<?xml version="1.0" encoding="UTF-8"?> <project xmlns="http://maven.apache.org/POM/4.0.0" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xsi:schemaLocation="http://maven.apache.org/POM/4.0.0 http://maven.apache.org/maven-v4_0_0.xsd"> <modelVersion>4.0.0</modelVersion> <groupId>org.codehaus.sonar</groupId> <artifactId>sonar</artifactId> <packaging>pom</packaging> <version>5.2-SNAPSHOT</version> <name>SonarQube</name> <url>http://www.sonarqube.org/</url> <description>Open source platform for continuous inspection of code quality</description> <modules> <module>sonar-plugin-api-deps</module> <module>sonar-application</module> <module>sonar-batch</module> <module>sonar-batch-protocol</module> <module>sonar-batch-shaded</module> <module>sonar-check-api</module> <module>sonar-colorizer</module> <module>sonar-core</module> <module>sonar-db</module> <module>sonar-duplications</module> <module>sonar-home</module> <module>sonar-markdown</module> <module>sonar-plugin-api</module> <module>server</module> <module>sonar-ws</module> <module>sonar-testing-harness</module> <module>plugins/sonar-xoo-plugin</module> <module>plugins/sonar-batch-maven-plugin</module> </modules> <organization> <name>SonarSource</name> <url>http://www.sonarsource.com</url> </organization> <inceptionYear>2009</inceptionYear> <issueManagement> <system>jira</system> <url>http://jira.sonarsource.com/browse/SONAR</url> </issueManagement> <distributionManagement> <repository> <id>sonatype-nexus-staging</id> <name>Sonatype Release Repository</name> <url>https://oss.sonatype.org/service/local/staging/deploy/maven2/</url> </repository> </distributionManagement> <prerequisites> <!-- Note that "prerequisites" not inherited, but used by versions-maven-plugin 1.3.1 --> <maven>${maven.min.version}</maven> </prerequisites> <properties> <!--used to define versions of dependencies in dependencyManagement--> <!--${project.version} can not be used directly in dependencyManagement because it can resolve to a--> <!--version different from the one of this pom if the current module's version is not the same as this pom--> <!--(eg. in IT plugins where version is 1.0-SNAPSHOT)--> <sq.version>${project.version}</sq.version> <sonarUpdateCenter.version>1.13</sonarUpdateCenter.version> <sonarJava.version>3.5</sonarJava.version> <sonarGit.version>1.0</sonarGit.version> <sonarSvn.version>1.2</sonarSvn.version> <h2.version>1.3.176</h2.version> <jetty.version>8.1.12.v20130726</jetty.version> <logback.version>1.1.3</logback.version> <slf4j.version>1.7.12</slf4j.version> <tomcat.version>8.0.18</tomcat.version> <elasticsearch.version>1.7.2</elasticsearch.version> <project.build.sourceEncoding>UTF-8</project.build.sourceEncoding> <maven.min.version>3.2</maven.min.version> <jdk.min.version>1.7</jdk.min.version> <timestamp>${maven.build.timestamp}</timestamp> <maven.build.timestamp.format>yyyy-MM-dd'T'HH:mm:ssZ</maven.build.timestamp.format> <skipBatchTests>false</skipBatchTests> <skipServerTests>false</skipServerTests> <version.maven-license.plugin>1.9.0</version.maven-license.plugin> <skipSanityChecks>false</skipSanityChecks> <argLine>-Xmx512m -Djava.awt.headless=true -XX:MaxPermSize=160m</argLine> <maven.test.redirectTestOutputToFile>true</maven.test.redirectTestOutputToFile> </properties> <build> <extensions> <extension> <groupId>org.apache.maven.wagon</groupId> <artifactId>wagon-webdav</artifactId> <version>1.0-beta-2</version> </extension> </extensions> <pluginManagement> <!-- Plugins ordered by shortname (assembly, antrun ...) --> <plugins> <plugin> <groupId>org.codehaus.mojo</groupId> <artifactId>animal-sniffer-maven-plugin</artifactId> <version>1.14</version> <configuration> <signature> <groupId>org.codehaus.mojo.signature</groupId> <artifactId>java17</artifactId> <version>1.0</version> </signature> <skip>${skipSanityChecks}</skip> </configuration> </plugin> <plugin> <groupId>com.github.eirslett</groupId> <artifactId>frontend-maven-plugin</artifactId> <version>0.0.23</version> </plugin> <plugin> <groupId>org.apache.maven.plugins</groupId> <artifactId>maven-antrun-plugin</artifactId> <version>1.7</version> </plugin> <plugin> <groupId>org.apache.maven.plugins</groupId> <artifactId>maven-assembly-plugin</artifactId> <version>2.4</version> <configuration> <archiverConfig> <!-- Workaround for http://jira.codehaus.org/browse/MASSEMBLY-422 --> <!-- 420(dec) = 644(oct) --> <fileMode>420</fileMode> <!