<systemProperty>archiva.cassandra.configuration.file=%ARCHIVA_BASE%/conf/archiva-cassandra.properties</systemProperty> | <systemProperty>archiva.cassandra.configuration.file=%ARCHIVA_BASE%/conf/archiva-cassandra.properties</systemProperty> | ||||
<systemProperty>org.apache.jackrabbit.core.state.validatehierarchy=true</systemProperty> | <systemProperty>org.apache.jackrabbit.core.state.validatehierarchy=true</systemProperty> | ||||
</systemProperties> | </systemProperties> | ||||
<extraArguments> | |||||
<extraArgument>-XX:MaxPermSize=128m</extraArgument> | |||||
</extraArguments> | |||||
<initialMemorySize>512</initialMemorySize> | <initialMemorySize>512</initialMemorySize> | ||||
<maxMemorySize>512</maxMemorySize> | <maxMemorySize>512</maxMemorySize> | ||||
</jvmSettings> | </jvmSettings> | ||||
<finalName>apache-archiva-${project.version}</finalName> | <finalName>apache-archiva-${project.version}</finalName> | ||||
</configuration> | </configuration> | ||||
</plugin> | </plugin> | ||||
</plugins> | </plugins> | ||||
<pluginManagement> | <pluginManagement> | ||||
<plugins> | <plugins> |
<artifactId>maven-surefire-plugin</artifactId> | <artifactId>maven-surefire-plugin</artifactId> | ||||
<configuration> | <configuration> | ||||
<reuseForks>false</reuseForks> | <reuseForks>false</reuseForks> | ||||
<!-- | |||||
<argLine>-Xms1024m -Xmx2048m -server -XX:MaxPermSize=256m @{jacocoproperty}</argLine> | |||||
--> | |||||
<argLine>-Xms512m -Xmx1024m -server -XX:MaxPermSize=256m</argLine> | |||||
<argLine>-Xms512m -Xmx1024m -server</argLine> | |||||
<systemPropertyVariables> | <systemPropertyVariables> | ||||
<appserver.base>${project.build.directory}/appserver-base</appserver.base> | <appserver.base>${project.build.directory}/appserver-base</appserver.base> | ||||
<plexus.home>${project.build.directory}/appserver-base</plexus.home> | <plexus.home>${project.build.directory}/appserver-base</plexus.home> |
<artifactId>maven-surefire-plugin</artifactId> | <artifactId>maven-surefire-plugin</artifactId> | ||||
<configuration> | <configuration> | ||||
<reuseForks>false</reuseForks> | <reuseForks>false</reuseForks> | ||||
<!-- | |||||
<argLine>-Xms1024m -Xmx2048m -server -XX:MaxPermSize=256m @{jacocoproperty}</argLine> | |||||
--> | |||||
<argLine>-Xms1024m -Xmx2048m -server -XX:MaxPermSize=256m</argLine> | |||||
<argLine>-Xms1024m -Xmx2048m -server</argLine> | |||||
<systemPropertyVariables> | <systemPropertyVariables> | ||||
<appserver.base>${project.build.directory}/appserver-base</appserver.base> | <appserver.base>${project.build.directory}/appserver-base</appserver.base> | ||||
<plexus.home>${project.build.directory}/appserver-base</plexus.home> | <plexus.home>${project.build.directory}/appserver-base</plexus.home> |
<exclude>src/test/repositories/test-repo/**</exclude> | <exclude>src/test/repositories/test-repo/**</exclude> | ||||
<exclude>src/main/resources/META-INF/services/*</exclude> | <exclude>src/main/resources/META-INF/services/*</exclude> | ||||
<exclude>src/main/resources/META-INF/cxf/*</exclude> | <exclude>src/main/resources/META-INF/cxf/*</exclude> | ||||
<exclude>src/main/resources/META-INF/owasp/cve-suppressions.xml</exclude> | |||||
</excludes> | </excludes> | ||||
</configuration> | </configuration> | ||||
</plugin> | </plugin> | ||||
</configuration> | </configuration> | ||||
</plugin> | </plugin> | ||||
<plugin> | |||||
<groupId>org.owasp</groupId> | |||||
<artifactId>dependency-check-maven</artifactId> | |||||
<version>5.3.2</version> | |||||
<configuration> | |||||
<skipProvidedScope>true</skipProvidedScope> | |||||
<failBuildOnCVSS>8</failBuildOnCVSS> | |||||
<suppressionFile>${project.basedir}/src/main/resources/META-INF/owasp/cve-suppressions.xml</suppressionFile> | |||||
