summaryrefslogtreecommitdiff
path: root/pom.xml
diff options
context:
space:
mode:
Diffstat (limited to 'pom.xml')
-rw-r--r--pom.xml32
1 files changed, 24 insertions, 8 deletions
diff --git a/pom.xml b/pom.xml
index 33588b5d..ae131914 100644
--- a/pom.xml
+++ b/pom.xml
@@ -11,7 +11,7 @@
<name>EGIZ EAAF components</name>
- <properties>
+ <properties>
<!-- General project properties -->
<project.build.sourceEncoding>UTF-8</project.build.sourceEncoding>
<java.version>1.8</java.version>
@@ -68,6 +68,7 @@
<joda-time.version>2.10.8</joda-time.version>
<jsr305.version>3.0.2</jsr305.version>
<com.google.guava.version>30.0-jre</com.google.guava.version>
+ <org.owasp.encoder.version>1.2.3</org.owasp.encoder.version>
<httpclient.version>4.5.13</httpclient.version>
<httpcore.version>4.4.14</httpcore.version>
@@ -92,6 +93,7 @@
<maven-checkstyle-plugin.version>3.1.1</maven-checkstyle-plugin.version>
<maven-pmd-plugin.version>3.14.0</maven-pmd-plugin.version>
<spotbugs-maven-plugin.version>4.1.4</spotbugs-maven-plugin.version>
+ <findsecbugs-plugin.version>1.11.0</findsecbugs-plugin.version>
<dependency-check-maven.version>6.0.3</dependency-check-maven.version>
<license.outputDirectory>${project.build.directory}/thirdparty_licenses</license.outputDirectory>
@@ -107,7 +109,7 @@
<repository>
<id>gitlab-localbuild</id>
<url>https://gitlab.iaik.tugraz.at/api/v4/groups/119/-/packages/maven</url>
- </repository>
+ </repository>
<repository>
<id>egiz-commons</id>
<url>https://apps.egiz.gv.at/maven/</url>
@@ -197,7 +199,7 @@
</plugin>
</plugins>
</build>
- </profile>
+ </profile>
</profiles>
<modules>
@@ -356,7 +358,7 @@
<groupId>javax.annotation</groupId>
<artifactId>javax.annotation-api</artifactId>
<version>${javax.annotation-api}</version>
- </dependency>
+ </dependency>
<dependency>
<groupId>commons-collections</groupId>
<artifactId>commons-collections</artifactId>
@@ -433,11 +435,12 @@
<version>${org.apache.santuario.xmlsec.version}</version>
</dependency>
<dependency>
- <!-- Set newer version, because 1.1.3 from openSAML dependency has an CVE-2020-7226 -->
+ <!-- Set newer version, because 1.1.3 from openSAML dependency has
+ an CVE-2020-7226 -->
<groupId>org.cryptacular</groupId>
<artifactId>cryptacular</artifactId>
<version>${org.cryptacular.version}</version>
- </dependency>
+ </dependency>
<dependency>
<groupId>org.bouncycastle</groupId>
<artifactId>bcprov-jdk15to18</artifactId>
@@ -446,7 +449,7 @@
<dependency>
<groupId>org.bouncycastle</groupId>
<artifactId>bctls-jdk15to18</artifactId>
- <version>${org.bouncycastle.bctls-jdk15to18.version}</version>
+ <version>${org.bouncycastle.bctls-jdk15to18.version}</version>
</dependency>
<dependency>
@@ -488,6 +491,12 @@
</dependency>
<dependency>
+ <groupId>org.owasp.encoder</groupId>
+ <artifactId>encoder</artifactId>
+ <version>${org.owasp.encoder.version}</version>
+ </dependency>
+
+ <dependency>
<groupId>joda-time</groupId>
<artifactId>joda-time</artifactId>
<version>${joda-time.version}</version>
@@ -534,7 +543,7 @@
<artifactId>okhttp-tls</artifactId>
<version>${com.squareup.okhttp3.version}</version>
<scope>test</scope>
- </dependency>
+ </dependency>
<dependency>
<groupId>at.gv.egiz.eaaf</groupId>
<artifactId>eaaf_core_utils</artifactId>
@@ -723,6 +732,13 @@
</executions>
<configuration>
<failOnError>true</failOnError>
+ <plugins>
+ <plugin>
+ <groupId>com.h3xstream.findsecbugs</groupId>
+ <artifactId>findsecbugs-plugin</artifactId>
+ <version>${findsecbugs-plugin.version}</version>
+ </plugin>
+ </plugins>
</configuration>
</plugin>