Skip to content
This repository has been archived by the owner on Jan 20, 2025. It is now read-only.

Commit

Permalink
Merge pull request #69 from borisrizov-zf/fix/wrong-server-id-for-sna…
Browse files Browse the repository at this point in the history 
…pshots

Fix wrong server id for snapshots
  • Loading branch information
@borisrizov-zf
borisrizov-zf authored Dec 4, 2023
2 parents 63b7364 + 6b1825c commit ff09b71
Show file tree
Hide file tree
Showing 3 changed files with 69 additions and 59 deletions.
11 changes: 10 additions & 1 deletion CHANGELOG.md
View file
Original file line number Diff line number Diff line change
Expand Up @@ -8,7 +8,16 @@ and this project adheres to [Semantic Versioning](https://semver.org/spec/v2.0.0
## [UNRELEASED]

### Added
- extra layer of validation in `org.eclipse.tractusx.ssi.lib.proof.LinkedDataProofValidation` for `verify`.

- Extra layer of validation in `org.eclipse.tractusx.ssi.lib.proof.LinkedDataProofValidation` for `verify`.

### Fixed

- Server id for the SNAPSHOT repository.

### Security

- Updated project dependencies to resolve reported vulnerabilities.

## [0.0.17] - 2023-11-29

Expand Down
35 changes: 11 additions & 24 deletions DEPENDENCIES
View file
Original file line number Diff line number Diff line change
@@ -1,42 +1,29 @@
maven/mavencentral/com.apicatalog/titanium-json-ld/1.3.2, Apache-2.0, approved, #8912
maven/mavencentral/com.apicatalog/titanium-json-ld/1.3.3, Apache-2.0, approved, #8912
maven/mavencentral/com.fasterxml.jackson.core/jackson-annotations/2.15.2, Apache-2.0, approved, #7947
maven/mavencentral/com.fasterxml.jackson.core/jackson-core/2.15.2, MIT AND Apache-2.0, approved, #7932
maven/mavencentral/com.fasterxml.jackson.core/jackson-databind/2.15.2, Apache-2.0, approved, #7934
maven/mavencentral/com.fasterxml.jackson.dataformat/jackson-dataformat-xml/2.15.2, Apache-2.0, approved, #9237
maven/mavencentral/com.fasterxml.woodstox/woodstox-core/6.5.1, Apache-2.0, approved, #7950
maven/mavencentral/com.github.ben-manes.caffeine/caffeine/3.1.6, Apache-2.0, approved, clearlydefined
maven/mavencentral/com.github.ben-manes.caffeine/caffeine/3.1.8, Apache-2.0, approved, clearlydefined
maven/mavencentral/com.github.multiformats/java-multibase/v1.1.0, MIT AND BSD-3-Clause AND EPL-1.0 AND Apache-2.0, approved, #4095
maven/mavencentral/com.github.stephenc.jcip/jcip-annotations/1.0-1, Apache-2.0, approved, CQ21949
maven/mavencentral/com.google.code.findbugs/jsr305/3.0.2, Apache-2.0, approved, #20
maven/mavencentral/com.google.code.gson/gson/2.10.1, Apache-2.0, approved, #6159
maven/mavencentral/com.google.crypto.tink/tink/1.9.0, Apache-2.0, approved, clearlydefined
maven/mavencentral/com.google.errorprone/error_prone_annotations/2.18.0, Apache-2.0, approved, clearlydefined
maven/mavencentral/com.google.guava/failureaccess/1.0.1, Apache-2.0, approved, CQ22654
maven/mavencentral/com.google.guava/guava/30.1.1-android, Apache-2.0 AND CC0-1.0 AND LicenseRef-Public-Domain, approved, CQ23244
maven/mavencentral/com.google.guava/listenablefuture/9999.0-empty-to-avoid-conflict-with-guava, Apache-2.0, approved, CQ22657
maven/mavencentral/com.google.http-client/google-http-client/1.43.1, Apache-2.0, approved, clearlydefined
maven/mavencentral/com.google.j2objc/j2objc-annotations/1.3, Apache-2.0, approved, CQ21195
maven/mavencentral/com.google.crypto.tink/tink/1.11.0, Apache-2.0, approved, #10719
maven/mavencentral/com.google.errorprone/error_prone_annotations/2.21.1, Apache-2.0, approved, #9834
maven/mavencentral/com.google.protobuf/protobuf-java/3.19.6, BSD-3-Clause, approved, clearlydefined
