diff --git a/owasp-false-positive-warnings.xml b/owasp-false-positive-warnings.xml
index 50e88140f4bf83c356120b32d1121783da390827..86117b97b2cedd8e0f506f6ec1189f2942dc1fec 100644
--- a/owasp-false-positive-warnings.xml
+++ b/owasp-false-positive-warnings.xml
@@ -1,5 +1,8 @@
<?xml version="1.0" encoding="UTF-8"?>
-<suppressions xmlns="https://jeremylong.github.io/DependencyCheck/dependency-suppression.1.3.xsd">
+<suppressions xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
+ xmlns="https://jeremylong.github.io/DependencyCheck/dependency-suppression.1.3.xsd"
+ xsi:schemaLocation="https://jeremylong.github.io/DependencyCheck/dependency-suppression.1.3.xsd
+ https://jeremylong.github.io/DependencyCheck/dependency-suppression.1.3.xsd">
<suppress>
<notes><![CDATA[
file name: spring-security-crypto-5.8.*.jar
@@ -18,9 +21,9 @@
</suppress>
<suppress>
<notes><![CDATA[
- file name: smp.war: spring-core-5.3.30.jar
+ file name: smp.war: spring-core-5.3.31.jar
]]></notes>
- <sha1>cd2b09bf9bdb45c3cf2b771317b6dd0d6b2f6a25</sha1>
+ <sha1>368e76f732a3c331b970f69cafec1525d27b34d3</sha1>
<cve>CVE-2016-1000027</cve>
</suppress>
<suppress>
diff --git a/pom.xml b/pom.xml
index 66d48b55d83ce33bd75dbe634df22f91c44c7088..d0df99bde97c3a33cfef193c345a07bede2256d3 100644
--- a/pom.xml
+++ b/pom.xml
@@ -38,24 +38,22 @@
<maven.compiler.source>1.8</maven.compiler.source>
<project.build.sourceEncoding>UTF-8</project.build.sourceEncoding>
<edelivery.ssl-auth.version>1.15-SNAPSHOT</edelivery.ssl-auth.version>
- <edelivery.dynamic-discovery-client.version>2.1-SNAPSHOT</edelivery.dynamic-discovery-client.version>
+ <edelivery.dynamic-discovery-client.version>2.1.1-SNAPSHOT</edelivery.dynamic-discovery-client.version>
<bdmsl-api.version>4.3</bdmsl-api.version>
<!-- plugin versions -->
- <plugin.build-helper-maven-plugin.version>1.9.1</plugin.build-helper-maven-plugin.version>
- <plugin.dependency-check-maven.version>8.4.2</plugin.dependency-check-maven.version>
+ <plugin.dependency-check-maven.version>9.0.3</plugin.dependency-check-maven.version>
<plugin.jacoco-maven-plugin.version>0.8.11</plugin.jacoco-maven-plugin.version>
- <plugin.license-maven-plugin.version>2.0.0</plugin.license-maven-plugin.version>
+ <plugin.license-maven-plugin.version>2.3.0</plugin.license-maven-plugin.version>
<plugin.maven-antrun-plugin.version>3.1.0</plugin.maven-antrun-plugin.version>
<plugin.maven-assembly-plugin.version>3.6.0</plugin.maven-assembly-plugin.version>
- <plugin.maven-bundle-plugin.version>3.0.0</plugin.maven-bundle-plugin.version>
- <plugin.maven-clean-plugin.version>3.3.1</plugin.maven-clean-plugin.version>
+ <plugin.maven-clean-plugin.version>3.3.2</plugin.maven-clean-plugin.version>
<plugin.maven-compiler-plugin.version>3.11.0</plugin.maven-compiler-plugin.version>
- <plugin.maven-dependency-plugin.version>3.6.0</plugin.maven-dependency-plugin.version>
+ <plugin.maven-dependency-plugin.version>3.6.1</plugin.maven-dependency-plugin.version>
<plugin.maven-failsafe-plugin.version>3.1.2</plugin.maven-failsafe-plugin.version>
<plugin.maven-jar-plugin.version>3.3.0</plugin.maven-jar-plugin.version>
<plugin.maven-release-plugin.version>3.0.1</plugin.maven-release-plugin.version>
<plugin.maven-resources-plugin.version>3.3.1</plugin.maven-resources-plugin.version>
- <plugin.maven-surefire-plugin.version>3.1.2</plugin.maven-surefire-plugin.version>
+ <plugin.maven-surefire-plugin.version>3.2.2</plugin.maven-surefire-plugin.version>
<plugin.maven-war-plugin.version>3.4.0</plugin.maven-war-plugin.version>
@@ -65,11 +63,11 @@
<commons-beanutils.version>1.9.4</commons-beanutils.version>
<commons-collections.version>3.2.2</commons-collections.version>
- <commons-io.version>2.14.0</commons-io.version>
- <commons-lang3.version>3.13.0</commons-lang3.version>
+ <commons-io.version>2.15.0</commons-io.version>
+ <commons-lang3.version>3.14.0</commons-lang3.version>
<commons-fileupload.version>1.5</commons-fileupload.version>
- <commons-net.version>3.9.0</commons-net.version>
- <commons-validator.version>1.7</commons-validator.version>
