You are viewing a plain text version of this content. The canonical link for it is here.
Posted to commits@ws.apache.org by gi...@apache.org on 2022/07/14 07:43:13 UTC
[ws-wss4j] branch dependabot/maven/org.apache.maven.plugins-maven-pmd-plugin-3.16.0 updated (da433279a -> ed641f445)
This is an automated email from the ASF dual-hosted git repository.
github-bot pushed a change to branch dependabot/maven/org.apache.maven.plugins-maven-pmd-plugin-3.16.0
in repository https://gitbox.apache.org/repos/asf/ws-wss4j.git
omit da433279a Bump maven-pmd-plugin from 3.7 to 3.16.0
add 534947119 Updating website for 2.4.1 release
add 058b26b22 [WSS-694] Migrated to native jakarta (#45)
add e0fee1d5d Removing dependabot
add b6ca5d2aa Updating plugins
add a4b8b8c17 Moving SAAJ out of profile
add 545733e65 Updating version to 3.0.0-SNAPSHOT
add 6ff54d5cf WSS-695 - Unmarshalling failure with OpenSAML 4
add bcc80588a Remove geronimo-javamail_1.4_mail dependency (#48)
add e4a33efcb WSS-687 - Update OpenSAML to 4.1.1 (#49)
add 13412728b Update Ehcache to 3.10.0 (#50)
add 3240e952f Updating to Apache Santuario 3.0.0
add 0d29e0a1b Updating Kerby to 2.0.2
add da0484dff Upgrade mail api dependency to 2.1.0 (#52)
add 7a0d0b4ee PMD updates to policy module
add 9b54ccf77 Updating APIs after pmd update
add 8d42aa56e Removing stacktrace
add edc1b1778 PMD fixes on ws-security-dom, part I
add 5c414bb94 PMD updates for ws-security-dom part II
add 412bc7b74 PMD updates for ws-security-stax - part I
add fbf412987 Finished pmd upgrade of ws-security-stax
add 1bc3b45fb Finishing PMD migration
add 73cb26713 Updating XML Unit to 2.9.0
add 3b9d0e3a4 Updating Neethi to 3.2.0
add dc611226d Updating asciidoctor-maven-plugin to 2.2.2
add f5a4234e2 Updating cryptacular to 1.2.5
add 4699e7ff8 Updating guava to 31.1-jre
add 963eb4612 Revert "Updating Neethi to 3.2.0"
add 50ffbfb2f Updating some plugins
add 7e1be93df Switching explicitly to reload4j
add 950e8a663 Updating Checkstyle to 10.1
add c215cb5ab Applying permissions to codeql workflow
add 2355ecb73 Removing default passwords for keystores and truststores
add 8a3283054 Updating Neethi to 3.2.0
add 9e7ca85c0 Removing WSSecurityUtil.generateNonce
add ed641f445 Bump maven-pmd-plugin from 3.7 to 3.16.0
This update added new revisions after undoing existing revisions.
That is to say, some revisions that were in the old version of the
branch are not in the new version. This situation occurs
when a user --force pushes a change and generates a repository
containing something like this:
* -- * -- B -- O -- O -- O (da433279a)
\
N -- N -- N refs/heads/dependabot/maven/org.apache.maven.plugins-maven-pmd-plugin-3.16.0 (ed641f445)
You should already have received notification emails for all of the O
revisions, and so the following emails describe only the N revisions
from the common base, B.
Any revisions marked "omit" are not gone; other references still
refer to them. Any revisions marked "discard" are gone forever.
No new revisions were added by this update.
