Skip to content

Commit 4334e3a

Browse files
committed
fix: resolve snyk vulnerabilities
build: update plugins and dependencies build: clean up gradle configuration files
1 parent b4bcf5c commit 4334e3a

File tree

24 files changed

+290
-469
lines changed

24 files changed

+290
-469
lines changed

build.gradle

Lines changed: 81 additions & 113 deletions
Original file line numberDiff line numberDiff line change
@@ -1,7 +1,7 @@
11
plugins {
2+
id "com.github.mxenabled.coppuccino" version "6.+" apply false
3+
id "com.github.mxenabled.vogue" version "3.+"
24
id "idea"
3-
id "com.github.mxenabled.coppuccino" version "5.+" apply false
4-
id "com.github.mxenabled.vogue" version "2.+"
55
id "io.freefair.lombok" version "8.+" apply false
66
id "io.github.gradle-nexus.publish-plugin" version "1.1.+"
77
id "com.netflix.nebula.maven-resolved-dependencies" version "21.2.0" apply false
@@ -11,63 +11,31 @@ version "7.0.0" // x-release-please-version
1111

1212
def platformProject = "platform"
1313

14-
allprojects {
15-
if (it.name != platformProject) {
16-
apply plugin: "java"
17-
}
18-
14+
subprojects {
1915
group "com.mx.path-facilities"
2016
description "MX Path Facilities"
2117
version rootProject.version
22-
sourceCompatibility = JavaVersion.VERSION_17
23-
targetCompatibility = JavaVersion.VERSION_17
24-
25-
repositories {
26-
mavenCentral()
27-
mavenLocal()
28-
}
29-
30-
configurations.all {
31-
resolutionStrategy.cacheChangingModulesFor 0, 'seconds'
32-
}
3318

3419
ext {
35-
pathSDKVersion = "[5.0,6.0)"
20+
pathCoreVersion = "[6.0,7.0)"
3621
}
37-
}
3822

39-
subprojects {
40-
if (it.name != platformProject) {
41-
apply plugin: "java-library"
42-
apply plugin: "groovy"
43-
apply plugin: "maven-publish"
44-
apply plugin: "signing"
23+
if (it.name == platformProject) {
24+
apply plugin: "java-platform"
25+
} else {
4526
apply plugin: "com.github.mxenabled.coppuccino"
4627
apply plugin: "com.github.mxenabled.vogue"
28+
apply plugin: "groovy"
29+
apply plugin: "java-library"
4730
apply plugin: "io.freefair.lombok"
4831
apply plugin: "com.netflix.nebula.maven-resolved-dependencies"
4932

50-
dependencies {
51-
constraints {
52-
api "org.slf4j:slf4j-api:1.7.30"
53-
}
54-
55-
implementation platform("com.mx.path-core:platform:${project.ext.pathSDKVersion}")
56-
implementation "com.mx.path-core:common"
57-
testImplementation "com.mx.path-core:testing"
58-
testImplementation "org.spockframework:spock-core:2.4-M6-groovy-3.0"
59-
}
60-
61-
test { useJUnitPlatform() }
62-
63-
compileJava { options.compilerArgs << "-parameters" }
64-
65-
javadoc {
66-
classpath = configurations.compileClasspath
67-
options {
68-
setMemberLevel JavadocMemberLevel.PUBLIC
69-
setAuthor true
33+
java {
34+
toolchain {
35+
languageVersion = JavaLanguageVersion.of(17)
7036
}
37+
withSourcesJar()
38+
withJavadocJar()
7139
}
7240

7341
coppuccino {
@@ -81,72 +49,81 @@ subprojects {
8149
dependencyUpdatesOutputDir = "${projectDir}/build/dependencyUpdates"
8250
}
8351

84-
task sourcesJar(type: Jar, dependsOn: classes) {
85-
classifier = "sources"
86-
from sourceSets.main.allSource
52+
repositories {
53+
mavenCentral()
54+
mavenLocal()
8755
}
8856

89-
task packageJavadoc(type: Jar) {
90-
classifier = "javadoc"
91-
from javadoc
57+
dependencies {
58+
implementation platform("com.mx.path-core:platform:${project.ext.pathCoreVersion}")
59+
implementation "com.mx.path-core:common"
60+
61+
testImplementation "com.mx.path-core:testing"
9262
}
9363