</configuration> | |||||
<executions> | |||||
<execution> | |||||
<goals> | |||||
<goal>check</goal> | |||||
</goals> | |||||
</execution> | |||||
</executions> | |||||
</plugin> | |||||
</plugins> | </plugins> | ||||
</build> | </build> | ||||
<?xml version="1.0" encoding="UTF-8"?> | |||||
<suppressions xmlns="https://jeremylong.github.io/DependencyCheck/dependency-suppression.1.3.xsd"> | |||||
<suppress until="2020-09-01Z"> | |||||
<notes><![CDATA[ | |||||
file name: jackson-mapper-asl-1.9.2.jar is a dependency of cassandra - Waiting for update of cassandra | |||||
]]></notes> | |||||
<packageUrl regex="true">^pkg:maven/org\.codehaus\.jackson/jackson\-mapper\-asl@.*$</packageUrl> | |||||
<cpe>cpe:/a:fasterxml:jackson-mapper-asl</cpe> | |||||
<cpe>cpe:/a:fasterxml:jackson</cpe> | |||||
<vulnerabilityName>CVE-2017-15095</vulnerabilityName> | |||||
<vulnerabilityName>CVE-2017-7525</vulnerabilityName> | |||||
<vulnerabilityName>CVE-2017-17485</vulnerabilityName> | |||||
<vulnerabilityName>CVE-2018-5968</vulnerabilityName> | |||||
<vulnerabilityName>CVE-2018-14718</vulnerabilityName> | |||||
<vulnerabilityName>CVE-2018-7489</vulnerabilityName> | |||||
<vulnerabilityName>CVE-2018-1000873</vulnerabilityName> | |||||
<vulnerabilityName>CVE-2019-14540</vulnerabilityName> | |||||
<vulnerabilityName>CVE-2019-14893</vulnerabilityName> | |||||
<vulnerabilityName>CVE-2019-16335</vulnerabilityName> | |||||
<vulnerabilityName>CVE-2019-17267</vulnerabilityName> | |||||
<vulnerabilityName>CVE-2020-10672</vulnerabilityName> | |||||
<vulnerabilityName>CVE-2020-10673</vulnerabilityName> | |||||
</suppress> | |||||
<suppress> | |||||
<notes><![CDATA[ | |||||
False positive for oak-jcr packages | |||||
]]></notes> | |||||
<packageUrl regex="true">^pkg:maven/org\.apache\.jackrabbit/oak\-.*@.*$</packageUrl> | |||||
<cpe>cpe:/a:apache:jackrabbit</cpe> | |||||
</suppress> | |||||
<suppress> | |||||
<notes><![CDATA[ | |||||
False positive for oak-segment-tar-1.30.0.jar: netty-transport-4.1.14.Final.jar | |||||
Updated netty to higher version | |||||
]]></notes> | |||||
<packageUrl regex="true">^pkg:maven/io\.netty/netty\-transport@.*$</packageUrl> | |||||
<cpe>cpe:/a:netty:netty</cpe> | |||||
<vulnerabilityName>CVE-2020-11612</vulnerabilityName> | |||||
<vulnerabilityName>CVE-2019-20445</vulnerabilityName> | |||||
<vulnerabilityName>CVE-2019-20444</vulnerabilityName> | |||||
</suppress> | |||||
<suppress> | |||||
<notes><![CDATA[ | |||||
False positive for oak-segment-tar-1.30.0.jar: netty-transport-4.1.14.Final.jar | |||||
Updated netty to higher version | |||||
]]></notes> | |||||
<packageUrl regex="true">^.*oak-segment-tar.*$</packageUrl> | |||||
<cpe>cpe:/a:netty:netty</cpe> | |||||
<vulnerabilityName>CVE-2020-11612</vulnerabilityName> | |||||
<vulnerabilityName>CVE-2019-20445</vulnerabilityName> | |||||
<vulnerabilityName>CVE-2019-20444</vulnerabilityName> | |||||
</suppress> | |||||
<suppress> | |||||
<notes><![CDATA[ | |||||
file name: oak-segment-tar-1.30.0.jar: netty-codec-4.1.14.Final.jar | |||||
]]></notes> | |||||
<packageUrl regex="true">^pkg:maven/io\.netty/netty\-.*@.*$</packageUrl> | |||||
<cpe>cpe:/a:netty:netty</cpe> | |||||
<vulnerabilityName>CVE-2020-11612</vulnerabilityName> | |||||
<vulnerabilityName>CVE-2019-20445</vulnerabilityName> | |||||
<vulnerabilityName>CVE-2019-20444</vulnerabilityName> | |||||
</suppress> | |||||
</suppressions> |
<properties> | <properties> | ||||
<site.staging.base>${project.parent.parent.basedir}</site.staging.base> | <site.staging.base>${project.parent.parent.basedir}</site.staging.base> | ||||
<cassandraVersion>3.11.2</cassandraVersion> | |||||
<cassandraVersion>3.11.6</cassandraVersion> | |||||