Summary of changes:
.github/dependabot.yml | 20 ----
.github/workflows/codeql-analysis.yml | 12 +-
bindings/pom.xml | 2 +-
.../wss4j/binding/wss10/AttributedString.java | 22 ++--
.../binding/wss10/BinarySecurityTokenType.java | 24 ++--
.../apache/wss4j/binding/wss10/EmbeddedType.java | 14 +--
.../apache/wss4j/binding/wss10/EncodedString.java | 12 +-
.../wss4j/binding/wss10/KeyIdentifierType.java | 10 +-
.../apache/wss4j/binding/wss10/ObjectFactory.java | 6 +-
.../apache/wss4j/binding/wss10/PasswordString.java | 10 +-
.../apache/wss4j/binding/wss10/ReferenceType.java | 12 +-
.../wss4j/binding/wss10/SecurityHeaderType.java | 10 +-
.../binding/wss10/SecurityTokenReferenceType.java | 20 ++--
.../wss10/TransformationParametersType.java | 10 +-
.../wss4j/binding/wss10/UsernameTokenType.java | 22 ++--
.../apache/wss4j/binding/wss10/package-info.java | 2 +-
.../wss4j/binding/wss11/EncryptedHeaderType.java | 18 +--
.../apache/wss4j/binding/wss11/ObjectFactory.java | 6 +-
.../binding/wss11/SignatureConfirmationType.java | 16 +--
.../apache/wss4j/binding/wss11/package-info.java | 2 +-
.../wss4j/binding/wssc13/DerivedKeyTokenType.java | 18 +--
.../apache/wss4j/binding/wssc13/ObjectFactory.java | 6 +-
.../wss4j/binding/wssc13/PropertiesType.java | 8 +-
.../binding/wssc13/SecurityContextTokenType.java | 20 ++--
.../apache/wss4j/binding/wssc13/package-info.java | 2 +-
.../binding/wssc200502/DerivedKeyTokenType.java | 18 +--
.../wss4j/binding/wssc200502/ObjectFactory.java | 6 +-
.../wss4j/binding/wssc200502/PropertiesType.java | 8 +-
.../wssc200502/SecurityContextTokenType.java | 26 ++---
.../wss4j/binding/wssc200502/package-info.java | 2 +-
.../binding/wsu10/AbstractAttributedDateTime.java | 2 +-
.../wss4j/binding/wsu10/AttributedDateTime.java | 20 ++--
.../apache/wss4j/binding/wsu10/AttributedURI.java | 20 ++--
.../apache/wss4j/binding/wsu10/ObjectFactory.java | 6 +-
.../apache/wss4j/binding/wsu10/TimestampType.java | 22 ++--
.../apache/wss4j/binding/wsu10/package-info.java | 2 +-
build-tools/wss4j-pmd-ruleset.xml | 123 ++++++++++++++++++---
integration/pom.xml | 9 +-
.../integration/test/kerberos/KerberosTest.java | 6 +-
parent/pom.xml | 78 ++++++++++---
performance/pom.xml | 2 +-
policy/pom.xml | 8 +-
.../org/apache/wss4j/policy/AssertionState.java | 2 +-
.../java/org/apache/wss4j/policy/SPConstants.java | 0
.../main/java/org/apache/wss4j/policy/SPUtils.java | 12 +-
.../policy/builders/AlgorithmSuiteBuilder.java | 0
.../policy/builders/AsymmetricBindingBuilder.java | 0
.../policy/builders/EncryptedElementsBuilder.java | 0
.../policy/builders/EncryptedPartsBuilder.java | 0
.../policy/builders/EncryptionTokenBuilder.java | 0
.../builders/InitiatorEncryptionTokenBuilder.java | 0
.../builders/InitiatorSignatureTokenBuilder.java | 0
.../policy/builders/InitiatorTokenBuilder.java | 0
.../wss4j/policy/builders/IssuedTokenBuilder.java | 0
.../wss4j/policy/builders/LayoutBuilder.java | 0
.../policy/builders/ProtectionTokenBuilder.java | 0
.../builders/RecipientEncryptionTokenBuilder.java | 0
.../builders/RecipientSignatureTokenBuilder.java | 0
.../policy/builders/RecipientTokenBuilder.java | 0
.../builders/SecureConversationTokenBuilder.java | 0
.../builders/SecurityContextTokenBuilder.java | 0
.../policy/builders/SignatureTokenBuilder.java | 0
.../policy/builders/SignedElementsBuilder.java | 0
.../wss4j/policy/builders/SignedPartsBuilder.java | 0
.../policy/builders/SpnegoContextTokenBuilder.java | 0
.../policy/builders/SupportingTokensBuilder.java | 0
.../policy/builders/SymmetricBindingBuilder.java | 0
.../policy/builders/TransportBindingBuilder.java | 0
.../policy/builders/TransportTokenBuilder.java | 0
.../wss4j/policy/builders/Trust10Builder.java | 0
.../wss4j/policy/builders/Trust13Builder.java | 0
.../policy/builders/UsernameTokenBuilder.java | 0
