diff options
| author | Florian Zschocke <f.zschocke+git@gmail.com> | 2022-11-14 22:24:54 +0100 |
|---|---|---|
| committer | Florian Zschocke <f.zschocke+git@gmail.com> | 2022-11-14 22:25:37 +0100 |
| commit | 5fd9d9ef7955bda0129f6e971626c4c1b9dbbc2d (patch) | |
| tree | fce5a98c35581049b3b327ce628318a4320fb331 | |
| parent | bb0b0eb8246bf54ee57ef2a2a8cf62614f985949 (diff) | |
| download | gitblit-5fd9d9ef7955bda0129f6e971626c4c1b9dbbc2d.tar.gz gitblit-5fd9d9ef7955bda0129f6e971626c4c1b9dbbc2d.zip | |
deps: Update various dependencies that had known CVEs
| -rw-r--r-- | .classpath | 19 | ||||
| -rw-r--r-- | build.moxie | 12 | ||||
| -rw-r--r-- | gitblit.iml | 81 | ||||
| -rw-r--r-- | releases.moxie | 10 |
4 files changed, 57 insertions, 65 deletions
@@ -9,15 +9,14 @@ <classpathentry kind="lib" path="ext/guice-5.1.0.jar" sourcepath="ext/src/guice-5.1.0.jar" /> <classpathentry kind="lib" path="ext/javax.inject-1.jar" sourcepath="ext/src/javax.inject-1.jar" /> <classpathentry kind="lib" path="ext/aopalliance-1.0.jar" sourcepath="ext/src/aopalliance-1.0.jar" /> - <classpathentry kind="lib" path="ext/guava-27.0.1-jre.jar" sourcepath="ext/src/guava-27.0.1-jre.jar" /> + <classpathentry kind="lib" path="ext/guava-31.1-jre.jar" sourcepath="ext/src/guava-31.1-jre.jar" /> <classpathentry kind="lib" path="ext/failureaccess-1.0.1.jar" sourcepath="ext/src/failureaccess-1.0.1.jar" /> <classpathentry kind="lib" path="ext/listenablefuture-9999.0-empty-to-avoid-conflict-with-guava.jar" /> <classpathentry kind="lib" path="ext/jsr305-3.0.2.jar" sourcepath="ext/src/jsr305-3.0.2.jar" /> - <classpathentry kind="lib" path="ext/checker-qual-2.5.2.jar" sourcepath="ext/src/checker-qual-2.5.2.jar" /> - <classpathentry kind="lib" path="ext/error_prone_annotations-2.2.0.jar" sourcepath="ext/src/error_prone_annotations-2.2.0.jar" /> - <classpathentry kind="lib" path="ext/j2objc-annotations-1.1.jar" sourcepath="ext/src/j2objc-annotations-1.1.jar" /> + <classpathentry kind="lib" path="ext/checker-qual-3.12.0.jar" sourcepath="ext/src/checker-qual-3.12.0.jar" /> + <classpathentry kind="lib" path="ext/error_prone_annotations-2.11.0.jar" sourcepath="ext/src/error_prone_annotations-2.11.0.jar" /> + <classpathentry kind="lib" path="ext/j2objc-annotations-1.3.jar" sourcepath="ext/src/j2objc-annotations-1.3.jar" /> <classpathentry kind="lib" path="ext/guice-servlet-5.1.0-gb2.jar" sourcepath="ext/src/guice-servlet-5.1.0-gb2.jar" /> - <classpathentry kind="lib" path="ext/animal-sniffer-annotations-1.17.jar" sourcepath="ext/src/animal-sniffer-annotations-1.17.jar" /> <classpathentry kind="lib" path="ext/annotations-12.0.jar" sourcepath="ext/src/annotations-12.0.jar" /> <classpathentry kind="lib" path="ext/log4j-1.2.17.jar" sourcepath="ext/src/log4j-1.2.17.jar" /> <classpathentry