Do 20230607 commons beanutils bump (#1297)

* Move property to module

* Document dependency exclusions, RELEASE_NOTES
This commit is contained in:
dotasek 2023-06-08 15:40:08 -04:00 committed by GitHub
parent 7b05c7514e
commit 05134dc99d
No known key found for this signature in database
GPG Key ID: 4AEE18F83AFDEB23
3 changed files with 16 additions and 4 deletions

View File

@ -4,4 +4,4 @@
## Other code changes ## Other code changes
* no changes * Update commons-beanutils and apache.poi dependencies

View File

@ -14,6 +14,7 @@
<properties> <properties>
<checkstyle_config_location>${project.parent.basedir}</checkstyle_config_location> <checkstyle_config_location>${project.parent.basedir}</checkstyle_config_location>
<info_cqframework_version>1.5.12</info_cqframework_version>
</properties> </properties>
<dependencies> <dependencies>
@ -132,6 +133,13 @@
<groupId>info.cqframework</groupId> <groupId>info.cqframework</groupId>
<artifactId>model</artifactId> <artifactId>model</artifactId>
<version>${info_cqframework_version}</version> <version>${info_cqframework_version}</version>
<exclusions>
<!-- exclude this in favor of 1.9.4 for security reasons -->
<exclusion>
<groupId>commons-beanutils</groupId>
<artifactId>commons-beanutils</artifactId>
</exclusion>
</exclusions>
</dependency> </dependency>
<dependency> <dependency>
<groupId>info.cqframework</groupId> <groupId>info.cqframework</groupId>
@ -153,7 +161,11 @@
<artifactId>qdm</artifactId> <artifactId>qdm</artifactId>
<version>${info_cqframework_version}</version> <version>${info_cqframework_version}</version>
</dependency> </dependency>
<dependency>
<groupId>commons-beanutils</groupId>
<artifactId>commons-beanutils</artifactId>
<version>1.9.4</version>
</dependency>
<!-- OkHttpDependency --> <!-- OkHttpDependency -->
<dependency> <dependency>
<groupId>com.squareup.okhttp3</groupId> <groupId>com.squareup.okhttp3</groupId>

View File

@ -27,7 +27,6 @@
<maven_clean_version>3.1.0</maven_clean_version> <maven_clean_version>3.1.0</maven_clean_version>
<okhttp.version>4.10.0</okhttp.version> <okhttp.version>4.10.0</okhttp.version>
<jacoco_version>0.8.9</jacoco_version> <jacoco_version>0.8.9</jacoco_version>
<info_cqframework_version>1.5.12</info_cqframework_version>
<lombok_version>1.18.22</lombok_version> <lombok_version>1.18.22</lombok_version>
<byte_buddy_version>1.12.14</byte_buddy_version> <byte_buddy_version>1.12.14</byte_buddy_version>
<apache_poi_version>5.2.1</apache_poi_version> <apache_poi_version>5.2.1</apache_poi_version>
@ -177,7 +176,8 @@
<artifactId>poi-ooxml</artifactId> <artifactId>poi-ooxml</artifactId>
<version>${apache_poi_version}</version> <version>${apache_poi_version}</version>
<exclusions> <exclusions>
<exclusion> <!-- declare the exclusion here --> <!-- exclude this because it collides with the needed poi-ooxml-full-->
<exclusion>
<groupId>org.apache.poi</groupId> <groupId>org.apache.poi</groupId>
<artifactId>poi-ooxml-lite</artifactId> <artifactId>poi-ooxml-lite</artifactId>
</exclusion> </exclusion>