-- 493(dec) = 755(oct) --> <directoryMode>493</directoryMode> <defaultDirectoryMode>493</defaultDirectoryMode> </archiverConfig> </configuration> </plugin> <plugin> <groupId>org.codehaus.mojo</groupId> <artifactId>build-helper-maven-plugin</artifactId> <version>1.9.1</version> </plugin> <plugin> <groupId>org.codehaus.mojo</groupId> <artifactId>buildnumber-maven-plugin</artifactId> <version>1.3</version> </plugin> <plugin> <groupId>org.apache.maven.plugins</groupId> <artifactId>maven-clean-plugin</artifactId> <version>2.6.1</version> </plugin> <plugin> <groupId>org.apache.maven.plugins</groupId> <artifactId>maven-compiler-plugin</artifactId> <version>3.3</version> </plugin> <plugin> <groupId>org.apache.maven.plugins</groupId> <artifactId>maven-dependency-plugin</artifactId> <version>2.10</version> </plugin> <plugin> <groupId>org.apache.maven.plugins</groupId> <artifactId>maven-deploy-plugin</artifactId> <version>2.8.2</version> </plugin> <plugin> <groupId>org.apache.maven.plugins</groupId> <artifactId>maven-enforcer-plugin</artifactId> <version>1.4</version> </plugin> <plugin> <groupId>org.apache.maven.plugins</groupId> <artifactId>maven-failsafe-plugin</artifactId> <version>2.18.1</version> </plugin> <plugin> <groupId>org.apache.maven.plugins</groupId> <artifactId>maven-gpg-plugin</artifactId> <version>1.6</version> </plugin> <plugin> <groupId>org.apache.maven.plugins</groupId> <artifactId>maven-install-plugin</artifactId> <version>2.5.2</version> </plugin> <plugin> <groupId>org.jacoco</groupId> <artifactId>jacoco-maven-plugin</artifactId> <version>0.7.5.201505241946</version> <configuration> <excludes> <exclude>*_javassist_*</exclude> </excludes> <includes> <include>org.sonar.*</include> </includes> </configuration> </plugin> <plugin> <groupId>org.apache.maven.plugins</groupId> <artifactId>maven-jar-plugin</artifactId> <version>2.6</version> </plugin> <plugin> <groupId>org.apache.maven.plugins</groupId> <artifactId>maven-javadoc-plugin</artifactId> <version>2.10.1</version> <configuration> <author>false</author> <linksource>true</linksource> </configuration> </plugin> <plugin> <groupId>org.apache.maven.plugins</groupId> <artifactId>maven-jxr-plugin</artifactId> <version>2.5</version> </plugin> <plugin> <groupId>com.mycila.maven-license-plugin</groupId> <artifactId>maven-license-plugin</artifactId> <version>${version.maven-license.plugin}</version> </plugin> <plugin> <groupId>org.apache.maven.plugins</groupId> <artifactId>maven-plugin-plugin</artifactId> <version>3.3</version> </plugin> <plugin> <groupId>org.apache.maven.plugins</groupId> <artifactId>maven-release-plugin</artifactId> <version>2.5.2</version> </plugin> <plugin> <groupId>org.apache.maven.plugins</groupId> <artifactId>maven-resources-plugin</artifactId> <version>2.7</version> </plugin> <plugin> <groupId>org.apache.maven.plugins</groupId> <artifactId>maven-shade-plugin</artifactId> <version>2.3</version> </plugin> <plugin> <groupId>org.apache.maven.plugins</groupId> <artifactId>maven-site-plugin</artifactId> <version>3.4</version> </plugin> <plugin> <groupId>org.apache.maven.plugins</groupId> <artifactId>maven-source-plugin</artifactId> <version>2.4</version> </plugin> <plugin> <groupId>org.apache.maven.plugins</groupId> <artifactId>maven-surefire-plugin</artifactId> <version>2.18.1</version> </plugin> <plugin> <groupId>org.apache.maven.plugins</groupId> <artifactId>maven-war-plugin</artifactId> <version>2.6</version> </plugin> <plugin> <!-- not thread safe --> <groupId>org.codehaus.sonar</groupId> <artifactId>sonar-dev-maven-plugin</artifactId> <version>1.8</version> </plugin> <plugin> <groupId>org.codehaus.sonar</groupId> <artifactId>sonar-packaging-maven-plugin</artifactId> <version>${sonarUpdateCenter.version}</version> </plugin> <plugin> <!-- declared to avoid enforcer error during SQ analysis when Clirr plugin installed --> <groupId>org.codehaus.mojo</groupId> <artifactId>clirr-maven-plugin</artifactId> <version>2.6.1</version> </plugin> <plugin> <groupId>org.owasp</groupId> <artifactId>dependency-check-maven</artifactId> <version>1.2.11</version> <configuration> <failBuildOnCVSS>8</failBuildOnCVSS> <suppressionFile>cve-false-positives.xml</suppressionFile> </configuration> </plugin> <plugin> <!-- Detection of conflicts in classpath. Command line is: mvn org.basepom.maven:duplicate-finder-maven-plugin:check See https://github.com/basepom/duplicate-finder-maven-plugin --> <groupId>org.basepom.maven</groupId> <artifactId>duplicate-finder-maven-plugin</artifactId> <version>1.1.1</version> <configuration> <printEqualFiles>true</printEqualFiles> <!-- <failBuildInCaseOfDifferentContentConflict>true</failBuildInCaseOfDifferentContentConflict> <failBuildInCaseOfEqualContentConflict>true</failBuildInCaseOfEqualContentConflict> <failBuildInCaseOfConflict>true</failBuildInCaseOfConflict> --> <checkCompileClasspath>true</checkCompileClasspath> <checkRuntimeClasspath>true</checkRuntimeClasspath> <checkTestClasspath>false</checkTestClasspath> </configuration> </plugin> </plugins> </pluginManagement> <plugins> <plugin> <groupId>org.codehaus.mojo</groupId> <artifactId>buildnumber-maven-plugin</artifactId> <executions> <execution> <phase>validate</phase> <goals> <goal>create</goal> </goals> </execution> </executions> <configuration> <doCheck>false</doCheck> <doUpdate>false</doUpdate> <getRevisionOnlyOnce>true</getRevisionOnlyOnce> <revisionOnScmFailure>0</revisionOnScmFailure> </configuration> </plugin> <plugin> <groupId>org.apache.maven.plugins</groupId> <artifactId>maven-compiler-plugin</artifactId> <configuration> <source>${jdk.min.version}</source> <target>${jdk.min.version}</target> <encoding>${project.build.sourceEncoding}</encoding> </configuration> </plugin> <plugin> <groupId>org.apache.maven.plugins</groupId> <artifactId>maven-enforcer-plugin</artifactId> <executions> <execution> <id>enforce-rules</id> <goals> <goal>enforce</goal> </goals> <configuration> <rules> <requirePluginVersions> <message>Build