maven/mavencentral/com.nimbusds/nimbus-jose-jwt/9.31, Apache-2.0, approved, clearlydefined
maven/mavencentral/com.nimbusds/nimbus-jose-jwt/9.37.1, Apache-2.0, approved, #11701
maven/mavencentral/commons-beanutils/commons-beanutils/1.9.4, Apache-2.0, approved, CQ12654
maven/mavencentral/commons-codec/commons-codec/1.11, Apache-2.0 AND BSD-3-Clause, approved, CQ15971
maven/mavencentral/commons-collections/commons-collections/3.2.2, Apache-2.0, approved, CQ10385
maven/mavencentral/commons-digester/commons-digester/2.1, Apache-2.0, approved, clearlydefined
maven/mavencentral/commons-logging/commons-logging/1.2, Apache-2.0, approved, CQ10162
maven/mavencentral/commons-validator/commons-validator/1.7, Apache-2.0, approved, clearlydefined
maven/mavencentral/io.grpc/grpc-context/1.27.2, Apache-2.0, approved, clearlydefined
maven/mavencentral/io.opencensus/opencensus-api/0.31.1, Apache-2.0, approved, clearlydefined
maven/mavencentral/io.opencensus/opencensus-contrib-http-util/0.31.1, Apache-2.0, approved, clearlydefined
maven/mavencentral/io.setl/rdf-urdna/1.2, Apache-2.0, approved, clearlydefined
maven/mavencentral/jakarta.json/jakarta.json-api/2.1.2, EPL-2.0 OR GPL-2.0-only WITH Classpath-exception-2.0, approved, #7907
maven/mavencentral/joda-time/joda-time/2.12.5, Apache-2.0, approved, clearlydefined
maven/mavencentral/jakarta.json/jakarta.json-api/2.1.3, EPL-2.0 OR GPL-2.0-only WITH Classpath-exception-2.0, approved, #7907
maven/mavencentral/net.i2p.crypto/eddsa/0.3.0, CC0-1.0, approved, CQ22537
maven/mavencentral/org.apache.commons/commons-lang3/3.12.0, Apache-2.0, approved, clearlydefined
maven/mavencentral/org.apache.httpcomponents/httpclient/4.5.14, Apache-2.0 AND LicenseRef-Public-Domain, approved, CQ23527
maven/mavencentral/org.apache.httpcomponents/httpcore/4.4.16, Apache-2.0, approved, CQ23528
maven/mavencentral/org.bouncycastle/bcprov-jdk15on/1.70, MIT, approved, #1712
maven/mavencentral/org.checkerframework/checker-compat-qual/2.5.5, GPL-2.0-only with Classpath-Exception-2.0, approved, #11598
maven/mavencentral/org.checkerframework/checker-qual/3.33.0, MIT, approved, clearlydefined
maven/mavencentral/org.apache.commons/commons-lang3/3.14.0, Apache-2.0, approved, #11677
maven/mavencentral/org.bouncycastle/bcprov-jdk18on/1.77, MIT AND CC0-1.0, approved, #11595
maven/mavencentral/org.checkerframework/checker-qual/3.37.0, MIT, approved, clearlydefined
maven/mavencentral/org.codehaus.woodstox/stax2-api/4.2.1, BSD-2-Clause, approved, #2670
maven/mavencentral/org.eclipse.parsson/parsson/1.1.3, EPL-2.0, approved, ee4j.parsson
maven/mavencentral/org.projectlombok/lombok/1.18.26, MIT AND LicenseRef-Public-Domain, approved, CQ23907
maven/mavencentral/org.eclipse.parsson/parsson/1.1.5, EPL-2.0, approved, ee4j.parsson
maven/mavencentral/org.projectlombok/lombok/1.18.30, MIT AND LicenseRef-Public-Domain, approved, CQ23907
82 changes: 48 additions & 34 deletions pom.xml
View file
Original file line number Diff line number Diff line change
Expand Up @@ -66,44 +66,49 @@ SPDX-License-Identifier: Apache-2.0
<maven.compiler.source>11</maven.compiler.source>
<maven.compiler.target>11</maven.compiler.target>
<delombokSourceDirectory>${project.build.directory}/delombok</delombokSourceDirectory>
<com.diffplug.spotless.maven.plugin.version>2.28.0</com.diffplug.spotless.maven.plugin.version>
<org.eclipse.dash.license.tool.plugin.version>0.0.1-SNAPSHOT</org.eclipse.dash.license.tool.plugin.version>
<com.diffplug.spotless.maven.plugin.version>2.41.0</com.diffplug.spotless.maven.plugin.version>
<org.eclipse.dash.license.tool.plugin.version>1.0.2</org.eclipse.dash.license.tool.plugin.version>
</properties>

