From 6c753d2aa36131b6414ce69bfd2db00ce1d5096a Mon Sep 17 00:00:00 2001 From: shawn-sher <5396793+shawn-sher@users.noreply.github.com> Date: Wed, 8 Feb 2023 09:53:36 -0800 Subject: [PATCH] Updated library versions and some factoring (#1106) Co-authored-by: Shawn Sherwood --- build.gradle | 41 +++++++----- cerberus-api-tests/build.gradle | 39 +++++------ cerberus-audit-logger-athena/build.gradle | 8 +-- cerberus-auth-connector-okta/build.gradle | 4 +- cerberus-core/build.gradle | 8 +-- cerberus-domain/build.gradle | 5 +- cerberus-web/build.gradle | 20 +++--- gradle/bintray.gradle | 82 ----------------------- 8 files changed, 65 insertions(+), 142 deletions(-) delete mode 100644 gradle/bintray.gradle diff --git a/build.gradle b/build.gradle index 922312f3a..6e79ce866 100644 --- a/build.gradle +++ b/build.gradle @@ -19,17 +19,25 @@ import com.github.spotbugs.snom.SpotBugsReport buildscript { ext { versions = [ - lombok: '1.18.24', - resilience4j: '1.7.1', - awsSdkVersion: '1.12.367', - kork: '7.158.0', + ant: '1.10.+', + awsSdkVersion: '1.12.+', + commonsIo: '2.11.0', + groovy: '4.0.8', guava: '31.1-jre', - springBoot: '2.7.5', + jakartaXmlBindApi: '3.0.1', + jaxbRuntime: '4.0.1', jjwt: '0.11.5', - okta: '8.2.2', - oktaAuthnSdk: '2.0.9', - restAssured: '5.2.0', - groovy: '4.0.6' + kork: '7.160.2', + lang3: '3.12.0', + logback: '1.2.11', + lombok: '1.18.26', + mybatisSpring: '2.1.0', + okta: '8.2.3', + oktaAuthnSdk: '2.0.10', + oktaJwtVerifier: '0.5.7', + resilience4j: '1.7.1', // 2 requires java 17 + restAssured: '5.3.0', + springBoot: '2.7.8', ] } @@ -44,8 +52,7 @@ buildscript { } dependencies { - classpath "org.owasp:dependency-check-gradle:7.3.0" - classpath "com.jfrog.bintray.gradle:gradle-bintray-plugin:1.8.5" + classpath "org.owasp:dependency-check-gradle:8.0.2" } } @@ -53,7 +60,7 @@ plugins { id "io.spring.dependency-management" version "1.1.0" id "com.github.nbaztec.coveralls-jacoco" version "1.2.15" id "com.github.spotbugs" version "5.0.13" - id "com.diffplug.spotless" version "6.11.0" + id "com.diffplug.spotless" version "6.14.1" } apply from: 'gradle/owasp-dependency-check.gradle' @@ -125,8 +132,6 @@ allprojects { subprojects { apply plugin: 'io.spring.dependency-management' - apply from: file("${rootProject.projectDir}/gradle/bintray.gradle") - sourceCompatibility = '11' sourceSets { @@ -171,8 +176,8 @@ subprojects { // common test deps testImplementation "org.apache.groovy:groovy-all:${versions.groovy}" testImplementation 'org.spockframework:spock-core:2.3-groovy-4.0' - testImplementation 'junit:junit:4.13.2' - testImplementation group: 'org.mockito', name: 'mockito-all', version: '1.10.19' + testImplementation 'org.junit.jupiter:junit-jupiter-api:5.9.2' + testImplementation 'org.mockito:mockito-all:1.10.19' testImplementation 'com.openpojo:openpojo:0.9.1' } @@ -228,8 +233,8 @@ configurations { } dependencies { - antJUnit 'org.apache.ant:ant-junit:1.10.12' - runtimeOnly 'org.apache.ant:ant-antlr:1.10.12' + antJUnit "org.apache.ant:ant-junit:${versions.ant}" + runtimeOnly "org.apache.ant:ant-antlr:${versions.ant}" } diff --git a/cerberus-api-tests/build.gradle b/cerberus-api-tests/build.gradle index 63c29feec..444c056a5 100644 --- a/cerberus-api-tests/build.gradle +++ b/cerberus-api-tests/build.gradle @@ -25,34 +25,31 @@ repositories { configurations.all { resolutionStrategy { - force 'org.apache.ant:ant:1.10.12' + force "org.apache.ant:ant:${versions.ant}" } } dependencies { integrationTestImplementation project(':cerberus-core').sourceSets.test.output - integrationTestImplementation group: 'org.testng', name: 'testng', version: '7.5' - integrationTestImplementation 'junit:junit:4.13.2' + integrationTestImplementation group: 'org.testng', name: 'testng', version: '7.7.1' + integrationTestImplementation 'org.junit.jupiter:junit-jupiter-api:5.9.2' + integrationTestImplementation 