94-
artifacts {
95-
archives sourcesJar
96-
archives jar
97-
archives packageJavadoc
64+
test { useJUnitPlatform() }
65+
66+
compileJava { options.compilerArgs << "-parameters" }
67+
68+
javadoc {
69+
classpath = configurations.compileClasspath
70+
options {
71+
setMemberLevel JavadocMemberLevel.PUBLIC
72+
setAuthor true
73+
}
9874
}
75+
}
9976

100-
publishing {
101-
publications {
102-
maven(MavenPublication) {
103-
from components.java
104-
artifact sourcesJar
105-
artifact packageJavadoc
106-
107-
pom {
108-
groupId = project.group
109-
artifactId = project.name
110-
name = project.name
111-
description = project.description
112-
url = "https://github.com/mxenabled/path-facilities"
113-
114-
developers {
115-
developer {
116-
name = "MX"
117-
email = "path@mx.com"
118-
organization = "MX Technologies Inc."
119-
url = "http://www.mx.com"
120-
}
77+
apply plugin: "maven-publish"
78+
apply plugin: "signing"
79+
80+
publishing {
81+
publications {
82+
maven(MavenPublication) {
83+
from(project.name == platformProject ? components.javaPlatform : components.java)
84+
85+
pom {
86+
groupId = project.group
87+
artifactId = project.name
88+
name = project.name
89+
description = project.description
90+
url = "https://github.com/mxenabled/path-facilities"
91+
92+
developers {
93+
developer {
94+
name = "MX"
95+
email = "path@mx.com"
96+
organization = "MX Technologies Inc."
97+
url = "http://www.mx.com"
12198
}
99+
}
122100

123-
licenses {
124-
license {
125-
name = "Proprietary"
126-
url = "https://github.com/mxenabled/path-facilities/blob/master/LICENSE"
127-
distribution = "repo"
128-
}
101+
licenses {
102+
license {
103+
name = "Proprietary"
104+
url = "https://github.com/mxenabled/path-facilities/blob/master/LICENSE"
105+
distribution = "repo"
129106
}
107+
}
130108

131-
scm {
132-
connection = "scm:git:git@github.com:mxenabled/path-facilities.git"
133-
url = "https://github.com/mxenabled/path-facilities/tree/master"
134-
}
109+
scm {
110+
connection = "scm:git:git@github.com:mxenabled/path-facilities.git"
111+
url = "https://github.com/mxenabled/path-facilities/tree/master"
135112
}
136113
}
137114
}
138115
}
116+
}
139117

140-
signing {
141-
def signingKey = findProperty("signingKey")
142-
def signingPassword = findProperty("signingKeyPassword")
143-
if (signingKey != null && signingKey != "") {
144-
useInMemoryPgpKeys(signingKey, signingPassword)
145-
sign publishing.publications.maven
146-
logger.lifecycle("Configuring signing for ${project.name}")
147-
} else {
148-
logger.lifecycle("Skipping artifact signing for ${project.name} - missing signing key")
149-
}
118+
signing {
119+
def signingKey = findProperty("signingKey")
120+
def signingPassword = findProperty("signingKeyPassword")
121+
if (signingKey != null && signingKey != "") {
122+
useInMemoryPgpKeys(signingKey, signingPassword)
123+
sign publishing.publications.maven
124+
logger.lifecycle("Configuring signing for ${project.name}")
125+
} else {
126+
logger.lifecycle("Skipping artifact signing for ${project.name} - missing signing key")
150127
}
151128
}
152129
}
@@ -166,25 +143,16 @@ nexusPublishing {
166143
}
167144

168145
task spotlessApply {
169-
subprojects.each {
170-
if (it.name != platformProject) {
171-
it.afterEvaluate {
172-
def spotlessApplyTask = it.tasks.findByName("spotlessApply")
173-
dependsOn(spotlessApplyTask)
174-
}
175-
}
176-
}
146+
dependsOn subprojects.findAll { it.name != platformProject }.collect { "${it.path}:spotlessApply" }
177147
}
178148

179149
task subdependencies {
180-
subprojects.each {
181-
if (it.name != platformProject) {
182-
it.afterEvaluate {
183-
def dependenciesTask = it.tasks.findByName("dependencies")
184-
dependsOn(dependenciesTask)
185-
}
186-
}
187-
}
150+
dependsOn subprojects.findAll { it.name != platformProject }.collect { "${it.path}:dependencies" }
188151
}
189152

