Author: gk
Date: Wed Sep 27 14:42:39 2017
New Revision: 1809851
URL: http://svn.apache.org/viewvc?rev=1809851&view=rev
Log:
- update dependencies
- add optional wasp dependency check plugin
- deprecated OMTool
Modified:
turbine/core/trunk/pom.xml
turbine/core/trunk/src/java/org/apache/turbine/om/OMTool.java
turbine/core/trunk/src/java/org/apache/turbine/om/Retrievable.java
turbine/core/trunk/src/java/org/apache/turbine/om/Retriever.java
turbine/core/trunk/src/java/org/apache/turbine/om/RetrieverFactory.java
Modified: turbine/core/trunk/pom.xml
URL:
http://svn.apache.org/viewvc/turbine/core/trunk/pom.xml?rev=1809851&r1=1809850&r2=1809851&view=diff
==============================================================================
--- turbine/core/trunk/pom.xml (original)
+++ turbine/core/trunk/pom.xml Wed Sep 27 14:42:39 2017
@@ -504,6 +504,25 @@
</testResources>
<plugins>
+ <!-- run optionally, use not as reporting plugin, as it exposes file
paths to artifacts
+ mvn org.owasp:dependency-check-maven:check
+ check each possible vulnerability carefully, find more info about how
to read, false positives et al. here:
https://jeremylong.github.io/DependencyCheck/dependency-check-maven/plugin-info.html
+ -->
+ <plugin>
+ <groupId>org.owasp</groupId>
+ <artifactId>dependency-check-maven</artifactId>
+ <version>2.1.1</version>
+ <executions>
+ <execution>
+ <goals>
+ <goal>check</goal>
+ </goals>
+ </execution>
+ </executions>
+ <!--configuration>
+ <suppressionFiles>true</suppressionFiles>
+ </configuration-->
+ </plugin>
<plugin>
<groupId>org.apache.maven.plugins</groupId>
<artifactId>maven-surefire-plugin</artifactId>
@@ -820,7 +839,7 @@
<dependency>
<groupId>org.apache.commons</groupId>
<artifactId>commons-email</artifactId>
- <version>1.4</version>
+ <version>1.5</version>
</dependency>
<dependency>
<groupId>commons-io</groupId>
@@ -946,6 +965,7 @@
<version>1.1.0</version>
</dependency>
<dependency>
+ <!-- TODO update to 2.7.1, because of CVE-2016-4000 -->
<groupId>org.python</groupId>
<artifactId>jython</artifactId>
<version>2.7.0</version>
@@ -956,24 +976,11 @@
<artifactId>jabsorb</artifactId>
<version>1.3.2</version>
<optional>true</optional>
- <!-- exclude old versions -->
+ <!-- exclude old versions:
org.slf4j:slf4j-jdk14,slf4j-api,(renamed)cl104-over-slf4j,org.mortbay.jetty:jsp-2.1,
commons-httpclient:commons-httpclient -->
<exclusions>
<exclusion>
- <groupId>org.slf4j</groupId>
- <artifactId>slf4j-jdk14</artifactId>
- </exclusion>
- <exclusion>
- <groupId>org.slf4j</groupId>
- <artifactId>slf4j-api</artifactId>
- </exclusion>
- <!-- renamed -->
- <exclusion>
- <groupId>org.slf4j</groupId>
- <artifactId>jcl104-over-slf4j</artifactId>
- </exclusion>
- <exclusion>
- <groupId>org.mortbay.jetty</groupId>
- <artifactId>jsp-2.1</artifactId>
+ <artifactId>*</artifactId>
+ <groupId>*</groupId>
</exclusion>
</exclusions>
</dependency>
Modified: turbine/core/trunk/src/java/org/apache/turbine/om/OMTool.java
URL:
http://svn.apache.org/viewvc/turbine/core/trunk/src/java/org/apache/turbine/om/OMTool.java?rev=1809851&r1=1809850&r2=1809851&view=diff
==============================================================================
--- turbine/core/trunk/src/java/org/apache/turbine/om/OMTool.java (original)
+++ turbine/core/trunk/src/java/org/apache/turbine/om/OMTool.java Wed Sep 27
14:42:39 2017
@@ -32,7 +32,10 @@ import org.apache.turbine.services.pull.
* @author <a href="mailto:[email protected]";>John D. McNally</a>
* @author <a href="mailto:[email protected]";>Henning P. Schmiedehausen</a>
* @version $Id$
+ *
+ * @deprecated This class is probably not used anymore, it may have been
intended for cacheable Torque OM or might be used with Fulcrum Security Torque.
*/
+@Deprecated
public class OMTool implements ApplicationTool, Recyclable
{
protected ConcurrentMap<String, Object> omMap;
Modified: turbine/core/trunk/src/java/org/apache/turbine/om/Retrievable.java
URL:
http://svn.apache.org/viewvc/turbine/core/trunk/src/java/org/apache/turbine/om/Retrievable.java?rev=1809851&r1=1809850&r2=1809851&view=diff
==============================================================================
--- turbine/core/trunk/src/java/org/apache/turbine/om/Retrievable.java
(original)
+++ turbine/core/trunk/src/java/org/apache/turbine/om/Retrievable.java Wed Sep
27 14:42:39 2017
@@ -26,7 +26,10 @@ package org.apache.turbine.om;
*
* @author <a href="mailto:[email protected]";>John D. McNally</a>
* @version $Id$
+ *
+ * @deprecated cft. deprecation comment in {@link OMTool}.
*/
+@Deprecated
public interface Retrievable
{
/**
Modified: turbine/core/trunk/src/java/org/apache/turbine/om/Retriever.java
URL:
http://svn.apache.org/viewvc/turbine/core/trunk/src/java/org/apache/turbine/om/Retriever.java?rev=1809851&r1=1809850&r2=1809851&view=diff
==============================================================================
--- turbine/core/trunk/src/java/org/apache/turbine/om/Retriever.java (original)
+++ turbine/core/trunk/src/java/org/apache/turbine/om/Retriever.java Wed Sep 27
14:42:39 2017
@@ -26,7 +26,10 @@ package org.apache.turbine.om;
*
* @author <a href="mailto:[email protected]";>John D. McNally</a>
* @version $Id$
+ *
+ * @deprecated cft. deprecation comment in {@link OMTool}.
*/
+@Deprecated
public interface Retriever
{
/**
Modified:
turbine/core/trunk/src/java/org/apache/turbine/om/RetrieverFactory.java
URL:
http://svn.apache.org/viewvc/turbine/core/trunk/src/java/org/apache/turbine/om/RetrieverFactory.java?rev=1809851&r1=1809850&r2=1809851&view=diff
==============================================================================
--- turbine/core/trunk/src/java/org/apache/turbine/om/RetrieverFactory.java
(original)
+++ turbine/core/trunk/src/java/org/apache/turbine/om/RetrieverFactory.java Wed
Sep 27 14:42:39 2017
@@ -26,7 +26,10 @@ package org.apache.turbine.om;
*
* @author <a href="mailto:[email protected]";>John D. McNally</a>
* @version $Id$
+ *
+ * @deprecated cft. deprecation comment in {@link OMTool}.
*/
+@Deprecated
public interface RetrieverFactory
{
/**
