From 3307cddb9e72aaef6dbfe98b61f52246f775d3ac Mon Sep 17 00:00:00 2001 From: TheSilentCoder <184309164+ThatSilentCoder@users.noreply.github.com> Date: Fri, 22 Nov 2024 10:58:20 -0500 Subject: [PATCH] issue_863: finished updating dependency versions. Ready for PR --- HIRS_AttestationCA/build.gradle | 37 ++++---- HIRS_AttestationCAPortal/build.gradle | 22 ++--- HIRS_Structs/build.gradle | 6 ++ HIRS_Utils/build.gradle | 25 +++--- gradle/versions.toml | 70 +++++++-------- tools/tcg_eventlog_tool/build.gradle | 87 +++++++++---------- tools/tcg_rim_tool/build.gradle | 15 ++-- .../main/java/hirs/swid/SwidTagGateway.java | 20 +++-- 8 files changed, 148 insertions(+), 134 deletions(-) diff --git a/HIRS_AttestationCA/build.gradle b/HIRS_AttestationCA/build.gradle index 09dc726e1..5c245f202 100644 --- a/HIRS_AttestationCA/build.gradle +++ b/HIRS_AttestationCA/build.gradle @@ -28,40 +28,41 @@ dependencies { implementation project(':HIRS_Structs') - implementation libs.spring.data.jpa.datatables - implementation libs.spring.boot.starter.data.jpa - implementation libs.spring.retry - implementation libs.spring.boot.starter.web - implementation libs.bouncycastle implementation libs.commons.codec + implementation libs.commons.io implementation libs.commons.lang3 - implementation libs.jakarta.persistence.api - implementation libs.jakarta.xml implementation libs.hibernate.core - implementation libs.pci implementation libs.guava implementation libs.jackson.core implementation libs.jackson.databind - implementation libs.minimal.json - implementation libs.protobuf.java + implementation libs.jakarta.persistence.api + implementation libs.jakarta.xml implementation libs.log4j.api implementation libs.log4j.core + implementation libs.minimal.json + implementation libs.pci + implementation libs.protobuf.java + implementation libs.spring.data.jpa.datatables + implementation libs.spring.boot.starter.data.jpa + implementation libs.spring.retry + implementation libs.spring.boot.starter.web - testImplementation libs.apache.commons.io + compileOnly libs.lombok + annotationProcessor libs.lombok + + compileOnly libs.spotbugs.annotations + annotationProcessor libs.spotbugs.annotations + + testImplementation libs.commons.io testImplementation libs.hamcrest testImplementation libs.junit.jupiter testImplementation libs.junit.platform.launcher testImplementation libs.mockito.core testImplementation libs.spring.test - compileOnly libs.spotbugs.annotations - annotationProcessor libs.spotbugs.annotations - - // spring management - compileOnly libs.lombok - implementation libs.lombok - annotationProcessor libs.lombok + testCompileOnly libs.lombok + testAnnotationProcessor libs.lombok } checkstyle { toolVersion = '10.12.7' diff --git a/HIRS_AttestationCAPortal/build.gradle b/HIRS_AttestationCAPortal/build.gradle index 9e6290130..9f10098a4 100644 --- a/HIRS_AttestationCAPortal/build.gradle +++ b/HIRS_AttestationCAPortal/build.gradle @@ -42,33 +42,33 @@ dependencies { implementation project(':HIRS_Utils') implementation project(':HIRS_AttestationCA') - implementation libs.pci - implementation libs.gson implementation libs.bouncycastle + implementation libs.commons.fileupload + implementation libs.gson implementation libs.guava - implementation libs.jakarta.servlet implementation libs.jakarta.persistence.api + implementation libs.jakarta.servlet implementation libs.jakarta.xml - - //implementation libs. - + implementation libs.log4j.spring.boot + implementation libs.mariadb.java.client + implementation libs.pci implementation libs.spring.boot.starter.web implementation libs.spring.boot.starter.validation implementation libs.spring.boot.starter.data.jpa implementation libs.spring.boot.starter.log4j2 - implementation libs.log4j.spring.boot - implementation libs.lombok - implementation libs.commons.fileupload implementation libs.tomcat.embed.jasper compileOnly libs.lombok - implementation libs.mariadb.java.client