+ <commons-net.version>3.10.0</commons-net.version>
+ <commons-validator.version>1.8.0</commons-validator.version>
<cxf-xjc-runtime.version>3.3.2</cxf-xjc-runtime.version>
<cxf.version>3.5.7</cxf.version>
<ehcache.version>2.10.9.2</ehcache.version>
@@ -91,29 +89,26 @@
<jakarta.xml.bind-api.version>2.3.3</jakarta.xml.bind-api.version>
<jstl.version>1.2</jstl.version>
<junit.version>4.13.2</junit.version>
- <junit-jupiter.version>5.10.0</junit-jupiter.version>
+ <junit-jupiter.version>5.10.1</junit-jupiter.version>
<junit-platform-surefire-provider.version>1.3.2</junit-platform-surefire-provider.version>
<junitparams.version>1.1.1</junitparams.version>
<!-- Use logback 1.2.x because is the one used by springboot 5.7. Changing to 1.3+ will break springboot logging. -->
<slf4j.version>1.7.36</slf4j.version>
- <logback.version>1.2.12</logback.version>
+ <logback.version>1.2.13</logback.version>
<mysql.jdbc.version>8.2.0</mysql.jdbc.version>
<metro.version>2.2.1-1</metro.version>
<mockito.version>4.11.0</mockito.version>
- <orika.version>1.5.4</orika.version>
<servlet-api.version>3.0.1</servlet-api.version>
<spring-modules-jakarta-commons.version>0.8</spring-modules-jakarta-commons.version>
<spring-boot.version>2.7.18</spring-boot.version>
- <spring-boot.tomcat.version>9.0.82</spring-boot.tomcat.version>
+ <spring-boot.tomcat.version>9.0.83</spring-boot.tomcat.version>
<spring.security.version>5.8.8</spring.security.version>
- <spring.version>5.3.30</spring.version>
+ <spring.version>5.3.31</spring.version>
<xmlunit.version>2.9.1</xmlunit.version>
<!-- plugins -->
<plugin.frontend-maven-plugin.version>1.15.0</plugin.frontend-maven-plugin.version>
- <plugin.exec-maven-plugin.version>1.6.0</plugin.exec-maven-plugin.version>
-
<sonar.jacoco.remotePort>${jacocoRemotePort}</sonar.jacoco.remotePort>
<sonar.jacoco.remoteAddress>${jacocoRemoteAddress}</sonar.jacoco.remoteAddress>
@@ -145,6 +140,9 @@
</release.arguments>
<project.scm.id>edelivery-scm</project.scm.id>
</properties>
+ <prerequisites>
+ <maven>3.6.0</maven>
+ </prerequisites>
<scm>
<developerConnection>scm:git:https://ec.europa.eu/digital-building-blocks/code/scm/edelivery/smp.git
@@ -359,6 +357,10 @@
<groupId>org.bouncycastle</groupId>
<artifactId>bcprov-jdk15on</artifactId>
</exclusion>
+ <exclusion>
+ <groupId>org.bouncycastle</groupId>
+ <artifactId>bcpkix-jdk15on</artifactId>
+ </exclusion>
</exclusions>
</dependency>
<dependency>
@@ -428,13 +430,13 @@
<version>${aspectj.version}</version>
</dependency>
<dependency>
- <groupId>ma.glasnost.orika</groupId>
- <artifactId>orika-core</artifactId>
- <version>${orika.version}</version>
+ <groupId>ch.qos.logback</groupId>
+ <artifactId>logback-classic</artifactId>
+ <version>${logback.version}</version>
</dependency>
<dependency>
<groupId>ch.qos.logback</groupId>
- <artifactId>logback-classic</artifactId>
+ <artifactId>logback-core</artifactId>
<version>${logback.version}</version>
</dependency>
<dependency>
@@ -699,11 +701,6 @@
<artifactId>sonar-maven-plugin</artifactId>
<version>${plugin.sonar-maven-plugin.version}</version>
</plugin>
- <plugin>
- <groupId>org.codehaus.mojo</groupId>
- <artifactId>build-helper-maven-plugin</artifactId>
- <version>${plugin.build-helper-maven-plugin.version}</version>
- </plugin>
<plugin>
<groupId>org.apache.cxf</groupId>
<artifactId>cxf-codegen-plugin</artifactId>
@@ -749,11 +746,6 @@
<artifactId>maven-compiler-plugin</artifactId>
<version>${plugin.maven-compiler-plugin.version}</version>
</plugin>
- <plugin>
- <groupId>org.apache.felix</groupId>
- <artifactId>maven-bundle-plugin</artifactId>
- <version>${plugin.maven-bundle-plugin.version}</version>
- </plugin>
<plugin>
<groupId>org.apache.maven.plugins</groupId>
<artifactId>maven-jar-plugin</artifactId>
@@ -764,11 +756,6 @@
<artifactId>frontend-maven-plugin</artifactId>
<version>${plugin.frontend-maven-plugin.version}</version>
</plugin>
- <plugin>
- <groupId>org.codehaus.mojo</groupId>
- <artifactId>exec-maven-plugin</artifactId>
- <version>${plugin.exec-maven-plugin.version}</version>
- </plugin>
</plugins>
</pluginManagement>
<plugins>