This is an automated email from the ASF dual-hosted git repository.
joshtynjala pushed a change to branch security-updates
in repository https://gitbox.apache.org/repos/asf/flex-blazeds.git
from 125c935 - Updated most external dependencies and plugins - Updated to
the most recent apache parent pom - Added the rat plugin to check for missing
header (and added the missing headers) - Added the OWASP plugin to check for
vulnerable dependencies (And managed the false positives) - Commented out the
spring-boot-starter and all tomcat modules as they are extremely CVE affected
and no invulnerable versions were available
new b3a8e23 remove xalan dependency that was used for Java 1.4 and older
only
new c748a13 ConfigurationParserTest: fix tests that call
processDirectory()
new e528e19 .gitignore: ignore VSCode files
new 269ac40 update dependency-check-maven because older version broke
build
The 4 revisions listed above as "new" are entirely new to this
repository and will be described in separate emails. The revisions
listed as "add" were already present in the repository and have only
been added to this reference.
Summary of changes:
.gitignore | 3 +
common/pom.xml | 5 --
.../ApacheXPathClientConfigurationParser.java | 70 -----------------
.../messaging/config/ServicesDependencies.java | 14 ----
.../ApacheXPathServerConfigurationParser.java | 72 -----------------
.../messaging/config/FlexConfigurationManager.java | 15 ----
.../messaging/config/ConfigurationParserTest.java | 6 +-
.../flex/messaging/io/amf/MessageGenerator.java | 90 ++++++++++++----------
.../io/amfx/DeserializationConfirmation.java | 24 +++---
pom.xml | 8 +-
10 files changed, 69 insertions(+), 238 deletions(-)
delete mode 100644
common/src/main/java/flex/messaging/config/ApacheXPathClientConfigurationParser.java
delete mode 100644
core/src/main/java/flex/messaging/config/ApacheXPathServerConfigurationParser.java
