You are viewing a plain text version of this content. The canonical link for it is here.
Posted to commits@ofbiz.apache.org by jl...@apache.org on 2022/11/03 16:36:41 UTC
[ofbiz-framework] branch trunk updated: Improved: Update build.gradle to the latest dependencies (OFBIZ-10213)
This is an automated email from the ASF dual-hosted git repository.
jleroux pushed a commit to branch trunk
in repository https://gitbox.apache.org/repos/asf/ofbiz-framework.git
The following commit(s) were added to refs/heads/trunk by this push:
new 6af3823534 Improved: Update build.gradle to the latest dependencies (OFBIZ-10213)
6af3823534 is described below
commit 6af38235345e0adf6636d5b563b1b5b3fcd170aa
Author: Jacques Le Roux <ja...@les7arts.com>
AuthorDate: Thu Nov 3 17:36:07 2022 +0100
Improved: Update build.gradle to the latest dependencies (OFBIZ-10213)
I now directly use the umbrella task, no need to create a sub-task each time,
the documentation is in the source (build.gradle) anyway
---
build.gradle | 59 ++++++++++++++++++++++++++++++-----------------------------
1 file changed, 30 insertions(+), 29 deletions(-)
diff --git a/build.gradle b/build.gradle
index 709fa7f43e..6fb5674458 100644
--- a/build.gradle
+++ b/build.gradle
@@ -31,12 +31,12 @@ plugins {
id 'maven-publish'
id 'at.bxm.svntools' version '3.1'
id 'org.asciidoctor.convert' version '2.4.0' // About org.asciidoctor.jvm.convert as it says itself: "If you need a production-ready version of the AsciidoctorJ plugin for Gradle use a 1.5.x release of 'org.asciidoctor.convert' instead"
- id 'org.owasp.dependencycheck' version '7.1.1' apply false
+ id 'org.owasp.dependencycheck' version '7.3.0' apply false
id 'se.patrikerdes.use-latest-versions' version '0.2.18' apply false
id 'com.github.ben-manes.versions' version '0.42.0' apply false
id "com.github.ManifestClasspath" version "0.1.0-RELEASE"
id "com.github.jakemarsden.git-hooks" version "0.0.2"
- id "com.github.node-gradle.node" version "3.4.0"
+ id "com.github.node-gradle.node" version "3.5.0"
}
/* OWASP plugin
@@ -110,7 +110,7 @@ javadoc {
node {
download = true
- version = "16.13.1"
+ version = "13.14.0"
// npmVersion will be the one that comes default with node
// https://github.com/node-gradle/gradle-node-plugin/blob/2.2.4/README.md
@@ -200,14 +200,13 @@ configurations {
}
dependencies {
- implementation 'xerces:xercesImpl:2.12.2'
implementation 'com.github.ben-manes.caffeine:caffeine:3.1.1'
- implementation 'com.google.zxing:core:3.5.0'
+ implementation 'com.google.zxing:core:3.5.1'
implementation 'com.googlecode.concurrentlinkedhashmap:concurrentlinkedhashmap-lru:1.4.2'
implementation 'com.googlecode.ez-vcard:ez-vcard:0.11.3'
implementation 'com.googlecode.owasp-java-html-sanitizer:owasp-java-html-sanitizer:20220608.1'
- implementation 'com.googlecode.libphonenumber:libphonenumber:8.12.50'
- implementation 'com.ibm.icu:icu4j:71.1'
+ implementation 'com.googlecode.libphonenumber:libphonenumber:8.12.57'
