You are viewing a plain text version of this content. The canonical link for it is here.
Posted to commits@maven.apache.org by kh...@apache.org on 2019/10/16 18:07:53 UTC
[maven-dependency-plugin] 01/01: [MDEP-626] Upgrade struts and
xerces due to CVEs o This newer version doesn't depend on struts2-core or
xercesImpl. o Upgrade Doxia and add doxia-core
This is an automated email from the ASF dual-hosted git repository.
khmarbaise pushed a commit to branch mthmulders-MDEP-626-mthmulders
in repository https://gitbox.apache.org/repos/asf/maven-dependency-plugin.git
commit a80f5cc026da0e3d98ec720b363728f4509293ff
Author: Maarten Mulders <m....@xs4all.nl>
AuthorDate: Mon Oct 7 13:58:22 2019 +0200
[MDEP-626] Upgrade struts and xerces due to CVEs
o This newer version doesn't depend on struts2-core or xercesImpl.
o Upgrade Doxia and add doxia-core
---
pom.xml | 9 +++++++--
1 file changed, 7 insertions(+), 2 deletions(-)
diff --git a/pom.xml b/pom.xml
index 35c1ac5..9010515 100644
--- a/pom.xml
+++ b/pom.xml
@@ -90,7 +90,7 @@ under the License.
<properties>
<mavenVersion>3.0</mavenVersion>
- <doxiaVersion>1.4</doxiaVersion>
+ <doxiaVersion>1.9</doxiaVersion>
<pluginTestingVersion>2.1</pluginTestingVersion>
<javaVersion>7</javaVersion>
</properties>
@@ -140,7 +140,7 @@ under the License.
<dependency>
<groupId>org.apache.maven.reporting</groupId>
<artifactId>maven-reporting-impl</artifactId>
- <version>2.3</version>
+ <version>3.0.0</version>
<exclusions>
<exclusion>
<artifactId>maven-artifact-manager</artifactId>
@@ -174,6 +174,11 @@ under the License.
</dependency>
<dependency>
<groupId>org.apache.maven.doxia</groupId>
+ <artifactId>doxia-core</artifactId>
+ <version>${doxiaVersion}</version>
+ </dependency>
+ <dependency>
+ <groupId>org.apache.maven.doxia</groupId>
<artifactId>doxia-site-renderer</artifactId>
<version>${doxiaVersion}</version>
</dependency>