mirror of
https://github.com/scm-manager/scm-manager.git
synced 2026-07-03 03:29:05 +02:00
Update vulnerable version of cron-utils (#1942)
* Update lock files * Replace usage of org.apache.commons.lang3 with guava * Update vulnerable version of cron-utils Update cron-util from version 9.1.3 to 9.1.6. Version 9.1.6 fixes an arbitrary code execution vulnerability (CVE-2021-41269). SCM-Manager is not affected by this issue, because it is related to the el parsing of an annotation which we don't use.
This commit is contained in:
@@ -27,7 +27,7 @@ package sonia.scm.web.i18n;
|
||||
import com.fasterxml.jackson.databind.JsonNode;
|
||||
import com.fasterxml.jackson.databind.ObjectMapper;
|
||||
import com.github.legman.EventBus;
|
||||
import org.apache.commons.lang3.StringUtils;
|
||||
import com.google.common.base.CharMatcher;
|
||||
import org.junit.jupiter.api.BeforeEach;
|
||||
import org.junit.jupiter.api.Nested;
|
||||
import org.junit.jupiter.api.Test;
|
||||
@@ -323,8 +323,8 @@ class I18nServletTest {
|
||||
private void assertJson(String actual) {
|
||||
assertThat(actual)
|
||||
.isNotEmpty()
|
||||
.contains(StringUtils.deleteWhitespace(GIT_PLUGIN_JSON.substring(1, GIT_PLUGIN_JSON.length() - 1)))
|
||||
.contains(StringUtils.deleteWhitespace(HG_PLUGIN_JSON.substring(1, HG_PLUGIN_JSON.length() - 1)))
|
||||
.contains(StringUtils.deleteWhitespace(SVN_PLUGIN_JSON.substring(1, SVN_PLUGIN_JSON.length() - 1)));
|
||||
.contains(CharMatcher.whitespace().removeFrom(GIT_PLUGIN_JSON.substring(1, GIT_PLUGIN_JSON.length() - 1)))
|
||||
.contains(CharMatcher.whitespace().removeFrom(HG_PLUGIN_JSON.substring(1, HG_PLUGIN_JSON.length() - 1)))
|
||||
.contains(CharMatcher.whitespace().removeFrom(SVN_PLUGIN_JSON.substring(1, SVN_PLUGIN_JSON.length() - 1)));
|
||||
}
|
||||
}
|
||||
|
||||
Reference in New Issue
Block a user