Skip to content

Commit

Permalink
Snyk upgrades (#43)
Browse files Browse the repository at this point in the history 
* Upgrade dependencies to resolve Snyk findings
* Upgrade pre-commit hooks
* Update 3rd party licenses

Signed-off-by: Sebastian Becker <[email protected]>
  • Loading branch information
@sbckr
sbckr authored Feb 17, 2023
1 parent ef4f222 commit 2fa009a
Show file tree
Hide file tree
Showing 152 changed files with 5,265 additions and 13,628 deletions.
15 changes: 11 additions & 4 deletions .pre-commit-config.yaml
View file
Original file line number Diff line number Diff line change
Expand Up @@ -5,13 +5,20 @@
# SPDX-License-Identifier: Apache-2.0
#
repos:
- repo: https://github.com/pre-commit/pre-commit-hooks
rev: v4.4.0
hooks:
- id: check-byte-order-marker
- id: end-of-file-fixer
- id: trailing-whitespace
- id: mixed-line-ending
- repo: https://github.com/macisamuele/language-formatters-pre-commit-hooks
rev: v2.0.0
rev: v2.6.0
hooks:
- id: pretty-format-java
args: [--autofix]
- repo: https://github.com/executablebooks/mdformat
rev: 0.7.7
rev: 0.7.16
hooks:
- id: mdformat
args:
Expand All @@ -21,7 +28,7 @@ repos:
- mdformat-gfm
exclude: .*/3RD-PARTY-LICENSES/.*
- repo: https://github.com/igorshubovych/markdownlint-cli
rev: v0.27.1
rev: v0.33.0
hooks:
- id: markdownlint
exclude: .*/3RD-PARTY-LICENSES/.*|amphora-service/charts/amphora/README.md$
exclude: .*/3RD-PARTY-LICENSES/.*|amphora-service/charts/amphora/README.md$
17 changes: 17 additions & 0 deletions amphora-common/3RD-PARTY-LICENSES/com.fasterxml.jackson.core_jackson-core/NOTICE
View file
Original file line number Diff line number Diff line change
@@ -0,0 +1,17 @@
# Jackson JSON processor

Jackson is a high-performance, Free/Open Source JSON processing library.
It was originally written by Tatu Saloranta ([email protected]), and has
been in development since 2007.
It is currently developed by a community of developers.

## Licensing

Jackson 2.x core and extension components are licensed under Apache License 2.0
To find the details that apply to this artifact see the accompanying LICENSE file.

## Credits

A list of contributors may be found from CREDITS(-2.x) file, which is included
in some artifacts (usually source distributions); but is always available
from the source code management (SCM) system project uses.
17 changes: 17 additions & 0 deletions amphora-common/3RD-PARTY-LICENSES/com.fasterxml.jackson.core_jackson-databind/NOTICE
View file
Original file line number Diff line number Diff line change
@@ -0,0 +1,17 @@
# Jackson JSON processor

Jackson is a high-performance, Free/Open Source JSON processing library.
It was originally written by Tatu Saloranta ([email protected]), and has
been in development since 2007.
It is currently developed by a community of developers.

## Licensing

Jackson 2.x core and extension components are licensed under Apache License 2.0
To find the details that apply to this artifact see the accompanying LICENSE file.

## Credits

A list of contributors may be found from CREDITS(-2.x) file, which is included
in some artifacts (usually source distributions); but is always available
from the source code management (SCM) system project uses.
0 ...Y-LICENSES/com.google.guava_guava/LICENSE → ....apache.httpcomponents_httpclient/LICENSE
View file
File renamed without changes.
558 changes: 0 additions & 558 deletions amphora-common/3RD-PARTY-LICENSES/org.apache.httpcomponents_httpclient/LICENSE.txt
View file

This file was deleted.

5 changes: 3 additions & 2 deletions ...apache.httpcomponents_httpcore/NOTICE.txt → ...g.apache.httpcomponents_httpclient/NOTICE
View file
Original file line number Diff line number Diff line change
@@ -1,5 +1,6 @@
Apache HttpComponents Core
Copyright 2005-2020 The Apache Software Foundation

Apache HttpClient
Copyright 1999-2022 The Apache Software Foundation

This product includes software developed at
The Apache Software Foundation (http://www.apache.org/).
0 ....plugins_maven-wrapper-plugin/LICENSE.txt → ...rg.apache.httpcomponents_httpcore/LICENSE
View file
File renamed without changes.
178 changes: 0 additions & 178 deletions amphora-common/3RD-PARTY-LICENSES/org.apache.httpcomponents_httpcore/LICENSE.txt
View file

This file was deleted.

