Malena Ebert
a5ba90ff48
SONAR-13912 Add owasp_check_task to Cirrus CI.
3 years ago
Simon Brandhof
e59875122c
SONAR-13905 enable OWASP Dependency Check tool
3 years ago
Jeremy Davis
d7856168ba
SONAR-13914 SONAR-13928 analysis updates
3 years ago
Pierre
9468eff878
SONAR-13905 upgrade common-io version
3 years ago
Philippe Perrin
afa7ea94fa
SONAR-13914 Upgrade analyzers
3 years ago
Jeremy Davis
d3bc0ba74c
SONAR-13662
SONAR-13833
SONAR-13907
SONAR-13909
SONAR-13910
Upgrade analyzers
3 years ago
Simon Brandhof
4b3d914bf5
Upgrade Gradle plugins
3 years ago
Simon Brandhof
ad7d964270
SONAR-13905 upgrade Hazelcast from 3.12.7 to 3.12.9
to mitigate the vulnerabilities brought by the bundled
jackson-core dependency.
The release notes of 3.12.8 and 3.12.9 highlights only bug-fixes:
https://docs.hazelcast.org/docs/rn/index.html#3-12-9
3 years ago
Simon Brandhof
552f5bbe1d
SONAR-13905 upgrade Tomcat from 8.5.56 zo 8.5.58
The main reason is to fix potential vulnerabilities:
- CVE-2020-13934 https://cve.mitre.org/cgi-bin/cvename.cgi?name=2020-13934
- CVE-2020-13935 https://cve.mitre.org/cgi-bin/cvename.cgi?name=2020-13935
Release notes: http://tomcat.apache.org/tomcat-8.5-doc/changelog.html
3 years ago
Jacek
d94d9a9f4a
SONAR-13644 load bundled plugins from 'lib/extension' directory
3 years ago
Pierre Guillot
8d9c4602c5
update postgresql jdbc driver version
3 years ago
Jeremy Davis
b36c8c9a1a
SONAR-13833 Upgrade Java analyzer to 6.7.0.23054
3 years ago
Jeremy Davis
7bfa8e8ffc
SONAR-13829 Upgrade Python analyzer to 3.1.0.7619
3 years ago
Duarte Meneses
da15a52568
SONAR-13792 Embed sonar-scm-svn
3 years ago
Duarte Meneses
87bb21e6bb
SONAR-13792 Embed sonar-scm-git
3 years ago
Tibor Blenessy
de358ad58c
SONAR-13576 Remove sonar-typescript-plugin (#2920)
* SONAR-13576 Remove sonar-typescript-plugin
* Update sonar-javascript-plugin to 6.3.0.12464
3 years ago
Julien Lancelot
74b4533439
SONAR-13563 Update sonar-java to 6.5.1.22586
3 years ago
Julien Lancelot
21683403c0
SONAR-13563 Update sonar-java to 6.5.1.22584 and sonar-cobol to 4.5.1.4460
3 years ago
Julien Lancelot
4332ad2aef
SONAR-13563 Revert sonar-cobol-plugin to 4.4.0.3403
3 years ago
Duarte Meneses
43ca941541
SONAR-13495 Release and embed Git 1.12.0.2034 and SVN 1.10.0.1917 plugins
3 years ago
sns-seb
3376451d7a
SONAR-13563 Update analyzers to latest releases
3 years ago
Simon Brandhof
6b806ebf8e
Upgrade Jackson Dataformat dependencies to 2.10.4
4 years ago
Simon Brandhof
a6327e0ebb
Upgrade Hazelcast to 3.12.7
Bug-fixes listed in https://docs.hazelcast.org/docs/rn/index.html#3-12-7
4 years ago
Simon Brandhof
5ca7450823
Upgrade PostgreSQL driver to 42.2.14
Fixes potential vulnerability CVE-2020-13692
4 years ago
Simon Brandhof
1b68517f36
Upgrade jjwt to 0.11.2
4 years ago
Simon Brandhof
29fbfe91f4
Upgrade Tomcat to 8.5.56
The vulnerability https://cve.mitre.org/cgi-bin/cvename.cgi?name=2020-9484
is not exploitable but it generates a false-positive in SCA reports.
Upgrading kills the noise.
