summaryrefslogtreecommitdiff
path: root/pom.xml
diff options
context:
space:
mode:
Diffstat (limited to 'pom.xml')
-rw-r--r--pom.xml98
1 files changed, 80 insertions, 18 deletions
diff --git a/pom.xml b/pom.xml
index c9f7309a..585310ce 100644
--- a/pom.xml
+++ b/pom.xml
@@ -11,7 +11,7 @@
<name>EGIZ EAAF components</name>
- <properties>
+ <properties>
<!-- General project properties -->
<project.build.sourceEncoding>UTF-8</project.build.sourceEncoding>
<java.version>1.8</java.version>
@@ -50,6 +50,7 @@
<org.springframework.version>5.2.8.RELEASE</org.springframework.version>
<org.opensaml.version>3.4.5</org.opensaml.version>
<org.apache.santuario.xmlsec.version>2.2.0</org.apache.santuario.xmlsec.version>
+ <org.cryptacular.version>1.2.4</org.cryptacular.version>
<org.bouncycastle.bcprov-jdk15to18.version>1.67</org.bouncycastle.bcprov-jdk15to18.version>
<org.bouncycastle.bctls-jdk15to18.version>1.67</org.bouncycastle.bctls-jdk15to18.version>
@@ -67,6 +68,7 @@
<joda-time.version>2.10.8</joda-time.version>
<jsr305.version>3.0.2</jsr305.version>
<com.google.guava.version>30.0-jre</com.google.guava.version>
+ <org.owasp.encoder.version>1.2.3</org.owasp.encoder.version>
<httpclient.version>4.5.13</httpclient.version>
<httpcore.version>4.4.14</httpcore.version>
@@ -80,7 +82,7 @@
<!-- jUnit testing -->
<surefire.version>2.22.1</surefire.version>
- <junit.version>4.12</junit.version>
+ <junit.version>4.13.1</junit.version>
<com.squareup.okhttp3.version>4.4.1</com.squareup.okhttp3.version>
<!-- Code helper plug-ins -->
@@ -91,6 +93,7 @@
<maven-checkstyle-plugin.version>3.1.1</maven-checkstyle-plugin.version>
<maven-pmd-plugin.version>3.14.0</maven-pmd-plugin.version>
<spotbugs-maven-plugin.version>4.1.4</spotbugs-maven-plugin.version>
+ <findsecbugs-plugin.version>1.11.0</findsecbugs-plugin.version>
<dependency-check-maven.version>6.0.3</dependency-check-maven.version>
<license.outputDirectory>${project.build.directory}/thirdparty_licenses</license.outputDirectory>
@@ -106,7 +109,7 @@
<repository>
<id>gitlab-localbuild</id>
<url>https://gitlab.iaik.tugraz.at/api/v4/groups/119/-/packages/maven</url>
- </repository>
+ </repository>
<repository>
<id>egiz-commons</id>
<url>https://apps.egiz.gv.at/maven/</url>
@@ -196,7 +199,7 @@
</plugin>
</plugins>
</build>
- </profile>
+ </profile>
</profiles>
<modules>
@@ -204,6 +207,7 @@
<module>eaaf_core_utils</module>
<module>eaaf_core</module>
<module>eaaf_modules</module>
+ <module>build_reporting</module>
</modules>
<dependencyManagement>
@@ -217,7 +221,38 @@
<groupId>at.gv.egiz.eaaf</groupId>
<artifactId>eaaf_core_utils</artifactId>
<version>${egiz.eaaf.version}</version>
+ </dependency>
+ <dependency>
+ <groupId>at.gv.egiz.eaaf</groupId>
+ <artifactId>eaaf-core</artifactId>
+ <version>${egiz.eaaf.version}</version>
+ </dependency>
+ <dependency>
+ <groupId>at.gv.egiz.eaaf</groupId>
+ <artifactId>eaaf_module_auth_sl20</artifactId>
+ <version>${egiz.eaaf.version}</version>
+ </dependency>
+ <dependency>
+ <groupId>at.gv.egiz.eaaf</groupId>
+ <artifactId>eaaf_module_moa-sig</artifactId>
+ <version>${egiz.eaaf.version}</version>
+ </dependency>
+ <dependency>
+ <groupId>at.gv.egiz.eaaf</groupId>
+ <artifactId>eaaf_module_pvp2_core</artifactId>
+ <version>${egiz.eaaf.version}</version>
+ </dependency>
+ <dependency>
+ <groupId>at.gv.egiz.eaaf</groupId>
+ <artifactId>eaaf_module_pvp2_idp</artifactId>
+ <version>${egiz.eaaf.version}</version>
+ </dependency>
+ <dependency>
+ <groupId>at.gv.egiz.eaaf</groupId>
+ <artifactId>eaaf_module_pvp2_sp</artifactId>
+ <version>${egiz.eaaf.version}</version>
</dependency>