reproducibility : always define plugin versions</message> <banLatest>true</banLatest> <banRelease>true</banRelease> <phases>clean,deploy</phases> </requirePluginVersions> <requireReleaseDeps> <message>No SNAPSHOT versions allowed for dependencies</message> <onlyWhenRelease>true</onlyWhenRelease> </requireReleaseDeps> <requireJavaVersion> <message>To build this project JDK ${jdk.min.version} (or upper) is required. Please install it. </message> <version>${jdk.min.version}</version> </requireJavaVersion> <requireMavenVersion> <version>[${maven.min.version},)</version> </requireMavenVersion> <bannedDependencies> <!-- See SONAR-2512 --> <message>commons-beanutils:commons-beanutils should be used instead</message> <excludes> <exclude>commons-beanutils:commons-beanutils-core</exclude> </excludes> <searchTransitive>true</searchTransitive> </bannedDependencies> <requireNoRepositories> <message>Definition of new repositories is not allowed in order to deploy to central repository. </message> </requireNoRepositories> </rules> </configuration> </execution> </executions> </plugin> <!-- Choosing a random timezone when executing tests allows to detect early the tests that are coupled with local environment. --> <plugin> <groupId>com.github.genthaler</groupId> <artifactId>beanshell-maven-plugin</artifactId> <version>1.0</version> <executions> <execution> <id>randomize-environment</id> <phase>validate</phase> <goals> <goal>run</goal> </goals> <configuration> <script> <![CDATA[ String[] timezones = new String[] {"GMT-9", "UTC", "GMT+9"}; String testTimezone = timezones[new java.util.Random().nextInt(timezones.length)]; project.getProperties().setProperty("testTimezone", testTimezone); logger.info("Timezone used for tests: " + testTimezone); ]]> </script> </configuration> </execution> </executions> </plugin> <plugin> <groupId>org.apache.maven.plugins</groupId> <artifactId>maven-jar-plugin</artifactId> <configuration> <archive> <manifestEntries> <Version>${sq.version}</Version> <!-- ${buildNumber} is the Git revision. It's generated by the buildnumber-maven-plugin --> <Implementation-Build>${buildNumber}</Implementation-Build> <Build-Time>${timestamp}</Build-Time> </manifestEntries> </archive> </configuration> </plugin> <plugin> <groupId>org.codehaus.sonar</groupId> <artifactId>sonar-packaging-maven-plugin</artifactId> <extensions>true</extensions> <configuration> <archive> <manifestEntries> <!-- ${buildNumber} is the Git revision. It's generated by the buildnumber-maven-plugin --> <Implementation-Build>${buildNumber}</Implementation-Build> <Build-Time>${timestamp}</Build-Time> </manifestEntries> </archive> </configuration> </plugin> <plugin> <groupId>org.apache.maven.plugins</groupId> <artifactId>maven-jxr-plugin</artifactId> <configuration> <aggregate>true</aggregate> <linkJavadoc>true</linkJavadoc> <javadocDir>${project.reporting.outputDirectory}/${project.version}/apidocs</javadocDir> </configuration> </plugin> <!-- check copyright/license headers --> <plugin> <inherited>false</inherited> <groupId>com.mycila.maven-license-plugin</groupId> <artifactId>maven-license-plugin</artifactId> <configuration> <header>${project.basedir}/copyright.txt</header> <failIfMissing>true</failIfMissing> <strictCheck>true</strictCheck> <aggregate>true</aggregate> <includes> <include>**/sonar-*/src/main/java/**</include> <include>**/sonar-*/src/test/java/**</include> </includes> <excludes> <exclude>tests/**</exclude> </excludes> <mapping> <java>SLASHSTAR_STYLE</java> </mapping> <skip>${skipSanityChecks}</skip> </configuration> <executions> <execution> <id>enforce-license-headers</id> <phase>validate</phase> <goals> <goal>check</goal> </goals> </execution> </executions> </plugin> <plugin> <groupId>org.codehaus.mojo</groupId> <artifactId>animal-sniffer-maven-plugin</artifactId> <executions> <execution> <id>enforce-java-api-compatibility</id> <phase>verify</phase> <goals> <goal>check</goal> </goals> </execution> </executions> </plugin> <plugin> <groupId>org.apache.maven.plugins</groupId> <artifactId>maven-release-plugin</artifactId> <configuration> <autoVersionSubmodules>true</autoVersionSubmodules> <localCheckout>true</localCheckout> <pushChanges>false</pushChanges> <mavenExecutorId>forked-path</mavenExecutorId> <preparationGoals>clean install</preparationGoals> <!-- SONAR-4189 --> <arguments>-Prelease</arguments> </configuration> </plugin> <plugin> <groupId>org.apache.maven.plugins</groupId> <artifactId>maven-source-plugin</artifactId> <executions> <execution> <id>attach-sources</id> <goals> <goal>jar-no-fork</goal> </goals> </execution> </executions> </plugin> <plugin> <groupId>org.apache.maven.plugins</groupId> <artifactId>maven-surefire-plugin</artifactId> <configuration> <runOrder>random</runOrder> <systemPropertyVariables> <java.io.tmpdir>${project.build.directory}</java.io.tmpdir> <!