diff --git a/owasp-false-positive-warnings.xml b/owasp-false-positive-warnings.xml
index 9d063894dec4b1303d91c30ea247e49ba63519ae..50e88140f4bf83c356120b32d1121783da390827 100644
--- a/owasp-false-positive-warnings.xml
+++ b/owasp-false-positive-warnings.xml
@@ -64,4 +64,20 @@
<packageUrl regex="true">^pkg:maven/org\.apache\.tomcat\.embed/tomcat\-embed\-websocket@.*$</packageUrl>
<cve>CVE-2023-41080</cve>
</suppress>
+ <suppress>
+ <notes><![CDATA[
+ file name: dom4j-2.1.3/4.jar
+ Used internally by hibernate-envers
+ ]]></notes>
+ <packageUrl regex="true">^pkg:maven/org\.dom4j/dom4j@.*$</packageUrl>
+ <cve>CVE-2023-45960</cve>
+ </suppress>
+ <suppress>
+ <notes><![CDATA[
+ file name: bdmsl-webapp.war: dom4j-2.1.3.jar
+ Used internally by hibernate-envers
+ ]]></notes>
+ <sha1>a75914155a9f5808963170ec20653668a2ffd2fd</sha1>
+ <cve>CVE-2023-45960</cve>
+ </suppress>
</suppressions>
diff --git a/pom.xml b/pom.xml
index ab8e57fca4ed706ff246b4d4dff36e031be6252e..cbbb196382e9686fbe5f90741ae5deda9cf94d32 100644
--- a/pom.xml
+++ b/pom.xml
@@ -95,7 +95,7 @@
<junit-platform-surefire-provider.version>1.3.2</junit-platform-surefire-provider.version>
<junitparams.version>1.1.1</junitparams.version>
<logback.version>1.3.8</logback.version>
- <mysql.jdbc.version>8.1.0</mysql.jdbc.version>
+ <mysql.jdbc.version>8.2.0</mysql.jdbc.version>
<metro.version>2.2.1-1</metro.version>
<mockito.version>4.11.0</mockito.version>
<orika.version>1.5.4</orika.version>
diff --git a/smp-resource-extensions/oasis-smp-spi/src/main/java/eu/europa/ec/smp/spi/handler/OasisSMPServiceGroup10Handler.java b/smp-resource-extensions/oasis-smp-spi/src/main/java/eu/europa/ec/smp/spi/handler/OasisSMPServiceGroup10Handler.java
index cf45c332c2f24eb7630fa9af802443a1b362ecf0..fd5630c9bad6b62e69872ee2fb7082236d8cd4ff 100644
--- a/smp-resource-extensions/oasis-smp-spi/src/main/java/eu/europa/ec/smp/spi/handler/OasisSMPServiceGroup10Handler.java
+++ b/smp-resource-extensions/oasis-smp-spi/src/main/java/eu/europa/ec/smp/spi/handler/OasisSMPServiceGroup10Handler.java
@@ -1,6 +1,6 @@
package eu.europa.ec.smp.spi.handler;
-import eu.europa.ec.dynamicdiscovery.core.extension.impl.OasisSMP10ServiceGroupReader;
+import eu.europa.ec.dynamicdiscovery.core.extension.impl.oasis10.OasisSMP10ServiceGroupReader;
import eu.europa.ec.dynamicdiscovery.core.validator.OasisSmpSchemaValidator;
import eu.europa.ec.dynamicdiscovery.exception.TechnicalException;
import eu.europa.ec.dynamicdiscovery.exception.XmlInvalidAgainstSchemaException;
@@ -189,7 +189,7 @@ public class OasisSMPServiceGroup10Handler extends AbstractOasisSMPHandler {
throw new ResourceException(INVALID_RESOURCE, "Error occurred while validation Oasis SMP 1.0 ServiceGroup extension: [" + ids + "] with error: " + ExceptionUtils.getRootCauseMessage(e), e);
}
// if service group
- ServiceGroup serviceGroup = null;
+ ServiceGroup serviceGroup;
try {
serviceGroup = reader.parseNative(new ByteArrayInputStream(bytearray));
} catch (TechnicalException e) {
diff --git a/smp-resource-extensions/oasis-smp-spi/src/main/java/eu/europa/ec/smp/spi/handler/OasisSMPServiceGroup20Handler.java b/smp-resource-extensions/oasis-smp-spi/src/main/java/eu/europa/ec/smp/spi/handler/OasisSMPServiceGroup20Handler.java
index 48c9b3d39a9fc36955865cace627b992580d8b09..0ac103d0c01321e3e3bc8e9a0a004cd52f557034 100644
--- a/smp-resource-extensions/oasis-smp-spi/src/main/java/eu/europa/ec/smp/spi/handler/OasisSMPServiceGroup20Handler.java