+ implementation 'com.ibm.icu:icu4j:72.1'
implementation 'com.lowagie:itext:2.1.7' // Don't update due to license change in newer versions, see OFBIZ-10455
implementation 'com.sun.mail:javax.mail:1.6.2'
implementation 'com.rometools:rome:1.18.0'
@@ -217,7 +216,7 @@ dependencies {
implementation 'commons-validator:commons-validator:1.7'
implementation 'de.odysseus.juel:juel-impl:2.2.7'
implementation 'net.fortuna.ical4j:ical4j:1.0-rc4-atlassian-12'
- implementation 'net.lingala.zip4j:zip4j:2.11.1'
+ implementation 'net.lingala.zip4j:zip4j:2.11.2'
implementation 'org.apache.ant:ant-junit:1.10.12'
implementation 'org.apache.commons:commons-collections4:4.4'
implementation 'org.apache.commons:commons-csv:1.9.0'
@@ -227,20 +226,20 @@ dependencies {
implementation 'org.apache.geronimo.components:geronimo-transaction:3.1.5'
implementation 'org.apache.geronimo.specs:geronimo-jms_1.1_spec:1.1.1'
implementation 'org.apache.httpcomponents:httpclient-cache:4.5.13'
- implementation 'org.apache.logging.log4j:log4j-api:2.17.2' // the API of log4j 2
- implementation 'org.apache.logging.log4j:log4j-core:2.17.2' // Somehow needed by Buildbot to compile OFBizDynamicThresholdFilter.java
+ implementation 'org.apache.logging.log4j:log4j-api:2.19.0' // the API of log4j 2
+ implementation 'org.apache.logging.log4j:log4j-core:2.19.0' // Somehow needed by Buildbot to compile OFBizDynamicThresholdFilter.java
implementation 'org.apache.poi:poi:4.1.2' // poi-ooxml-schemas-5.0.0.pom'. Received status code 401 from server
implementation 'org.apache.pdfbox:pdfbox:2.0.27'
- implementation 'org.apache.shiro:shiro-core:1.9.0'
- implementation 'org.apache.sshd:sshd-core:2.8.0'
- implementation 'org.apache.sshd:sshd-sftp:2.8.0'
+ implementation 'org.apache.shiro:shiro-core:1.10.0'
+ implementation 'org.apache.sshd:sshd-core:2.9.1'
+ implementation 'org.apache.sshd:sshd-sftp:2.9.1'
implementation 'org.apache.tika:tika-core:2.5.0'
implementation 'org.apache.tika:tika-parsers:2.5.0'
implementation 'org.apache.tika:tika-parser-pdf-module:2.5.0'
- implementation 'org.apache.cxf:cxf-rt-frontend-jaxrs:3.5.3'
+ implementation 'org.apache.cxf:cxf-rt-frontend-jaxrs:3.5.4'
implementation 'org.apache.tomcat:tomcat-catalina-ha:9.0.68' // Remember to change the version number (9 now) in javadoc block if needed.
implementation 'org.apache.tomcat:tomcat-jasper:9.0.68'
- implementation 'org.apache.axis2:axis2-kernel:1.8.1'
+ implementation 'org.apache.axis2:axis2-kernel:1.8.2'
implementation 'batik:batik-svg-dom:1.6-1'
implementation 'org.apache.xmlgraphics:fop:2.3' // NOTE: since 2.4 dependencies are messed up. See https://github.com/moqui/moqui-fop/blob/master/build.gradle
implementation 'org.apache.xmlrpc:xmlrpc-client:3.1.3'
@@ -248,18 +247,20 @@ dependencies {
implementation 'org.clojure:clojure:1.11.1'
implementation 'org.codehaus.groovy:groovy-all:2.5.18' // Compile issue with commons-cli and Groovy 3. Remember to change the version number in javadoc block.