kind="lib" path="ext/slf4j-api-1.7.29.jar" sourcepath="ext/src/slf4j-api-1.7.29.jar" /> @@ -76,14 +75,13 @@ <classpathentry kind="lib" path="ext/mina-core-2.0.21.jar" sourcepath="ext/src/mina-core-2.0.21.jar" /> <classpathentry kind="lib" path="ext/rome-0.9.jar" sourcepath="ext/src/rome-0.9.jar" /> <classpathentry kind="lib" path="ext/jdom-1.0.jar" sourcepath="ext/src/jdom-1.0.jar" /> - <classpathentry kind="lib" path="ext/gson-2.8.2.jar" sourcepath="ext/src/gson-2.8.2.jar" /> + <classpathentry kind="lib" path="ext/gson-2.10.jar" sourcepath="ext/src/gson-2.10.jar" /> <classpathentry kind="lib" path="ext/groovy-all-2.4.4.jar" sourcepath="ext/src/groovy-all-2.4.4.jar" /> <classpathentry kind="lib" path="ext/unboundid-ldapsdk-2.3.8.jar" sourcepath="ext/src/unboundid-ldapsdk-2.3.8.jar" /> <classpathentry kind="lib" path="ext/ivy-2.2.0.jar" sourcepath="ext/src/ivy-2.2.0.jar" /> <classpathentry kind="lib" path="ext/jcalendar-1.3.2.jar" /> - <classpathentry kind="lib" path="ext/commons-compress-1.15.jar" sourcepath="ext/src/commons-compress-1.15.jar" /> - <classpathentry kind="lib" path="ext/objenesis-2.6.jar" sourcepath="ext/src/objenesis-2.6.jar" /> - <classpathentry kind="lib" path="ext/commons-io-2.2.jar" sourcepath="ext/src/commons-io-2.2.jar" /> + <classpathentry kind="lib" path="ext/commons-compress-1.22.jar" sourcepath="ext/src/commons-compress-1.22.jar" /> + <classpathentry kind="lib" path="ext/commons-io-2.11.0.jar" sourcepath="ext/src/commons-io-2.11.0.jar" /> <classpathentry kind="lib" path="ext/force-partner-api-24.0.0.jar" sourcepath="ext/src/force-partner-api-24.0.0.jar" /> <classpathentry kind="lib" path="ext/force-wsc-24.0.0.jar" sourcepath="ext/src/force-wsc-24.0.0.jar" /> <classpathentry kind="lib" path="ext/js-1.7R2.jar" sourcepath="ext/src/js-1.7R2.jar" /> @@ -91,7 +89,7 @@ <classpathentry kind="lib" path="ext/waffle-jna-1.7.3.jar" sourcepath="ext/src/waffle-jna-1.7.3.jar" /> <classpathentry kind="lib" path="ext/jna-4.1.0.jar" sourcepath="ext/src/jna-4.1.0.jar" /> <classpathentry kind="lib" path="ext/jna-platform-4.1.0.jar" sourcepath="ext/src/jna-platform-4.1.0.jar" /> - <classpathentry kind="lib" path="ext/libpam4j-1.8.jar" sourcepath="ext/src/libpam4j-1.8.jar" /> + <classpathentry kind="lib" path="ext/libpam4j-1.11.jar" sourcepath="ext/src/libpam4j-1.11.jar" /> <classpathentry kind="lib" path="ext/args4j-2.0.29.jar" sourcepath="ext/src/args4j-2.0.29.jar" /> <classpathentry kind="lib" path="ext/jedis-2.6.2.jar" sourcepath="ext/src/jedis-2.6.2.jar" /> <classpathentry kind="lib" path="ext/commons-pool2-2.0.jar" sourcepath="ext/src/commons-pool2-2.0.jar" /> @@ -113,6 +111,7 @@ <classpathentry kind="lib" path="ext/mockito-core-2.28.2.jar" sourcepath="ext/src/mockito-core-2.28.2.jar" /> <classpathentry kind="lib" path="ext/byte-buddy-1.9.10.jar" sourcepath="ext/src/byte-buddy-1.9.10.jar" /> <classpathentry