annotationProcessor libs.lombok + providedRuntime libs.spring.boot.starter.tomcat - testImplementation libs.spring.boot.starter.test testImplementation libs.junit.jupiter testImplementation libs.hsqldb + testImplementation libs.spring.boot.starter.test + + testCompileOnly libs.lombok + testAnnotationProcessor libs.lombok } checkstyle { diff --git a/HIRS_Structs/build.gradle b/HIRS_Structs/build.gradle index b363392b4..d55c57bf5 100644 --- a/HIRS_Structs/build.gradle +++ b/HIRS_Structs/build.gradle @@ -18,10 +18,16 @@ repositories { dependencies { implementation libs.commons.lang3 + compileOnly libs.lombok + annotationProcessor libs.lombok + // testCompile libs.mockito testImplementation libs.junit.jupiter testImplementation libs.junit.platform.launcher testImplementation libs.hamcrest + + testCompileOnly libs.lombok + testAnnotationProcessor libs.lombok } test { diff --git a/HIRS_Utils/build.gradle b/HIRS_Utils/build.gradle index 6f1d0695a..2b58380eb 100644 --- a/HIRS_Utils/build.gradle +++ b/HIRS_Utils/build.gradle @@ -28,31 +28,32 @@ configurations { dependencies { implementation libs.bouncycastle - implementation libs.lombok + implementation libs.commons.codec + implementation libs.commons.lang3 + implementation libs.commons.io + implementation libs.glassfish.jaxb.runtime + implementation libs.guava implementation libs.jackson.core implementation libs.jackson.databind implementation libs.jakarta.persistence.api implementation libs.jakarta.xml - implementation libs.guava - implementation libs.commons.codec - implementation libs.commons.lang3 - implementation libs.commons.io - implementation libs.minimal.json - implementation libs.pci - implementation libs.log4j.core implementation libs.log4j.api - implementation libs.glassfish.jaxb.runtime + implementation libs.minimal.json + implementation libs.pci implementation libs.slf4j.simple + compileOnly libs.lombok + annotationProcessor libs.lombok + testImplementation libs.junit.jupiter testImplementation libs.junit.platform.launcher testImplementation libs.hamcrest testImplementation libs.mockito.core testImplementation project(path: ':HIRS_AttestationCA') - - compileOnly libs.lombok - annotationProcessor libs.lombok + + testCompileOnly libs.lombok + testAnnotationProcessor libs.lombok } checkstyle { diff --git a/gradle/versions.toml b/gradle/versions.toml index 60b9e22e6..ac359dd93 100644 --- a/gradle/versions.toml +++ b/gradle/versions.toml @@ -1,57 +1,56 @@ [versions] -bouncyCastleVersion = "1.77" -commonsCodecVersion = "1.15" -commonsFileuploadVersion = "1.5" -commonsIoVersion = "2.11.0" -commonsLang3Version = "3.13.0" -gsonVersion = "2.10.1" -glassfishJsonVersion = "1.1.4" -glassfishJaxbRuntimeVersion = "2.3.1" -guavaVersion = "31.1-jre" -hibernateCoreVersion = "6.1.7.Final" -jacksonVersion = "2.14.2" -jakartaApiVersion = "3.1.0" +bouncyCastleVersion = "1.78.1" +commonsCodecVersion = "1.17.1" +commonsFileUploadVersion = "1.5" +commonsIoVersion = "2.17.0" +commonsLang3Version = "3.17.0" +gsonVersion = "2.11.0" +glassfishJakartaJsonVersion = "2.0.1" +glassfishJaxbRuntimeVersion = "4.0.5" +guavaVersion = "33.3.0-jre" +hibernateCoreVersion = "6.5.2.Final" +jacksonVersion = "2.17.2" +jakartaPersistenceApiVersion = "3.1.0" jakartaServletVersion = "3.0.0" -jakartaXmlVersion = "4.0.0" -jcommanderVersion = "1.83" -log4jVersion = "2.19.0" -lombokVersion = "1.18.26" -mariadbVersion = "3.1.4" +jakartaXmlVersion = "4.0.2" +jcommanderVersion = "2.0" +log4jVersion = "2.23.1" +lombokVersion = "1.18.34" +mariadbVersion = "3.4.0" minimalJsonVersion = "0.9.5" ospackageVersion = "11.2.0" pciVersion = "0.3" -protobufJavaVersion = "3.24.1" -springBootVersion = "3.0.1" +protobufJavaVersion = "3.25.5" +springBootVersion = "3.3.4" springDataJpaDatatablesVersion = "6.0.1" -springRetryVersion = "2.0.0" -testngVersion = "7.4.0" -tomcatVersion = "10.1.5" +springRetryVersion = "2.0.10" +testngVersion = "7.10.2" +tomcatVersion = "11.0.1" #test