+
<dependency>
<groupId>at.gv.egiz.components</groupId>
<artifactId>eventlog-api</artifactId>
@@ -355,7 +390,7 @@
<groupId>javax.annotation</groupId>
<artifactId>javax.annotation-api</artifactId>
<version>${javax.annotation-api}</version>
- </dependency>
+ </dependency>
<dependency>
<groupId>commons-collections</groupId>
<artifactId>commons-collections</artifactId>
@@ -432,6 +467,13 @@
<version>${org.apache.santuario.xmlsec.version}</version>
</dependency>
<dependency>
+ <!-- Set newer version, because 1.1.3 from openSAML dependency has
+ an CVE-2020-7226 -->
+ <groupId>org.cryptacular</groupId>
+ <artifactId>cryptacular</artifactId>
+ <version>${org.cryptacular.version}</version>
+ </dependency>
+ <dependency>
<groupId>org.bouncycastle</groupId>
<artifactId>bcprov-jdk15to18</artifactId>
<version>${org.bouncycastle.bcprov-jdk15to18.version}</version>
@@ -439,7 +481,7 @@
<dependency>
<groupId>org.bouncycastle</groupId>
<artifactId>bctls-jdk15to18</artifactId>
- <version>${org.bouncycastle.bctls-jdk15to18.version}</version>
+ <version>${org.bouncycastle.bctls-jdk15to18.version}</version>
</dependency>
<dependency>
@@ -481,6 +523,12 @@
</dependency>
<dependency>
+ <groupId>org.owasp.encoder</groupId>
+ <artifactId>encoder</artifactId>
+ <version>${org.owasp.encoder.version}</version>
+ </dependency>
+
+ <dependency>
<groupId>joda-time</groupId>
<artifactId>joda-time</artifactId>
<version>${joda-time.version}</version>
@@ -527,7 +575,7 @@
<artifactId>okhttp-tls</artifactId>
<version>${com.squareup.okhttp3.version}</version>
<scope>test</scope>
- </dependency>
+ </dependency>
<dependency>
<groupId>at.gv.egiz.eaaf</groupId>
<artifactId>eaaf_core_utils</artifactId>
@@ -581,6 +629,8 @@
<version>${surefire.version}</version>
<configuration>
<threadCount>1</threadCount>
+ <!-- Sets the VM argument line used when unit tests are run. -->
+ <argLine>${surefireArgLine}</argLine>
</configuration>
<dependencies>
<dependency>
@@ -633,6 +683,9 @@
<goals>
<goal>prepare-agent</goal>
</goals>
+ <configuration>
+ <propertyName>surefireArgLine</propertyName>
+ </configuration>
</execution>
<execution>
<id>post-unit-report</id>
@@ -643,7 +696,7 @@
<configuration>
<outputDirectory>target/jacoco-report</outputDirectory>
</configuration>
- </execution>
+ </execution>
<execution>
<id>post-unit-check</id>
<phase>test</phase>
@@ -670,7 +723,7 @@
</rule>
</rules>
</configuration>
- </execution>
+ </execution>
</executions>
</plugin>
@@ -716,6 +769,13 @@
</executions>
<configuration>
<failOnError>true</failOnError>
+ <plugins>
+ <plugin>
+ <groupId>com.h3xstream.findsecbugs</groupId>
+ <artifactId>findsecbugs-plugin</artifactId>
+ <version>${findsecbugs-plugin.version}</version>
+ </plugin>
+ </plugins>
</configuration>
</plugin>
@@ -724,18 +784,20 @@
</build>
<reporting>
- <plugins>
+ <plugins>
<plugin>
<groupId>org.jacoco</groupId>
- <artifactId>jacoco-maven-plugin</artifactId>
- <reportSets>
- <reportSet>
- <reports>
- <report>report</report>
- </reports>
- </reportSet>
- </reportSets>
+ <artifactId>jacoco-maven-plugin</artifactId>
+ <configuration>
+ <title>Maven Multimodule Coverage Demo: Coverage of Unit Tests</title>
+ <outputDirectory>${project.reporting.outputDirectory}/jacoco-aggregate-ut</outputDirectory>
+ <dataFileExcludes>
+ <!-- exclude coverage data of integration tests -->
+ <dataFileExclude>**/target/jacoco-it.exec</dataFileExclude>
+ </dataFileExcludes>
+ </configuration>
</plugin>
+
<plugin>
<groupId>org.apache.maven.plugins</groupId>
<artifactId>maven-pmd-plugin</artifactId>
generated by cgit v1.2.3 (git 2.25.1) at 2024-06-13 09:15:44 +0000