-- See profile 'randomize-environment' --> <user.timezone>${testTimezone}</user.timezone> </systemPropertyVariables> <groups>${junitGroups}</groups> <threadCount>1</threadCount> </configuration> </plugin> <plugin> <!-- This plugin is used to list the licenses of all the dependencies. The module sonar-testing-harness must be excluded. See third-party-licenses.sh --> <groupId>org.codehaus.mojo</groupId> <artifactId>license-maven-plugin</artifactId> <version>1.8</version> <configuration> <includedScopes>compile</includedScopes> <licenseMerges> <licenseMerge>Apache 2.0|The Apache Software License, Version 2.0|Apache License, Version 2.0|apache_v2</licenseMerge> <licenseMerge>CDDL 1.0|COMMON DEVELOPMENT AND DISTRIBUTION LICENSE (CDDL) Version 1.0|Common Development and Distribution License (CDDL) v1.0|cddl_v1</licenseMerge> <licenseMerge>GNU LGPL 2.1|GNU Lesser General Public License (LGPL), Version 2.1|GNU Lesser General Public License, version 2.1|lgpl_v2_1</licenseMerge> <licenseMerge>GNU LGPL 3|GNU LESSER GENERAL PUBLIC LICENSE, Version 3|GNU Lesser General Public Licence|GNU Lesser General Public License|GNU LESSER GENERAL PUBLIC LICENSE</licenseMerge> <licenseMerge>Dual license: CDDL 1.0 and GPL v2|Dual license consisting of the CDDL v1.0 and GPL v2|CDDL+GPLv2|CDDL+GPL|CDDL+GPL License</licenseMerge> <licenseMerge>Dual license: CDDL 1.1 and GPL v2|Dual license consisting of the CDDL v1.1 and GPL v2|CDDL1_1+GPLv2</licenseMerge> <licenseMerge>Dual License: CDDL 1.0 and GPL V2 with Classpath Exception|CDDL + GPLv2 with classpath exception</licenseMerge> </licenseMerges> </configuration> </plugin> </plugins> </build> <dependencyManagement> <dependencies> <!-- SonarQube modules --> <dependency> <groupId>org.codehaus.sonar</groupId> <artifactId>sonar-channel</artifactId> <version>4.1</version> </dependency> <dependency> <groupId>org.codehaus.sonar</groupId> <artifactId>sonar-classloader</artifactId> <version>1.0</version> </dependency> <dependency> <groupId>org.codehaus.sonar</groupId> <artifactId>sonar-markdown</artifactId> <version>${sq.version}</version> </dependency> <dependency> <groupId>org.codehaus.sonar</groupId> <artifactId>sonar-check-api</artifactId> <version>${sq.version}</version> </dependency> <dependency> <groupId>org.codehaus.sonar</groupId> <artifactId>sonar-colorizer</artifactId> <version>${sq.version}</version> </dependency> <dependency> <groupId>org.codehaus.sonar</groupId> <artifactId>sonar-core</artifactId> <version>${sq.version}</version> </dependency> <dependency> <groupId>org.codehaus.sonar</groupId> <artifactId>sonar-db</artifactId> <version>${sq.version}</version> </dependency> <dependency> <groupId>org.codehaus.sonar</groupId> <artifactId>sonar-batch-protocol</artifactId> <version>${sq.version}</version> </dependency> <dependency> <groupId>org.codehaus.sonar</groupId> <artifactId>sonar-ws</artifactId> <version>${sq.version}</version> </dependency> <dependency> <groupId>org.codehaus.sonar</groupId> <artifactId>sonar-duplications</artifactId> <version>${sq.version}</version> </dependency> <dependency> <groupId>org.codehaus.sonar</groupId> <artifactId>sonar-home</artifactId> <version>${sq.version}</version> </dependency> <dependency> <groupId>org.codehaus.sonar</groupId> <artifactId>sonar-graph</artifactId> <version>5.1</version> </dependency> <dependency> <groupId>org.codehaus.sonar</groupId> <artifactId>sonar-java-api</artifactId> <version>5.1</version> <exclusions> <exclusion> <groupId>org.codehaus.sonar</groupId> <artifactId>sonar-deprecated</artifactId> </exclusion> <exclusion> <groupId>org.codehaus.sonar</groupId> <artifactId>sonar-plugin-api</artifactId> </exclusion> </exclusions> </dependency> <dependency> <groupId>org.codehaus.sonar</groupId> <artifactId>sonar-plugin-api</artifactId> <version>${sq.version}</version> </dependency> <dependency> <groupId>org.codehaus.sonar</groupId> <artifactId>sonar-update-center-common</artifactId> <version>${sonarUpdateCenter.version}</version> </dependency> <dependency> <groupId>org.codehaus.sonar</groupId> <artifactId>sonar-server</artifactId> <version>${sq.version}</version> </dependency> <dependency> <groupId>org.codehaus.sonar.plugins</groupId> <artifactId>sonar-xoo-plugin</artifactId> <version>${sq.version}</version> <scope>test</scope> </dependency> <dependency> <groupId>org.codehaus.sonar-plugins</groupId> <artifactId>sonar-scm-git-plugin</artifactId> <version>${sonarGit.version}</version> <type>sonar-plugin</type> </dependency> <dependency> <groupId>org.sonarsource.scm.svn</groupId> <artifactId>sonar-scm-svn-plugin</artifactId> <version>${sonarSvn.version}</version> <type>sonar-plugin</type> </dependency> <dependency> <groupId>org.codehaus.sonar</groupId> <artifactId>sonar-testing-harness</artifactId> <version>${sq.version}</version> </dependency> <dependency> <groupId>org.codehaus.sonar</groupId> <artifactId>sonar-views-bridge</artifactId> <version>${project.version}</version> </dependency> <dependency> <groupId>org.sonarsource.java</groupId> <artifactId>sonar-java-plugin</artifactId> <version>${sonarJava.version}</version> <type>sonar-plugin</type> <exclusions> <!