Remove vulnerable transitive dependency. Fix checkstyle.

This commit is contained in:
Olga Maciaszek-Sharma
2022-07-01 16:57:29 +02:00
8 changed files with 36 additions and 2 deletions

View File

@@ -17,6 +17,8 @@
<main.basedir>${basedir}/..</main.basedir>
<configprops.inclusionPattern>feign.*</configprops.inclusionPattern>
<upload-docs-zip.phase>deploy</upload-docs-zip.phase>
<!-- Don't upload docs jar to central / repo.spring.io -->
<maven-deploy-plugin-default.phase>none</maven-deploy-plugin-default.phase>
</properties>
<dependencies>
<dependency>

View File

@@ -94,6 +94,13 @@
<dependency>
<groupId>io.github.openfeign.form</groupId>
<artifactId>feign-form-spring</artifactId>
<exclusions>
<!-- Vulnerable in 3.8.0-->
<exclusion>
<groupId>commons-io</groupId>
<artifactId>commons-io</artifactId>
</exclusion>
</exclusions>
</dependency>
<dependency>
<groupId>io.github.openfeign</groupId>
@@ -138,6 +145,10 @@
<groupId>javax.activation</groupId>
<artifactId>javax.activation-api</artifactId>
</exclusion>
<exclusion>
<groupId>com.sun.activation</groupId>
<artifactId>jakarta.activation</artifactId>
</exclusion>
</exclusions>
</dependency>
<dependency>
@@ -198,6 +209,12 @@
<artifactId>spring-cloud-loadbalancer</artifactId>
<optional>true</optional>
</dependency>
<dependency>
<groupId>commons-io</groupId>
<artifactId>commons-io</artifactId>
<version>2.11.0</version>
<scope>test</scope>
</dependency>
</dependencies>
<profiles>
<profile>

View File

@@ -346,6 +346,7 @@ public class FeignAutoConfiguration {
@Configuration(proxyBeanMethods = false)
@ConditionalOnClass(OAuth2ClientContext.class)
@ConditionalOnProperty("spring.cloud.openfeign.oauth2.enabled")
@Deprecated // spring-security-oauth2 reached EOL
protected static class Oauth2FeignConfiguration {
@ConditionalOnBean({ RetryLoadBalancerInterceptor.class, OAuth2ClientContext.class,

View File

@@ -43,6 +43,7 @@ import org.springframework.security.oauth2.common.OAuth2AccessToken;
* @author Tim Ysewyn
* @since 3.0.0
*/
@Deprecated // spring-security-oauth2 reached EOL
public class OAuth2FeignRequestInterceptor implements RequestInterceptor {
/**

View File

@@ -27,9 +27,14 @@ import org.springframework.cloud.openfeign.encoding.app.domain.Invoice;
* Utility class used for testing.
*
* @author Jakub Narloch
* @author Olga Maciaszek-Sharma
*/
final class Invoices {
private Invoices() {
throw new IllegalStateException("Can't instantiate a utility class");
}
public static List<Invoice> createInvoiceList(int count) {
final List<Invoice> invoices = new ArrayList<>();
for (int ind = 0; ind < count; ind++) {

View File

@@ -24,8 +24,13 @@ import static org.assertj.core.api.Assertions.assertThat;
* {@link Object#equals(Object)} and {@link Object#hashCode()}.
*
* @author Jonatan Ivanov
* @author Olga Maciaszek-Sharma
*/
public class EqualsAndHashCodeAssert {
public final class EqualsAndHashCodeAssert {
private EqualsAndHashCodeAssert() {
throw new IllegalStateException("Can't instantiate a utility class");
}
/**
* Checks if equals is reflexive: for any non-null reference value x, x.equals(x)

View File

@@ -17,7 +17,8 @@
<properties>
<feign.version>11.8</feign.version>
<feign-form.version>3.8.0</feign-form.version>
<spring-security-oauth2-autoconfigure.version>2.1.2.RELEASE</spring-security-oauth2-autoconfigure.version>
<!-- Deprecated - reached EOL -->
<spring-security-oauth2-autoconfigure.version>2.5.2</spring-security-oauth2-autoconfigure.version>
</properties>
<dependencyManagement>
<dependencies>

View File

@@ -12,6 +12,8 @@
<suppress files=".*ProtobufSpringEncoderTest.*" checks="LineLengthCheck" />
<suppress files=".*ProtobufTest.*" checks="LineLengthCheck" />
<suppress files=".*Hello.*" checks="RedundantModifier"/>
<suppress files=".*test.*" checks="JavadocStyle"/>
<suppress files=".*test.*" checks="JavadocVariable"/>
<!-- Important -->
<suppress files=".*HttpEncoding.*" checks="InterfaceIsTypeCheck" />
</suppressions>