honeymoose
/
org.hl7.fhir.core
mirror of https://github.com/hapifhir/org.hl7.fhir.core.git
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity

Merge pull request #1394 from hapifhir/do-20230815-bump-okhttp-dependencies 

Bump okhttp dependency, exclude vulnerable transitives
This commit is contained in:
Grahame Grieve 2023-08-16 19:26:49 +10:00 committed by GitHub
parent b58cb3fe9f 1711abc322
commit 96497d2522
No known key found for this signature in database
GPG Key ID: 4AEE18F83AFDEB23
8 changed files with 106 additions and 3 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

10
org.hl7.fhir.dstu3/pom.xml
View File

@ -61,6 +61,16 @@
<artifactId>okhttp</artifactId> <artifactId>okhttp</artifactId>
<optional>true</optional> <optional>true</optional>
</dependency> </dependency>
<dependency>
<groupId>com.squareup.okio</groupId>
<artifactId>okio</artifactId>
<optional>true</optional>
</dependency>
<dependency>
<groupId>com.squareup.okio</groupId>
<artifactId>okio-jvm</artifactId>
<optional>true</optional>
</dependency>
<!-- Apache POI --> <!-- Apache POI -->
<dependency> <dependency>

12
org.hl7.fhir.r4/pom.xml
View File

@ -68,11 +68,23 @@
<artifactId>httpclient</artifactId> <artifactId>httpclient</artifactId>
<optional>true</optional> <optional>true</optional>
</dependency> </dependency>
<dependency> <dependency>
<groupId>com.squareup.okhttp3</groupId> <groupId>com.squareup.okhttp3</groupId>
<artifactId>okhttp</artifactId> <artifactId>okhttp</artifactId>
<optional>true</optional> <optional>true</optional>
</dependency> </dependency>
<dependency>
<groupId>com.squareup.okio</groupId>
<artifactId>okio</artifactId>
<optional>true</optional>
</dependency>
<dependency>
<groupId>com.squareup.okio</groupId>
<artifactId>okio-jvm</artifactId>
<optional>true</optional>
</dependency>
<dependency> <dependency>
<groupId>org.hl7.fhir.testcases</groupId> <groupId>org.hl7.fhir.testcases</groupId>
<artifactId>fhir-test-cases</artifactId> <artifactId>fhir-test-cases</artifactId>

10
org.hl7.fhir.r4b/pom.xml
View File

@ -78,6 +78,16 @@
<optional>true</optional> <optional>true</optional>
<scope>test</scope> <scope>test</scope>
</dependency> </dependency>
<dependency>
<groupId>com.squareup.okio</groupId>
<artifactId>okio</artifactId>
<optional>true</optional>
</dependency>
<dependency>
<groupId>com.squareup.okio</groupId>
<artifactId>okio-jvm</artifactId>
<optional>true</optional>
</dependency>
<!-- Apache POI --> <!-- Apache POI -->
<dependency> <dependency>

10
org.hl7.fhir.r5/pom.xml
View File

@ -106,6 +106,16 @@
<artifactId>logging-interceptor</artifactId> <artifactId>logging-interceptor</artifactId>
<optional>true</optional> <optional>true</optional>
</dependency> </dependency>
<dependency>
<groupId>com.squareup.okio</groupId>
<artifactId>okio</artifactId>
<optional>true</optional>
</dependency>
<dependency>
<groupId>com.squareup.okio</groupId>
<artifactId>okio-jvm</artifactId>
<optional>true</optional>
</dependency>
<dependency> <dependency>
<groupId>org.projectlombok</groupId> <groupId>org.projectlombok</groupId>

12
org.hl7.fhir.utilities/pom.xml
View File

@ -52,6 +52,18 @@
<optional>true</optional> <optional>true</optional>
</dependency> </dependency>
<dependency>
<groupId>com.squareup.okio</groupId>
<artifactId>okio</artifactId>
<optional>true</optional>
</dependency>
<dependency>
<groupId>com.squareup.okio</groupId>
<artifactId>okio-jvm</artifactId>
<optional>true</optional>
</dependency>
<dependency> <dependency>
<groupId>org.projectlombok</groupId> <groupId>org.projectlombok</groupId>
<artifactId>lombok</artifactId> <artifactId>lombok</artifactId>