-- A banned dependency is bring because java-squid is using maven-project:2.07 This exclusion should be removed when the plugin will no more used maven-project --> <exclusion> <groupId>classworlds</groupId> <artifactId>classworlds</artifactId> </exclusion> </exclusions> </dependency> <dependency> <groupId>commons-collections</groupId> <artifactId>commons-collections</artifactId> <version>3.2.1</version> </dependency> <dependency> <groupId>org.elasticsearch</groupId> <artifactId>elasticsearch</artifactId> <version>${elasticsearch.version}</version> <exclusions> <exclusion> <groupId>org.apache.lucene</groupId> <artifactId>lucene-spatial</artifactId> </exclusion> <exclusion> <groupId>org.ow2.asm</groupId> <artifactId>asm</artifactId> </exclusion> <exclusion> <groupId>org.ow2.asm</groupId> <artifactId>asm-commons</artifactId> </exclusion> <exclusion> <groupId>org.antlr</groupId> <artifactId>antlr-runtime</artifactId> </exclusion> </exclusions> </dependency> <dependency> <groupId>com.github.tlrx</groupId> <artifactId>elasticsearch-test</artifactId> <version>1.2.1</version> </dependency> <dependency> <groupId>com.google.guava</groupId> <artifactId>guava</artifactId> <version>17.0</version> <exclusions> <exclusion> <!-- should be declared with scope provided --> <groupId>com.google.code.findbugs</groupId> <artifactId>jsr305</artifactId> </exclusion> </exclusions> </dependency> <dependency> <groupId>com.google.code.findbugs</groupId> <artifactId>jsr305</artifactId> <version>3.0.0</version> </dependency> <dependency> <groupId>commons-dbutils</groupId> <artifactId>commons-dbutils</artifactId> <version>1.5</version> </dependency> <dependency> <groupId>commons-io</groupId> <artifactId>commons-io</artifactId> <version>2.4</version> </dependency> <dependency> <groupId>org.apache.commons</groupId> <artifactId>commons-csv</artifactId> <version>1.0</version> </dependency> <dependency> <groupId>commons-codec</groupId> <artifactId>commons-codec</artifactId> <version>1.8</version> </dependency> <dependency> <groupId>org.apache.commons</groupId> <artifactId>commons-email</artifactId> <version>1.3.2</version> </dependency> <dependency> <groupId>commons-lang</groupId> <artifactId>commons-lang</artifactId> <version>2.6</version> </dependency> <dependency> <groupId>commons-dbcp</groupId> <artifactId>commons-dbcp</artifactId> <version>1.4</version> </dependency> <dependency> <!-- See SONAR-2512 --> <groupId>commons-beanutils</groupId> <artifactId>commons-beanutils</artifactId> <version>1.8.3</version> <exclusions> <exclusion> <groupId>commons-logging</groupId> <artifactId>commons-logging</artifactId> </exclusion> </exclusions> </dependency> <dependency> <groupId>org.apache.maven</groupId> <artifactId>maven-artifact</artifactId> <version>2.0.7</version> </dependency> <dependency> <groupId>org.apache.maven</groupId> <artifactId>maven-core</artifactId> <version>2.0.7</version> </dependency> <dependency> <groupId>com.ibm.icu</groupId> <artifactId>icu4j</artifactId> <!-- animal-sniffer doesn't work with 2.6.1 --> <version>3.4.4</version> </dependency> <dependency> <groupId>jfree</groupId> <artifactId>jfreechart</artifactId> <version>1.0.9</version> </dependency> <dependency> <groupId>com.googlecode.json-simple</groupId> <artifactId>json-simple</artifactId> <version>1.1.1</version> <exclusions> <exclusion> <groupId>junit</groupId> <artifactId>junit</artifactId> </exclusion> </exclusions> </dependency> <dependency> <groupId>org.mybatis</groupId> <artifactId>mybatis</artifactId> <version>3.2.7</version> </dependency> <dependency> <groupId>org.picocontainer</groupId> <artifactId>picocontainer</artifactId> <version>2.15</version> </dependency> <dependency> <groupId>org.slf4j</groupId> <artifactId>slf4j-api</artifactId> <version>${slf4j.version}</version> </dependency> <dependency> <groupId>org.slf4j</groupId> <artifactId>jul-to-slf4j</artifactId> <version>${slf4j.version}</version> </dependency> <dependency> <groupId>org.slf4j</groupId> <artifactId>jcl-over-slf4j</artifactId> <version>${slf4j.version}</version> </dependency> <dependency> <groupId>org.slf4j</groupId> <artifactId>log4j-over-slf4j</artifactId> <version>${slf4j.version}</version> </dependency> <dependency> <groupId>ch.qos.logback</groupId> <artifactId>logback-access</artifactId> <version>${logback.version}</version> </dependency> <dependency> <groupId>ch.qos.logback</groupId> <artifactId>logback-classic</artifactId> <version>${logback.version}</version> </dependency> <dependency> <groupId>ch.qos.logback</groupId> <artifactId>logback-core</artifactId> <version>${logback.version}</version> </dependency> <dependency> <groupId>com.h2database</groupId> <artifactId>h2</artifactId> <version>${h2.version}</version> </dependency> <dependency> <groupId>org.jruby.rack</groupId> <artifactId>jruby-rack</artifactId> <version>1.1.13.2</version> </dependency> <dependency> <groupId>mysql</groupId> <artifactId>mysql-connector-java</artifactId> <version>5.1.35</version> </dependency> <dependency> <groupId>org.postgresql</groupId> <artifactId>postgresql</artifactId> <version>9.3-1102-jdbc41</version> </dependency> <dependency> <groupId>org.codehaus.woodstox</groupId> <artifactId>woodstox-core-lgpl</artifactId> <version>4.4.0</version> <exclusions> <exclusion> <!