.../apache/wss4j/policy/builders/WSS10Builder.java | 0
.../apache/wss4j/policy/builders/WSS11Builder.java | 0
.../wss4j/policy/builders/X509TokenBuilder.java | 0
.../policy/model/AbstractSecurityAssertion.java | 8 +-
.../apache/wss4j/policy/model/AlgorithmSuite.java | 12 +-
.../org/apache/wss4j/policy/model/DOM2Writer.java | 5 +-
.../java/org/apache/wss4j/policy/model/Header.java | 8 +-
.../org/apache/wss4j/policy/model/NSStack.java | 16 ---
.../wss4j/policy/model/SupportingTokens.java | 10 +-
.../java/org/apache/wss4j/policy/model/XPath.java | 7 +-
pom.xml | 70 ++++++------
src/site/xdoc/download.xml | 16 +--
src/site/xdoc/index.xml | 11 ++
ws-security-common/pom.xml | 22 ++--
.../wss4j/common/crypto/BouncyCastleUtils.java | 4 +-
.../wss4j/common/crypto/CertificateStore.java | 18 +--
.../org/apache/wss4j/common/crypto/CryptoBase.java | 2 +-
.../apache/wss4j/common/crypto/CryptoFactory.java | 4 +-
.../org/apache/wss4j/common/crypto/Merlin.java | 22 ++--
.../org/apache/wss4j/common/crypto/MerlinAKI.java | 6 +-
.../apache/wss4j/common/crypto/MerlinDevice.java | 4 +-
.../wss4j/common/crypto/WSProviderConfig.java | 2 +-
.../wss4j/common/derivedKey/AlgoFactory.java | 0
.../common/derivedKey/ConversationConstants.java | 0
.../common/derivedKey/DerivationAlgorithm.java | 0
.../org/apache/wss4j/common/derivedKey/P_SHA1.java | 0
.../principal/WSUsernameTokenPrincipalImpl.java | 7 +-
.../wss4j/common/saml/OpenSAMLBootstrap.java | 5 +-
.../wss4j/common/saml/SamlAssertionWrapper.java | 11 +-
.../saml/WSS4JXSBase64BinaryUnmarshaller.java | 47 ++++++++
.../common/saml/bean/AudienceRestrictionBean.java | 6 +-
.../common/saml/bean/ProxyRestrictionBean.java | 6 +-
.../common/saml/builder/SAML1ComponentBuilder.java | 1 +
.../common/spnego/DefaultSpnegoClientAction.java | 2 +-
.../common/spnego/DefaultSpnegoServiceAction.java | 2 +-
.../apache/wss4j/common/token/BinarySecurity.java | 7 +-
.../org/apache/wss4j/common/token/DOMX509Data.java | 5 +-
.../apache/wss4j/common/token/PKIPathSecurity.java | 2 +-
.../org/apache/wss4j/common/token/Reference.java | 5 +-
.../wss4j/common/token/SecurityTokenReference.java | 12 +-
.../apache/wss4j/common/util/AttachmentUtils.java | 16 +--
.../common/util/CommaDelimiterRfc2253Name.java | 2 +-
.../org/apache/wss4j/common/util/DOM2Writer.java | 5 +-
.../org/apache/wss4j/common/util/KeyUtils.java | 2 +-
.../java/org/apache/wss4j/common/util/NSStack.java | 17 ---
.../wss4j/common/util/UsernameTokenUtil.java | 6 +-
.../org/apache/wss4j/common/util/XMLUtils.java | 3 +-
.../src/main/resources/wss4j-signature-config.xml | 15 +++
.../wss4j/common/crypto/NameConstraintsTest.java | 4 +-
.../org/apache/wss4j/common/util/SOAPUtil.java | 6 +-
ws-security-dom/pom.xml | 10 +-
.../main/java/org/apache/wss4j/dom/WSDocInfo.java | 8 +-
.../wss4j/dom/engine/WSSecurityEngineResult.java | 6 +-
.../org/apache/wss4j/dom/handler/WSHandler.java | 13 +--
.../wss4j/dom/message/WSSecDerivedKeyBase.java | 6 +-
.../wss4j/dom/message/WSSecEncryptedKey.java | 5 +-
.../org/apache/wss4j/dom/message/WSSecHeader.java | 5 +-
.../wss4j/dom/message/WSSecUsernameToken.java | 2 +-
.../wss4j/dom/message/token/DerivedKeyToken.java | 10 +-
.../wss4j/dom/message/token/KerberosSecurity.java | 21 +---
.../dom/message/token/SecurityContextToken.java | 5 +-
.../dom/message/token/SignatureConfirmation.java | 5 +-
.../apache/wss4j/dom/message/token/Timestamp.java | 5 +-
.../wss4j/dom/message/token/UsernameToken.java | 16 +--
.../processor/BinarySecurityTokenProcessor.java | 4 +-
.../wss4j/dom/processor/EncryptedKeyProcessor.java | 12 +-
.../wss4j/dom/processor/SAMLTokenProcessor.java | 3 +-
.../wss4j/dom/processor/SignatureProcessor.java | 6 +-
.../dom/processor/UsernameTokenProcessor.java | 2 +-
.../wss4j/dom/resolvers/ResolverAttachment.java | 5 +-
