Skip to content

Commit

Permalink
Use Spring dependency-management plugin in pricenode
Browse files Browse the repository at this point in the history 
This is in preparation for addressing log4j 2 zero day exploit described
at https://www.lunasec.io/docs/blog/log4j-zero-day/. See full details
in the next commit.

Bringing in the dependency-management plugin results in many changes to
our Gradle verification metadata file, but all are BOM / POM / Module
manifests. No additional jar or code dependencies have been whitelisted
with this change.
  • Loading branch information
@cbeams @ripcurlx
cbeams authored and ripcurlx committed Dec 10, 2021
1 parent 97e4ed5 commit bb4ceaa
Show file tree
Hide file tree
Showing 2 changed files with 341 additions and 0 deletions.
2 changes: 2 additions & 0 deletions build.gradle
View file
Original file line number Diff line number Diff line change
Expand Up @@ -573,6 +573,8 @@ configure(project(':monitor')) {
configure(project(':pricenode')) {
apply plugin: "org.springframework.boot"

apply plugin: 'io.spring.dependency-management'

mainClassName = 'bisq.price.Main'

version = file("src/main/resources/version.txt").text.trim()
Expand Down
Loading

0 comments on commit bb4ceaa

Please sign in to comment.