diff --git a/.mvn/maven.config b/.mvn/maven.config new file mode 100644 index 0000000..78013bc --- /dev/null +++ b/.mvn/maven.config @@ -0,0 +1,2 @@ +-Dstyle.color=always +-T1C diff --git a/.vscode/settings.json b/.vscode/settings.json index a3cc8af..5ca564b 100644 --- a/.vscode/settings.json +++ b/.vscode/settings.json @@ -2,5 +2,9 @@ "cSpell.words": [ "raidbuilder", "springframework" - ] + ], + "sonarlint.connectedMode.project": { + "connectionId": "mattrixwvSonarqube", + "projectKey": "RaidBuilderAPI" + } } \ No newline at end of file diff --git a/README.md b/README.md index e69de29..da4ca1c 100644 --- a/README.md +++ b/README.md @@ -0,0 +1,3 @@ +# Raid Builder API + +[![Quality Gate Status](https://sonarqube.mattrixwv.com/api/project_badges/measure?project=RaidBuilderAPI&metric=alert_status&token=sqb_ab4c1e39be4304f908cc73a4c94c1b40577a4e9f)](https://sonarqube.mattrixwv.com/dashboard?id=RaidBuilderAPI) diff --git a/dependencySuppression.xml b/dependencySuppression.xml new file mode 100644 index 0000000..a35b822 --- /dev/null +++ b/dependencySuppression.xml @@ -0,0 +1,16 @@ + + + + ^pkg:maven/org\.springframework/spring\-web@.*$ + CVE-2016-1000027 + + + + ^pkg:maven/org\.springframework\.boot/spring-boot-devtools@.*$ + CVE-2022-31691 + + diff --git a/pom.xml b/pom.xml index d2ed542..a2561c0 100644 --- a/pom.xml +++ b/pom.xml @@ -1,6 +1,6 @@ - + 4.0.0 com.mattrixwv.raidbuilder @@ -10,23 +10,39 @@ Raid Builder API https://api.raidbuilder.mattrixwv.com + + + Matthew Ellison + m_ellison@ymail.com + https://git.mattrixwv.com/matthew + + + + + scm:git:git://git.mattrixwv.com/HomeLab/RaidBuilderAPI.git + scm:git:ssh://git.mattrixwv.com/HomeLab/RaidBuilderAPI.git + https://git.mattrixwv.com/HomeLab/RaidBuilderAPI + + UTF-8 - 21 - 21 - 21 + 25 + 25 + 25 - 21 + 25 target/dependency-check-report.json target/dependency-check-report.html + + org.springframework.boot spring-boot-starter-parent - 4.0.1 + 4.0.2 @@ -85,6 +101,10 @@ com.vaadin.external.google android-json + + org.springframework.boot + spring-boot-starter-logging + @@ -92,12 +112,12 @@ org.postgresql postgresql - 42.7.8 + 42.7.9 io.hypersistence hypersistence-utils-hibernate-63 - 3.14.1 + 3.15.1 @@ -109,7 +129,7 @@ tools.jackson.datatype jackson-datatype-hibernate6 - 3.0.3 + 3.0.4 @@ -150,161 +170,47 @@ commons-codec commons-codec - 1.20.0 + 1.21.0 - - org.springframework.boot - spring-boot-maven-plugin - org.apache.maven.plugins maven-enforcer-plugin - 3.6.2 enforce-maven enforce - - - - 3.8.6 - - - + org.apache.maven.plugins - maven-clean-plugin - 3.5.0 - - - org.apache.maven.plugins - maven-resources-plugin - 3.4.0 - - - org.apache.maven.plugins - maven-compiler-plugin - 3.14.1 - - - -Xlint:all - -proc:full - - true - true - - - - org.apache.maven.plugins - maven-surefire-plugin - 3.5.4 - - ${skip.unit.tests} - - **/*IntegrationTest.java - - - org.apache.logging.log4j:log4j-slf4j2-impl - - - - - org.apache.maven.plugins - maven-jar-plugin - 3.5.0 - - - org.apache.maven.plugins - maven-install-plugin - 3.1.4 - - - org.apache.maven.plugins - maven-deploy-plugin - 3.1.4 + maven-dependency-plugin + + + + properties + + + + org.apache.maven.plugins maven-failsafe-plugin - 3.5.4 - - - - ${skip.integration.tests} - - **/*IntegrationTest.java - - - org.apache.logging.log4j:log4j-slf4j2-impl - - - - - - - org.apache.maven.plugins - maven-site-plugin - 3.21.0 - - - org.apache.maven.plugins - maven-project-info-reports-plugin - 3.9.0 - - - org.codehaus.mojo - versions-maven-plugin - 2.20.1 - - file://${session.executionRootDirectory}/version-rules.xml - + - - org.sonarsource.scanner.maven - sonar-maven-plugin - 5.5.0.6356 - - - org.jacoco - jacoco-maven-plugin - 0.8.14 - - - **/CipherStreamAPI* - - - - - jacoco-initialize - none - - prepare-agent - - - - jacoco-site - none - - report - - - - org.owasp dependency-check-maven - 12.1.9 none @@ -313,14 +219,162 @@ - - - json - html - - nvd - + + + + + org.springframework.boot + spring-boot-maven-plugin + + + + org.apache.maven.plugins + maven-enforcer-plugin + 3.6.2 + + + + 3.8.6 + + + + + + org.apache.maven.plugins + maven-clean-plugin + 3.5.0 + + + org.apache.maven.plugins + maven-resources-plugin + 3.4.0 + + + org.apache.maven.plugins + maven-compiler-plugin + 3.14.1 + + + -Xlint:all + -proc:full + -Xlint:-serial + -Xlint:-processing + + true + true + + + + org.apache.maven.plugins + maven-surefire-plugin + 3.5.4 + + ${skip.unit.tests} + + **/*IntegrationTest.java + + + org.apache.logging.log4j:log4j-slf4j2-impl + + @{argLine} -Xshare:off -javaagent:${org.mockito:mockito-core:jar} + + + + org.apache.maven.plugins + maven-jar-plugin + 3.5.0 + + + org.apache.maven.plugins + maven-install-plugin + 3.1.4 + + + org.apache.maven.plugins + maven-deploy-plugin + 3.1.4 + + + org.apache.maven.plugins + maven-failsafe-plugin + 3.5.4 + + ${skip.integration.tests} + + **/*IntegrationTest.java + + + + + org.apache.maven.plugins + maven-site-plugin + 3.21.0 + + + org.apache.maven.plugins + maven-project-info-reports-plugin + 3.9.0 + + + org.codehaus.mojo + versions-maven-plugin + 2.21.0 + + file://${session.executionRootDirectory}/version-rules.xml + + + + + org.sonarsource.scanner.maven + sonar-maven-plugin + 5.5.0.6356 + + + org.jacoco + jacoco-maven-plugin + 0.8.14 + + + **/RaidBuilderAPI* + + + + + jacoco-initialize + none + + prepare-agent + + + + jacoco-site + none + + report + + + + + + org.owasp + dependency-check-maven + 12.2.0 + + + json + html + + nvd + 7 + ossindex + + ${project.basedir}/dependencySuppression.xml + + + + +