-- provided by Java 1.7 --> <groupId>javax.xml.stream</groupId> <artifactId>stax-api</artifactId> </exclusion> </exclusions> </dependency> <dependency> <groupId>org.codehaus.staxmate</groupId> <artifactId>staxmate</artifactId> <version>2.0.1</version> <exclusions> <!-- see SONAR-879 --> <exclusion> <groupId>org.codehaus.woodstox</groupId> <artifactId>stax2-api</artifactId> </exclusion> <exclusion> <groupId>stax</groupId> <artifactId>stax-api</artifactId> </exclusion> <exclusion> <groupId>org.codehaus.woodstox</groupId> <artifactId>woodstox-core-asl</artifactId> </exclusion> </exclusions> </dependency> <dependency> <groupId>org.mockito</groupId> <artifactId>mockito-core</artifactId> <version>1.10.19</version> <exclusions> <exclusion> <groupId>org.hamcrest</groupId> <artifactId>hamcrest-core</artifactId> </exclusion> </exclusions> </dependency> <dependency> <groupId>com.google.code.bean-matchers</groupId> <artifactId>bean-matchers</artifactId> <version>0.9</version> <scope>test</scope> <exclusions> <exclusion> <groupId>org.hamcrest</groupId> <artifactId>hamcrest-core</artifactId> </exclusion> </exclusions> </dependency> <dependency> <groupId>org.assertj</groupId> <artifactId>assertj-core</artifactId> <version>2.0.0</version> </dependency> <dependency> <groupId>org.assertj</groupId> <artifactId>assertj-guava</artifactId> <version>1.3.1</version> </dependency> <dependency> <groupId>xpp3</groupId> <artifactId>xpp3</artifactId> <version>1.1.3.3</version> </dependency> <dependency> <groupId>org.jruby</groupId> <artifactId>jruby-complete</artifactId> <!-- do not upgrade to 1.7.10, much slower at startup --> <version>1.7.9</version> </dependency> <dependency> <groupId>org.codehaus.woodstox</groupId> <artifactId>stax2-api</artifactId> <version>3.1.4</version> <exclusions> <exclusion> <groupId>stax</groupId> <artifactId>stax-api</artifactId> </exclusion> </exclusions> </dependency> <dependency> <groupId>javax.servlet</groupId> <artifactId>javax.servlet-api</artifactId> <version>3.0.1</version> </dependency> <dependency> <groupId>org.eclipse.jetty</groupId> <artifactId>jetty-server</artifactId> <version>${jetty.version}</version> </dependency> <dependency> <groupId>org.hamcrest</groupId> <artifactId>hamcrest-all</artifactId> <version>1.3</version> </dependency> <dependency> <groupId>junit</groupId> <artifactId>junit</artifactId> <version>4.12</version> </dependency> <dependency> <groupId>com.tngtech.java</groupId> <artifactId>junit-dataprovider</artifactId> <version>1.9.2</version> </dependency> <dependency> <groupId>xmlunit</groupId> <artifactId>xmlunit</artifactId> <version>1.4</version> </dependency> <dependency> <groupId>org.dbunit</groupId> <artifactId>dbunit</artifactId> <version>2.4.5</version> <exclusions> <!-- removing commons lang 2.1 and xerces--> <exclusion> <groupId>commons-lang</groupId> <artifactId>commons-lang</artifactId> </exclusion> <exclusion> <groupId>xerces</groupId> <artifactId>xmlParserAPIs</artifactId> </exclusion> <exclusion> <groupId>xerces</groupId> <artifactId>xercesImpl</artifactId> </exclusion> </exclusions> </dependency> <dependency> <groupId>org.eclipse.jetty</groupId> <artifactId>test-jetty-servlet</artifactId> <version>${jetty.version}</version> </dependency> <dependency> <groupId>org.reflections</groupId> <artifactId>reflections</artifactId> <version>0.9.9</version> </dependency> <dependency> <groupId>com.google.code.gson</groupId> <artifactId>gson</artifactId> <version>2.3.1</version> </dependency> <dependency> <groupId>org.sonarsource</groupId> <artifactId>sonar-persistit</artifactId> <version>3.3.2</version> <exclusions> <exclusion> <groupId>commons-logging</groupId> <artifactId>commons-logging</artifactId> </exclusion> </exclusions> </dependency> <dependency> <groupId>com.github.kevinsawicki</groupId> <artifactId>http-request</artifactId> <version>5.4.1</version> </dependency> <dependency> <groupId>org.codehaus.sonar.runner</groupId> <artifactId>sonar-runner-api</artifactId> <version>2.4</version> </dependency> <dependency> <groupId>org.freemarker</groupId> <artifactId>freemarker</artifactId> <version>2.3.20</version> </dependency> <dependency> <groupId>com.google.protobuf</groupId> <artifactId>protobuf-java</artifactId> <version>3.0.0-beta-1</version> </dependency> <dependency> <groupId>net.jpountz.lz4</groupId> <artifactId>lz4</artifactId> <version>1.3.0</version> </dependency> <dependency> <groupId>org.subethamail</groupId> <artifactId>subethasmtp</artifactId> <version>3.1.7</version> <scope>test</scope> </dependency> <!