diff --git a/.gitignore b/.gitignore index f988b374..e7b67abc 100644 --- a/.gitignore +++ b/.gitignore @@ -1,4 +1,5 @@ build out .idea -.gradle \ No newline at end of file +.gradle +bin \ No newline at end of file diff --git a/build.gradle b/build.gradle index 6f0a3a9d..147565f2 100644 --- a/build.gradle +++ b/build.gradle @@ -22,14 +22,17 @@ repositories { } } -def buildInfoVersion = '2.41.13' +def buildInfoVersion = '2.43.6' +// Updated to 2.17.3 for security fixes - compatible with Java 8+ +def jacksonVersion = '2.17.3' + dependencies { - implementation group: 'com.fasterxml.jackson.dataformat', name: 'jackson-dataformat-yaml', version: '2.15.2' + implementation group: 'com.fasterxml.jackson.dataformat', name: 'jackson-dataformat-yaml', version: jacksonVersion implementation group: 'org.jfrog.buildinfo', name: 'build-info-extractor-npm', version: buildInfoVersion implementation group: 'org.jfrog.buildinfo', name: 'build-info-extractor-go', version: buildInfoVersion implementation group: 'org.jfrog.buildinfo', name: 'build-info-client', version: buildInfoVersion implementation group: 'org.jfrog.buildinfo', name: 'build-info-api', version: buildInfoVersion - implementation group: 'com.fasterxml.jackson.core', name: 'jackson-databind', version: '2.15.2' + implementation group: 'com.fasterxml.jackson.core', name: 'jackson-databind', version: jacksonVersion implementation(group: 'org.apache.httpcomponents', name: 'httpclient', version: '4.5.13') { exclude group: 'commons-codec', module: 'commons-codec' } @@ -42,7 +45,7 @@ dependencies { implementation group: 'org.apache.commons', name: 'commons-lang3', version: '3.11' implementation group: 'com.google.guava', name: 'guava', version: '32.0.1-jre' implementation group: 'commons-codec', name: 'commons-codec', version: '1.13' - implementation group: 'com.jfrog', name: 'gradle-dep-tree', version: '3.0.1' + implementation group: 'com.jfrog', name: 'gradle-dep-tree', version: '3.2.1' implementation group: 'commons-io', name: 'commons-io', version: '2.20.0' implementation(group: 'com.opencsv', name: 'opencsv', version: '5.11.1') { exclude group: 'common-collections', module: 'commons-collections' diff --git a/src/main/java/com/jfrog/ide/common/nodes/subentities/ImpactPath.java b/src/main/java/com/jfrog/ide/common/nodes/subentities/ImpactPath.java index c43bd171..96c241a2 100644 --- a/src/main/java/com/jfrog/ide/common/nodes/subentities/ImpactPath.java +++ b/src/main/java/com/jfrog/ide/common/nodes/subentities/ImpactPath.java @@ -1,5 +1,6 @@ package com.jfrog.ide.common.nodes.subentities; +import com.fasterxml.jackson.annotation.JsonIgnoreProperties; import com.fasterxml.jackson.annotation.JsonProperty; import lombok.Getter; @@ -7,6 +8,7 @@ @Getter +@JsonIgnoreProperties(ignoreUnknown = true) public class ImpactPath { @JsonProperty() private String name; diff --git a/src/test/resources/gradle/groovy/api/build.gradle b/src/test/resources/gradle/groovy/api/build.gradle index 492158b1..5660b719 100644 --- a/src/test/resources/gradle/groovy/api/build.gradle +++ b/src/test/resources/gradle/groovy/api/build.gradle @@ -4,9 +4,8 @@ configurations { dependencies { implementation project(':shared') - implementation module("commons-lang:commons-lang:2.4") { - dependency("commons-io:commons-io:1.2") - } + implementation "commons-lang:commons-lang:2.4" + implementation "commons-io:commons-io:1.2" implementation group: 'org.apache.wicket', name: 'wicket', version: '1.3.7' } diff --git a/src/test/resources/gradle/groovy/build.gradle b/src/test/resources/gradle/groovy/build.gradle index 1b27b377..f7dfe943 100644 --- a/src/test/resources/gradle/groovy/build.gradle +++ b/src/test/resources/gradle/groovy/build.gradle @@ -19,7 +19,7 @@ buildscript { mavenCentral() } dependencies { - classpath(group: 'org.jfrog.buildinfo', name: 'build-info-extractor-gradle', version: '4.+') + classpath(group: 'org.jfrog.buildinfo', name: 'build-info-extractor-gradle', version: '5.