacts.get( 2 ), "plexus-spring-1.2.pom", 7422, "28e86d3e2723e4894587e4b758231f76febce942", + "9f663d8e7adf6adff4133653b59d1e28" ); } @Test diff --git a/archiva-modules/archiva-maven/archiva-maven-repository/src/test/resources/repositories/default-repository/org/apache/maven/archiva/archiva-xml-tools/1.0-SNAPSHOT/archiva-xml-tools-1.0-SNAPSHOT.pom b/archiva-modules/archiva-maven/archiva-maven-repository/src/test/resources/repositories/default-repository/org/apache/maven/archiva/archiva-xml-tools/1.0-SNAPSHOT/archiva-xml-tools-1.0-SNAPSHOT.pom index efa42d3f0..b45a5f3a5 100644 --- a/archiva-modules/archiva-maven/archiva-maven-repository/src/test/resources/repositories/default-repository/org/apache/maven/archiva/archiva-xml-tools/1.0-SNAPSHOT/archiva-xml-tools-1.0-SNAPSHOT.pom +++ b/archiva-modules/archiva-maven/archiva-maven-repository/src/test/resources/repositories/default-repository/org/apache/maven/archiva/archiva-xml-tools/1.0-SNAPSHOT/archiva-xml-tools-1.0-SNAPSHOT.pom @@ -34,9 +34,9 @@ <artifactId>archiva-common</artifactId> </dependency> <dependency> - <groupId>dom4j</groupId> + <groupId>org.dom4j</groupId> <artifactId>dom4j</artifactId> - <version>1.6.1</version> + <version>${dom4j.version}</version> </dependency> <dependency> <groupId>jaxen</groupId> diff --git a/archiva-modules/archiva-maven/archiva-maven-repository/src/test/resources/target-repo/org/apache/archiva/archiva/1.2.1/archiva-1.2.1.pom b/archiva-modules/archiva-maven/archiva-maven-repository/src/test/resources/target-repo/org/apache/archiva/archiva/1.2.1/archiva-1.2.1.pom index cccf51781..0bf4b0f6c 100755 --- a/archiva-modules/archiva-maven/archiva-maven-repository/src/test/resources/target-repo/org/apache/archiva/archiva/1.2.1/archiva-1.2.1.pom +++ b/archiva-modules/archiva-maven/archiva-maven-repository/src/test/resources/target-repo/org/apache/archiva/archiva/1.2.1/archiva-1.2.1.pom @@ -501,9 +501,9 @@ <version>10.1.3.1</version> </dependency> <dependency> - <groupId>dom4j</groupId> + <groupId>org.dom4j</groupId> <artifactId>dom4j</artifactId> - <version>1.6.1</version> + <version>${dom4j.version}</version> </dependency> <dependency> <groupId>hsqldb</groupId> diff --git a/archiva-modules/metadata/test-repository/src/main/resources/org/apache/archiva/archiva-common/1.2.1/archiva-common-1.2.1.pom b/archiva-modules/metadata/test-repository/src/main/resources/org/apache/archiva/archiva-common/1.2.1/archiva-common-1.2.1.pom index bddde3bb7..360cc46f9 100644 --- a/archiva-modules/metadata/test-repository/src/main/resources/org/apache/archiva/archiva-common/1.2.1/archiva-common-1.2.1.pom +++ b/archiva-modules/metadata/test-repository/src/main/resources/org/apache/archiva/archiva-common/1.2.1/archiva-common-1.2.1.pom @@ -61,9 +61,9 @@ <version>2.7.0</version> </dependency> <dependency> - <groupId>dom4j</groupId> + <groupId>org.dom4j</groupId> <artifactId>dom4j</artifactId> - <version>1.6.1</version> + <version>${dom4j.version}</version> <scope>test</scope> </dependency> </dependencies> diff --git a/archiva-modules/metadata/test-repository/src/main/resources/org/apache/archiva/archiva/1.2.1/archiva-1.2.1.pom b/archiva-modules/metadata/test-repository/src/main/resources/org/apache/archiva/archiva/1.2.1/archiva-1.2.1.pom index cccf51781..0bf4b0f6c 100644 --- a/archiva-modules/metadata/test-repository/src/main/resources/org/apache/archiva/archiva/1.2.1/archiva-1.2.1.pom +++ b/archiva-modules/metadata/test-repository/src/main/resources/org/apache/archiva/archiva/1.2.1/archiva-1.2.1.pom @@ -501,9 +501,9 @@ <version>10.1.3.1</version> </dependency> <dependency> - <groupId>dom4j</groupId> + <groupId>org.dom4j</groupId> <artifactId>dom4j</artifactId> - <version>1.6.1</version> + <version>${dom4j.version}</version> </dependency> <dependency> <groupId>hsqldb</groupId> diff --git a/archiva-modules/metadata/test-repository/src/main/resources/org/apache/archiva/archiva/1.2.2/archiva-1.2.2.pom b/archiva-modules/metadata/test-repository/src/main/resources/org/apache/archiva/archiva/1.2.2/archiva-1.2.2.pom index cccf51781..0bf4b0f6c 100644 --- a/archiva-modules/metadata/test-repository/src/main/resources/org/apache/archiva/archiva/1.2.2/archiva-1.2.2.pom +++ b/archiva-modules/metadata/test-repository/src/main/resources/org/apache/archiva/archiva/1.2.2/archiva-1.2.2.pom @@ -501,9 +501,9 @@ <version>10.1.3.1</version> </dependency> <dependency> - <groupId>dom4j</groupId> + <groupId>org.dom4j</groupId> <artifactId>dom4j</artifactId> - <version>1.6.1</version> + <version>${dom4j.version}</version> </dependency> <dependency> <groupId>hsqldb</groupId> diff --git a/archiva-modules/metadata/test-repository/src/main/resources/org/codehaus/plexus/plexus-spring/1.2/plexus-spring-1.2.pom b/archiva-modules/metadata/test-repository/src/main/resources/org/codehaus/plexus/plexus-spring/1.2/plexus-spring-1.2.pom index 1b13027c1..cc7397558 100644 --- a/archiva-modules/metadata/test-repository/src/main/resources/org/codehaus/plexus/plexus-spring/1.2/plexus-spring-1.2.pom +++ b/archiva-modules/metadata/test-repository/src/main/resources/org/codehaus/plexus/plexus-spring/1.2/plexus-spring-1.2.pom @@ -57,9 +57,9 @@ <version>1.0-alpha-22</version> </dependency> <dependency> - <groupId>dom4j</groupId> + <groupId>org.dom4j</groupId> <artifactId>dom4j</artifactId> - <version>1.6.1</version> + <version>${dom4j.version}</version> </dependency> <dependency> <groupId>com.opensymphony</groupId> @@ -61,6 +61,7 @@ <jsoup.version>1.14.2</jsoup.version> <rome.version>1.16.0</rome.version> <cronutils.version>9.1.6</cronutils.version> + <dom4j.version>2.1.3</dom4j.version> <!-- JCR modules --> <javax.jcr.version>2.0</javax.jcr.version> |