-- tomcat --> <dependency> <groupId>org.apache.tomcat.embed</groupId> <artifactId>tomcat-embed-core</artifactId> <version>${tomcat.version}</version> </dependency> <dependency> <groupId>org.apache.tomcat.embed</groupId> <artifactId>tomcat-embed-jasper</artifactId> <version>${tomcat.version}</version> <exclusions> <exclusion> <groupId>org.eclipse.jdt.core.compiler</groupId> <artifactId>ecj</artifactId> </exclusion> </exclusions> </dependency> <dependency> <groupId>org.apache.tomcat.embed</groupId> <artifactId>tomcat-embed-logging-juli</artifactId> <version>${tomcat.version}</version> </dependency> <!-- Using scope=provided to exclude from all transitive dependencies --> <dependency> <groupId>xml-apis</groupId> <artifactId>xml-apis</artifactId> <version>1.4.01</version> <scope>provided</scope> </dependency> </dependencies> </dependencyManagement> <mailingLists> <mailingList> <name>SonarQube users mailing list</name> <subscribe>http://xircles.codehaus.org/projects/sonar/lists</subscribe> <unsubscribe>http://xircles.codehaus.org/projects/sonar/lists</unsubscribe> <post>user@sonar.codehaus.org</post> <archive>http://www.nabble.com/Sonar-f30151.html</archive> </mailingList> </mailingLists> <scm> <connection>scm:git:git@github.com:SonarSource/sonarqube.git</connection> <developerConnection>scm:git:git@github.com:SonarSource/sonarqube.git</developerConnection> <url>https://github.com/SonarSource/sonarqube</url> <tag>HEAD</tag> </scm> <ciManagement> <system>travis-ci</system> <url>https://travis-ci.org/SonarSource/sonarqube</url> </ciManagement> <licenses> <license> <name>GNU LGPL 3</name> <url>http://www.gnu.org/licenses/lgpl.txt</url> <distribution>repo</distribution> </license> </licenses> <!-- Developers information should not be removed as it's required for deployment --> <developers> <developer> <id>bellingard</id> <name>Fabrice Bellingard</name> <email>fabrice.bellingard@sonarsource.com</email> <organization>SonarSource</organization> <timezone>+1</timezone> </developer> <developer> <id>dbolkensteyn</id> <name>Dinesh Bolkensteyn</name> <email>dinesh.bolkensteyn@sonarsource.com</email> <organization>SonarSource</organization> <timezone>+1</timezone> </developer> <developer> <id>dgageot</id> <name>David Gageot</name> <organization>SonarSource</organization> <timezone>+1</timezone> </developer> <developer> <id>ehartmann</id> <name>Eric Hartmann</name> <organization>SonarSource</organization> <timezone>+1</timezone> </developer> <developer> <id>fmallet</id> <name>Freddy Mallet</name> <email>freddy.mallet@sonarsource.com</email> <organization>SonarSource</organization> <timezone>+1</timezone> </developer> <developer> <id>Godin</id> <name>Evgeny Mandrikov</name> <email>evgeny.mandrikov@sonarsource.com</email> <organization>SonarSource</organization> <timezone>+3</timezone> </developer> <developer> <id>henryju</id> <name>Julien Henry</name> <email>julien.henry@sonarsource.com</email> <organization>SonarSource</organization> <timezone>+1</timezone> </developer> <developer> <id>jblievremont</id> <name>Jean-Baptiste Lievremont</name> <organization>SonarSource</organization> <timezone>+1</timezone> </developer> <developer> <id>julienlancelot</id> <name>Julien Lancelot</name> <email>julien.lancelot@sonarsource.com</email> <organization>SonarSource</organization> <timezone>+1</timezone> </developer> <developer> <id>olivier.gaudin</id> <name>Olivier Gaudin</name> <email>olivier.gaudin@sonarsource.com</email> <organization>SonarSource</organization> <timezone>+1</timezone> </developer> <developer> <id>simonbrandhof</id> <name>Simon Brandhof</name> <email>simon.brandhof@sonarsource.com</email> <organization>SonarSource</organization> <timezone>+1</timezone> </developer> <developer> <id>sns-seb</id> <name>Sebastien Lesaint</name> <organization>SonarSource</organization> <timezone>+1</timezone> </developer> <developer> <id>stas-vilchik</id> <name>Stas Vilchik</name> <organization>SonarSource</organization> <timezone>+1</timezone> </developer> <developer> <id>teryk</id> <name>Teryk Bellahsene</name> <organization>SonarSource</organization> <timezone>+1</timezone> </developer> </developers> <profiles> <profile> <id>dev</id> <properties> <skipSanityChecks>true</skipSanityChecks> <enforcer.skip>true</enforcer.skip> </properties> </profile> <profile> <id>release</id> <build> <plugins> <plugin> <groupId>org.apache.maven.plugins</groupId> <artifactId>maven-javadoc-plugin</artifactId> <executions> <execution> <id>attach-javadocs</id> <goals> <goal>jar</goal> </goals> </execution> </executions> </plugin> <plugin> <groupId>org.apache.maven.plugins</groupId> <artifactId>maven-gpg-plugin</artifactId> <executions> <execution> <id>sign-artifacts</id> <phase>verify</phase> <goals> <goal>sign</goal> </goals> </execution> </executions> </plugin> <plugin> <groupId>org.apache.maven.plugins</groupId> <artifactId>maven-enforcer-plugin</artifactId> <executions> <execution> <id>enforce-java7</id> <goals> <goal>enforce</goal> </goals> <configuration> <rules> <requireJavaVersion> <message>To release this project JDK ${jdk.min.version} is required. </message> <version>[1.7,)</version> </requireJavaVersion> </rules> </configuration> </execution> </executions> </plugin> </plugins> </build> </profile> <profile> <id>javadoc</id> <build> <plugins> <plugin> <groupId>org.apache.maven.plugins</groupId> <artifactId>maven-javadoc-plugin</artifactId> <configuration> <excludePackageNames> net.