</properties> | </properties> | ||||
<dependencies> | <dependencies> | ||||
<groupId>org.jboss.logging</groupId> | <groupId>org.jboss.logging</groupId> | ||||
<artifactId>jboss-logging</artifactId> | <artifactId>jboss-logging</artifactId> | ||||
</exclusion> | </exclusion> | ||||
</exclusions> | </exclusions> | ||||
</dependency> | </dependency> | ||||
</exclusion> | </exclusion> | ||||
</exclusions> | </exclusions> | ||||
</dependency> | </dependency> | ||||
<dependency> | <dependency> | ||||
<groupId>org.apache.cassandra</groupId> | <groupId>org.apache.cassandra</groupId> | ||||
<artifactId>cassandra-thrift</artifactId> | <artifactId>cassandra-thrift</artifactId> | ||||
<version>3.11.2</version> | |||||
<version>${cassandraVersion}</version> | |||||
<exclusions> | <exclusions> | ||||
<exclusion> | <exclusion> | ||||
<groupId>javax.servlet</groupId> | <groupId>javax.servlet</groupId> | ||||
<artifactId>servlet-api</artifactId> | <artifactId>servlet-api</artifactId> | ||||
</exclusion> | </exclusion> | ||||
<exclusion> | |||||
<groupId>org.apache.ant</groupId> | |||||
<artifactId>ant</artifactId> | |||||
</exclusion> | |||||
</exclusions> | </exclusions> | ||||
</dependency> | </dependency> | ||||
<dependency> | |||||
<groupId>org.apache.thrift</groupId> | |||||
<artifactId>libthrift</artifactId> | |||||
<version>0.13.0</version> | |||||
</dependency> | |||||
<!-- | |||||
<dependency> | |||||
<groupId>org.codehaus.jackson</groupId> | |||||
<artifactId>jackson-core-asl</artifactId> | |||||
<version>1.9.13</version> | |||||
</dependency> | |||||
<dependency> | |||||
<groupId>org.codehaus.jackson</groupId> | |||||
<artifactId>jackson-mapper-asl</artifactId> | |||||
<version>1.9.13</version> | |||||
</dependency> | |||||
--> | |||||
<!-- Transitive dependency. Declared here to increase the version. --> | |||||
<dependency> | |||||
<groupId>io.netty</groupId> | |||||
<artifactId>netty-all</artifactId> | |||||
<version>${netty.version}</version> | |||||
</dependency> | |||||
<!-- Is a dependency of cassandra -> hibernate-validator and replaced by new version --> | <!-- Is a dependency of cassandra -> hibernate-validator and replaced by new version --> | ||||
<dependency> | <dependency> | ||||
<groupId>org.jboss.logging</groupId> | <groupId>org.jboss.logging</groupId> | ||||
<artifactId>jboss-logging</artifactId> | <artifactId>jboss-logging</artifactId> | ||||
</dependency> | </dependency> | ||||
<!-- Dependency of cassandra -> replacing by new version --> | |||||
<dependency> | |||||
<groupId>org.hibernate</groupId> | |||||
<artifactId>hibernate-validator</artifactId> | |||||
<version>4.3.2.Final</version> | |||||
</dependency> | |||||
<!-- TEST Scope --> | <!-- TEST Scope --> | ||||
</dependencies> | </dependencies> | ||||
<build> | <build> | ||||
<testResources> | <testResources> | ||||
<testResource> | <testResource> |
<dependency> | <dependency> | ||||
<groupId>org.apache.jackrabbit</groupId> | <groupId>org.apache.jackrabbit</groupId> | ||||
<artifactId>oak-segment-tar</artifactId> | <artifactId>oak-segment-tar</artifactId> | ||||
<exclusions> | |||||
<exclusion> | |||||
<groupId>io.netty</groupId> | |||||
<artifactId>netty-transport</artifactId> | |||||
</exclusion> | |||||
<exclusion> | |||||
<groupId>io.netty</groupId> | |||||
<artifactId>netty-resolver</artifactId> | |||||
</exclusion> | |||||
<exclusion> | |||||
<groupId>io.netty</groupId> | |||||
<artifactId>netty-handler</artifactId> | |||||
</exclusion> | |||||
<exclusion> | |||||
<groupId>io.netty</groupId> | |||||
<artifactId>netty-common</artifactId> | |||||
</exclusion> | |||||
<exclusion> | |||||
<groupId>io.netty</groupId> | |||||
<artifactId>netty-codec</artifactId> | |||||