5 changes: 3 additions & 2 deletions ...apache.httpcomponents_httpcore/NOTICE.txt → ...org.apache.httpcomponents_httpcore/NOTICE
View file
Original file line number Diff line number Diff line change
@@ -1,5 +1,6 @@
Apache HttpComponents Core
Copyright 2005-2020 The Apache Software Foundation

Apache HttpCore
Copyright 2005-2022 The Apache Software Foundation

This product includes software developed at
The Apache Software Foundation (http://www.apache.org/).
30 changes: 15 additions & 15 deletions amphora-common/3RD-PARTY-LICENSES/sbom.xml
View file
Original file line number Diff line number Diff line change
Expand Up @@ -30,8 +30,8 @@
<name>Apache HttpClient</name>
<groupId>org.apache.httpcomponents</groupId>
<artifactId>httpclient</artifactId>
<version>4.5.13</version>
<projectUrl>http://hc.apache.org/httpcomponents-client</projectUrl>
<version>4.5.14</version>
<projectUrl>http://hc.apache.org/httpcomponents-client-ga</projectUrl>
<licenses>
<license>
<name>Apache License, Version 2.0</name>
Expand All @@ -43,7 +43,7 @@
<name>Apache HttpCore</name>
<groupId>org.apache.httpcomponents</groupId>
<artifactId>httpcore</artifactId>
<version>4.4.13</version>
<version>4.4.16</version>
<projectUrl>http://hc.apache.org/httpcomponents-core-ga</projectUrl>
<licenses>
<license>
Expand All @@ -56,7 +56,7 @@
<name>Carbyne Stack MP-SPDZ Integration Utilities</name>
<groupId>io.carbynestack</groupId>
<artifactId>mp-spdz-integration</artifactId>
<version>0.1-SNAPSHOT-1257545971-1-d751c28</version>
<version>0.2-SNAPSHOT-3541842672-11-c754bbb</version>
<licenses>
<license>
<name>Apache-2.0</name>
Expand All @@ -68,46 +68,46 @@
<name>Jackson-annotations</name>
<groupId>com.fasterxml.jackson.core</groupId>
<artifactId>jackson-annotations</artifactId>
<version>2.12.6</version>
<projectUrl>http://github.com/FasterXML/jackson</projectUrl>
<version>2.14.1</version>
<projectUrl>https://github.com/FasterXML/jackson</projectUrl>
<licenses>
<license>
<name>The Apache Software License, Version 2.0</name>
<url>http://www.apache.org/licenses/LICENSE-2.0.txt</url>
<url>https://www.apache.org/licenses/LICENSE-2.0.txt</url>
</license>
</licenses>
</dependency>
<dependency>
<name>Jackson-core</name>
<groupId>com.fasterxml.jackson.core</groupId>
<artifactId>jackson-core</artifactId>
<version>2.12.6</version>
<version>2.14.1</version>
<projectUrl>https://github.com/FasterXML/jackson-core</projectUrl>
<licenses>
<license>
<name>The Apache Software License, Version 2.0</name>
<url>http://www.apache.org/licenses/LICENSE-2.0.txt</url>
<url>https://www.apache.org/licenses/LICENSE-2.0.txt</url>
</license>
</licenses>
</dependency>
<dependency>
<name>jackson-databind</name>
<groupId>com.fasterxml.jackson.core</groupId>
<artifactId>jackson-databind</artifactId>
<version>2.12.6</version>
<projectUrl>http://github.com/FasterXML/jackson</projectUrl>
<version>2.14.1</version>
<projectUrl>https://github.com/FasterXML/jackson</projectUrl>
<licenses>
<license>
<name>The Apache Software License, Version 2.0</name>
<url>http://www.apache.org/licenses/LICENSE-2.0.txt</url>
<url>https://www.apache.org/licenses/LICENSE-2.0.txt</url>
</license>
</licenses>
</dependency>
<dependency>
<name>Project Lombok</name>
<groupId>org.projectlombok</groupId>
<artifactId>lombok</artifactId>
<version>1.18.18</version>
<version>1.18.24</version>
<projectUrl>https://projectlombok.org</projectUrl>
<licenses>
<license>
Expand All @@ -120,7 +120,7 @@
<name>Vavr</name>
<groupId>io.vavr</groupId>
<artifactId>vavr</artifactId>
<version>0.10.3</version>
<version>0.10.4</version>
<projectUrl>http://vavr.io</projectUrl>
<licenses>
<license>
Expand All @@ -133,7 +133,7 @@
<name>Vavr Match</name>
<groupId>io.vavr</groupId>
<artifactId>vavr-match</artifactId>
<version>0.10.3</version>
<version>0.10.4</version>
<projectUrl>http://vavr.io</projectUrl>
<licenses>
<license>
Expand Down
Loading

0 comments on commit 2fa009a

Please sign in to comment.