-
Notifications
You must be signed in to change notification settings - Fork 661
Expand file tree
/
Copy pathdependencies.gradle
More file actions
124 lines (120 loc) · 7.5 KB
/
dependencies.gradle
File metadata and controls
124 lines (120 loc) · 7.5 KB
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
/*
* Licensed to the Apache Software Foundation (ASF) under one
* or more contributor license agreements. See the NOTICE file
* distributed with this work for additional information
* regarding copyright ownership. The ASF licenses this file
* to you under the Apache License, Version 2.0 (the
* "License"); you may not use this file except in compliance
* with the License. You may obtain a copy of the License at
*
* http://www.apache.org/licenses/LICENSE-2.0
*
* Unless required by applicable law or agreed to in writing,
* software distributed under the License is distributed on an
* "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
* KIND, either express or implied. See the License for the
* specific language governing permissions and limitations
* under the License.
*/
dependencies {
implementation 'com.drewnoakes:metadata-extractor:2.20.0'
implementation 'com.github.ben-manes.caffeine:caffeine:3.2.3'
implementation 'com.google.guava:guava:33.6.0-jre'
implementation 'com.google.zxing:core:3.5.4'
implementation 'com.googlecode.concurrentlinkedhashmap:concurrentlinkedhashmap-lru:1.4.2'
implementation 'com.googlecode.ez-vcard:ez-vcard:0.12.2'
implementation 'com.googlecode.owasp-java-html-sanitizer:owasp-java-html-sanitizer:20240325.1'
implementation 'com.googlecode.libphonenumber:libphonenumber:8.13.55'
implementation 'com.ibm.icu:icu4j:76.1'
implementation 'com.github.librepdf:openpdf:1.4.2' // This is the last version with com.lowagie.text that is used (only) by PdfSurveyServices class.
implementation 'com.sun.mail:javax.mail:1.6.2'
implementation 'com.rometools:rome:2.1.0'
implementation 'com.thoughtworks.xstream:xstream:1.4.21'
implementation 'commons-cli:commons-cli:1.11.0'
implementation 'commons-net:commons-net:3.13.0'
implementation 'commons-validator:commons-validator:1.10.1'
implementation 'javax.transaction:javax.transaction-api:1.3'
implementation 'net.fortuna.ical4j:ical4j:1.0-rc4-atlassian-12'
implementation 'net.lingala.zip4j:zip4j:2.11.6'
implementation 'org.activiti:activiti-juel-jakarta:8.1.0'
implementation 'org.apache.ant:ant-junit:1.10.17'
implementation 'org.apache.commons:commons-collections4:4.5.0'
implementation 'org.apache.commons:commons-csv:1.14.1'
implementation 'org.apache.commons:commons-dbcp2:2.14.0'
implementation 'org.apache.commons:commons-fileupload2-jakarta:2.0.0-M1'
implementation 'org.apache.commons:commons-imaging:1.0-alpha3' // Alpha but OK, "Imaging was working and was used by a number of projects in production even before reaching its initial release as an Apache Commons component." Since 1.0.0-alpha4 (note the use of semver) the API has changed. Better wait an "official release" to rewrite OFBiz code...
implementation 'org.apache.commons:commons-text:1.15.0'
implementation 'org.apache.geronimo.components:geronimo-transaction:3.1.5' // 4.0.0 does not compile
implementation 'org.apache.geronimo.specs:geronimo-jms_1.1_spec:1.1.1'
implementation 'org.apache.httpcomponents:httpclient-cache:4.5.14'
implementation 'org.apache.logging.log4j:log4j-api:2.25.4' // the API of log4j 2
implementation 'org.apache.logging.log4j:log4j-core:2.25.4' // Somehow needed by Buildbot to compile OFBizDynamicThresholdFilter.java
implementation 'org.apache.poi:poi:5.5.1'
implementation 'org.apache.pdfbox:pdfbox:3.0.7'
implementation 'org.apache.pdfbox:pdfbox-io:3.0.7'
implementation 'org.apache.shiro:shiro-core:1.13.0' // Got "Exception in thread "main" java.lang.UnsupportedOperationException: Cannot create a hash with the given algorithm: argon2" with 2.0.2 in integration tests
implementation 'org.apache.shiro:shiro-crypto-cipher:2.1.0'
implementation 'org.apache.sshd:sshd-core:2.17.1'
implementation 'org.apache.sshd:sshd-sftp:2.17.1'
implementation 'org.apache.tika:tika-core:3.3.0'
implementation 'org.apache.tika:tika-parsers:3.3.0'
implementation 'org.apache.tika:tika-parser-pdf-module:3.3.0'
implementation 'org.apache.cxf:cxf-rt-frontend-jaxrs:4.2.0'
implementation 'org.apache.tomcat:tomcat-catalina-ha:10.1.54' // Remember to change the version number (10 now) in javadoc block if needed.