kind="lib" path="ext/byte-buddy-agent-1.9.10.jar" sourcepath="ext/src/byte-buddy-agent-1.9.10.jar" /> + <classpathentry kind="lib" path="ext/objenesis-2.6.jar" sourcepath="ext/src/objenesis-2.6.jar" /> <classpathentry kind="con" path="org.eclipse.jdt.launching.JRE_CONTAINER" /> <classpathentry kind="src" path="src/main/dagger"> <attributes> diff --git a/build.moxie b/build.moxie index 0631391d..346e5788 100644 --- a/build.moxie +++ b/build.moxie @@ -119,7 +119,7 @@ properties: { guice.version : 5.1.0 # Gitblit maintains a fork of guice-servlet guice-servlet.version : 5.1.0-gb2 - } +} # Dependencies # @@ -135,7 +135,7 @@ properties: { dependencies: - compile 'com.google.inject:guice:${guice.version}' :war :fedclient - compile 'com.google.inject.extensions:guice-servlet:${guice-servlet.version}' :war -- compile 'com.google.guava:guava:27.0.1-jre' :war :fedclient +- compile 'com.google.guava:guava:31.1-jre' :war :fedclient - compile 'com.intellij:annotations:12.0' :war - compile 'log4j:log4j:1.2.17' :war :fedclient :manager - compile 'org.slf4j:slf4j-api:${slf4j.version}' :war :fedclient :manager @@ -175,17 +175,17 @@ dependencies: - compile 'org.apache.sshd:sshd-core:${sshd.version}' :war !org.easymock - compile 'org.apache.mina:mina-core:${mina.version}' :war !org.easymock - compile 'rome:rome:0.9' :war :manager :api -- compile 'com.google.code.gson:gson:2.8.2' :war :fedclient :manager :api +- compile 'com.google.code.gson:gson:2.10' :war :fedclient :manager :api - compile 'org.codehaus.groovy:groovy-all:${groovy.version}' :war - compile 'com.unboundid:unboundid-ldapsdk:2.3.8' :war - compile 'org.apache.ivy:ivy:2.2.0' :war - compile 'com.toedter:jcalendar:1.3.2' :authority -- compile 'org.apache.commons:commons-compress:1.15' :war -- compile 'commons-io:commons-io:2.2' :war +- compile 'org.apache.commons:commons-compress:1.22' :war +- compile 'commons-io:commons-io:2.11.0' :war - compile 'com.force.api:force-partner-api:24.0.0' :war - compile 'org.freemarker:freemarker:2.3.22' :war - compile 'com.github.dblock.waffle:waffle-jna:1.7.3' :war -- compile 'org.kohsuke:libpam4j:1.8' :war +- compile 'org.kohsuke:libpam4j:1.11' :war - compile 'args4j:args4j:2.0.29' :war :fedclient - compile 'commons-codec:commons-codec:1.9' :war - compile 'redis.clients:jedis:2.6.2' :war diff --git a/gitblit.iml b/gitblit.iml index 49b2dedd..4f83701c 100644 --- a/gitblit.iml +++ b/gitblit.iml @@ -48,13 +48,13 @@ </library> </orderEntry> <orderEntry type="module-library"> - <library name="guava-27.0.1-jre.jar"> + <library name="guava-31.1-jre.jar"> <CLASSES> - <root url="jar://$MODULE_DIR$/ext/guava-27.0.1-jre.jar!/" /> + <root url="jar://$MODULE_DIR$/ext/guava-31.1-jre.jar!/" /> </CLASSES> <JAVADOC /> <SOURCES> - <root url="jar://$MODULE_DIR$/ext/src/guava-27.0.1-jre.jar!