From 704dcb1e35be5921c313b2a427165d61491273f7 Mon Sep 17 00:00:00 2001 From: Sylwester Lachiewicz Date: Wed, 3 May 2023 11:38:11 +0200 Subject: [PATCH] Update dependencies used in test to more recent ones with less CVE --- pom.xml | 14 +++++++------- .../classworlds/launcher/ConfiguratorTest.java | 9 ++++++--- src/test/test-data/optionally-existent.conf | 2 +- src/test/test-data/valid.conf | 10 +++++----- 4 files changed, 19 insertions(+), 16 deletions(-) diff --git a/pom.xml b/pom.xml index ef77375c..16255bb4 100644 --- a/pom.xml +++ b/pom.xml @@ -186,17 +186,17 @@ org.apache.ant ant - 1.9.0 + 1.10.13 - commons-logging - commons-logging - 1.0.3 + org.apache.logging.log4j + log4j-api + 2.20.0 - xml-apis - xml-apis - 1.3.02 + jakarta.xml.bind + jakarta.xml.bind-api + 4.0.0 ${project.build.directory}/test-lib diff --git a/src/test/java/org/codehaus/plexus/classworlds/launcher/ConfiguratorTest.java b/src/test/java/org/codehaus/plexus/classworlds/launcher/ConfiguratorTest.java index 5dfd57f9..8c5aae5a 100644 --- a/src/test/java/org/codehaus/plexus/classworlds/launcher/ConfiguratorTest.java +++ b/src/test/java/org/codehaus/plexus/classworlds/launcher/ConfiguratorTest.java @@ -169,11 +169,14 @@ void testConfigure_Valid() assertSame( null, antRealm.getImportClassLoader( "org.apache.tools.Ant" ) ); - assertSame( xmlRealm, antRealm.getImportClassLoader( "org.xml.sax.SAXException" ) ); + // Ant has dependency to xerces:xercesImpl (test) + assertSame( null, antRealm.getImportClassLoader( "org.xml.sax.SAXException" ) ); + + assertSame( xmlRealm, antRealm.getImportClassLoader( "jakarta.xml.bind.JAXBException" ) ); assertSame( null, mavenRealm.getImportClassLoader( "org.apache.maven.app.App" ) ); - assertSame( xmlRealm, mavenRealm.getImportClassLoader( "org.xml.sax.SAXException" ) ); + assertSame( xmlRealm, mavenRealm.getImportClassLoader( "jakarta.xml.bind.JAXBException" ) ); URL[] urls = globRealm.getURLs(); @@ -233,7 +236,7 @@ void testConfigure_Optionally_Existent() assertEquals( 1, urls.length , "one url"); - assertSame( null, optRealm.getImportClassLoader( "org.xml.sax.SAXException" ) ); + assertSame( null, optRealm.getImportClassLoader( "jakarta.xml.bind.JAXBException" ) ); } @Test diff --git a/src/test/test-data/optionally-existent.conf b/src/test/test-data/optionally-existent.conf index c16ea781..33b3912b 100644 --- a/src/test/test-data/optionally-existent.conf +++ b/src/test/test-data/optionally-existent.conf @@ -10,5 +10,5 @@ main is org.apache.maven.app.App from opt # ------------------------------------------------------------ [opt] - optionally ${basedir}/target/test-lib/xml-apis-1.3.02.jar + optionally ${basedir}/target/test-lib/jakarta.xml.bind-api-4.0.0.jar diff --git a/src/test/test-data/valid.conf b/src/test/test-data/valid.conf index 867f5b80..18870028 100644 --- a/src/test/test-data/valid.conf +++ b/src/test/test-data/valid.conf @@ -10,15 +10,15 @@ main is org.apache.maven.app.App from maven # ------------------------------------------------------------ [xml] - load ${basedir}/target/test-lib/xml-apis-1.3.02.jar + load ${basedir}/target/test-lib/jakarta.xml.bind-api-4.0.0.jar [ant] - import org.xml.sax from xml - load ${basedir}/target/test-lib/ant-1.9.0.jar + import jakarta.xml.bind from xml + load ${basedir}/target/test-lib/ant-1.10.13.jar [maven] - import org.xml.sax from xml - load ${basedir}/target/test-lib/commons-logging-1.0.3.jar + import jakarta.xml.bind from xml + load ${basedir}/target/test-lib/log4j-api-2.20.0.jar [glob] load ${basedir}/src/test/test-data/*.jar