[sling-org-apache-sling-xss] branch master updated: SLING-12005 : XSS bundle should not embed org.owasp.encoder

Thu, 17 Aug 2023 23:31:12 -0700 

This is an automated email from the ASF dual-hosted git repository.

cziegeler pushed a commit to branch master
in repository https://gitbox.apache.org/repos/asf/sling-org-apache-sling-xss.git


The following commit(s) were added to refs/heads/master by this push:
     new ed2c897  SLING-12005 : XSS bundle should not embed org.owasp.encoder
ed2c897 is described below

commit ed2c897b3fde58b6408b2aba8ebc988e5480e34d
Author: Carsten Ziegeler <[email protected]>
AuthorDate: Fri Aug 18 07:39:24 2023 +0200

    SLING-12005 : XSS bundle should not embed org.owasp.encoder
---
 .vscode/settings.json |  3 +++
 bnd.bnd               |  6 ++++--
 pom.xml               | 13 ++++++-------
 3 files changed, 13 insertions(+), 9 deletions(-)

diff --git a/.vscode/settings.json b/.vscode/settings.json
new file mode 100644
index 0000000..e0f15db
--- /dev/null
+++ b/.vscode/settings.json
@@ -0,0 +1,3 @@
+{
+    "java.configuration.updateBuildConfiguration": "automatic"
+}
\ No newline at end of file
diff --git a/bnd.bnd b/bnd.bnd
index e0e4581..b16c870 100644
--- a/bnd.bnd
+++ b/bnd.bnd
@@ -21,7 +21,8 @@ Import-Package: !bsh, \
                 !org.apache.xml.resolver.*, \
                 !org.apache.xmlgraphics.java2d.color, \
                 !org.apache.log, \
-                !org.owasp.*, \
+                !org.owasp.esapi.*, \
+                !org.owasp.validator.*, \
                 !org.xml.sax, \
                 !org.xml.sax.*, \
                 !javax.mail.internet, \
@@ -43,4 +44,5 @@ Private-Package: org.apache.sling.xss.impl, \
                  org.apache.commons.beanutils.*, \
                  org.apache.commons.configuration.*, \
                  org.apache.commons.logging.impl, \
-                 org.owasp.*;-split-package:=merge-first
+                 org.owasp.esapi.*;-split-package:=merge-first, \
+                 org.owasp.validator.*
diff --git a/pom.xml b/pom.xml
index 3f36a7a..26a1fe7 100644
--- a/pom.xml
+++ b/pom.xml
@@ -224,6 +224,12 @@
             <version>2.13.0</version>
             <scope>provided</scope>
         </dependency>
+        <dependency>
+            <groupId>org.owasp.encoder</groupId>
+            <artifactId>encoder</artifactId>
+            <scope>provided</scope>
+            <version>1.2.3</version>
+        </dependency>
         <dependency>
             <groupId>org.owasp.esapi</groupId>
             <artifactId>esapi</artifactId>
@@ -267,13 +273,6 @@
             <scope>provided</scope>
         </dependency>
 
-        <dependency>
-            <groupId>org.owasp.encoder</groupId>
-            <artifactId>encoder</artifactId>
-            <scope>provided</scope>
-            <version>1.2.2</version>
-        </dependency>
-
         <dependency>
             <groupId>javax.servlet</groupId>
             <artifactId>javax.servlet-api</artifactId>

Reply via email to