190153
project.tasks.getByPath("dependencies").finalizedBy("subdependencies")
154+
155+
wrapper {
156+
gradleVersion = "7.6.4"
157+
distributionType = Wrapper.DistributionType.ALL
158+
}

encryption-service-jasypt/build.gradle

Lines changed: 1 addition & 7 deletions
Original file line numberDiff line numberDiff line change
@@ -2,18 +2,12 @@ coppuccino {
22
coverage {
33
minimumCoverage = 1.00
44
}
5-
dependencies {
6-
excludePreReleaseVersions = true
7-
}
85
}
96

107
dependencies {
118
implementation "org.jasypt:jasypt:1.9.3"
129
implementation "commons-codec:commons-codec:1.15"
1310
compileOnly "org.slf4j:slf4j-api"
1411

15-
//testing dependencies
16-
testImplementation "org.mockito:mockito-inline:[5.0,6.0)"
17-
testImplementation "org.slf4j:slf4j-simple:1.7.30"
18-
testImplementation "org.spockframework:spock-core:2.4-M6-groovy-3.0"
12+
testImplementation "org.slf4j:slf4j-simple"
1913
}

encryption-service-jasypt/dependency_suppression.xml

Lines changed: 0 additions & 2 deletions
This file was deleted.

encryption-service-jasypt/gradle.lockfile

Lines changed: 26 additions & 30 deletions
Original file line numberDiff line numberDiff line change
@@ -1,18 +1,18 @@
11
# This is a Gradle generated file for dependency locking.
22
# Manual edits can break the build and are not advised.
33
# This file is expected to be part of source control.
4-
com.auth0:java-jwt:4.5.0=testRuntimeClasspath
4+
com.auth0:java-jwt:4.5.1=testRuntimeClasspath
55
com.datadoghq:dd-trace-api:1.38.0=testRuntimeClasspath
6-
com.fasterxml.jackson.core:jackson-annotations:2.15.4=testRuntimeClasspath
7-
com.fasterxml.jackson.core:jackson-core:2.15.4=testRuntimeClasspath
8-
com.fasterxml.jackson.core:jackson-databind:2.15.4=testRuntimeClasspath
9-
com.fasterxml.jackson:jackson-bom:2.15.4=testRuntimeClasspath
6+
com.fasterxml.jackson.core:jackson-annotations:2.21=testRuntimeClasspath
7+
com.fasterxml.jackson.core:jackson-core:2.21.0=testRuntimeClasspath
8+
com.fasterxml.jackson.core:jackson-databind:2.21.0=testRuntimeClasspath
9+
com.fasterxml.jackson:jackson-bom:2.21.0=testRuntimeClasspath
1010
com.github.oowekyala.ooxml:nice-xml-messages:3.1=pmd
1111
com.github.rholder:guava-retrying:2.0.0=compileClasspath,runtimeClasspath,testCompileClasspath,testRuntimeClasspath
12-
com.github.spotbugs:spotbugs-annotations:4.9.8=compileClasspath,runtimeClasspath,spotbugs,testCompileClasspath,testRuntimeClasspath
12+
com.github.spotbugs:spotbugs-annotations:4.9.8=annotationProcessor,compileClasspath,spotbugs,testAnnotationProcessor,testCompileClasspath
1313
com.github.spotbugs:spotbugs:4.9.8=spotbugs
1414
com.github.stephenc.jcip:jcip-annotations:1.0-1=spotbugs
15-
com.google.code.findbugs:jsr305:3.0.2=checkstyle,compileClasspath,runtimeClasspath,spotbugs,testCompileClasspath,testRuntimeClasspath
15+
com.google.code.findbugs:jsr305:3.0.2=annotationProcessor,checkstyle,compileClasspath,runtimeClasspath,spotbugs,testAnnotationProcessor,testCompileClasspath,testRuntimeClasspath
1616
com.google.code.gson:gson:2.13.1=pmd
1717
com.google.code.gson:gson:2.13.2=compileClasspath,runtimeClasspath,spotbugs,testCompileClasspath,testRuntimeClasspath
1818
com.google.errorprone:error_prone_annotations:2.36.0=checkstyle