implementation 'org.apache.tomcat:tomcat-jasper:10.1.54'
implementation 'org.apache.axis2:axis2-kernel:1.8.2'
implementation 'org.apache.xmlgraphics:batik-anim:1.19'
implementation 'org.apache.xmlgraphics:batik-util:1.19'
implementation 'org.apache.xmlgraphics:batik-bridge:1.19'
implementation 'org.apache.xmlgraphics:fop:2.11'
implementation 'org.clojure:clojure:1.12.4'
implementation 'org.apache.groovy:groovy-all:5.0.5'
implementation 'org.freemarker:freemarker:2.3.34' // Remember to change the version number in FreeMarkerWorker class when upgrading. See OFBIZ-10019 if >= 2.4
implementation 'org.owasp.esapi:esapi:2.7.0.0'
implementation 'org.springframework:spring-test:6.2.18'
implementation 'org.springframework:spring-web:6.2.18'
implementation 'com.fasterxml.jackson.core:jackson-databind:2.21.3'
implementation 'oro:oro:2.0.8'
implementation 'wsdl4j:wsdl4j:1.6.3'
implementation 'com.auth0:java-jwt:4.5.2'
implementation 'com.auth0:jwks-rsa:0.23.1'
implementation 'org.jdom:jdom2:2.0.6.1'
implementation 'com.google.re2j:re2j:1.8'
implementation 'xerces:xercesImpl:2.12.2'
implementation('org.mustangproject:library:2.22.0') {
exclude group: 'pull-parser', module: 'pull-parser'
exclude group: 'xpp3', module: 'xpp3'
}
testImplementation 'org.hamcrest:hamcrest-library:2.2' // Enable junit4 to not depend on hamcrest-1.3
testImplementation 'org.mockito:mockito-core:5.23.0'
testImplementation 'org.jmockit:jmockit:1.50'
testImplementation 'com.pholser:junit-quickcheck-generators:1.0'
runtimeOnly 'javax.xml.soap:javax.xml.soap-api:1.4.0'
runtimeOnly 'net.sf.barcode4j:barcode4j-fop-ext:2.1'
runtimeOnly 'net.sf.barcode4j:barcode4j:2.1'
runtimeOnly 'org.apache.avalon.framework:avalon-framework-impl:4.3.1'
runtimeOnly 'org.apache.axis2:axis2-transport-http:1.8.2'
runtimeOnly 'org.apache.axis2:axis2-transport-local:1.8.2'
runtimeOnly 'org.apache.derby:derby:10.16.1.1' // 10.17.x.x requires Java 21
runtimeOnly 'org.apache.derby:derbytools:10.16.1.1' // 10.17.x.x requires Java 21
runtimeOnly 'org.apache.geronimo.specs:geronimo-jaxrpc_1.1_spec:2.1'
runtimeOnly 'org.apache.logging.log4j:log4j-1.2-api:2.25.4' // for external jars using the old log4j1.2: routes logging to log4j 2
runtimeOnly 'org.apache.logging.log4j:log4j-jul:2.25.4' // for external jars using the java.util.logging: routes logging to log4j 2
runtimeOnly 'org.apache.logging.log4j:log4j-slf4j-impl:2.25.4' // for external jars using slf4j: routes logging to log4j 2
runtimeOnly 'org.apache.logging.log4j:log4j-web:2.25.4' //???
runtimeOnly 'org.apache.logging.log4j:log4j-jcl:2.25.4' // need to constrain to version to avoid classpath conflict (ReflectionUtil)
// specify last codenarc version for java 17 compliance
codenarc('org.codenarc:CodeNarc:3.7.0-groovy-4.0')
// use constraints to update transitive dependencies
constraints {
implementation('org.apache.james:apache-mime4j-core:0.8.14') {
because 'CVE-2024-21742'
}
implementation('org.bouncycastle:bcprov-jdk18on:1.84') {
because 'CVE-2024-29857, CVE-2024-30171, CVE-2024-30172, CVE-2024-34447'
}
implementation('org.testng:testng:7.12.0') {
because 'CVE-2022-4065'
}
}
}