|
188 | 188 | <dependency> |
189 | 189 | <groupId>org.springframework.security.extensions</groupId> |
190 | 190 | <artifactId>spring-security-saml2-core</artifactId> |
191 | | - <version>1.0.9.RELEASE</version> |
| 191 | + <version>1.0.10.RELEASE</version> |
192 | 192 | </dependency> |
193 | 193 |
|
194 | 194 | <!-- Kerberos --> |
|
207 | 207 | <dependency> |
208 | 208 | <groupId>com.spotify</groupId> |
209 | 209 | <artifactId>docker-client</artifactId> |
210 | | - <version>8.15.2</version> |
| 210 | + <version>8.15.3</version> |
211 | 211 | </dependency> |
212 | 212 | <!-- Jersey, a dependency of docker-client with wonky version constraints --> |
213 | 213 | <dependency> |
|
297 | 297 | <scope>test</scope> |
298 | 298 | </dependency> |
299 | 299 |
|
| 300 | + |
| 301 | + <!-- Recursive dependencies which are upgraded for security --> |
| 302 | + <dependency> |
| 303 | + <groupId>commons-collections</groupId> |
| 304 | + <artifactId>commons-collections</artifactId> |
| 305 | + <version>3.2.2</version> |
| 306 | + </dependency> |
| 307 | + <dependency> |
| 308 | + <groupId>org.apache.commons</groupId> |
| 309 | + <artifactId>commons-compress</artifactId> |
| 310 | + <version>1.19</version> |
| 311 | + </dependency> |
| 312 | + <dependency> |
| 313 | + <groupId>commons-beanutils</groupId> |
| 314 | + <artifactId>commons-beanutils</artifactId> |
| 315 | + <version>1.9.4</version> |
| 316 | + </dependency> |
| 317 | + <dependency> |
| 318 | + <groupId>com.google.guava</groupId> |
| 319 | + <artifactId>guava</artifactId> |
| 320 | + <version>25.0-jre</version> |
| 321 | + </dependency> |
| 322 | + <dependency> |
| 323 | + <groupId>org.springframework</groupId> |
| 324 | + <artifactId>spring-core</artifactId> |
| 325 | + <version>5.2.9.RELEASE</version> |
| 326 | + </dependency> |
300 | 327 | </dependencies> |
301 | 328 |
|
302 | 329 | <build> |
|
384 | 411 | </plugin> |
385 | 412 | </plugins> |
386 | 413 | </build> |
| 414 | + |
| 415 | + <profiles> |
| 416 | + <profile> |
| 417 | + <id>owasp-dependency-check</id> |
| 418 | + <build> |
| 419 | + <plugins> |
| 420 | + <plugin> |
| 421 | + <groupId>org.owasp</groupId> |
| 422 | + <artifactId>dependency-check-maven</artifactId> |
| 423 | + <version>6.0.2</version> |
| 424 | + <executions> |
| 425 | + <execution> |
| 426 | + <goals> |
| 427 | + <goal>check</goal> |
| 428 | + </goals> |
| 429 | + </execution> |
| 430 | + </executions> |
| 431 | + </plugin> |
| 432 | + </plugins> |
| 433 | + </build> |
| 434 | + </profile> |
| 435 | + </profiles> |
| 436 | + |
387 | 437 | </project> |
0 commit comments