(incubator-kie-tools) branch main updated: NO-ISSUE: CVE Fixes on `org.apache.commons:commons-compress` and `org.iq80.snappy:snappy` (#2405)

Wed, 05 Jun 2024 13:35:59 -0700 

This is an automated email from the ASF dual-hosted git repository.

tiagobento pushed a commit to branch main
in repository https://gitbox.apache.org/repos/asf/incubator-kie-tools.git


The following commit(s) were added to refs/heads/main by this push:
     new 29828415452 NO-ISSUE: CVE Fixes on 
`org.apache.commons:commons-compress` and `org.iq80.snappy:snappy` (#2405)
29828415452 is described below

commit 29828415452dc277caf8453aa6e2fc15fb4bbc2a
Author: Alex Porcelli <[email protected]>
AuthorDate: Wed Jun 5 16:35:48 2024 -0400

    NO-ISSUE: CVE Fixes on `org.apache.commons:commons-compress` and 
`org.iq80.snappy:snappy` (#2405)
    
    Co-authored-by: Tiago Bento <[email protected]>
---
 .../pom.xml                                        | 77 ++++++++++++++++++++++
 1 file changed, 77 insertions(+)

diff --git a/packages/dev-deployment-kogito-quarkus-blank-app/pom.xml 
b/packages/dev-deployment-kogito-quarkus-blank-app/pom.xml
index 529bcbbb56c..13be51c1f55 100644
--- a/packages/dev-deployment-kogito-quarkus-blank-app/pom.xml
+++ b/packages/dev-deployment-kogito-quarkus-blank-app/pom.xml
@@ -44,8 +44,13 @@
     <project.build.sourceEncoding>UTF-8</project.build.sourceEncoding>
     <project.reporting.outputEncoding>UTF-8</project.reporting.outputEncoding>
     <surefire-plugin.version>3.2.5</surefire-plugin.version>
+    <maven.site.plugin.version>3.12.1</maven.site.plugin.version>
+    
<maven.remote.resources.plugin.version>3.2.0</maven.remote.resources.plugin.version>
+    <maven.jar.plugin.version>3.4.1</maven.jar.plugin.version>
     <version.junit>4.13.2</version.junit>
     <quarkus.analytics.disabled>true</quarkus.analytics.disabled>
+    
<version.org.apache.commons.commons-compress>1.26.1</version.org.apache.commons.commons-compress>
+    <version.org.iq80.snappy>0.5</version.org.iq80.snappy>
   </properties>
 
   <dependencyManagement>
@@ -73,6 +78,11 @@
   </dependencyManagement>
 
   <dependencies>
+    <dependency>
+      <groupId>org.apache.commons</groupId>
+      <artifactId>commons-compress</artifactId>
+      <version>${version.org.apache.commons.commons-compress}</version>
+    </dependency>
     <dependency>
       <groupId>io.quarkus</groupId>
       <artifactId>quarkus-resteasy</artifactId>
@@ -138,6 +148,73 @@
         <directory>src/main/resources</directory>
       </resource>
     </resources>
+    <pluginManagement>
+      <plugins>
+        <plugin>
+          <groupId>org.apache.maven.plugins</groupId>
+          <artifactId>maven-site-plugin</artifactId>
+          <version>${maven.site.plugin.version}</version>
+          <dependencies>
+            <dependency>
+              <groupId>org.apache.commons</groupId>
+              <artifactId>commons-compress</artifactId>
+              <version>${version.org.apache.commons.commons-compress}</version>
+            </dependency>
+            <dependency>
+              <groupId>org.iq80.snappy</groupId>
+              <artifactId>snappy</artifactId>
+              <version>${version.org.iq80.snappy}</version>
+            </dependency>
+          </dependencies>
+        </plugin>
+        <plugin>
+          <groupId>org.apache.maven.plugins</groupId>
+          <artifactId>maven-remote-resources-plugin</artifactId>
+          <version>${maven.remote.resources.plugin.version}</version>
+          <dependencies>
+            <dependency>
+              <groupId>org.apache.commons</groupId>
+              <artifactId>commons-compress</artifactId>
+              <version>${version.org.apache.commons.commons-compress}</version>
+            </dependency>
+            <dependency>
+              <groupId>org.iq80.snappy</groupId>
+              <artifactId>snappy</artifactId>
+              <version>${version.org.iq80.snappy}</version>
+            </dependency>
+          </dependencies>
+        </plugin>
+        <plugin>
+          <groupId>org.apache.maven.plugins</groupId>
+          <artifactId>maven-jar-plugin</artifactId>
+          <version>${maven.jar.plugin.version}</version>
+          <dependencies>
+            <dependency>
+              <groupId>org.iq80.snappy</groupId>
+              <artifactId>snappy</artifactId>
+              <version>${version.org.iq80.snappy}</version>
+            </dependency>
+          </dependencies>
+        </plugin>
+        <plugin>
+          <groupId>org.apache.maven.plugins</groupId>
+          <artifactId>maven-surefire-plugin</artifactId>
+          <version>${surefire-plugin.version}</version>
+          <dependencies>
+            <dependency>
+              <groupId>org.iq80.snappy</groupId>
+              <artifactId>snappy</artifactId>
+              <version>${version.org.iq80.snappy}</version>
+            </dependency>
+            <dependency>
+              <groupId>org.apache.commons</groupId>
+              <artifactId>commons-compress</artifactId>
+              <version>${version.org.apache.commons.commons-compress}</version>
+            </dependency>
+          </dependencies>
+        </plugin>
+      </plugins>
+    </pluginManagement>
     <plugins>
       <plugin>
         <groupId>io.quarkus</groupId>


---------------------------------------------------------------------
To unsubscribe, e-mail: [email protected]
For additional commands, e-mail: [email protected]

Reply via email to