.../wss4j/dom/str/DerivedKeyTokenSTRParser.java | 6 +-
.../org/apache/wss4j/dom/str/STRParserUtil.java | 2 +-
.../wss4j/dom/str/SecurityTokenRefSTRParser.java | 8 +-
.../apache/wss4j/dom/str/SignatureSTRParser.java | 16 +--
.../AttachmentCompleteSignatureTransform.java | 2 +-
.../AttachmentContentSignatureTransform.java | 6 +-
.../org/apache/wss4j/dom/util/EncryptionUtils.java | 12 +-
.../org/apache/wss4j/dom/util/SignatureUtils.java | 2 +-
.../org/apache/wss4j/dom/util/WSSecurityUtil.java | 29 +----
.../wss4j/dom/validate/SamlAssertionValidator.java | 2 +-
.../dom/validate/SignatureTrustValidator.java | 9 +-
.../dom/handler/SignatureConfirmationTest.java | 10 +-
.../dom/message/SecurityContextTokenTest.java | 26 ++++-
.../org/apache/wss4j/dom/saml/SamlTokenTest.java | 4 +-
ws-security-policy-stax/pom.xml | 9 +-
.../KerberosTokenAssertionState.java | 2 +-
.../ProtectionOrderAssertionState.java | 4 +-
.../stax/assertionStates/TokenAssertionState.java | 12 +-
.../TokenProtectionAssertionState.java | 6 +-
.../UsernameTokenAssertionState.java | 4 +-
ws-security-stax/pom.xml | 15 ++-
.../wss4j/stax/ext/WSSSecurityProperties.java | 8 +-
.../input/BinarySecurityTokenInputHandler.java | 2 +-
.../processor/input/DecryptInputProcessor.java | 6 +-
.../input/DerivedKeyTokenInputHandler.java | 2 +-
.../processor/input/SAMLTokenInputHandler.java | 50 ++++-----
.../input/SecurityContextTokenInputHandler.java | 2 +-
.../input/SecurityHeaderInputProcessor.java | 2 +-
.../input/SecurityTokenReferenceInputHandler.java | 4 +-
.../input/SignatureConfirmationInputHandler.java | 2 +-
.../processor/input/TimestampInputHandler.java | 2 +-
.../processor/input/UsernameTokenInputHandler.java | 4 +-
.../WSSSignatureReferenceVerifyInputProcessor.java | 47 ++++----
.../output/CustomTokenOutputProcessor.java | 2 +-
.../output/EncryptEndingOutputProcessor.java | 44 ++++----
.../processor/output/SAMLTokenOutputProcessor.java | 13 +--
.../output/SecurityHeaderOutputProcessor.java | 2 +-
.../output/SecurityHeaderReorderProcessor.java | 36 +++---
.../output/WSSSignatureEndingOutputProcessor.java | 38 +++----
.../output/WSSSignatureOutputProcessor.java | 4 +-
.../securityToken/SecurityTokenReferenceImpl.java | 0
.../securityToken/UsernameSecurityTokenImpl.java | 2 +-
.../AttachmentCompleteSignatureTransform.java | 4 +-
.../AttachmentContentSignatureTransform.java | 2 +-
.../stax/impl/transformer/STRTransformer.java | 0
.../securityEvent/KerberosTokenSecurityEvent.java | 14 +--
.../securityEvent/WSSecurityEventConstants.java | 2 +-
.../wss4j/stax/setup/ConfigurationConverter.java | 6 +-
.../java/org/apache/wss4j/stax/setup/WSSec.java | 4 +-
.../validate/BinarySecurityTokenValidatorImpl.java | 2 +-
.../wss4j/stax/test/SecurityContextTokenTest.java | 24 ++--
.../wss4j/stax/test/saml/CustomContentsTest.java | 2 +-
ws-security-web/pom.xml | 4 +-
.../wss4j/web/WssServletContextListener.java | 6 +-
196 files changed, 925 insertions(+), 869 deletions(-)
delete mode 100644 .github/dependabot.yml
mode change 100755 => 100644 policy/src/main/java/org/apache/wss4j/policy/SPConstants.java
mode change 100755 => 100644 policy/src/main/java/org/apache/wss4j/policy/builders/AlgorithmSuiteBuilder.java
mode change 100755 => 100644 policy/src/main/java/org/apache/wss4j/policy/builders/AsymmetricBindingBuilder.java
mode change 100755 => 100644 policy/src/main/java/org/apache/wss4j/policy/builders/EncryptedElementsBuilder.java
mode change 100755 => 100644 policy/src/main/java/org/apache/wss4j/policy/builders/EncryptedPartsBuilder.java
mode change 100755 => 100644 policy/src/main/java/org/apache/wss4j/policy/builders/EncryptionTokenBuilder.java
mode change 100755 => 100644 policy/src/main/java/org/apache/wss4j/policy/builders/InitiatorEncryptionTokenBuilder.java
