SONAR-12383 Libraries with security fixes

* io.jsonwebtoken:jjwt-api:0.10.5 -> 0.10.7 * com.auth0:java-jwt:3.3.0 -> 3.8.3 * org.bouncycastle:bcpkix-jdk15on:1.59 ->1.64
author: Jacek <jacek.poreda@sonarsource.com> 2019-10-21 16:04:36 -0500
committer: SonarTech <sonartech@sonarsource.com> 2019-11-12 20:21:06 +0100
commit: 9e5e816c69bfbd6bff0b235ec2351eed7e9e6278 (patch)
tree: f9f05e77725fe7dc5051a5677918bcdc19d2d1a0
parent: fc3085b6cb8e80b93842b9742794a11414d11198 (diff)
download: sonarqube-9e5e816c69bfbd6bff0b235ec2351eed7e9e6278.tar.gz
sonarqube-9e5e816c69bfbd6bff0b235ec2351eed7e9e6278.zip
2 files changed, 8 insertions, 7 deletions
diff --git a/build.gradle b/build.gradle
index 7044700dd73..e9d696f7580 100644
--- a/build.gradle
+++ b/build.gradle
@@ -111,6 +111,7 @@ subprojects {
 
   ext {
     protobufVersion = '3.7.0'
+    jjwtVersion = '0.10.7'
   }
 
   sonarqube {
@@ -196,9 +197,9 @@ subprojects {
       }
       dependency 'com.tngtech.java:junit-dataprovider:1.9.2'
       dependency 'info.picocli:picocli:3.6.1'
-      dependency 'io.jsonwebtoken:jjwt-api:0.10.5'
-      dependency 'io.jsonwebtoken:jjwt-impl:0.10.5'
-      dependency 'io.jsonwebtoken:jjwt-jackson:0.10.5'
+      dependency "io.jsonwebtoken:jjwt-api:${jjwtVersion}"
+      dependency "io.jsonwebtoken:jjwt-impl:${jjwtVersion}"
+      dependency "io.jsonwebtoken:jjwt-jackson:${jjwtVersion}"
       dependency 'io.netty:netty-all:4.0.51.Final'
       dependency 'com.sun.mail:javax.mail:1.5.6'
       dependency 'javax.annotation:javax.annotation-api:1.3.1'
diff --git a/server/sonar-ce-task-projectanalysis/src/test/java/org/sonar/ce/task/projectanalysis/step/ComputeQProfileMeasureStepTest.java b/server/sonar-ce-task-projectanalysis/src/test/java/org/sonar/ce/task/projectanalysis/step/ComputeQProfileMeasureStepTest.java
index 12bf8075bd1..3dc7fe868cb 100644
--- a/server/sonar-ce-task-projectanalysis/src/test/java/org/sonar/ce/task/projectanalysis/step/ComputeQProfileMeasureStepTest.java
+++ b/server/sonar-ce-task-projectanalysis/src/test/java/org/sonar/ce/task/projectanalysis/step/ComputeQProfileMeasureStepTest.java
@@ -63,10 +63,10 @@ public class ComputeQProfileMeasureStepTest {
 
   private static final Component MULTI_MODULE_PROJECT = ReportComponent.builder(PROJECT, PROJECT_REF).setKey(PROJECT_KEY)
     .addChildren(ReportComponent.builder(DIRECTORY, FOLDER_1_REF)
-        .addChildren(
-          ReportComponent.builder(FILE, FILE_1_1_REF).setFileAttributes(new FileAttributes(false, "java", 1)).build(),
-          ReportComponent.builder(FILE, FILE_1_2_REF).setFileAttributes(new FileAttributes(false, "java", 1)).build())
-        .build(),
+      .addChildren(
+        ReportComponent.builder(FILE, FILE_1_1_REF).setFileAttributes(new FileAttributes(false, "java", 1)).build(),
+        ReportComponent.builder(FILE, FILE_1_2_REF).setFileAttributes(new FileAttributes(false, "java", 1)).build())
+      .build(),
       ReportComponent.builder(DIRECTORY, FOLDER_2_REF)
         .addChildren(
           ReportComponent.builder(FILE, FILE_2_1_REF).setFileAttributes(new FileAttributes(false, null, 1)).build(),
author	Jacek <jacek.poreda@sonarsource.com>	2019-10-21 16:04:36 -0500
committer	SonarTech <sonartech@sonarsource.com>	2019-11-12 20:21:06 +0100
commit	9e5e816c69bfbd6bff0b235ec2351eed7e9e6278 (patch)
tree	f9f05e77725fe7dc5051a5677918bcdc19d2d1a0
parent	fc3085b6cb8e80b93842b9742794a11414d11198 (diff)
download	sonarqube-9e5e816c69bfbd6bff0b235ec2351eed7e9e6278.tar.gz sonarqube-9e5e816c69bfbd6bff0b235ec2351eed7e9e6278.zip