/" /> + <root url="jar://$MODULE_DIR$/ext/src/guava-31.1-jre.jar!/" /> </SOURCES> </library> </orderEntry> @@ -90,35 +90,35 @@ </library> </orderEntry> <orderEntry type="module-library"> - <library name="checker-qual-2.5.2.jar"> + <library name="checker-qual-3.12.0.jar"> <CLASSES> - <root url="jar://$MODULE_DIR$/ext/checker-qual-2.5.2.jar!/" /> + <root url="jar://$MODULE_DIR$/ext/checker-qual-3.12.0.jar!/" /> </CLASSES> <JAVADOC /> <SOURCES> - <root url="jar://$MODULE_DIR$/ext/src/checker-qual-2.5.2.jar!/" /> + <root url="jar://$MODULE_DIR$/ext/src/checker-qual-3.12.0.jar!/" /> </SOURCES> </library> </orderEntry> <orderEntry type="module-library"> - <library name="error_prone_annotations-2.2.0.jar"> + <library name="error_prone_annotations-2.11.0.jar"> <CLASSES> - <root url="jar://$MODULE_DIR$/ext/error_prone_annotations-2.2.0.jar!/" /> + <root url="jar://$MODULE_DIR$/ext/error_prone_annotations-2.11.0.jar!/" /> </CLASSES> <JAVADOC /> <SOURCES> - <root url="jar://$MODULE_DIR$/ext/src/error_prone_annotations-2.2.0.jar!/" /> + <root url="jar://$MODULE_DIR$/ext/src/error_prone_annotations-2.11.0.jar!/" /> </SOURCES> </library> </orderEntry> <orderEntry type="module-library"> - <library name="j2objc-annotations-1.1.jar"> + <library name="j2objc-annotations-1.3.jar"> <CLASSES> - <root url="jar://$MODULE_DIR$/ext/j2objc-annotations-1.1.jar!/" /> + <root url="jar://$MODULE_DIR$/ext/j2objc-annotations-1.3.jar!/" /> </CLASSES> <JAVADOC /> <SOURCES> - <root url="jar://$MODULE_DIR$/ext/src/j2objc-annotations-1.1.jar!/" /> + <root url="jar://$MODULE_DIR$/ext/src/j2objc-annotations-1.3.jar!/" /> </SOURCES> </library> </orderEntry> @@ -134,17 +134,6 @@ </library> </orderEntry> <orderEntry type="module-library"> - <library name="animal-sniffer-annotations-1.17.jar"> - <CLASSES> - <root url="jar://$MODULE_DIR$/ext/animal-sniffer-annotations-1.17.jar!/" /> - </CLASSES> - <JAVADOC /> - <SOURCES> - <root url="jar://$MODULE_DIR$/ext/src/animal-sniffer-annotations-1.17.jar!/" /> - </SOURCES> - </library> - </orderEntry> - <orderEntry type="module-library"> <library name="annotations-12.0.jar"> <CLASSES> <root url="jar://$MODULE_DIR$/ext/annotations-12.0.jar!/" /> @@ -781,13 +770,13 @@ </library> </orderEntry> <orderEntry type="module-library"> - <library name="gson-2.8.2.jar"> + <library name="gson-2.10.jar"> <CLASSES> - <root url="jar://$MODULE_DIR$/ext/gson-2.8.2.jar!/" /> + <root url="jar://$MODULE_DIR$/ext/gson-2.10.jar!/" /> </CLASSES> <JAVADOC /> <SOURCES> - <root url="jar://$MODULE_DIR$/ext/src/gson-2.8.2.jar!/" /> + <root url="jar://$MODULE_DIR$/ext/src/gson-2.10.jar!/" /> </SOURCES> </library> </orderEntry> @@ -834,35 +823,24 @@ </library> </orderEntry> <orderEntry type="module-library"> - <library name="commons-compress-1.15.jar"> - <CLASSES> - <root url="jar://$MODULE_DIR$/ext/commons-compress-1.15.jar!