dependencies versions -apacheCommonsVersion = "2.4" -hamcrestVersion = "2.2" -hsqldbVersion = "2.7.2" -junitJupiterVersion = "5.9.3" -junitPlatformVersion = "1.9.3" -mockitoVersion = "4.2.0" -slf4jVersion = "1.7.30" -springTestVersion = "6.0.8" +hamcrestVersion = "3.0" +hsqldbVersion = "2.7.3" +junitJupiterVersion = "5.11.0" +junitPlatformVersion = "1.11.0" +mockitoVersion = "5.14.2" +slf4jVersion = "2.0.16" +springTestVersion = "6.1.13" spotBugAnnotationVersion = "4.8.6" [libraries] bouncycastle = { module = "org.bouncycastle:bcmail-jdk18on", version.ref = "bouncyCastleVersion" } commons-codec = { module = "commons-codec:commons-codec", version.ref = "commonsCodecVersion" } -commons-fileupload = { module = "commons-fileupload:commons-fileupload", version.ref = "commonsFileuploadVersion" } +commons-fileupload = { module = "commons-fileupload:commons-fileupload", version.ref = "commonsFileUploadVersion" } commons-io = { module = "commons-io:commons-io", version.ref = "commonsIoVersion" } commons-lang3 = { module = "org.apache.commons:commons-lang3", version.ref = "commonsLang3Version" } gson = { module = "com.google.code.gson:gson", version.ref = "gsonVersion" } -glassfish-javax-json = { module = "org.glassfish:javax.json", version.ref = "glassfishJsonVersion" } +glassfish-jakarta-json = { module = "org.glassfish:jakarta.json", version.ref = "glassfishJakartaJsonVersion" } glassfish-jaxb-runtime = { module = "org.glassfish.jaxb:jaxb-runtime", version.ref = "glassfishJaxbRuntimeVersion" } guava = { module = "com.google.guava:guava", version.ref = "guavaVersion" } hibernate-core = { module = "org.hibernate:hibernate-core", version.ref = "hibernateCoreVersion" } jackson-core = { module = "com.fasterxml.jackson.core:jackson-core", version.ref = "jacksonVersion" } jackson-databind = { module = "com.fasterxml.jackson.core:jackson-databind", version.ref = "jacksonVersion" } -jakarta-persistence-api = { module = "jakarta.persistence:jakarta.persistence-api", version.ref = "jakartaApiVersion" } +jakarta-persistence-api = { module = "jakarta.persistence:jakarta.persistence-api", version.ref = "jakartaPersistenceApiVersion" } jakarta-servlet = { module = "org.glassfish.web:jakarta.servlet.jsp.jstl", version.ref = "jakartaServletVersion" } jakarta-xml = { module = "jakarta.xml.bind:jakarta.xml.bind-api", version.ref = "jakartaXmlVersion" } jcommander = { module = "org.jcommander:jcommander", version.ref = "jcommanderVersion" } @@ -76,7 +75,6 @@ tomcat-embed-jasper = { module = "org.apache.tomcat.embed:tomcat-embed-jasper", testng = { module = "org.testng:testng", version.ref = "testngVersion" } # test dependencies -apache-commons-io = { module = "org.apache.directory.studio:org.apache.commons.io", version.ref = "apacheCommonsVersion" } hamcrest = { module = "org.hamcrest:hamcrest", version.ref = "hamcrestVersion" } hsqldb = { module = "org.hsqldb:hsqldb", version.ref = "hsqldbVersion" } junit-jupiter = { module = "org.junit.jupiter:junit-jupiter", version.ref = "junitJupiterVersion" } @@ -84,4 +82,6 @@ junit-platform-launcher = { module = "org.junit.platform:junit-platform-launcher mockito-core = { module = "org.mockito:mockito-core", version.ref = "mockitoVersion" } spring-test = { module = "org.springframework:spring-test", version.ref = "springTestVersion" } spring-boot-starter-test = { module = "org.springframework.boot:spring-boot-starter-test", version.ref = "springBootVersion" } -spotbugs-annotations = { module = "com.github.spotbugs:spotbugs-annotations", version.ref = "spotBugAnnotationVersion" } \ No newline at end of file +spotbugs-annotations = { module = "com.github.spotbugs:spotbugs-annotations", version.ref = "spotBugAnnotationVersion" } + +[plugins] \ No newline at end of file diff --git a/tools/tcg_eventlog_tool/build.gradle b/tools/tcg_eventlog_tool/build.gradle index 04640f514..82fc3b25c 100644 --- a/tools/tcg_eventlog_tool/build.gradle +++ b/tools/tcg_eventlog_tool/build.gradle @@ -1,8 +1,7 @@ -import java.util.concurrent.TimeUnit plugins { - id "java" - id "com.netflix.nebula.ospackage" version "11.4.0" - id 'checkstyle' + id "java" + id "com.netflix.nebula.ospackage" version "11.4.0" + id 'checkstyle' } // Get version from main project gradle def packVersion = properties.get("packageVersion"); @@ -19,10 +18,10 @@ repositories { flatDir { dirs "lib" } } -dependencies { +dependencies { implementation project(':HIRS_Utils') - implementation libs.jcommander implementation libs.commons.io + implementation libs.jcommander } ext.configDir = new File(projectDir, 'config') @@ -38,7 +37,7 @@ configurations.checkstyle { } } checkstyleMain { - source ='src/main/java' + source = 'src/main/java' } tasks.withType(Checkstyle) { reports { @@ -53,15 +52,15 @@ jar { duplicatesStrategy = DuplicatesStrategy.EXCLUDE manifest { attributes( - "Main-Class": "hirs.tcg_eventlog.Main", - 'Class-Path':configurations.runtimeClasspath.files.collect { it.getName() }.join(' ') - ) - } - from { - configurations.runtimeClasspath.collect { it.isDirectory() ? it : zipTree(it) } - } - //jar name format: [archiveBaseName]-[archiveAppendix]-[archiveVersion]-[archiveClassifier].[archiveExtension] - archiveVersion = jarVersion + "Main-Class": "hirs.tcg_eventlog.Main", + 'Class-Path': configurations.runtimeClasspath.files.collect { it.getName() }.join(' ') + ) + } + from { + configurations.runtimeClasspath.collect { it.isDirectory() ? it : zipTree(it) } + } + //jar name format: [archiveBaseName]-[archiveAppendix]-[archiveVersion]-[archiveClassifier].[archiveExtension] + archiveVersion = jarVersion } // Produce packages @@ -75,37 +74,37 @@ ospackage { user 'root' fileMode = 0755 - into ('/opt/eltool/lib') { - from jar.outputs.files - from configurations.runtimeClasspath + into('/opt/eltool/lib') { + from jar.outputs.files + from configurations.runtimeClasspath } - into ('/opt/eltool/scripts') { - from ('scripts') { - exclude { - FileTreeElement details -> - details.file.name.endsWith('.bat') + into('/opt/eltool/scripts') { + from('scripts') { + exclude { + FileTreeElement details -> + details.file.name.endsWith('.bat') + } } - } } - into ('/opt/eltool/docs') { - from ('docs') { - exclude { - FileTreeElement details -> - details.file.name.endsWith('.odt') - } + into('/opt/eltool/docs') { + from('docs') { + exclude { + FileTreeElement details -> + details.file.name.endsWith('.odt') + } + } + from('./') { + include { + FileTreeElement details -> + details.file.name.endsWith('.md') + } } - from('./') { - include { - FileTreeElement details -> - details.file.name.endsWith('.md') - } - } } // Copy vendor-table into /tmp to avoid conflict with the ACA into('/opt/eltool/default-properties') { - from ('../../HIRS_Utils/src/main/resources/vendor-table.json') { - fileMode 0664 - addParentDirs = true + from('../../HIRS_Utils/src/main/resources/vendor-table.json') { + fileMode 0664 + addParentDirs = true } } @@ -129,11 +128,11 @@ ospackage { } -task buildZip(type: Zip){ +task buildZip(type: Zip) { dependsOn jar - from(tasks.jar.archiveFile){ - rename( filename -> - "${project.name}.jar") + from(tasks.jar.archiveFile) { + rename(filename -> + "${project.name}.jar") into '/' } diff --git a/tools/tcg_rim_tool/build.gradle b/tools/tcg_rim_tool/build.gradle index 101c5e52e..3da0d87c4 100644 --- a/tools/tcg_rim_tool/build.gradle +++ b/tools/tcg_rim_tool/build.gradle @@ -24,22 +24,25 @@ dependencies { implementation project(':HIRS_Utils') implementation libs.bouncycastle - implementation libs.glassfish.javax.json + implementation libs.commons.codec + implementation libs.glassfish.jakarta.json implementation libs.glassfish.jaxb.runtime + implementation libs.guava + implementation libs.hibernate.core implementation libs.jcommander + implementation libs.jackson.databind implementation libs.jakarta.persistence.api implementation libs.jakarta.xml - implementation libs.commons.codec - implementation