'org.slf4j:slf4j-api:1.7.36' - integrationTestImplementation group: 'org.apache.groovy', name: 'groovy-all', version: versions.groovy + integrationTestImplementation "org.apache.groovy:groovy-all:${versions.groovy}" integrationTestImplementation "io.rest-assured:rest-assured:${versions.restAssured}" - integrationTestImplementation group: 'io.rest-assured', name: 'json-schema-validator', version: versions.restAssured - integrationTestImplementation group: 'io.rest-assured', name: 'json-path', version: versions.restAssured - integrationTestImplementation group: 'io.rest-assured', name: 'xml-path', version: versions.restAssured - integrationTestImplementation group: 'javax.xml.bind', name: 'jaxb-api', version: '2.3.1' - integrationTestImplementation group: 'org.glassfish.jaxb', name: 'jaxb-runtime', version: '3.0.2' - integrationTestImplementation group: 'org.hamcrest', name: 'hamcrest', version: '2.2' + integrationTestImplementation "io.rest-assured:json-schema-validator:${versions.restAssured}" + integrationTestImplementation "io.rest-assured:json-path:${versions.restAssured}" + integrationTestImplementation "io.rest-assured:xml-path:${versions.restAssured}" + integrationTestImplementation "javax.xml.bind:jaxb-api:2.3.1" + integrationTestImplementation "org.glassfish.jaxb:jaxb-runtime:${versions.jaxbRuntime}" + integrationTestImplementation "org.hamcrest:hamcrest:2.2" integrationTestImplementation "com.google.guava:guava:${versions.guava}" - integrationTestImplementation group: 'com.amazonaws', name: 'aws-java-sdk-kms', version: "${versions.awsSdkVersion}" - integrationTestImplementation group: 'com.amazonaws', name: 'aws-java-sdk-sts', version: "${versions.awsSdkVersion}" - integrationTestImplementation group: 'org.jboss.aerogear', name: 'aerogear-otp-java', version: '1.0.0' - integrationTestImplementation group: 'org.apache.commons', name: 'commons-lang3', version: '3.12.0' - integrationTestImplementation group: 'com.thedeanda', name: 'lorem', version: '2.1' - integrationTestImplementation "jakarta.xml.bind:jakarta.xml.bind-api:3.0.1" - integrationTestImplementation "jakarta.xml.bind:jakarta.xml.bind-api:3.0.1" - integrationTestImplementation "jakarta.xml.bind:jakarta.xml.bind-api:3.0.1" - integrationTestImplementation "org.glassfish.jaxb:jaxb-runtime:3.0.2" - integrationTestImplementation group: 'com.thedeanda', name: 'lorem', version: '2.1' - integrationTestImplementation "org.apache.groovy:groovy-all:4.0.6" + integrationTestImplementation "com.amazonaws:aws-java-sdk-kms:${versions.awsSdkVersion}" + integrationTestImplementation "com.amazonaws:aws-java-sdk-sts:${versions.awsSdkVersion}" + integrationTestImplementation "org.jboss.aerogear:aerogear-otp-java:1.0.0" + integrationTestImplementation "org.apache.commons:commons-lang3:${versions.lang3}" + integrationTestImplementation "com.thedeanda:lorem:2.1" + integrationTestImplementation "jakarta.xml.bind:jakarta.xml.bind-api:${versions.jakartaXmlBindApi}" + integrationTestImplementation "org.apache.groovy:groovy-all:${versions.groovy}" } integrationTest { diff --git a/cerberus-audit-logger-athena/build.gradle b/cerberus-audit-logger-athena/build.gradle index 668401fc8..1b3580c54 100644 --- a/cerberus-audit-logger-athena/build.gradle +++ b/cerberus-audit-logger-athena/build.gradle @@ -21,9 +21,9 @@ dependencies { implementation "com.amazonaws:aws-java-sdk-s3:${versions.awsSdkVersion}" implementation "com.amazonaws:aws-java-sdk-athena:${versions.awsSdkVersion}" - implementation "commons-io:commons-io:2.11.0" - implementation group: 'com.google.guava', name: 'guava', version: versions.guava + implementation "commons-io:commons-io:${versions.commonsIo}" + implementation "com.google.guava:guava:${versions.guava}" - implementation 'ch.qos.logback:logback-classic:1.2.11' - implementation 'ch.qos.logback:logback-core:1.2.11' + implementation "ch.qos.logback:logback-classic:${versions.logback}" + implementation "ch.qos.logback:logback-core:${versions.logback}" } diff --git a/cerberus-auth-connector-okta/build.gradle b/cerberus-auth-connector-okta/build.gradle index 6a0ccca8e..d6f1491fd 100644 --- a/cerberus-auth-connector-okta/build.gradle +++ b/cerberus-auth-connector-okta/build.gradle @@ -28,6 +28,6 @@ dependencies { implementation group: 'com.google.guava', name: 'guava', version: "${versions.guava}" // Okta jwt verfier libraries - implementation 'com.okta.jwt:okta-jwt-verifier:0.5.7' - implementation 'com.okta.jwt:okta-jwt-verifier-impl:0.5.7' + implementation "com.okta.jwt:okta-jwt-verifier:${versions.oktaJwtVerifier}" + implementation "com.okta.jwt:okta-jwt-verifier-impl:${versions.oktaJwtVerifier}" } diff --git a/cerberus-core/build.gradle b/cerberus-core/build.gradle index 98aa0b89d..4568f9e11 100644 --- a/cerberus-core/build.gradle +++ b/cerberus-core/build.gradle @@ -31,13 +31,13 @@ dependencies { api 'com.github.ben-manes.caffeine:caffeine:3.1.1' // TODO jav 8 -> java 11 error, verify and document why this is required - api "jakarta.xml.bind:jakarta.xml.bind-api:3.0.1" - api "org.glassfish.jaxb:jaxb-runtime:3.0.2" + api "jakarta.xml.bind:jakarta.xml.bind-api:${versions.jakartaXmlBindApi}" + api "org.glassfish.jaxb:jaxb-runtime:${versions.jaxbRuntime}" // Find bugs annotations - api group: 'com.google.code.findbugs', name: 'annotations', version: '3.0.1u2' + api 'com.google.code.findbugs:annotations:3.0.1u2' - api group: 'com.google.guava', name: 'guava', version: '31.0.1-jre' + api "com.google.guava:guava:${versions.guava}" } configurations.all { diff --git a/cerberus-domain/build.gradle b/cerberus-domain/build.gradle index 9a51a1bcc..01fa14bd0 100644 --- a/cerberus-domain/build.gradle +++ b/cerberus-domain/build.gradle @@ -19,11 +19,12 @@ repositories { } dependencies { - api group: 'javax.validation', name: 'validation-api', version: '2.0.1.Final' + api group: 'jakarta.validation', name: 'jakarta.validation-api', version: '2.0.2' + api group: 'org.hibernate', name: 'hibernate-validator', version: '7.0.5.Final' api group: 'com.fasterxml.jackson.core', name: 'jackson-annotations', version: '2.11.1' - api group: 'org.apache.commons', name: 'commons-lang3', version: '3.12.0' + api group: 'org.apache.commons', name: 'commons-lang3', version: versions.lang3 api group: 'org.apache.commons', name: 'commons-text', version: '1.10.0' integrationTestCompile "org.apache.groovy:groovy-all:${versions.groovy}" diff --git a/cerberus-web/build.gradle b/cerberus-web/build.gradle index f5660a5ca..085410154 100644 --- a/cerberus-web/build.gradle +++ b/cerberus-web/build.gradle @@ -15,7 +15,7 @@ */ plugins { - id 'org.springframework.boot' version "2.7.0" + id 'org.springframework.boot' version "2.7.8" } sourceCompatibility = '11' @@ -40,13 +40,15 @@ dependencies { implementation "org.springframework.boot:spring-boot-starter-actuator:${versions.springBoot}" implementation "org.springframework.boot:spring-boot-starter-web:${versions.springBoot}" implementation "org.springframework.boot:spring-boot-starter-security:${versions.springBoot}" + implementation "org.springframework.boot:spring-boot-starter:${versions.springBoot}" + implementation "org.springframework.boot:spring-boot:${versions.springBoot}" // DB: Mybatis, Flyway, C3p0 - implementation 'org.mybatis.spring.boot:mybatis-spring-boot-starter:2.2.2' - implementation 'org.mybatis:mybatis-spring:2.0.7' + implementation "org.mybatis.spring.boot:mybatis-spring-boot-starter:${versions.mybatisSpring}" + implementation "org.mybatis:mybatis-spring:${versions.mybatisSpring}" implementation 'org.mybatis:mybatis:3.5.11' implementation 'com.mchange:c3p0:0.9.5.5' - implementation 'mysql:mysql-connector-java:8.0.31' + implementation 'mysql:mysql-connector-java:8.0.32' implementation 