</exclusion> | |||||
<exclusion> | |||||
<groupId>io.netty</groupId> | |||||
<artifactId>netty-buffer</artifactId> | |||||
</exclusion> | |||||
</exclusions> | |||||
</dependency> | </dependency> | ||||
<dependency> | <dependency> | ||||
<groupId>org.apache.jackrabbit</groupId> | <groupId>org.apache.jackrabbit</groupId> | ||||
<groupId>org.apache.jackrabbit</groupId> | <groupId>org.apache.jackrabbit</groupId> | ||||
<artifactId>oak-core</artifactId> | <artifactId>oak-core</artifactId> | ||||
</dependency> | </dependency> | ||||
<!-- netty is a transitive dependencies of oak-segment-tar | |||||
increasing version --> | |||||
<dependency> | |||||
<groupId>io.netty</groupId> | |||||
<artifactId>netty-transport</artifactId> | |||||
</dependency> | |||||
<dependency> | |||||
<groupId>io.netty</groupId> | |||||
<artifactId>netty-resolver</artifactId> | |||||
</dependency> | |||||
<dependency> | |||||
<groupId>io.netty</groupId> | |||||
<artifactId>netty-handler</artifactId> | |||||
</dependency> | |||||
<dependency> | |||||
<groupId>io.netty</groupId> | |||||
<artifactId>netty-common</artifactId> | |||||
</dependency> | |||||
<dependency> | |||||
<groupId>io.netty</groupId> | |||||
<artifactId>netty-codec</artifactId> | |||||
</dependency> | |||||
<dependency> | |||||
<groupId>io.netty</groupId> | |||||
<artifactId>netty-buffer</artifactId> | |||||
</dependency> | |||||
<dependency> | <dependency> | ||||
<groupId>javax.inject</groupId> | <groupId>javax.inject</groupId> |
import org.apache.jackrabbit.oak.plugins.index.lucene.hybrid.NRTIndexFactory; | import org.apache.jackrabbit.oak.plugins.index.lucene.hybrid.NRTIndexFactory; | ||||
import org.apache.jackrabbit.oak.plugins.index.lucene.property.PropertyIndexCleaner; | import org.apache.jackrabbit.oak.plugins.index.lucene.property.PropertyIndexCleaner; | ||||
import org.apache.jackrabbit.oak.plugins.index.lucene.reader.DefaultIndexReaderFactory; | import org.apache.jackrabbit.oak.plugins.index.lucene.reader.DefaultIndexReaderFactory; | ||||
import org.apache.jackrabbit.oak.plugins.index.lucene.score.ScorerProviderFactory; | |||||
import org.apache.jackrabbit.oak.plugins.index.lucene.score.impl.ScorerProviderFactoryImpl; | |||||
import org.apache.jackrabbit.oak.plugins.index.lucene.util.IndexDefinitionBuilder; | import org.apache.jackrabbit.oak.plugins.index.lucene.util.IndexDefinitionBuilder; | ||||
import org.apache.jackrabbit.oak.plugins.index.search.ExtractedTextCache; | import org.apache.jackrabbit.oak.plugins.index.search.ExtractedTextCache; | ||||
import org.apache.jackrabbit.oak.plugins.index.search.FulltextIndexConstants; | import org.apache.jackrabbit.oak.plugins.index.search.FulltextIndexConstants; | ||||
private LuceneIndexProvider indexProvider; | private LuceneIndexProvider indexProvider; | ||||
private ScorerProviderFactory scorerFactory = new ScorerProviderFactoryImpl( ); | |||||
private IndexAugmentorFactory augmentorFactory = new IndexAugmentorFactory( ); | private IndexAugmentorFactory augmentorFactory = new IndexAugmentorFactory( ); | ||||
private ActiveDeletedBlobCollectorFactory.ActiveDeletedBlobCollector activeDeletedBlobCollector = ActiveDeletedBlobCollectorFactory.NOOP; | private ActiveDeletedBlobCollectorFactory.ActiveDeletedBlobCollector activeDeletedBlobCollector = ActiveDeletedBlobCollectorFactory.NOOP; | ||||
tracker = createTracker(); | tracker = createTracker(); | ||||
indexProvider = new LuceneIndexProvider(tracker, scorerFactory, augmentorFactory); | |||||
indexProvider = new LuceneIndexProvider(tracker, augmentorFactory); | |||||
initialize(); | initialize(); | ||||
registerObserver(); | registerObserver(); |
</reportSets> | </reportSets> | ||||
</plugin> | </plugin> | ||||
