From 9efe6bcdeb953cb26d2f0e446657c0a38d88572a Mon Sep 17 00:00:00 2001 From: "dependabot[bot]" <49699333+dependabot[bot]@users.noreply.github.com> Date: Mon, 26 Apr 2021 18:56:13 +0000 Subject: [PATCH 1/5] Bump commons-io from 2.4 to 2.7 Bumps commons-io from 2.4 to 2.7. Signed-off-by: dependabot[bot] --- pom.xml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/pom.xml b/pom.xml index ecff6cbc..ada7b12a 100644 --- a/pom.xml +++ b/pom.xml @@ -39,7 +39,7 @@ commons-io commons-io - 2.4 + 2.7 org.slf4j From 34cf4ed374b2fb4017eca569642f19b7819593d2 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Oph=C3=A9lie=20Bibonne?= <59668260+ORogel@users.noreply.github.com> Date: Wed, 19 Oct 2022 11:07:41 +0200 Subject: [PATCH 2/5] upgrading version --- pom.xml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/pom.xml b/pom.xml index 97ff1bcd..49b8c9c8 100644 --- a/pom.xml +++ b/pom.xml @@ -5,7 +5,7 @@ fr.insee.lunatic lunatic-model jar - 2.2.13 + 2.3.0 Lunatic Model Classes and converters for the Lunatic model http://www.insee.fr From 6d8b1b93a1e5527125842b48fbf91c40e31b9e8c Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Oph=C3=A9lie=20Bibonne?= <59668260+ORogel@users.noreply.github.com> Date: Wed, 19 Oct 2022 12:36:20 +0200 Subject: [PATCH 3/5] upgrade version --- pom.xml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/pom.xml b/pom.xml index e95dcdce..49b8c9c8 100644 --- a/pom.xml +++ b/pom.xml @@ -5,7 +5,7 @@ fr.insee.lunatic lunatic-model jar - 2.2.14-rc + 2.3.0 Lunatic Model Classes and converters for the Lunatic model http://www.insee.fr From afd0f1b420eb2953b3bcfb350019bcf5463872bd Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Oph=C3=A9lie=20Bibonne?= <59668260+ORogel@users.noreply.github.com> Date: Wed, 19 Oct 2022 12:57:23 +0200 Subject: [PATCH 4/5] upgrading version --- pom.xml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/pom.xml b/pom.xml index 49b8c9c8..188ace79 100644 --- a/pom.xml +++ b/pom.xml @@ -5,7 +5,7 @@ fr.insee.lunatic lunatic-model jar - 2.3.0 + 2.3.1 Lunatic Model Classes and converters for the Lunatic model http://www.insee.fr From 95730d4e345c57e091e452f77a7d339cf54b982f Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Nicolas=20S=C3=A9nave?= <59770457+nsenave@users.noreply.github.com> Date: Wed, 19 Apr 2023 10:05:25 +0200 Subject: [PATCH 5/5] Build/upgrades (#88) * build: upgrade log4j-slf4j-impl Upgrade `log4j-slf4j-impl` dependency Version `2.17.0` has vulnerabilities from dependencies * build: remove xalan (unused and vulnerable) * build: update links with https * build: update pom schema Update POM's schema location with https See https://maven.apache.org/pom.html#quick-overview --- pom.xml | 13 ++++--------- 1 file changed, 4 insertions(+), 9 deletions(-) diff --git a/pom.xml b/pom.xml index 7c3dc856..7691c2a5 100644 --- a/pom.xml +++ b/pom.xml @@ -1,6 +1,6 @@ + xsi:schemaLocation="http://maven.apache.org/POM/4.0.0 https://maven.apache.org/maven-v4_0_0.xsd"> 4.0.0 fr.insee.lunatic lunatic-model @@ -10,7 +10,7 @@ Lunatic Model Classes and converters for the Lunatic model - http://www.insee.fr + https://www.insee.fr 9.7.0-8 @@ -21,7 +21,7 @@ MIT License - http://www.opensource.org/licenses/mit-license.php + https://www.opensource.org/licenses/mit-license.php repo @@ -72,15 +72,10 @@ Saxon-HE ${saxon.version} - - xalan - xalan - 2.7.1 - org.apache.logging.log4j log4j-slf4j-impl - 2.17.0 + 2.20.0 test