implementation 'org.freemarker:freemarker:2.3.31' // Remember to change the version number in FreeMarkerWorker class when upgrading. See OFBIZ-10019 if >= 2.4
- implementation 'org.owasp.esapi:esapi:2.4.0.0'
+ implementation 'org.owasp.esapi:esapi:2.5.0.0'
implementation 'org.cyberneko:html:1.9.8'
- implementation 'org.springframework:spring-test:5.3.21'
+ implementation 'org.springframework:spring-test:5.3.23'
implementation 'com.fasterxml.jackson.core:jackson-databind:2.13.4.2'
implementation 'oro:oro:2.0.8'
implementation 'wsdl4j:wsdl4j:1.6.3'
- implementation 'com.auth0:java-jwt:4.0.0'
+ implementation 'com.auth0:java-jwt:4.2.1'
implementation 'org.jdom:jdom:1.1.3' // don't upgrade above 1.1.3, makes a lot of not obvious and useless complications, see last commits of OFBIZ-12092 for more
- implementation 'com.google.re2j:re2j:1.6'
+ implementation 'com.google.re2j:re2j:1.7'
+ implementation 'xerces:xercesImpl:2.12.2'
+
testImplementation 'org.hamcrest:hamcrest-library:2.2' // Enable junit4 to not depend on hamcrest-1.3
- testImplementation 'org.mockito:mockito-core:4.6.1'
+ testImplementation 'org.mockito:mockito-core:4.8.1'
testImplementation 'org.jmockit:jmockit:1.49'
testImplementation 'com.pholser:junit-quickcheck-generators:1.0'
@@ -267,15 +268,15 @@ dependencies {
runtimeOnly 'de.odysseus.juel:juel-spi:2.2.7'
runtimeOnly 'net.sf.barcode4j:barcode4j-fop-ext:2.1'
runtimeOnly 'net.sf.barcode4j:barcode4j:2.1'
- runtimeOnly 'org.apache.axis2:axis2-transport-http:1.8.1'
- runtimeOnly 'org.apache.axis2:axis2-transport-local:1.8.1'
+ runtimeOnly 'org.apache.axis2:axis2-transport-http:1.8.2'
+ runtimeOnly 'org.apache.axis2:axis2-transport-local:1.8.2'
runtimeOnly 'org.apache.derby:derby:10.14.2.0' // So far we did not update from 10.14.2.0 because of a runtime issue with 10.16.1.1: java.lang.ClassNotFoundException: org.apache.derby.jdbc.EmbeddedDriver
runtimeOnly 'org.apache.geronimo.specs:geronimo-jaxrpc_1.1_spec:2.1'
- runtimeOnly 'org.apache.logging.log4j:log4j-1.2-api:2.17.2' // for external jars using the old log4j1.2: routes logging to log4j 2
- runtimeOnly 'org.apache.logging.log4j:log4j-jul:2.17.2' // for external jars using the java.util.logging: routes logging to log4j 2
- runtimeOnly 'org.apache.logging.log4j:log4j-slf4j-impl:2.17.2' // for external jars using slf4j: routes logging to log4j 2
- runtimeOnly 'org.apache.logging.log4j:log4j-web:2.17.2' //???
- runtimeOnly 'org.apache.logging.log4j:log4j-jcl:2.17.2' // need to constrain to version to avoid classpath conflict (ReflectionUtil)
+ runtimeOnly 'org.apache.logging.log4j:log4j-1.2-api:2.19.0' // for external jars using the old log4j1.2: routes logging to log4j 2
+ runtimeOnly 'org.apache.logging.log4j:log4j-jul:2.19.0' // for external jars using the java.util.logging: routes logging to log4j 2
+ runtimeOnly 'org.apache.logging.log4j:log4j-slf4j-impl:2.19.0' // for external jars using slf4j: routes logging to log4j 2
+ runtimeOnly 'org.apache.logging.log4j:log4j-web:2.19.0' //???
+ runtimeOnly 'org.apache.logging.log4j:log4j-jcl:2.19.0' // need to constrain to version to avoid classpath conflict (ReflectionUtil)
runtimeOnly 'org.codeartisans.thirdparties.swing:batik-all:1.8pre-r1084380'
// Dependencies defined by the plugins
@@ -287,8 +288,8 @@ dependencies {
junitReport 'junit:junit:4.13.2'
junitReport 'org.apache.ant:ant-junit:1.10.12'
- asciidoctor 'org.asciidoctor:asciidoctorj-pdf:1.5.3'
- asciidoctor 'org.jruby:jruby-complete:9.2.19.0' // bug workaround - see OFBIZ-9873
+ asciidoctor 'org.asciidoctor:asciidoctorj-pdf:2.3.4'
+ asciidoctor 'org.jruby:jruby-complete:9.3.9.0' // bug workaround - see OFBIZ-9873
// Libraries downloaded manually
implementation fileTree(dir: file("${rootDir}/lib"), include: '**/*.jar')