Skip to content

Commit

Permalink
#140312: добавлены обоснования для зависимостей
Browse files Browse the repository at this point in the history
  • Loading branch information
sberv authored and vnenashev committed Sep 25, 2024
1 parent 7898ffe commit f7a2cef
Show file tree
Hide file tree
Showing 2 changed files with 30 additions and 2 deletions.
13 changes: 13 additions & 0 deletions libreoffice-api-wrapper-server/pom.xml
Original file line number Diff line number Diff line change
Expand Up @@ -7,6 +7,8 @@

<artifactId>libreoffice-api-wrapper-server</artifactId>
<packaging>jar</packaging>
<name>LibreOffice API wrapper project</name>
<description>POM of LibreOffice API wrapper project</description>

<parent>
<groupId>com.payneteasy</groupId>
Expand Down Expand Up @@ -66,30 +68,37 @@

<dependencies>
<dependency>
<!--Justification: HTTP server used for incoming requests of documents and images conversions-->
<groupId>org.eclipse.jetty</groupId>
<artifactId>jetty-server</artifactId>
</dependency>
<dependency>
<!--Justification: Servlet API implementation for Jetty HTTP server-->
<groupId>org.eclipse.jetty</groupId>
<artifactId>jetty-servlet</artifactId>
</dependency>
<dependency>
<!--Justification: Library for conversation between different office documents formats, using OpenOffice.org-->
<groupId>com.artofsolving</groupId>
<artifactId>jodconverter</artifactId>
</dependency>
<dependency>
<!--Justification: Simple Logging Facade for Java (SLF4J)-->
<groupId>org.slf4j</groupId>
<artifactId>slf4j-api</artifactId>
</dependency>
<dependency>
<!--Justification: Bridge to use JCL (Jakarta Commons Logging) via SLF4J-->
<groupId>org.slf4j</groupId>
<artifactId>jcl-over-slf4j</artifactId>
</dependency>
<dependency>
<!--Justification: Implementation of the SLF4J API for Logback logging framework-->
<groupId>ch.qos.logback</groupId>
<artifactId>logback-classic</artifactId>
</dependency>
<dependency>
<!--Justification: Application configuration via environment variables-->
<groupId>com.payneteasy</groupId>
<artifactId>startup-parameters</artifactId>
</dependency>
Expand All @@ -99,18 +108,22 @@
<scope>test</scope>
</dependency>
<dependency>
<!--Justification: Batik utility library (used by batik-transcoder)-->
<groupId>org.apache.xmlgraphics</groupId>
<artifactId>batik-util</artifactId>
</dependency>
<dependency>
<!--Justification: Batik DOM implementation (used by batik-transcoder)-->
<groupId>org.apache.xmlgraphics</groupId>
<artifactId>batik-dom</artifactId>
</dependency>
<dependency>
<!--Justification: Batik generic API for transcoding an input to an output (used for conversation different images to PNG format)-->
<groupId>org.apache.xmlgraphics</groupId>
<artifactId>batik-transcoder</artifactId>
</dependency>
<dependency>
<!--Justification: Batik codecs of different image formats (used by batik-transcoder)-->
<groupId>org.apache.xmlgraphics</groupId>
<artifactId>batik-codec</artifactId>
</dependency>
Expand Down
19 changes: 17 additions & 2 deletions pom.xml
Original file line number Diff line number Diff line change
Expand Up @@ -6,6 +6,8 @@
<artifactId>libreoffice-api-wrapper</artifactId>
<version>3.1.8</version>
<packaging>pom</packaging>
<name>LibreOffice API wrapper parent project</name>
<description>POM of LibreOffice API wrapper parent project</description>

<properties>
<surefire.plugin.version>2.22.2</surefire.plugin.version>
Expand Down Expand Up @@ -71,49 +73,58 @@
<dependencyManagement>
<dependencies>
<dependency>
<!--Justification: HTTP server used for incoming requests of documents and images conversions-->
<groupId>org.eclipse.jetty</groupId>
<artifactId>jetty-server</artifactId>
<version>${jetty.version}</version>
</dependency>
<dependency>
<!--Justification: Servlet API implementation for Jetty HTTP server-->
<groupId>org.eclipse.jetty</groupId>
<artifactId>jetty-servlet</artifactId>
<version>${jetty.version}</version>
</dependency>
<dependency>
<!--Justification: Library for conversation between different office documents formats, using OpenOffice.org-->
<groupId>com.artofsolving</groupId>
<artifactId>jodconverter</artifactId>
<version>${jodconverter.version}</version>
<!-- Fix of CVE-2021-29425 (part 1 of 2) -->
<!-- [begin] Fix of CVE-2021-29425 (part 1 of 2) -->
<exclusions>
<exclusion>
<groupId>commons-logging</groupId>
<artifactId>commons-logging</artifactId>
</exclusion>
</exclusions>
<!-- [end] Fix of CVE-2021-29425 (part 1 of 2) -->
</dependency>
<!-- Fix of CVE-2021-29425 (part 2 of 2) -->
<!-- [begin] Fix of CVE-2021-29425 (part 2 of 2) -->
<dependency>
<groupId>commons-io</groupId>
<artifactId>commons-io</artifactId>
<version>2.7</version>
</dependency>
<!-- [end] Fix of CVE-2021-29425 (part 2 of 2) -->
<dependency>
<!--Justification: Simple Logging Facade for Java (SLF4J)-->
<groupId>org.slf4j</groupId>
<artifactId>slf4j-api</artifactId>
<version>${slf4j.version}</version>
</dependency>
<dependency>
<!--Justification: Bridge to use JCL (Jakarta Commons Logging) via SLF4J-->
<groupId>org.slf4j</groupId>
<artifactId>jcl-over-slf4j</artifactId>
<version>${slf4j.version}</version>
</dependency>
<dependency>
<!--Justification: Implementation of the SLF4J API for Logback logging framework-->
<groupId>ch.qos.logback</groupId>
<artifactId>logback-classic</artifactId>
<version>${logback.version}</version>
</dependency>
<dependency>
<!--Justification: Application configuration via environment variables-->
<groupId>com.payneteasy</groupId>
<artifactId>startup-parameters</artifactId>
<version>${startup.parameters.version}</version>
Expand All @@ -125,21 +136,25 @@
</dependency>

<dependency>
<!--Justification: Batik utility library (used by batik-transcoder)-->
<groupId>org.apache.xmlgraphics</groupId>
<artifactId>batik-util</artifactId>
<version>${batik.version}</version>
</dependency>
<dependency>
<!--Justification: Batik DOM implementation (used by batik-transcoder)-->
<groupId>org.apache.xmlgraphics</groupId>
<artifactId>batik-dom</artifactId>
<version>${batik.version}</version>
</dependency>
<dependency>
<!--Justification: Batik generic API for transcoding an input to an output (used for conversation different images to PNG format)-->
<groupId>org.apache.xmlgraphics</groupId>
<artifactId>batik-transcoder</artifactId>
<version>${batik.version}</version>
</dependency>
<dependency>
<!--Justification: Batik codecs of different image formats (used by batik-transcoder)-->
<groupId>org.apache.xmlgraphics</groupId>
<artifactId>batik-codec</artifactId>
<version>${batik.version}</version>
Expand Down

0 comments on commit f7a2cef

Please sign in to comment.