diff --git a/.github/SECURITY.md b/.github/SECURITY.md index 91b2d0a47f..a26cd35cf0 100644 --- a/.github/SECURITY.md +++ b/.github/SECURITY.md @@ -1,7 +1,7 @@ # Reporting Security Issues -If you discover a security issue, please use GitHub's mechanism for [privately reporting a vulnerability]. -Under the main repository's [security tab], click "Report a vulnerability" to open the advisory form. +If you discover a security issue, please use GitHub's mechanism for [privately reporting a vulnerability][]. +Under the main repository's [security tab][], click "Report a vulnerability" to open the advisory form. Thanks for helping make everyone safer. diff --git a/gradle/libs.versions.toml b/gradle/libs.versions.toml index aab0b2989f..a0f0707c2e 100644 --- a/gradle/libs.versions.toml +++ b/gradle/libs.versions.toml @@ -64,6 +64,7 @@ jsoup = "1.17.2" junit-testng = "1.0.5" junit4 = "4.13.2" junit5 = "5.11.0-M2" +jvm-dependency-conflict-resolution = "2.0" kotlin = "1.9.24" lincheck = "2.29" mockito = "5.12.0" @@ -105,7 +106,6 @@ auto-value-processor = { module = "com.google.auto.value:auto-value", version.re awaitility = { module = "org.awaitility:awaitility", version.ref = "awaitility" } bcel = { module = "org.apache.bcel:bcel", version.ref = "bcel" } bnd = { module = "biz.aQute.bnd:biz.aQute.bnd.gradle", version.ref = "bnd" } -bouncycastle-jdk15on = { module = "org.bouncycastle:bcprov-jdk15on", version.ref = "bouncycastle-jdk15on" } bouncycastle-jdk18on = { module = "org.bouncycastle:bcprov-jdk18on", version.ref = "bouncycastle-jdk18on" } cache2k = { module = "org.cache2k:cache2k-core", version.ref = "cache2k" } caffeine = { module = "com.github.ben-manes.caffeine:caffeine", version.ref = "caffeine" } @@ -177,6 +177,7 @@ junit5-bom = { module = "org.junit:junit-bom", version.ref = "junit5" } junit5-launcher = { module = "org.junit.platform:junit-platform-launcher" } junit5-testng = { module = "org.junit.support:testng-engine", version.ref = "junit-testng" } junit5-vintage = { module = "org.junit.vintage:junit-vintage-engine", version.ref = "junit5" } +jvm-dependency-conflict-resolution = { module = "org.gradlex:jvm-dependency-conflict-resolution", version.ref = "jvm-dependency-conflict-resolution" } kotlin-bom = { module = "org.jetbrains.kotlin:kotlin-bom", version.ref = "kotlin" } lincheck = { module = "org.jetbrains.kotlinx:lincheck-jvm", version.ref = "lincheck" } mockito = { module = "org.mockito:mockito-core", version.ref = "mockito" } @@ -219,9 +220,8 @@ zstd = { module = "com.github.luben:zstd-jni", version.ref = "zstd" } [bundles] coherence = ["coherence-core", "json-bind"] -constraints = ["bcel", "bouncycastle-jdk15on", "bouncycastle-jdk18on", "commons-compress", - "commons-text", "h2", "httpclient", "guava", "jcommander", "jgit", "jsoup", "protobuf", - "snakeyaml" ] +constraints = ["bcel", "bouncycastle-jdk18on", "commons-compress", "commons-text", "h2", + "httpclient", "guava", "jcommander", "jgit", "jsoup", "protobuf", "snakeyaml" ] errorprone-support = [ "errorprone-support", "errorprone-support-refaster" ] jmh = ["jmh-core", "jmh-plugin", "jmh-report"] junit = ["junit4", "junit5"] diff --git a/gradle/plugins/build.gradle.kts b/gradle/plugins/build.gradle.kts index 743ee170de..2fd0d220e9 100644 --- a/gradle/plugins/build.gradle.kts +++ b/gradle/plugins/build.gradle.kts @@ -32,6 +32,7 @@ dependencies { implementation(libs.dependency.check) implementation(libs.errorprone.plugin) implementation(libs.dependency.versions) + implementation(libs.jvm.dependency.conflict.resolution) implementation(libs.coveralls) { exclude(group = "net.sourceforge.nekohtml", module = "nekohtml") } diff --git a/gradle/plugins/src/main/kotlin/lifecycle/base-caffeine-conventions.gradle.kts b/gradle/plugins/src/main/kotlin/lifecycle/base-caffeine-conventions.gradle.kts index b32c99c70f..e954e3ecb3 100644 --- a/gradle/plugins/src/main/kotlin/lifecycle/base-caffeine-conventions.gradle.kts +++ b/gradle/plugins/src/main/kotlin/lifecycle/base-caffeine-conventions.gradle.kts @@ -2,6 +2,7 @@ plugins { idea `jvm-ecosystem` id("eclipse-caffeine-conventions") + id("org.gradlex.jvm-dependency-conflict-resolution") } dependencies { diff --git a/gradle/plugins/src/main/kotlin/lifecycle/testing-caffeine-conventions.gradle.kts b/gradle/plugins/src/main/kotlin/lifecycle/testing-caffeine-conventions.gradle.kts index 7e4698bb12..1afd0b0509 100644 --- a/gradle/plugins/src/main/kotlin/lifecycle/testing-caffeine-conventions.gradle.kts +++ b/gradle/plugins/src/main/kotlin/lifecycle/testing-caffeine-conventions.gradle.kts @@ -6,12 +6,6 @@ plugins { `java-library` } -configurations.configureEach { - resolutionStrategy.dependencySubstitution { - substitute(module("org.hamcrest:hamcrest-core")).using(module(libs.hamcrest.get().toString())) - } -} - dependencies { testImplementation(libs.guava) testImplementation(libs.guice) diff --git a/gradle/plugins/src/main/kotlin/quality/checkstyle-caffeine-conventions.gradle.kts b/gradle/plugins/src/main/kotlin/quality/checkstyle-caffeine-conventions.gradle.kts index dcbfbee400..5e5ffc1b5a 100644 --- a/gradle/plugins/src/main/kotlin/quality/checkstyle-caffeine-conventions.gradle.kts +++ b/gradle/plugins/src/main/kotlin/quality/checkstyle-caffeine-conventions.gradle.kts @@ -4,13 +4,6 @@ plugins { val checkstyleConfig: Configuration by configurations.creating -configurations.checkstyle.configure { - resolutionStrategy.dependencySubstitution { - substitute(module("com.google.collections:google-collections")) - .using(module(libs.guava.asProvider().get().toString())) - } -} - dependencies { checkstyleConfig(libs.checkstyle) { isTransitive = false