fix build.gradle

NovatecConsulting · Nov 26, 2024 · 68a1599 · 68a1599
1 parent 029b391
commit 68a1599
Showing 1 changed file with 18 additions and 18 deletions.
diff --git a/build.gradle b/build.gradle
@@ -4,15 +4,15 @@ plugins {
     id 'org.springframework.boot' version "${springBootVersion}"
     id 'java'
     id 'idea'
-    id "org.cyclonedx.bom" version "1.7.4"
-    id "org.owasp.dependencycheck" version "8.4.0"
-    id "com.github.ben-manes.versions" version "0.49.0"
+    id "org.cyclonedx.bom" version "1.10.0"
+    id "org.owasp.dependencycheck" version "11.1.0"
+    id "com.github.ben-manes.versions" version "0.51.0"
 }
 
 apply plugin: 'io.spring.dependency-management'
 
 group = 'de.novatec'
-version = '2.2'
+version = '2.3'
 
 java {
     sourceCompatibility = '17'
@@ -22,35 +22,31 @@ repositories {
     mavenCentral()
 }
 
+test {
+    useJUnitPlatform()
+}
+
 
 // We only use snakeyaml transitively, but we want to force the
 // current version due to existing CVEs.
 // According to https://github.com/spring-projects/spring-boot/issues/34405
 // this is a safe
-ext['snakeyaml.version'] = '2.0'
+ext['snakeyaml.version'] = '2.3'
 
 dependencies {
-    annotationProcessor(
-            "org.projectlombok:lombok"
-    )
-
-    compileOnly(
-            "org.projectlombok:lombok"
-    )
+    annotationProcessor("org.projectlombok:lombok:${lombokVersion}")
+    compileOnly("org.projectlombok:lombok:${lombokVersion}")
 
     implementation(
             'org.springframework.boot:spring-boot-starter-web',
             'org.springframework.boot:spring-boot-starter-actuator',
             'org.springframework.boot:spring-boot-starter-validation',
 
-            'org.apache.commons:commons-text:1.10.0',
-            // If indluxdb-java is updated, check new version of the transitive dependency okio-jvm
-            // If there is a higher new version, remove the dependency override of okio-jvm
+            "org.apache.commons:commons-text:${commonsTextVersion}",
             "org.influxdb:influxdb-java:${influxdbJavaVersion}",
-            // Override transitive dependency with newer version, due to security concerns
-            "com.squareup.okio:okio-jvm:${okioJvmVersion}",
-
     )
+
+    testImplementation("org.springframework.boot:spring-boot-starter-test")
 }
 
 dependencyCheck {
@@ -61,6 +57,10 @@ dependencyCheck {
             enabled = true
         }
     }
+    nvd {
+        apiKey = System.getenv("NVD_API_TOKEN")
+        delay = 10000
+    }
 }
 
 def isNonStable = { String candidate ->