/" /> - </CLASSES> - <JAVADOC /> - <SOURCES> - <root url="jar://$MODULE_DIR$/ext/src/commons-compress-1.15.jar!/" /> - </SOURCES> - </library> - </orderEntry> - <orderEntry type="module-library"> - <library name="objenesis-2.6.jar"> + <library name="commons-compress-1.22.jar"> <CLASSES> - <root url="jar://$MODULE_DIR$/ext/objenesis-2.6.jar!/" /> + <root url="jar://$MODULE_DIR$/ext/commons-compress-1.22.jar!/" /> </CLASSES> <JAVADOC /> <SOURCES> - <root url="jar://$MODULE_DIR$/ext/src/objenesis-2.6.jar!/" /> + <root url="jar://$MODULE_DIR$/ext/src/commons-compress-1.22.jar!/" /> </SOURCES> </library> </orderEntry> <orderEntry type="module-library"> - <library name="commons-io-2.2.jar"> + <library name="commons-io-2.11.0.jar"> <CLASSES> - <root url="jar://$MODULE_DIR$/ext/commons-io-2.2.jar!/" /> + <root url="jar://$MODULE_DIR$/ext/commons-io-2.11.0.jar!/" /> </CLASSES> <JAVADOC /> <SOURCES> - <root url="jar://$MODULE_DIR$/ext/src/commons-io-2.2.jar!/" /> + <root url="jar://$MODULE_DIR$/ext/src/commons-io-2.11.0.jar!/" /> </SOURCES> </library> </orderEntry> @@ -944,13 +922,13 @@ </library> </orderEntry> <orderEntry type="module-library"> - <library name="libpam4j-1.8.jar"> + <library name="libpam4j-1.11.jar"> <CLASSES> - <root url="jar://$MODULE_DIR$/ext/libpam4j-1.8.jar!/" /> + <root url="jar://$MODULE_DIR$/ext/libpam4j-1.11.jar!/" /> </CLASSES> <JAVADOC /> <SOURCES> - <root url="jar://$MODULE_DIR$/ext/src/libpam4j-1.8.jar!/" /> + <root url="jar://$MODULE_DIR$/ext/src/libpam4j-1.11.jar!/" /> </SOURCES> </library> </orderEntry> @@ -1185,6 +1163,17 @@ </SOURCES> </library> </orderEntry> + <orderEntry type="module-library" scope="TEST"> + <library name="objenesis-2.6.jar"> + <CLASSES> + <root url="jar://$MODULE_DIR$/ext/objenesis-2.6.jar!/" /> + </CLASSES> + <JAVADOC /> + <SOURCES> + <root url="jar://$MODULE_DIR$/ext/src/objenesis-2.6.jar!/" /> + </SOURCES> + </library> + </orderEntry> <orderEntry type="inheritedJdk" /> </component> </module> diff --git a/releases.moxie b/releases.moxie index 35e4cce4..05ac21e8 100644 --- a/releases.moxie +++ b/releases.moxie @@ -6,7 +6,7 @@ r34: { id: ${project.version} date: ${project.buildDate} note: '' - From 1.10.0 on Gitblit requires Java 8 as minimun Java version. + From 1.10.0 on Gitblit requires Java 8 as minimum Java version. '' html: ~ text: ~ @@ -18,8 +18,12 @@ r34: { additions: ~ dependencyChanges: - update to JavaMail 1.5.6 (pr-1217 by @paladox) - - update Google Guice to 5.1.0 - - update Google Guava to 27.0.1-jre + - update to Google Guice 5.1.0 + - update to Google Guava 31.1-jre + - update to Google Gson 2.10 + - update to Apache commons-io 2.11.0 + - update to Apache commons-compress 1.22 + - update to libpam4j 1.11 contributors: - paladox } |