*:org.sonar.application:org.sonar.server:org.sonar.graph:org.sonar.batch:org.sonar.channel:org.sonar.java:org.sonar.maven*:org.sonar.plugins.*:org.sonar.colorizer:org.sonar.core:org.sonar.duplications:org.sonar.markdown:com.* </excludePackageNames> <author>false</author> <linksource>true</linksource> <reportOutputDirectory>${project.reporting.outputDirectory}/${project.version}/apidocs </reportOutputDirectory> </configuration> </plugin> </plugins> </build> </profile> <profile> <id>m2e</id> <activation> <!-- This profile is active only when used from Eclipse m2e and is used only to store settings. --> <property> <name>m2e.version</name> </property> </activation> <build> <pluginManagement> <plugins> <plugin> <groupId>org.eclipse.m2e</groupId> <artifactId>lifecycle-mapping</artifactId> <version>1.0.0</version> <configuration> <lifecycleMappingMetadata> <pluginExecutions> <pluginExecution> <pluginExecutionFilter> <groupId>org.codehaus.sonar</groupId> <artifactId>sonar-packaging-maven-plugin</artifactId> <versionRange>[1.0,)</versionRange> <goals> <goal>check-dependencies</goal> </goals> </pluginExecutionFilter> <action> <ignore/> </action> </pluginExecution> <pluginExecution> <pluginExecutionFilter> <groupId>org.codehaus.sonar</groupId> <artifactId>sonar-dev-maven-plugin</artifactId> <versionRange>[1.0,)</versionRange> <goals> <goal>trim</goal> </goals> </pluginExecutionFilter> <action> <ignore/> </action> </pluginExecution> <pluginExecution> <pluginExecutionFilter> <groupId>org.apache.maven.plugins</groupId> <artifactId>maven-dependency-plugin</artifactId> <versionRange>[1.0,)</versionRange> <goals> <goal>unpack</goal> <goal>copy-dependencies</goal> </goals> </pluginExecutionFilter> <action> <ignore/> </action> </pluginExecution> <pluginExecution> <pluginExecutionFilter> <groupId>org.codehaus.mojo</groupId> <artifactId>native2ascii-maven-plugin</artifactId> <versionRange>[1.0-alpha-1,)</versionRange> <goals> <goal>native2ascii</goal> </goals> </pluginExecutionFilter> <action> <ignore/> </action> </pluginExecution> </pluginExecutions> </lifecycleMappingMetadata> </configuration> </plugin> </plugins> </pluginManagement> </build> </profile> <profile> <id>coverage-per-test</id> <activation> <property> <name>coveragePerTest</name> </property> </activation> <dependencies> <dependency> <groupId>org.codehaus.sonar-plugins.java</groupId> <artifactId>sonar-jacoco-listeners</artifactId> <version>${sonarJava.version}</version> <scope>test</scope> </dependency> </dependencies> <build> <plugins> <plugin> <groupId>org.apache.maven.plugins</groupId> <artifactId>maven-surefire-plugin</artifactId> <configuration> <properties> <property> <name>listener</name> <value>org.sonar.java.jacoco.JUnitListener</value> </property> </properties> </configuration> </plugin> </plugins> </build> </profile> <!-- The following profiles optimize the build for each team, according to their stack layers (batch, server and web teams) --> <profile> <!-- disable all tests --> <id>skipTests</id> <activation> <property> <name>skipTests</name> </property> </activation> <properties> <skipBatchTests>true</skipBatchTests> <skipServerTests>true</skipServerTests> </properties> </profile> <profile> <id>batch</id> <properties> <skipServerTests>true</skipServerTests> </properties> </profile> <profile> <id>server</id> <properties> <skipBatchTests>true</skipBatchTests> </properties> </profile> <profile> <id>web</id> <properties> <!-- the web team does not care about java tests --> <skipBatchTests>true</skipBatchTests> <skipServerTests>true</skipServerTests> <skipTests>true</skipTests> </properties> </profile> <profile> <!-- add microbenchmarks module to IDE --> <id>includeMicrobenchmarkModule</id> <modules> <module>microbenchmark-template</module> </modules> </profile> <profile> <!-- check if maven dependencies have vulnerabilities listed in CVE Standalone command: mvn org.owasp:dependency-check-maven:check See http://jeremylong.github.io/DependencyCheck --> <id>securityCheck</id> <build> <plugins> <plugin> <groupId>org.owasp</groupId> <artifactId>dependency-check-maven</artifactId> <executions> <execution> <goals> <goal>check</goal> </goals> </execution> </executions> </plugin> </plugins> </build> </profile> <profile> <id>analysis</id> <properties> <coveragePerTest>true</coveragePerTest> </properties> </profile> <profile> <!-- integration tests --> <id>it</id> <modules> <module>it</module> </modules> </profile> </profiles> </project>