mode change 100755 => 100644 policy/src/main/java/org/apache/wss4j/policy/builders/InitiatorSignatureTokenBuilder.java
mode change 100755 => 100644 policy/src/main/java/org/apache/wss4j/policy/builders/InitiatorTokenBuilder.java
mode change 100755 => 100644 policy/src/main/java/org/apache/wss4j/policy/builders/IssuedTokenBuilder.java
mode change 100755 => 100644 policy/src/main/java/org/apache/wss4j/policy/builders/LayoutBuilder.java
mode change 100755 => 100644 policy/src/main/java/org/apache/wss4j/policy/builders/ProtectionTokenBuilder.java
mode change 100755 => 100644 policy/src/main/java/org/apache/wss4j/policy/builders/RecipientEncryptionTokenBuilder.java
mode change 100755 => 100644 policy/src/main/java/org/apache/wss4j/policy/builders/RecipientSignatureTokenBuilder.java
mode change 100755 => 100644 policy/src/main/java/org/apache/wss4j/policy/builders/RecipientTokenBuilder.java
mode change 100755 => 100644 policy/src/main/java/org/apache/wss4j/policy/builders/SecureConversationTokenBuilder.java
mode change 100755 => 100644 policy/src/main/java/org/apache/wss4j/policy/builders/SecurityContextTokenBuilder.java
mode change 100755 => 100644 policy/src/main/java/org/apache/wss4j/policy/builders/SignatureTokenBuilder.java
mode change 100755 => 100644 policy/src/main/java/org/apache/wss4j/policy/builders/SignedElementsBuilder.java
mode change 100755 => 100644 policy/src/main/java/org/apache/wss4j/policy/builders/SignedPartsBuilder.java
mode change 100755 => 100644 policy/src/main/java/org/apache/wss4j/policy/builders/SpnegoContextTokenBuilder.java
mode change 100755 => 100644 policy/src/main/java/org/apache/wss4j/policy/builders/SupportingTokensBuilder.java
mode change 100755 => 100644 policy/src/main/java/org/apache/wss4j/policy/builders/SymmetricBindingBuilder.java
mode change 100755 => 100644 policy/src/main/java/org/apache/wss4j/policy/builders/TransportBindingBuilder.java
mode change 100755 => 100644 policy/src/main/java/org/apache/wss4j/policy/builders/TransportTokenBuilder.java
mode change 100755 => 100644 policy/src/main/java/org/apache/wss4j/policy/builders/Trust10Builder.java
mode change 100755 => 100644 policy/src/main/java/org/apache/wss4j/policy/builders/Trust13Builder.java
mode change 100755 => 100644 policy/src/main/java/org/apache/wss4j/policy/builders/UsernameTokenBuilder.java
mode change 100755 => 100644 policy/src/main/java/org/apache/wss4j/policy/builders/WSS10Builder.java
mode change 100755 => 100644 policy/src/main/java/org/apache/wss4j/policy/builders/WSS11Builder.java
mode change 100755 => 100644 policy/src/main/java/org/apache/wss4j/policy/builders/X509TokenBuilder.java
mode change 100755 => 100644 ws-security-common/src/main/java/org/apache/wss4j/common/derivedKey/AlgoFactory.java
mode change 100755 => 100644 ws-security-common/src/main/java/org/apache/wss4j/common/derivedKey/ConversationConstants.java
mode change 100755 => 100644 ws-security-common/src/main/java/org/apache/wss4j/common/derivedKey/DerivationAlgorithm.java
mode change 100755 => 100644 ws-security-common/src/main/java/org/apache/wss4j/common/derivedKey/P_SHA1.java
create mode 100644 ws-security-common/src/main/java/org/apache/wss4j/common/saml/WSS4JXSBase64BinaryUnmarshaller.java
mode change 100755 => 100644 ws-security-common/src/main/java/org/apache/wss4j/common/util/XMLUtils.java
create mode 100644 ws-security-common/src/main/resources/wss4j-signature-config.xml
mode change 100755 => 100644 ws-security-dom/src/main/java/org/apache/wss4j/dom/message/token/DerivedKeyToken.java
mode change 100755 => 100644 ws-security-stax/src/main/java/org/apache/wss4j/stax/impl/securityToken/SecurityTokenReferenceImpl.java
mode change 100755 => 100644 ws-security-stax/src/main/java/org/apache/wss4j/stax/impl/transformer/STRTransformer.java