4 years ago
Simon Brandhof
f21a11a263
Upgrade commons-io to 2.7
Avoids vulnerability https://issues.apache.org/jira/browse/IO-556
4 years ago
sns-seb
2573f34567
SONAR-13496 Update sonar-javascript, sonar-python to latest release(s)
4 years ago
Wouter Admiraal
9c58e36328
SONAR-13340 Update sonar-csharp and sonar-vbnet to latest release
4 years ago
Wouter Admiraal
b9a07d9731
SONAR-13330 Update sonar-scm-git to latest release
4 years ago
Malena Ebert
8a8d20d901
SONAR-13329 Update sonar-cfamily-plugin latest release
4 years ago
Malena Ebert
21ed5de95d
SONAR-13326 Update sonar security plugins to latest release
4 years ago
Wouter Admiraal
ec3fd47e6c
SONAR-13325 Update sonar-jacoco to latest release
4 years ago
sns-seb
09efd91833
SONAR-13315 Update sonar-cfamily, sonar-csharp, sonar-vbnet, sonar-java, sonar-python to latest release(s)
4 years ago
Evgeny Mandrikov
302447df10
Upgrade Gradle to 6.3
4 years ago
Simon Brandhof
d88d0e1a3e
Fix the upgrade of the Gradle Artifactory plugin to 4.15.1
The configuration of private subprojects must be fixed
in order to correct set the properties like "build.name"
on private artifacts.
4 years ago
sns-seb
43f800cbf6
SONAR-13263 Upgrade plugins
4 years ago
Evgeny Mandrikov
3ff51cc358
Gradle scripts should use `plugins` block
It was de-incubated (promoted) in Gradle 5.0
and in particular it can't contain duplicate IDs.
4 years ago
Evgeny Mandrikov
ecb724151b
Replace Gradle plugin 'com.moowork.node' by 'com.github.node-gradle.node'
The latter one is actively maintained fork
of the not anymore maintained former.
In particular the former does not support Gradle 6.x.
4 years ago
Simon Brandhof
505bea6f4d
SONAR-13155 upgrade sonar-channel to 4.2
This project is no longer maintained. V4.2 is the latest, released
in 2014. It is probably similar to 4.1 and does not bring changes.
The reason is that this lib was a module of the sonarqube repository
at that time.
4 years ago
Simon Brandhof
471eec1dfa
SONAR-13155 upgrade Artifactory plugin to 4.15.1
Changelog contains mainly bug-fixes and preparation of Gradle 6 support
https://www.jfrog.com/jira/browse/GAP-305?jql=project%20%3D%20GAP%20AND%20fixVersion%20in%20(4.11.0%2C%204.12.0%2C%204.14.1%2C%204.15.0%2C%204.15.1)%20ORDER%20BY%20priority%20DESC%2C%20updated%20DESC
4 years ago
Simon Brandhof
ac71f9c2f0
SONAR-13155 add command to run yarn security audit
4 years ago
Simon Brandhof
eb1fc30c39
SONAR-13155 add a comment about lib diffutils
4 years ago
Simon Brandhof
58d6800b29
SONAR-13155 upgrade jackson-bind
4 years ago
Simon Brandhof
d8316b23db
SONAR-13155 add Gradle command to list all dependency trees
`./gradlew allDependencies` lists the trees of dependencies of
all subprojects. This is convenient when investigating the
impacts of a dependency upgrade.
4 years ago
Simon Brandhof
7af9ac7424
SONAR-13155 use the official Maven coordinates of Oracle driver
'com.oracle.jdbc:ojdbc8' was the coordinates of the artifact manually
deployed to SonarSource repository.
4 years ago
Simon Brandhof
979d9e55a0
SONAR-13155 upgrade Tomcat from 8.5.51 to 8.5.53
Bug-fixes listed in http://tomcat.apache.org/tomcat-8.5-doc/changelog.html
4 years ago
Simon Brandhof
c534b92bf9
SONAR-13155 upgrade testing dependencies
4 years ago
Simon Brandhof
c7857d32e1
SONAR-13155 upgrade OkHttp from 3.14.2 to 3.14.7
Bug-fixes listed in https://square.github.io/okhttp/changelog_3x/
4 years ago
Simon Brandhof
c607b1bb6a
SONAR-13155 upgrade SQLServer driver to 7.4.1
* Supports NTLM authentication mode.
* Updated Microsoft Azure Key Vault SDK for Java, version 1.2.1
See https://docs.microsoft.com/en-us/sql/connect/jdbc/release-notes-for-the-jdbc-driver?view=sql-server-ver15#-741
4 years ago