libs.hibernate.core - implementation libs.jackson.databind implementation libs.log4j.core - implementation libs.guava compileOnly libs.lombok - implementation libs.lombok annotationProcessor libs.lombok testImplementation libs.testng + + testCompileOnly libs.lombok + testAnnotationProcessor libs.lombok + } test { testLogging.showStandardStreams true diff --git a/tools/tcg_rim_tool/src/main/java/hirs/swid/SwidTagGateway.java b/tools/tcg_rim_tool/src/main/java/hirs/swid/SwidTagGateway.java index 3239a9d2e..2e3e3e257 100644 --- a/tools/tcg_rim_tool/src/main/java/hirs/swid/SwidTagGateway.java +++ b/tools/tcg_rim_tool/src/main/java/hirs/swid/SwidTagGateway.java @@ -9,6 +9,10 @@ import hirs.utils.xjc.ResourceCollection; import hirs.utils.xjc.SoftwareIdentity; import hirs.utils.xjc.SoftwareMeta; +import jakarta.json.Json; +import jakarta.json.JsonException; +import jakarta.json.JsonObject; +import jakarta.json.JsonReader; import jakarta.xml.bind.JAXBContext; import jakarta.xml.bind.JAXBElement; import jakarta.xml.bind.JAXBException; @@ -17,10 +21,6 @@ import org.w3c.dom.Element; import org.w3c.dom.Node; -import javax.json.Json; -import javax.json.JsonException; -import javax.json.JsonObject; -import javax.json.JsonReader; import javax.xml.crypto.MarshalException; import javax.xml.crypto.XMLStructure; import javax.xml.crypto.dom.DOMStructure; @@ -190,6 +190,7 @@ public void setRimEventLog(final String rimEventLog) { /** * Setter for timestamp format in XML signature + * * @param timestampFormat */ public void setTimestampFormat(String timestampFormat) { @@ -198,6 +199,7 @@ public void setTimestampFormat(String timestampFormat) { /** * Setter for timestamp input - RFC3852 + file or RFC3339 + value + * * @param timestampArgument */ public void setTimestampArgument(String timestampArgument) { @@ -269,7 +271,7 @@ public void generateSwidTag(final String filename) { writeSwidTagFile(signedSoftwareIdentity, filename); } else { System.out.println("The following fields cannot be empty or null: " - + errorRequiredFields.substring(0, errorRequiredFields.length()-2)); + + errorRequiredFields.substring(0, errorRequiredFields.length() - 2)); System.exit(1); } } catch (JsonException e) { @@ -555,6 +557,7 @@ private void addNonNullAttribute(Map attributes, QName key, Strin addNonNullAttribute(attributes, key, value); } } + /** * This utility method checks if an attribute value is empty before adding it to the map. * @@ -707,7 +710,8 @@ private Document signXMLDocument(Document doc) { /** * This method creates a timestamp element and populates it with data according to * the RFC format set in timestampFormat. The element is returned within an XMLObject. - * @param doc the Document representing the XML to be signed + * + * @param doc the Document representing the XML to be signed * @param sigFactory the SignatureFactory object * @return an XMLObject containing the timestamp element */ @@ -735,7 +739,7 @@ private XMLObject createXmlTimestamp(Document doc, XMLSignatureFactory sigFactor timeStampElement = doc.createElementNS(SwidTagConstants.RFC3339_NS, SwidTagConstants.RFC3339_PFX + ":TimeStamp"); timeStampElement.setAttributeNS("http://www.w3.org/2000/xmlns/", - "xmlns:" + SwidTagConstants.RFC3339_PFX, SwidTagConstants.RFC3339_NS); + "xmlns:" + SwidTagConstants.RFC3339_PFX, SwidTagConstants.RFC3339_NS); if (timestampArgument.isEmpty()) { timeStampElement.setAttributeNS(SwidTagConstants.RFC3339_NS, SwidTagConstants.RFC3339_PFX + ":" + SwidTagConstants.DATETIME, @@ -754,7 +758,7 @@ private XMLObject createXmlTimestamp(Document doc, XMLSignatureFactory sigFactor SignatureProperties signatureProperties = sigFactory.newSignatureProperties( Collections.singletonList(signatureProperty), null); XMLObject xmlObject = sigFactory.newXMLObject( - Collections.singletonList(signatureProperties), null,null,null); + Collections.singletonList(signatureProperties), null, null, null); return xmlObject; }