<dependencies>

<!-- Project -->
<!-- https://mvnrepository.com/artifact/org.projectlombok/lombok -->
<dependency>
<groupId>org.projectlombok</groupId>
<artifactId>lombok</artifactId>
<optional>true</optional>
<version>1.18.26</version>
<version>1.18.30</version>
</dependency>

<!-- Multibase -->
<!-- https://mvnrepository.com/artifact/com.github.multiformats/java-multibase -->
<dependency>
<groupId>com.github.multiformats</groupId>
<artifactId>java-multibase</artifactId>
<version>v1.1.0</version>
</dependency>

<!-- Bouncy Castle -->
<!-- https://mvnrepository.com/artifact/org.bouncycastle/bcprov-jdk18on -->
<dependency>
<groupId>org.bouncycastle</groupId>
<artifactId>bcprov-jdk15on</artifactId>
<version>1.70</version>
<artifactId>bcprov-jdk18on</artifactId>
<version>1.77</version>
</dependency>

<!-- https://mvnrepository.com/artifact/com.nimbusds/nimbus-jose-jwt -->
<dependency>
<groupId>com.nimbusds</groupId>
<artifactId>nimbus-jose-jwt</artifactId>
<version>9.31</version>
<version>9.37.1</version>
</dependency>

<!-- https://mvnrepository.com/artifact/com.apicatalog/titanium-json-ld -->
<dependency>
<groupId>com.apicatalog</groupId>
<artifactId>titanium-json-ld</artifactId>
<version>1.3.2</version>
<version>1.3.3</version>
</dependency>

<!-- https://mvnrepository.com/artifact/io.setl/rdf-urdna -->
Expand All @@ -117,14 +122,14 @@ SPDX-License-Identifier: Apache-2.0
<dependency>
<groupId>jakarta.json</groupId>
<artifactId>jakarta.json-api</artifactId>
<version>2.1.2</version>
<version>2.1.3</version>
</dependency>

<!-- https://mvnrepository.com/artifact/org.eclipse.parsson/parsson -->
<dependency>
<groupId>org.eclipse.parsson</groupId>
<artifactId>parsson</artifactId>
<version>1.1.3</version>
<version>1.1.5</version>
</dependency>

<!-- https://mvnrepository.com/artifact/com.fasterxml.jackson.dataformat/jackson-dataformat-xml -->
Expand All @@ -138,14 +143,14 @@ SPDX-License-Identifier: Apache-2.0
<dependency>
<groupId>com.github.ben-manes.caffeine</groupId>
<artifactId>caffeine</artifactId>
<version>3.1.6</version>
<version>3.1.8</version>
</dependency>

<!-- https://mvnrepository.com/artifact/org.apache.commons/commons-lang3 -->
<dependency>
<groupId>org.apache.commons</groupId>
<artifactId>commons-lang3</artifactId>
<version>3.12.0</version>
<version>3.14.0</version>
</dependency>

<!-- https://mvnrepository.com/artifact/commons-validator/commons-validator -->
Expand All @@ -158,64 +163,76 @@ SPDX-License-Identifier: Apache-2.0
<!-- Google Tink -->
<!-- Note: that for EdDSA you need to include the optional Tink
dependency in your project. For Nimbus JOSE+JWT 6.0 that would be -->
<!-- https://mvnrepository.com/artifact/com.google.crypto.tink/tink -->
<dependency>
<groupId>com.google.crypto.tink</groupId>
<artifactId>tink</artifactId>
<version>1.9.0</version>
<version>1.11.0</version>
</dependency>
<!-- Net Crypto EDDSA -->
<!-- Required for the EDSA Security Provider -->
<!-- https://mvnrepository.com/artifact/net.i2p.crypto/eddsa -->
<dependency>
<groupId>net.i2p.crypto</groupId>
<artifactId>eddsa</artifactId>
<version>0.3.0</version>
</dependency>

