diff options
Diffstat (limited to 'pom.xml')
| -rw-r--r-- | pom.xml | 32 |
1 files changed, 24 insertions, 8 deletions
@@ -11,7 +11,7 @@ <name>EGIZ EAAF components</name> - <properties> + <properties> <!-- General project properties --> <project.build.sourceEncoding>UTF-8</project.build.sourceEncoding> <java.version>1.8</java.version> @@ -68,6 +68,7 @@ <joda-time.version>2.10.8</joda-time.version> <jsr305.version>3.0.2</jsr305.version> <com.google.guava.version>30.0-jre</com.google.guava.version> + <org.owasp.encoder.version>1.2.3</org.owasp.encoder.version> <httpclient.version>4.5.13</httpclient.version> <httpcore.version>4.4.14</httpcore.version> @@ -92,6 +93,7 @@ <maven-checkstyle-plugin.version>3.1.1</maven-checkstyle-plugin.version> <maven-pmd-plugin.version>3.14.0</maven-pmd-plugin.version> <spotbugs-maven-plugin.version>4.1.4</spotbugs-maven-plugin.version> + <findsecbugs-plugin.version>1.11.0</findsecbugs-plugin.version> <dependency-check-maven.version>6.0.3</dependency-check-maven.version> <license.outputDirectory>${project.build.directory}/thirdparty_licenses</license.outputDirectory> @@ -107,7 +109,7 @@ <repository> <id>gitlab-localbuild</id> <url>https://gitlab.iaik.tugraz.at/api/v4/groups/119/-/packages/maven</url> - </repository> + </repository> <repository> <id>egiz-commons</id> <url>https://apps.egiz.gv.at/maven/</url> @@ -197,7 +199,7 @@ </plugin> </plugins> </build> - </profile> + </profile> </profiles> <modules> @@ -356,7 +358,7 @@ <groupId>javax.annotation</groupId> <artifactId>javax.annotation-api</artifactId> <version>${javax.annotation-api}</version> - </dependency> + </dependency> <dependency> <groupId>commons-collections</groupId> <artifactId>commons-collections</artifactId> @@ -433,11 +435,12 @@ <version>${org.apache.santuario.xmlsec.version}</version> </dependency> <dependency> - <!-- Set newer version, because 1.1.3 from openSAML dependency has an CVE-2020-7226 --> + <!-- Set newer version, because 1.1.3 from openSAML dependency has + an CVE-2020-7226 --> <groupId>org.cryptacular</groupId> <artifactId>cryptacular</artifactId> <version>${org.cryptacular.version}</version> - </dependency> + </dependency> <dependency> <groupId>org.bouncycastle</groupId> <artifactId>bcprov-jdk15to18</artifactId> @@ -446,7 +449,7 @@ <dependency> <groupId>org.bouncycastle</groupId> <artifactId>bctls-jdk15to18</artifactId> - <version>${org.bouncycastle.bctls-jdk15to18.version}</version> + <version>${org.bouncycastle.bctls-jdk15to18.version}</version> </dependency> <dependency> @@ -488,6 +491,12 @@ </dependency> <dependency> + <groupId>org.owasp.encoder</groupId> + <artifactId>encoder</artifactId> + <version>${org.owasp.encoder.version}</version> + </dependency> + + <dependency> <groupId>joda-time</groupId> <artifactId>joda-time</artifactId> <version>${joda-time.version}</version> @@ -534,7 +543,7 @@ <artifactId>okhttp-tls</artifactId> <version>${com.squareup.okhttp3.version}</version> <scope>test</scope> - </dependency> + </dependency> <dependency> <groupId>at.gv.egiz.eaaf</groupId> <artifactId>eaaf_core_utils</artifactId> @@ -723,6 +732,13 @@ </executions> <configuration> <failOnError>true</failOnError> + <plugins> + <plugin> + <groupId>com.h3xstream.findsecbugs</groupId> + <artifactId>findsecbugs-plugin</artifactId> + <version>${findsecbugs-plugin.version}</version> + </plugin> + </plugins> </configuration> </plugin> |