honeymoose
/
org.hl7.fhir.core
mirror of https://github.com/hapifhir/org.hl7.fhir.core.git
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity

Bump okhttp dependency, exclude vulnerable transitives

This commit is contained in:
dotasek 2023-08-15 12:52:01 -04:00
parent ebd92e4d5f
commit dacc73a114
8 changed files with 112 additions and 13 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

10
org.hl7.fhir.dstu3/pom.xml
View File

@ -61,6 +61,16 @@
<artifactId>okhttp</artifactId>
<optional>true</optional>
</dependency>
<dependency>
<groupId>com.squareup.okio</groupId>
<artifactId>okio</artifactId>
<optional>true</optional>
</dependency>
<dependency>
<groupId>com.squareup.okio</groupId>
<artifactId>okio-jvm</artifactId>
<optional>true</optional>
</dependency>
<!-- Apache POI -->
<dependency>

12
org.hl7.fhir.r4/pom.xml
View File

@ -68,11 +68,23 @@
<artifactId>httpclient</artifactId>
<optional>true</optional>
</dependency>
<dependency>
<groupId>com.squareup.okhttp3</groupId>
<artifactId>okhttp</artifactId>
<optional>true</optional>
</dependency>
<dependency>
<groupId>com.squareup.okio</groupId>
<artifactId>okio</artifactId>
<optional>true</optional>
</dependency>
<dependency>
<groupId>com.squareup.okio</groupId>
<artifactId>okio-jvm</artifactId>
<optional>true</optional>
</dependency>
<dependency>
<groupId>org.hl7.fhir.testcases</groupId>
<artifactId>fhir-test-cases</artifactId>

12
org.hl7.fhir.r4b/pom.xml
View File

@ -78,7 +78,17 @@
<optional>true</optional>
<scope>test</scope>
</dependency>
<dependency>
<groupId>com.squareup.okio</groupId>
<artifactId>okio</artifactId>
<optional>true</optional>
</dependency>
<dependency>
<groupId>com.squareup.okio</groupId>
<artifactId>okio-jvm</artifactId>
<optional>true</optional>
</dependency>
<!-- Apache POI -->
<dependency>
<groupId>org.apache.poi</groupId>

10
org.hl7.fhir.r5/pom.xml
View File

@ -106,6 +106,16 @@
<artifactId>logging-interceptor</artifactId>
<optional>true</optional>
</dependency>
<dependency>
<groupId>com.squareup.okio</groupId>
<artifactId>okio</artifactId>
<optional>true</optional>
</dependency>
<dependency>
<groupId>com.squareup.okio</groupId>
<artifactId>okio-jvm</artifactId>
<optional>true</optional>
</dependency>
<dependency>
<groupId>org.projectlombok</groupId>

12
org.hl7.fhir.utilities/pom.xml
View File

@ -52,6 +52,18 @@
<optional>true</optional>
</dependency>
<dependency>
<groupId>com.squareup.okio</groupId>
<artifactId>okio</artifactId>
<optional>true</optional>
</dependency>
<dependency>
<groupId>com.squareup.okio</groupId>
<artifactId>okio-jvm</artifactId>
<optional>true</optional>
</dependency>
<dependency>
<groupId>org.projectlombok</groupId>
<artifactId>lombok</artifactId>

14
org.hl7.fhir.validation.cli/pom.xml
View File

@ -234,6 +234,20 @@
<scope>compile</scope>
</dependency>
<dependency>
<groupId>com.squareup.okio</groupId>
<artifactId>okio</artifactId>
<optional>false</optional>
<scope>compile</scope>
</dependency>
<dependency>
<groupId>com.squareup.okio</groupId>
<artifactId>okio-jvm</artifactId>
<optional>false</optional>
<scope>compile</scope>
</dependency>
<dependency>
<groupId>org.antlr</groupId>
<artifactId>ST4</artifactId>

18
org.hl7.fhir.validation/pom.xml
View File

@ -173,6 +173,18 @@
<optional>true</optional>
</dependency>
<dependency>
<groupId>com.squareup.okio</groupId>
<artifactId>okio</artifactId>
<optional>true</optional>
</dependency>
<dependency>
<groupId>com.squareup.okio</groupId>
<artifactId>okio-jvm</artifactId>
<optional>true</optional>
</dependency>
<!-- Lombok Until I get Around to Rewriting Everything in Kotlin -->
<dependency>
<groupId>org.projectlombok</groupId>
@ -208,11 +220,7 @@
<artifactId>jackson-databind</artifactId>
<version>${jackson_version}</version>
</dependency>
<dependency>
<groupId>org.thymeleaf</groupId>
<artifactId>thymeleaf</artifactId>
<version>3.1.1.RELEASE</version>
</dependency>
<dependency>
<groupId>com.google.guava</groupId>
<artifactId>guava</artifactId>

37
pom.xml
View File

@ -26,7 +26,7 @@
<junit_platform_launcher_version>1.8.2</junit_platform_launcher_version>
<maven_surefire_version>3.0.0-M5</maven_surefire_version>
<maven_clean_version>3.1.0</maven_clean_version>
<okhttp.version>4.10.0</okhttp.version>
<okhttp.version>4.11.0</okhttp.version>
<jacoco_version>0.8.9</jacoco_version>
<lombok_version>1.18.22</lombok_version>
<byte_buddy_version>1.12.14</byte_buddy_version>
@ -165,11 +165,11 @@
<version>${saxon_he_version}</version>
</dependency>
<dependency>
<groupId>mysql</groupId>
<artifactId>mysql-connector-java</artifactId>
<version>8.0.30</version>
</dependency>
<dependency>
<groupId>mysql</groupId>
<artifactId>mysql-connector-java</artifactId>
<version>8.0.30</version>
</dependency>
<!-- Apache POI -->
<dependency>
@ -206,15 +206,38 @@
<groupId>org.jetbrains</groupId>
<artifactId>annotations</artifactId>
</exclusion>
<exclusion>
<groupId>com.squareup.okio</groupId>
<artifactId>okio</artifactId>
</exclusion>
<!-- Excluding brotli impl until https://github.com/square/okhttp/issues/7738 is resolved -->
<exclusion>
<groupId>com.squareup.okhttp3</groupId>
<artifactId>okhttp-brotli</artifactId>
</exclusion>
<exclusion>
<groupId>com.squareup.okio</groupId>
<artifactId>okio-jvm</artifactId>
</exclusion>
</exclusions>
</dependency>
<!-- Included because okttp3 used a vulnerable version -->
<!-- Included because okttp3 used vulnerable versions -->
<dependency>
<groupId>org.jetbrains</groupId>
<artifactId>annotations</artifactId>
<version>16.0.1</version>
</dependency>
<dependency>
<groupId>com.squareup.okio</groupId>
<artifactId>okio</artifactId>
<version>3.4.0</version>
</dependency>
<dependency>
<groupId>com.squareup.okio</groupId>
<artifactId>okio-jvm</artifactId>
<version>3.4.0</version>
</dependency>
<dependency>
<groupId>com.squareup.okhttp3</groupId>