<!-- JUnit -->
<!-- https://mvnrepository.com/artifact/org.junit.jupiter/junit-jupiter -->
<dependency>
<groupId>org.junit.jupiter</groupId>
<artifactId>junit-jupiter</artifactId>
<version>5.9.3</version>
<version>5.10.1</version>
<scope>test</scope>
</dependency>

<!-- https://mvnrepository.com/artifact/org.junit.jupiter/junit-jupiter-engine -->
<dependency>
<groupId>org.junit.jupiter</groupId>
<artifactId>junit-jupiter-engine</artifactId>
<version>5.9.3</version>
<version>5.10.1</version>
<scope>test</scope>
</dependency>

<!-- Mockito -->
<!-- https://mvnrepository.com/artifact/org.mockito/mockito-core -->
<dependency>
<groupId>org.mockito</groupId>
<artifactId>mockito-core</artifactId>
<version>5.4.0</version>
<version>5.7.0</version>
<scope>test</scope>
</dependency>

<!-- https://mvnrepository.com/artifact/org.mockito/mockito-junit-jupiter -->
<dependency>
<groupId>org.mockito</groupId>
<artifactId>mockito-junit-jupiter</artifactId>
<version>5.4.0</version>
<version>5.7.0</version>
<scope>test</scope>
</dependency>
<!--
https://mvnrepository.com/artifact/org.testcontainers/testcontainers -->

<!-- https://mvnrepository.com/artifact/org.testcontainers/testcontainers -->
<dependency>
<groupId>org.testcontainers</groupId>
<artifactId>testcontainers</artifactId>
<version>1.18.3</version>
<version>1.19.3</version>
<scope>test</scope>
</dependency>

<!-- https://mvnrepository.com/artifact/org.testcontainers/junit-jupiter -->
<dependency>
<groupId>org.testcontainers</groupId>
<artifactId>junit-jupiter</artifactId>
<version>1.18.3</version>
<version>1.19.3</version>
<scope>test</scope>
</dependency>

<!-- https://mvnrepository.com/artifact/org.testcontainers/nginx -->
<dependency>
<groupId>org.testcontainers</groupId>
<artifactId>nginx</artifactId>
<version>1.18.3</version>
<version>1.19.3</version>
<scope>test</scope>
</dependency>
</dependencies>
Expand Down Expand Up @@ -320,8 +337,9 @@ SPDX-License-Identifier: Apache-2.0
</executions>
</plugin>
<plugin>
<groupId>org.apache.maven.plugins</groupId>
<artifactId>maven-failsafe-plugin</artifactId>
<version>3.1.2</version>
<version>3.2.2</version>
<executions>
<execution>
<goals>
Expand All @@ -331,16 +349,12 @@ SPDX-License-Identifier: Apache-2.0
</execution>
</executions>
</plugin>
<plugin>
<groupId>org.apache.maven.plugins</groupId>
<artifactId>maven-surefire-plugin</artifactId>
<version>3.2.2</version>
</plugin>
</plugins>
<pluginManagement>
<plugins>
<plugin>
<groupId>org.apache.maven.plugins</groupId>
<artifactId>maven-surefire-plugin</artifactId>
<version>3.1.2</version>
</plugin>
</plugins>
</pluginManagement>
</build>

<profiles>
Expand Down Expand Up @@ -405,7 +419,7 @@ SPDX-License-Identifier: Apache-2.0
<plugin>
<groupId>org.apache.maven.plugins</groupId>
<artifactId>maven-source-plugin</artifactId>
<version>2.2.1</version>
<version>3.3.0</version>
<executions>
<execution>
<id>attach-sources</id>
Expand All @@ -418,7 +432,7 @@ SPDX-License-Identifier: Apache-2.0
<plugin>
<groupId>org.apache.maven.plugins</groupId>
<artifactId>maven-javadoc-plugin</artifactId>
<version>2.9.1</version>
<version>3.6.2</version>
<executions>
<execution>
<id>attach-javadocs</id>
Expand Down Expand Up @@ -458,7 +472,7 @@ SPDX-License-Identifier: Apache-2.0
<distributionManagement>
<!-- <repository></repository> is not needed as we're using nexus-staging-maven-plugin -->
<snapshotRepository>
<id>osshr</id>
<id>ossrh</id>
<name>Maven Central Snapshots</name>
<url>https://oss.sonatype.org/content/repositories/snapshots</url>
</snapshotRepository>
Expand Down

0 comments on commit ff09b71

Please sign in to comment.