</plugins> | </plugins> | ||||
</reporting> | </reporting> | ||||
<javax.jcr.version>2.0</javax.jcr.version> | <javax.jcr.version>2.0</javax.jcr.version> | ||||
<!-- If you change the JCR OAK version, you may have to update the pom.xml in the module oak-jcr-lucene | <!-- If you change the JCR OAK version, you may have to update the pom.xml in the module oak-jcr-lucene | ||||
to adapt to dependency changes --> | to adapt to dependency changes --> | ||||
<jcr-oak.version>1.22.3</jcr-oak.version> | |||||
<jcr-oak.version>1.30.0</jcr-oak.version> | |||||
<netty.version>4.1.50.Final</netty.version> | |||||
<!-- Jackrabbit classes are still used for webdav --> | <!-- Jackrabbit classes are still used for webdav --> | ||||
<groupId>org.apache.jackrabbit</groupId> | <groupId>org.apache.jackrabbit</groupId> | ||||
<artifactId>oak-segment-tar</artifactId> | <artifactId>oak-segment-tar</artifactId> | ||||
<version>${jcr-oak.version}</version> | <version>${jcr-oak.version}</version> | ||||
<exclusions> | |||||
<exclusion> | |||||
<groupId>io.netty</groupId> | |||||
<artifactId>netty-transport</artifactId> | |||||
</exclusion> | |||||
<exclusion> | |||||
<groupId>io.netty</groupId> | |||||
<artifactId>netty-resolver</artifactId> | |||||
</exclusion> | |||||
<exclusion> | |||||
<groupId>io.netty</groupId> | |||||
<artifactId>netty-handler</artifactId> | |||||
</exclusion> | |||||
<exclusion> | |||||
<groupId>io.netty</groupId> | |||||
<artifactId>netty-common</artifactId> | |||||
</exclusion> | |||||
<exclusion> | |||||
<groupId>io.netty</groupId> | |||||
<artifactId>netty-codec</artifactId> | |||||
</exclusion> | |||||
<exclusion> | |||||
<groupId>io.netty</groupId> | |||||
<artifactId>netty-buffer</artifactId> | |||||
</exclusion> | |||||
</exclusions> | |||||
</dependency> | |||||
<!-- netty is a transitive dependencies of oak-segment-tar | |||||
increasing version --> | |||||
<dependency> | |||||
<groupId>io.netty</groupId> | |||||
<artifactId>netty-transport</artifactId> | |||||
<version>${netty.version}</version> | |||||
</dependency> | |||||
<dependency> | |||||
<groupId>io.netty</groupId> | |||||
<artifactId>netty-resolver</artifactId> | |||||
<version>${netty.version}</version> | |||||
</dependency> | |||||
<dependency> | |||||
<groupId>io.netty</groupId> | |||||
<artifactId>netty-handler</artifactId> | |||||
<version>${netty.version}</version> | |||||
</dependency> | |||||
<dependency> | |||||
<groupId>io.netty</groupId> | |||||
<artifactId>netty-common</artifactId> | |||||
<version>${netty.version}</version> | |||||
</dependency> | |||||
<dependency> | |||||
<groupId>io.netty</groupId> | |||||
<artifactId>netty-codec</artifactId> | |||||
<version>${netty.version}</version> | |||||
</dependency> | |||||
<dependency> | |||||
<groupId>io.netty</groupId> | |||||
<artifactId>netty-buffer</artifactId> | |||||
<version>${netty.version}</version> | |||||
</dependency> | </dependency> | ||||
<dependency> | <dependency> | ||||
<groupId>org.apache.jackrabbit</groupId> | <groupId>org.apache.jackrabbit</groupId> | ||||
</dependency> | </dependency> | ||||
<!-- Transitive dependency - fixing version --> | |||||
<dependency> | |||||
<groupId>com.google.guava</groupId> | |||||
<artifactId>guava</artifactId> | |||||
<version>29.0-jre</version> | |||||
</dependency> | |||||
<dependency> | <dependency> | ||||
<groupId>org.xmlunit</groupId> | <groupId>org.xmlunit</groupId> | ||||
<artifactId>xmlunit-core</artifactId> | <artifactId>xmlunit-core</artifactId> | ||||
</execution> | </execution> | ||||
</executions> | </executions> | ||||
</plugin> | </plugin> | ||||
</plugins> | </plugins> | ||||
<pluginManagement> | <pluginManagement> | ||||
<plugins> | <plugins> |