14
org.hl7.fhir.validation.cli/pom.xml
View File

@ -242,6 +242,20 @@
<scope>compile</scope> <scope>compile</scope>
</dependency> </dependency>
<dependency>
<groupId>com.squareup.okio</groupId>
<artifactId>okio</artifactId>
<optional>false</optional>
<scope>compile</scope>
</dependency>
<dependency>
<groupId>com.squareup.okio</groupId>
<artifactId>okio-jvm</artifactId>
<optional>false</optional>
<scope>compile</scope>
</dependency>
<dependency> <dependency>
<groupId>org.antlr</groupId> <groupId>org.antlr</groupId>
<artifactId>ST4</artifactId> <artifactId>ST4</artifactId>

12
org.hl7.fhir.validation/pom.xml
View File

@ -173,6 +173,18 @@
<optional>true</optional> <optional>true</optional>
</dependency> </dependency>
<dependency>
<groupId>com.squareup.okio</groupId>
<artifactId>okio</artifactId>
<optional>true</optional>
</dependency>
<dependency>
<groupId>com.squareup.okio</groupId>
<artifactId>okio-jvm</artifactId>
<optional>true</optional>
</dependency>
<!-- Lombok Until I get Around to Rewriting Everything in Kotlin --> <!-- Lombok Until I get Around to Rewriting Everything in Kotlin -->
<dependency> <dependency>
<groupId>org.projectlombok</groupId> <groupId>org.projectlombok</groupId>

27
pom.xml
View File

@ -26,7 +26,7 @@
<junit_platform_launcher_version>1.8.2</junit_platform_launcher_version> <junit_platform_launcher_version>1.8.2</junit_platform_launcher_version>
<maven_surefire_version>3.0.0-M5</maven_surefire_version> <maven_surefire_version>3.0.0-M5</maven_surefire_version>
<maven_clean_version>3.1.0</maven_clean_version> <maven_clean_version>3.1.0</maven_clean_version>
<okhttp.version>4.10.0</okhttp.version> <okhttp.version>4.11.0</okhttp.version>
<jacoco_version>0.8.9</jacoco_version> <jacoco_version>0.8.9</jacoco_version>
<lombok_version>1.18.22</lombok_version> <lombok_version>1.18.22</lombok_version>
<byte_buddy_version>1.12.14</byte_buddy_version> <byte_buddy_version>1.12.14</byte_buddy_version>
@ -206,15 +206,38 @@
<groupId>org.jetbrains</groupId> <groupId>org.jetbrains</groupId>
<artifactId>annotations</artifactId> <artifactId>annotations</artifactId>
</exclusion> </exclusion>
<exclusion>
<groupId>com.squareup.okio</groupId>
<artifactId>okio</artifactId>
</exclusion>
<!-- Excluding brotli impl until https://github.com/square/okhttp/issues/7738 is resolved -->
<exclusion>
<groupId>com.squareup.okhttp3</groupId>
<artifactId>okhttp-brotli</artifactId>
</exclusion>
<exclusion>
<groupId>com.squareup.okio</groupId>
<artifactId>okio-jvm</artifactId>
</exclusion>
</exclusions> </exclusions>
</dependency> </dependency>
<!-- Included because okttp3 used a vulnerable version --> <!-- Included because okttp3 used vulnerable versions -->
<dependency> <dependency>
<groupId>org.jetbrains</groupId> <groupId>org.jetbrains</groupId>
<artifactId>annotations</artifactId> <artifactId>annotations</artifactId>
<version>16.0.1</version> <version>16.0.1</version>
</dependency> </dependency>
<dependency>
<groupId>com.squareup.okio</groupId>
<artifactId>okio</artifactId>
<version>3.4.0</version>
</dependency>
<dependency>
<groupId>com.squareup.okio</groupId>
<artifactId>okio-jvm</artifactId>
<version>3.4.0</version>
</dependency>
<dependency> <dependency>
<groupId>com.squareup.okhttp3</groupId> <groupId>com.squareup.okhttp3</groupId>