@@ -25,13 +25,13 @@ com.google.guava:guava:33.4.8-jre=checkstyle
2525
com.google.guava:listenablefuture:9999.0-empty-to-avoid-conflict-with-guava=checkstyle,compileClasspath,runtimeClasspath,testCompileClasspath,testRuntimeClasspath
2626
com.google.j2objc:j2objc-annotations:2.8=compileClasspath,testCompileClasspath
2727
com.google.j2objc:j2objc-annotations:3.0.0=checkstyle
28-
com.mx.path-core:common:5.0.0=compileClasspath,runtimeClasspath,testCompileClasspath,testRuntimeClasspath
29-
com.mx.path-core:context:5.0.0=testRuntimeClasspath
30-
com.mx.path-core:gateway:5.0.0=testRuntimeClasspath
31-
com.mx.path-core:messaging:5.0.0=testRuntimeClasspath
32-
com.mx.path-core:platform:5.0.0=compileClasspath,runtimeClasspath,testCompileClasspath,testRuntimeClasspath
33-
com.mx.path-core:testing:5.0.0=testCompileClasspath,testRuntimeClasspath
34-
com.mx.path-core:utilities:5.0.0=testRuntimeClasspath
28+
com.mx.path-core:common:6.0.1-SNAPSHOT=compileClasspath,runtimeClasspath,testCompileClasspath,testRuntimeClasspath
29+
com.mx.path-core:context:6.0.1-SNAPSHOT=testRuntimeClasspath
30+
com.mx.path-core:gateway:6.0.1-SNAPSHOT=testRuntimeClasspath
31+
com.mx.path-core:messaging:6.0.1-SNAPSHOT=testRuntimeClasspath
32+
com.mx.path-core:platform:6.0.1-SNAPSHOT=compileClasspath,runtimeClasspath,testCompileClasspath,testRuntimeClasspath
33+
com.mx.path-core:testing:6.0.1-SNAPSHOT=testCompileClasspath,testRuntimeClasspath
34+
com.mx.path-core:utilities:6.0.1-SNAPSHOT=testRuntimeClasspath
3535
com.puppycrawl.tools:checkstyle:10.25.0=checkstyle
3636
com.sun.istack:istack-commons-runtime:4.1.2=testRuntimeClasspath
3737
com.sun.xml.bind:jaxb-core:4.0.6=testRuntimeClasspath
@@ -40,7 +40,6 @@ commons-beanutils:commons-beanutils:1.11.0=checkstyle
4040
commons-codec:commons-codec:1.15=checkstyle,compileClasspath,pmd,runtimeClasspath,testCompileClasspath,testRuntimeClasspath
4141
commons-collections:commons-collections:3.2.2=checkstyle
4242
commons-io:commons-io:2.20.0=spotbugs
43-
commons-lang:commons-lang:2.6=testRuntimeClasspath
4443
commons-logging:commons-logging:1.2=testRuntimeClasspath
4544
info.picocli:picocli:4.7.7=checkstyle
4645
io.github.cdimascio:dotenv-java:2.3.2=testRuntimeClasspath
@@ -54,7 +53,7 @@ jakarta.xml.soap:jakarta.xml.soap-api:3.0.2=testRuntimeClasspath
5453
jaxen:jaxen:2.0.0=spotbugs
5554
net.bytebuddy:byte-buddy-agent:1.14.1=testCompileClasspath,testRuntimeClasspath
5655
net.bytebuddy:byte-buddy:1.14.1=testCompileClasspath
57-
net.bytebuddy:byte-buddy:1.17.7=testRuntimeClasspath
56+
net.bytebuddy:byte-buddy:1.18.3=testRuntimeClasspath
5857
net.sf.saxon:Saxon-HE:12.5=checkstyle,pmd
5958
net.sf.saxon:Saxon-HE:12.9=spotbugs
6059
net.sourceforge.pmd:pmd-ant:7.16.0=pmd
@@ -63,28 +62,28 @@ net.sourceforge.pmd:pmd-java:7.16.0=pmd
6362
org.antlr:antlr4-runtime:4.13.2=checkstyle
6463
org.antlr:antlr4-runtime:4.9.3=pmd
6564
org.apache.bcel:bcel:6.11.0=spotbugs
66-
org.apache.commons:commons-lang3:3.18.0=pmd
65+
org.apache.commons:commons-lang3:3.18.0=checkstyle,pmd
6766
org.apache.commons:commons-lang3:3.19.0=spotbugs
6867
org.apache.commons:commons-lang3:3.20.0=compileClasspath,runtimeClasspath,testCompileClasspath,testRuntimeClasspath
69-
org.apache.commons:commons-lang3:3.8.1=checkstyle