'org.flywaydb:flyway-core:5.2.4' // Can't upgrade this past this version until Aurora is upgraded to 5.7 // First secrets @@ -54,11 +56,11 @@ dependencies { // Misc implementation "com.netflix.hystrix:hystrix-core:1.5.18" // TODO remove hystrix and use resilience4j - implementation group: 'com.google.guava', name: 'guava', version: "${versions.guava}" // todo, pretty sure with Java 11, we can get ride of this, we mostly use this for the collection builders. + implementation "com.google.guava:guava:${versions.guava}" // todo, pretty sure with Java 11, we can get ride of this, we mostly use this for the collection builders. implementation 'com.google.code.gson:gson:2.9.1' // todo delete, should use jackson. see cipher text utils // Secure File Mime Type - implementation group: 'org.apache.tika', name: 'tika-core', version: '1.26' + implementation "org.apache.tika:tika-core:1.28.5" // AWS implementation "com.amazonaws:aws-java-sdk-core:${versions.awsSdkVersion}" @@ -73,8 +75,8 @@ dependencies { implementation "io.jsonwebtoken:jjwt-api:${versions.jjwt}" implementation "io.jsonwebtoken:jjwt-impl:${versions.jjwt}" implementation "io.jsonwebtoken:jjwt-jackson:${versions.jjwt}" - implementation 'com.okta.jwt:okta-jwt-verifier:0.5.7' - implementation 'com.okta.jwt:okta-jwt-verifier-impl:0.5.7' + implementation "com.okta.jwt:okta-jwt-verifier:${versions.oktaJwtVerifier}" + implementation "com.okta.jwt:okta-jwt-verifier-impl:${versions.oktaJwtVerifier}" @@ -84,7 +86,7 @@ dependencies { // test deps testImplementation("org.springframework.boot:spring-boot-starter-test:${versions.springBoot}") - testImplementation "commons-io:commons-io:2.11.0" + testImplementation "commons-io:commons-io:${versions.commonsIo}" testImplementation "com.nike.backstopper:backstopper-reusable-tests:0.15.0" // Integration Test Deps diff --git a/gradle/bintray.gradle b/gradle/bintray.gradle deleted file mode 100644 index db1952ca1..000000000 --- a/gradle/bintray.gradle +++ /dev/null @@ -1,82 +0,0 @@ -/* - * Copyright (c) 2020 Nike, inc. - * - * Licensed under the Apache License, Version 2.0 (the "License") - * you may not use this file except in compliance with the License. - * You may obtain a copy of the License at - * - * http://www.apache.org/licenses/LICENSE-2.0 - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the License is distributed on an "AS IS" BASIS, - * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * See the License for the specific language governing permissions and - * limitations under the License. - */ - -apply plugin: 'maven-publish' -apply plugin: 'com.jfrog.bintray' - -def bintrayUser = project.hasProperty('bintrayUser') ? project.bintrayUser : System.getenv('BINTRAY_USER') ?: '' -def bintrayKey = project.hasProperty('bintrayKey') ? project.bintrayKey : System.getenv('BINTRAY_KEY') ?: '' -def bintrayVersion = "$version" - -bintray { - user = bintrayUser - key = bintrayKey - dryRun = false - publish = true - publications = ['jar'] - - pkg { - repo = 'maven' - name = project.name - userOrg = 'nike' - licenses = ['Apache-2.0'] - websiteUrl = 'https://github.com/Nike-Inc/cerberus' - issueTrackerUrl = 'https://github.com/Nike-Inc/cerberus/issues' - vcsUrl = 'https://github.com/Nike-Inc/cerberus.git' - githubRepo = 'Nike-Inc/cerberus' - - version { - name = bintrayVersion - - gpg { - sign = true - } - } - } -} - - -task sourcesJar(type: Jar) { - from sourceSets.main.allSource - archiveClassifier = 'sources' -} - -task javadocJar(type: Jar, dependsOn: javadoc) { - archiveClassifier = 'javadoc' - from javadoc.destinationDir -} - -tasks.withType(Zip) { task -> - task.doLast { - ant.checksum file: it.archivePath - } -} - -artifacts { - archives javadocJar - archives sourcesJar -} - -publishing { - publications { - jar(MavenPublication) { - from components.java - - artifact sourcesJar - artifact javadocJar - } - } -}