+++ b/smp-resource-extensions/oasis-smp-spi/src/main/java/eu/europa/ec/smp/spi/handler/OasisSMPServiceGroup20Handler.java
@@ -1,6 +1,6 @@
package eu.europa.ec.smp.spi.handler;
-import eu.europa.ec.dynamicdiscovery.core.extension.impl.OasisSMP20ServiceGroupReader;
+import eu.europa.ec.dynamicdiscovery.core.extension.impl.oasis20.OasisSMP20ServiceGroupReader;
import eu.europa.ec.dynamicdiscovery.core.validator.OasisSmpSchemaValidator;
import eu.europa.ec.dynamicdiscovery.exception.TechnicalException;
import eu.europa.ec.dynamicdiscovery.exception.XmlInvalidAgainstSchemaException;
@@ -85,7 +85,7 @@ public class OasisSMPServiceGroup20Handler extends AbstractOasisSMPHandler {
LOG.warn("Empty document input stream for service-group [{}]!", identifier);
return;
}
- ServiceGroup serviceGroup = null;
+ ServiceGroup serviceGroup;
try {
serviceGroup = reader.parseNative(resourceData.getResourceInputStream());
} catch (TechnicalException e) {
@@ -172,11 +172,11 @@ public class OasisSMPServiceGroup20Handler extends AbstractOasisSMPHandler {
OasisSmpSchemaValidator.validateOasisSMP20ServiceGroupSchema(bytearray);
} catch (IOException | XmlInvalidAgainstSchemaException e) {
String ids = identifier != null ?
- Stream.of(identifier).map(identifier1 -> identifier1.toString()).collect(Collectors.joining(",")) : "";
+ Stream.of(identifier).map(ResourceIdentifier::toString).collect(Collectors.joining(",")) : "";
throw new ResourceException(INVALID_RESOURCE, "Error occurred while validation Oasis SMP 2.0 ServiceGroup: [" + ids + "] with error: " + ExceptionUtils.getRootCauseMessage(e), e);
}
// if service group
- ServiceGroup serviceGroup = null;
+ ServiceGroup serviceGroup;
try {
serviceGroup = reader.parseNative(new ByteArrayInputStream(bytearray));
} catch (TechnicalException e) {
diff --git a/smp-resource-extensions/oasis-smp-spi/src/main/java/eu/europa/ec/smp/spi/handler/OasisSMPServiceMetadata10Handler.java b/smp-resource-extensions/oasis-smp-spi/src/main/java/eu/europa/ec/smp/spi/handler/OasisSMPServiceMetadata10Handler.java
index f0f35ac71f3a09777d7844c13bff43527d3222ba..e1b2654a70a9594ee471524d7ca7db7e71935436 100644
--- a/smp-resource-extensions/oasis-smp-spi/src/main/java/eu/europa/ec/smp/spi/handler/OasisSMPServiceMetadata10Handler.java
+++ b/smp-resource-extensions/oasis-smp-spi/src/main/java/eu/europa/ec/smp/spi/handler/OasisSMPServiceMetadata10Handler.java
@@ -1,6 +1,6 @@
package eu.europa.ec.smp.spi.handler;
-import eu.europa.ec.dynamicdiscovery.core.extension.impl.OasisSMP10ServiceMetadataReader;
+import eu.europa.ec.dynamicdiscovery.core.extension.impl.oasis10.OasisSMP10ServiceMetadataReader;
import eu.europa.ec.dynamicdiscovery.core.validator.OasisSmpSchemaValidator;
import eu.europa.ec.dynamicdiscovery.exception.TechnicalException;
import eu.europa.ec.dynamicdiscovery.exception.XmlInvalidAgainstSchemaException;
@@ -173,7 +173,7 @@ public class OasisSMPServiceMetadata10Handler extends AbstractOasisSMPHandler {
throw new ResourceException(INVALID_RESOURCE, "Error occurred while validation Oasis SMP 1.0 ServiceMetadata: [" + identifier + "] with error: " + ExceptionUtils.getRootCauseMessage(e), e);
}
- ServiceMetadata serviceMetadata = null;
+ ServiceMetadata serviceMetadata;
try {
serviceMetadata = (ServiceMetadata) reader.parseNative(new ByteArrayInputStream(bytearray));
} catch (TechnicalException e) {
diff --git a/smp-resource-extensions/oasis-smp-spi/src/main/java/eu/europa/ec/smp/spi/handler/OasisSMPServiceMetadata20Handler.java b/smp-resource-extensions/oasis-smp-spi/src/main/java/eu/europa/ec/smp/spi/handler/OasisSMPServiceMetadata20Handler.java
