Merge pull request 'Update dependencies' (#11) from feature/18516 into develop

fmichielssen · fmichielssen · commit b2f477496baf · 2020-10-07T11:33:31.000Z
diff --git a/pom.xml b/pom.xml
@@ -188,7 +188,7 @@
 		<dependency>
 			<groupId>org.springframework.security.extensions</groupId>
 			<artifactId>spring-security-saml2-core</artifactId>
-			<version>1.0.9.RELEASE</version>
+			<version>1.0.10.RELEASE</version>
 		</dependency>
 
 		<!-- Kerberos -->
@@ -207,7 +207,7 @@
 		<dependency>
 			<groupId>com.spotify</groupId>
 			<artifactId>docker-client</artifactId>
-			<version>8.15.2</version>
+			<version>8.15.3</version>
 		</dependency>
 		<!-- Jersey, a dependency of docker-client with wonky version constraints -->
 		<dependency>
@@ -244,12 +244,12 @@
 		<dependency>
 			<groupId>org.webjars</groupId>
 			<artifactId>bootstrap</artifactId>
-			<version>3.3.7</version>
+			<version>3.4.1</version>
 		</dependency>
 		<dependency>
 			<groupId>org.webjars</groupId>
 			<artifactId>jquery</artifactId>
-			<version>3.3.1</version>
+			<version>3.5.0</version>
 		</dependency>
 
 		<!-- Amazon S3 -->
@@ -297,6 +297,33 @@
 			<scope>test</scope>
 		</dependency>
 
+
+                <!-- Recursive dependencies which are upgraded for security -->
+                <dependency>
+                    <groupId>commons-collections</groupId>
+                    <artifactId>commons-collections</artifactId>
+                    <version>3.2.2</version>
+                </dependency>
+                <dependency>
+                    <groupId>org.apache.commons</groupId>
+                    <artifactId>commons-compress</artifactId>
+                    <version>1.19</version>
+                </dependency>
+                <dependency>
+                    <groupId>commons-beanutils</groupId>
+                    <artifactId>commons-beanutils</artifactId>
+                    <version>1.9.4</version>
+                </dependency>
+                <dependency>
+                    <groupId>com.google.guava</groupId>
+                    <artifactId>guava</artifactId>
+                    <version>25.0-jre</version>
+                </dependency>
+                <dependency>
+                    <groupId>org.springframework</groupId>
+                    <artifactId>spring-core</artifactId>
+                    <version>5.2.9.RELEASE</version>
+                </dependency>
 	</dependencies>
 
 	<build>
@@ -384,4 +411,27 @@
 			</plugin>
 		</plugins>
 	</build>
+
+        <profiles>
+          <profile>
+            <id>owasp-dependency-check</id>
+            <build>
+              <plugins>
+                <plugin>
+                  <groupId>org.owasp</groupId>
+                  <artifactId>dependency-check-maven</artifactId>
+                  <version>6.0.2</version>
+                  <executions>
+                    <execution>
+                      <goals>
+                        <goal>check</goal>
+                      </goals>
+                    </execution>
+                  </executions>
+                </plugin>
+              </plugins>
+            </build>
+          </profile>
+        </profiles>
+
 </project>
diff --git a/src/main/resources/templates/error.html b/src/main/resources/templates/error.html
@@ -28,10 +28,10 @@
 <head lang="en">
 	<title>Error</title>
 	<meta http-equiv="Content-Type" content="text/html; charset=UTF-8" />
-	<link rel="stylesheet" media="screen" th:href="@{/webjars/bootstrap/3.3.7/css/bootstrap.min.css}"/>
+	<link rel="stylesheet" media="screen" th:href="@{/webjars/bootstrap/3.4.1/css/bootstrap.min.css}"/>
 	<link rel="stylesheet" media="screen" th:href="@{/css/error.css}"/>
-	<script th:src="@{/webjars/jquery/3.3.1/jquery.min.js}"></script>
-	<script th:src="@{/webjars/bootstrap/3.3.7/js/bootstrap.min.js}"></script>
+	<script th:src="@{/webjars/jquery/3.5.0/jquery.min.js}"></script>
+	<script th:src="@{/webjars/bootstrap/3.4.1/js/bootstrap.min.js}"></script>
 </head>
 
 <body>
diff --git a/src/main/resources/templates/login.html b/src/main/resources/templates/login.html
@@ -28,12 +28,12 @@
 <head lang="en">
 	<title th:text="${title}"></title>
 	<meta http-equiv="Content-Type" content="text/html; charset=UTF-8" />
-	<link rel="stylesheet" media="screen" th:href="@{/webjars/bootstrap/3.3.7/css/bootstrap.min.css}"/>
+	<link rel="stylesheet" media="screen" th:href="@{/webjars/bootstrap/3.4.1/css/bootstrap.min.css}"/>
 	<link rel="stylesheet" media="screen" th:href="@{/css/login.css}"/>
 	<link rel="stylesheet" media="screen" type="text/css" href="https://cdn.jsdelivr.net/bootstrap-social/5.1.1/bootstrap-social.css"/>
 	<link rel="stylesheet" media="screen" type="text/css" href="https://cdn.jsdelivr.net/fontawesome/4.7.0/css/font-awesome.min.css"/>
-	<script th:src="@{/webjars/jquery/3.3.1/jquery.min.js}"></script>
-	<script th:src="@{/webjars/bootstrap/3.3.7/js/bootstrap.min.js}"></script>
+	<script th:src="@{/webjars/jquery/3.5.0/jquery.min.js}"></script>
+	<script th:src="@{/webjars/bootstrap/3.4.1/js/bootstrap.min.js}"></script>
 </head>
 
 <body>