7068
org.apache.commons:commons-text:1.14.0=spotbugs
7169
org.apache.commons:commons-text:1.15.0=compileClasspath,runtimeClasspath,testCompileClasspath,testRuntimeClasspath
7270
org.apache.commons:commons-text:1.3=checkstyle
7371
org.apache.httpcomponents.client5:httpclient5:5.1.3=checkstyle,pmd
7472
org.apache.httpcomponents.core5:httpcore5-h2:5.1.3=checkstyle,pmd
7573
org.apache.httpcomponents.core5:httpcore5:5.1.3=checkstyle,pmd
76-
org.apache.httpcomponents:httpclient:4.5.13=checkstyle,testRuntimeClasspath
77-
org.apache.httpcomponents:httpcore:4.4.13=testRuntimeClasspath
74+
org.apache.httpcomponents:httpclient:4.5.13=checkstyle
75+
org.apache.httpcomponents:httpclient:4.5.14=testRuntimeClasspath
7876
org.apache.httpcomponents:httpcore:4.4.14=checkstyle
79-
org.apache.logging.log4j:log4j-api:2.25.2=spotbugs
80-
org.apache.logging.log4j:log4j-core:2.25.2=spotbugs
77+
org.apache.httpcomponents:httpcore:4.4.16=testRuntimeClasspath
78+
org.apache.logging.log4j:log4j-api:2.25.3=spotbugs
79+
org.apache.logging.log4j:log4j-core:2.25.3=spotbugs
8180
org.apache.maven.doxia:doxia-core:1.12.0=checkstyle
8281
org.apache.maven.doxia:doxia-logging-api:1.12.0=checkstyle
8382
org.apache.maven.doxia:doxia-module-xdoc:1.12.0=checkstyle
8483
org.apache.maven.doxia:doxia-sink-api:1.12.0=checkstyle
8584
org.apache.xbean:xbean-reflect:3.7=checkstyle
8685
org.apiguardian:apiguardian-api:1.1.2=testCompileClasspath
87-
org.assertj:assertj-core:3.27.6=testRuntimeClasspath
86+
org.assertj:assertj-core:3.27.7=testRuntimeClasspath
8887
org.checkerframework:checker-qual:3.37.0=compileClasspath,runtimeClasspath,testCompileClasspath,testRuntimeClasspath
8988
org.checkerframework:checker-qual:3.49.3=checkstyle
9089
org.checkerframework:checker-qual:3.49.5=pmd
@@ -106,13 +105,10 @@ org.jacoco:org.jacoco.report:0.8.8=jacocoAnt
106105
org.jasypt:jasypt:1.9.3=compileClasspath,runtimeClasspath,testCompileClasspath,testRuntimeClasspath
107106
org.javassist:javassist:3.28.0-GA=checkstyle,testRuntimeClasspath
108107
org.jspecify:jspecify:1.0.0=checkstyle
109-
org.junit.jupiter:junit-jupiter-api:5.14.0=testRuntimeClasspath
110-
org.junit.platform:junit-platform-commons:1.12.2=testCompileClasspath
111-
org.junit.platform:junit-platform-commons:1.14.0=testRuntimeClasspath
112-
org.junit.platform:junit-platform-engine:1.12.2=testCompileClasspath
113-
org.junit.platform:junit-platform-engine:1.14.0=testRuntimeClasspath
114-
org.junit:junit-bom:5.12.2=testCompileClasspath
115-
org.junit:junit-bom:5.14.0=runtimeClasspath,spotbugs,testRuntimeClasspath
108+
org.junit.jupiter:junit-jupiter-api:5.14.0=testCompileClasspath,testRuntimeClasspath
109+
org.junit.platform:junit-platform-commons:1.14.0=testCompileClasspath,testRuntimeClasspath
110+
org.junit.platform:junit-platform-engine:1.14.0=testCompileClasspath,testRuntimeClasspath
111+
org.junit:junit-bom:5.14.0=annotationProcessor,spotbugs,testAnnotationProcessor,testCompileClasspath,testRuntimeClasspath
116112
org.mockito:mockito-core:5.2.0=testCompileClasspath,testRuntimeClasspath
117113
org.mockito:mockito-inline:5.2.0=testCompileClasspath,testRuntimeClasspath
118114
org.objenesis:objenesis:3.3=runtimeClasspath,testRuntimeClasspath

0 commit comments

Comments
 (0)