+') } configurations.classpath { resolutionStrategy { diff --git a/src/test/resources/gradle/kotlin/build.gradle.kts b/src/test/resources/gradle/kotlin/build.gradle.kts index 64eba09f..e288028a 100644 --- a/src/test/resources/gradle/kotlin/build.gradle.kts +++ b/src/test/resources/gradle/kotlin/build.gradle.kts @@ -6,7 +6,7 @@ buildscript { mavenCentral() } dependencies { - classpath("org.jfrog.buildinfo", "build-info-extractor-gradle", "4.+") + classpath("org.jfrog.buildinfo", "build-info-extractor-gradle", "5.+") } configurations.classpath { resolutionStrategy { @@ -103,8 +103,8 @@ configure { publish { repository { setRepoKey("libs-snapshot-local") // The Artifactory repository key to publish to - setUsername(findProperty("artifactory_user")) // The publisher user name - setPassword(findProperty("artifactory_password")) // The publisher password + setUsername(findProperty("artifactory_user")?.toString().orEmpty()) // The publisher user name + setPassword(findProperty("artifactory_password")?.toString().orEmpty()) // The publisher password // This is an optional section for configuring Ivy publication (when publishIvy = true). ivy { setIvyLayout("[organization]/[module]/ivy-[revision].xml") diff --git a/src/test/resources/gradle/unresolvedGroovy/api/build.gradle b/src/test/resources/gradle/unresolvedGroovy/api/build.gradle index 492158b1..5660b719 100644 --- a/src/test/resources/gradle/unresolvedGroovy/api/build.gradle +++ b/src/test/resources/gradle/unresolvedGroovy/api/build.gradle @@ -4,9 +4,8 @@ configurations { dependencies { implementation project(':shared') - implementation module("commons-lang:commons-lang:2.4") { - dependency("commons-io:commons-io:1.2") - } + implementation "commons-lang:commons-lang:2.4" + implementation "commons-io:commons-io:1.2" implementation group: 'org.apache.wicket', name: 'wicket', version: '1.3.7' } diff --git a/src/test/resources/gradle/unresolvedGroovy/build.gradle b/src/test/resources/gradle/unresolvedGroovy/build.gradle index 1304bf38..fcdd8a6f 100644 --- a/src/test/resources/gradle/unresolvedGroovy/build.gradle +++ b/src/test/resources/gradle/unresolvedGroovy/build.gradle @@ -19,7 +19,7 @@ buildscript { mavenCentral() } dependencies { - classpath(group: 'org.jfrog.buildinfo', name: 'build-info-extractor-gradle', version: '4.+') + classpath(group: 'org.jfrog.buildinfo', name: 'build-info-extractor-gradle', version: '5.+') } configurations.classpath { resolutionStrategy { diff --git a/src/test/resources/gradle/unresolvedKotlin/build.gradle.kts b/src/test/resources/gradle/unresolvedKotlin/build.gradle.kts index 645a07ea..44108172 100644 --- a/src/test/resources/gradle/unresolvedKotlin/build.gradle.kts +++ b/src/test/resources/gradle/unresolvedKotlin/build.gradle.kts @@ -6,7 +6,7 @@ buildscript { mavenCentral() } dependencies { - classpath("org.jfrog.buildinfo", "build-info-extractor-gradle", "4.+") + classpath("org.jfrog.buildinfo", "build-info-extractor-gradle", "5.+") } configurations.classpath { resolutionStrategy { @@ -103,8 +103,8 @@ configure { publish { repository { setRepoKey("libs-snapshot-local") // The Artifactory repository key to publish to - setUsername(findProperty("artifactory_user")) // The publisher user name - setPassword(findProperty("artifactory_password")) // The publisher password + setUsername(findProperty("artifactory_user")?.toString().orEmpty()) // The publisher user name + setPassword(findProperty("artifactory_password")?.toString().orEmpty()) // The publisher password // This is an optional section for configuring Ivy publication (when publishIvy = true). ivy { setIvyLayout("[organization]/[module]/ivy-[revision].xml") diff --git a/src/test/resources/packageFinder/gradle/api/build.gradle b/src/test/resources/packageFinder/gradle/api/build.gradle index 5b5b84c0..5130c1c8 100644 --- a/src/test/resources/packageFinder/gradle/api/build.gradle +++ b/src/test/resources/packageFinder/gradle/api/build.gradle @@ -6,9 +6,8 @@ configurations { dependencies { implementation project(':shared') - implementation module("commons-lang:commons-lang:2.4") { - dependency("commons-io:commons-io:1.2") - } + implementation "commons-lang:commons-lang:2.4" + implementation "commons-io:commons-io:1.2" implementation group: 'org.apache.wicket', name: 'wicket', version: '1.3.7' }