index ff44ea91df42b330ca180caf5205a4c3d863d47d..71eedc8c2f8b7ca1229b9d21359c4f8d0f3788ea 100644
--- a/smp-resource-extensions/oasis-smp-spi/src/main/java/eu/europa/ec/smp/spi/handler/OasisSMPServiceMetadata20Handler.java
+++ b/smp-resource-extensions/oasis-smp-spi/src/main/java/eu/europa/ec/smp/spi/handler/OasisSMPServiceMetadata20Handler.java
@@ -1,6 +1,6 @@
package eu.europa.ec.smp.spi.handler;
-import eu.europa.ec.dynamicdiscovery.core.extension.impl.OasisSMP20ServiceMetadataReader;
+import eu.europa.ec.dynamicdiscovery.core.extension.impl.oasis20.OasisSMP20ServiceMetadataReader;
import eu.europa.ec.dynamicdiscovery.core.validator.OasisSmpSchemaValidator;
import eu.europa.ec.dynamicdiscovery.exception.TechnicalException;
import eu.europa.ec.dynamicdiscovery.exception.XmlInvalidAgainstSchemaException;
diff --git a/smp-resource-extensions/oasis-smp-spi/src/test/java/eu/europa/ec/smp/spi/converter/ServiceGroupConverterTest.java b/smp-resource-extensions/oasis-smp-spi/src/test/java/eu/europa/ec/smp/spi/converter/ServiceGroupConverterTest.java
index f5c18722adbaebc2cb9c8dc92400d017cce5be4d..b4132b7703ec03be9e6a2127f112df06bcc9846d 100644
--- a/smp-resource-extensions/oasis-smp-spi/src/test/java/eu/europa/ec/smp/spi/converter/ServiceGroupConverterTest.java
+++ b/smp-resource-extensions/oasis-smp-spi/src/test/java/eu/europa/ec/smp/spi/converter/ServiceGroupConverterTest.java
@@ -13,18 +13,17 @@
package eu.europa.ec.smp.spi.converter;
-import eu.europa.ec.dynamicdiscovery.core.extension.impl.OasisSMP10ServiceGroupReader;
+import eu.europa.ec.dynamicdiscovery.core.extension.impl.oasis10.OasisSMP10ServiceGroupReader;
import eu.europa.ec.dynamicdiscovery.exception.BindException;
import eu.europa.ec.smp.spi.testutils.XmlTestUtils;
import gen.eu.europa.ec.ddc.api.smp10.ServiceGroup;
import org.hamcrest.CoreMatchers;
import org.hamcrest.MatcherAssert;
+import org.junit.jupiter.api.Assertions;
import org.junit.jupiter.api.Test;
import java.io.ByteArrayInputStream;
-import static org.junit.Assert.assertNotNull;
-import static org.junit.Assert.assertThrows;
/**
* Created by gutowpa on 11/04/2017.
@@ -46,7 +45,7 @@ class ServiceGroupConverterTest {
ServiceGroup serviceGroup = testInstance.parseNative(new ByteArrayInputStream(inputDoc));
//then
- assertNotNull(serviceGroup);
+ Assertions.assertNotNull(serviceGroup);
}
@@ -55,7 +54,7 @@ class ServiceGroupConverterTest {
//given
byte[] inputDoc = XmlTestUtils.loadDocumentAsByteArray(RES_PATH + "ServiceGroupWithDOCTYPE.xml");
//when then
- BindException result = assertThrows(BindException.class, () -> testInstance.parseNative(new ByteArrayInputStream(inputDoc)));
+ BindException result = Assertions.assertThrows(BindException.class, () -> testInstance.parseNative(new ByteArrayInputStream(inputDoc)));
MatcherAssert.assertThat(result.getCause().getMessage(), CoreMatchers.containsString("DOCTYPE is disallowed"));
}
}
diff --git a/smp-resource-extensions/oasis-smp-spi/src/test/java/eu/europa/ec/smp/spi/converter/ServiceMetadataConverterTest.java b/smp-resource-extensions/oasis-smp-spi/src/test/java/eu/europa/ec/smp/spi/converter/ServiceMetadataConverterTest.java
index 7d682685d4421ec18f390b633b1cda3734c24cae..15c0b230a7ed2787f4326883d83c2a06ea2539a1 100644
--- a/smp-resource-extensions/oasis-smp-spi/src/test/java/eu/europa/ec/smp/spi/converter/ServiceMetadataConverterTest.java
+++ b/smp-resource-extensions/oasis-smp-spi/src/test/java/eu/europa/ec/smp/spi/converter/ServiceMetadataConverterTest.java
@@ -13,7 +13,7 @@
package eu.europa.ec.smp.spi.converter;
-import eu.europa.ec.dynamicdiscovery.core.extension.impl.OasisSMP10ServiceMetadataReader;
+import eu.europa.ec.dynamicdiscovery.core.extension.impl.oasis10.OasisSMP10ServiceMetadataReader;
import eu.europa.ec.dynamicdiscovery.exception.BindException;
import eu.europa.ec.smp.spi.testutils.XmlTestUtils;
import gen.eu.europa.ec.ddc.api.smp10.RedirectType;
@@ -22,16 +22,14 @@ import gen.eu.europa.ec.ddc.api.smp10.ServiceInformationType;
import gen.eu.europa.ec.ddc.api.smp10.ServiceMetadata;
import org.hamcrest.CoreMatchers;
import org.hamcrest.MatcherAssert;
-import org.junit.Rule;
-import org.junit.Test;
-import org.junit.rules.ExpectedException;
+
+import org.junit.jupiter.api.Test;
import org.w3c.dom.Document;
import org.w3c.dom.Element;
import org.w3c.dom.NodeList;
import java.io.ByteArrayInputStream;
-import static org.junit.Assert.assertThrows;
import static org.junit.jupiter.api.Assertions.*;
@@ -43,13 +41,10 @@ public class ServiceMetadataConverterTest {
private static final String NS = "http://docs.oasis-open.org/bdxr/ns/SMP/2016/05";
private static final String RES_PATH = "/examples/oasis-smp-1.0/";
- @Rule
- public ExpectedException expectedExeption = ExpectedException.none();
-
OasisSMP10ServiceMetadataReader testInstance = new OasisSMP10ServiceMetadataReader();
@Test
- public void testUnmarshalServiceInformation() throws Exception {
+ void testUnmarshalServiceInformation() throws Exception {
//given
byte[] inputDoc = XmlTestUtils.loadDocumentAsByteArray(RES_PATH + "ServiceMetadataWithServiceOk.xml");
@@ -69,7 +64,7 @@ public class ServiceMetadataConverterTest {
}
@Test
- public void testUnmarshalServiceInformationUtf8() throws Exception {
+ void testUnmarshalServiceInformationUtf8() throws Exception {
//given
byte[] inputDoc = XmlTestUtils.loadDocumentAsByteArray(RES_PATH + "ServiceMetadataWithServiceInformationUtf8.xml");
@@ -83,7 +78,7 @@ public class ServiceMetadataConverterTest {
}
@Test
- public void testUnmarshalRedirect() throws Exception {
+ void testUnmarshalRedirect() throws Exception {
//given
byte[] inputDoc = XmlTestUtils.loadDocumentAsByteArray(RES_PATH + "ServiceMetadataWithRedirect.xml");
@@ -100,7 +95,7 @@ public class ServiceMetadataConverterTest {
}
@Test
- public void testUnmarshalMalformedInput() throws Exception {
+ void testUnmarshalMalformedInput() {
byte[] inputDoc ="this is malformed XML body".getBytes();
@@ -110,7 +105,7 @@ public class ServiceMetadataConverterTest {
}
@Test
- public void testInvalidDocumentNamespace() throws Exception {
+ void testInvalidDocumentNamespace() throws Exception {
//given
byte[] inputDoc = XmlTestUtils.loadDocumentAsByteArray(RES_PATH + "ServiceMetadataMissingMandatoryFields.xml");
//when then
@@ -119,7 +114,7 @@ public class ServiceMetadataConverterTest {
}
@Test
- public void testToSignedServiceMetadataDocument() throws Exception {
+ void testToSignedServiceMetadataDocument() throws Exception {
//given
byte[] inputDoc = XmlTestUtils.loadDocumentAsByteArray(RES_PATH + "ServiceMetadataWithServiceOk.xml");
@@ -139,7 +134,7 @@ public class ServiceMetadataConverterTest {
}
@Test
- public void testVulnerabilityParsingDTD() throws Exception {
+ void testVulnerabilityParsingDTD() throws Exception {
byte[] inputDoc = XmlTestUtils.loadDocumentAsByteArray(RES_PATH + "ServiceMetadataWithDOCTYPE.xml");