This is an automated email from the git hooks/post-receive script. New commit to branch develop in repository i18n. See https://gitlab.nuiton.org/nuiton/i18n.git commit 3075a86d8e72670aeda040f9fd4bad0ce93a0050 Author: jcouteau <couteau@codelutin.com> Date: Wed Jun 29 16:47:49 2022 +0200 Update dependencies to fix CVEs --- i18n-maven-plugin/pom.xml | 10 ++++++-- i18n-maven-plugin/src/it/ano-1494/utf-8/pom.xml | 4 +-- i18n-maven-plugin/src/it/ano-672/pom.xml | 4 +-- i18n-maven-plugin/src/it/evo-1507/pom.xml | 4 +-- i18n-maven-plugin/src/it/evo-integrity/src/pom.xml | 4 +-- .../i18n/plugin/GenerateI18nEnumHelperMojo.java | 6 ++--- .../i18n/plugin/parser/impl/ParserGWTJavaMojo.java | 29 ++++------------------ .../i18n/plugin/parser/impl/ParserJavaMojo.java | 4 +-- .../i18n/plugin/parser/impl/ProcessorHelper.java | 17 +++++-------- .../plugin/parser/impl/GWTJavaFileParserTest.java | 9 ++++--- .../plugin/parser/impl/JavaFileParserTest.java | 24 ++++++++---------- nuiton-i18n/pom.xml | 4 +-- pom.xml | 27 ++++++++++++-------- 13 files changed, 66 insertions(+), 80 deletions(-) diff --git a/i18n-maven-plugin/pom.xml b/i18n-maven-plugin/pom.xml index 8f14950..df8a215 100644 --- a/i18n-maven-plugin/pom.xml +++ b/i18n-maven-plugin/pom.xml @@ -155,11 +155,17 @@ </dependency> <dependency> - <groupId>log4j</groupId> - <artifactId>log4j</artifactId> + <groupId>org.apache.logging.log4j</groupId> + <artifactId>log4j-api</artifactId> <scope>runtime</scope> </dependency> + <dependency> + <groupId>org.apache.logging.log4j</groupId> + <artifactId>log4j-core</artifactId> + <scope>test</scope> + </dependency> + <dependency> <groupId>junit</groupId> <artifactId>junit</artifactId> diff --git a/i18n-maven-plugin/src/it/ano-1494/utf-8/pom.xml b/i18n-maven-plugin/src/it/ano-1494/utf-8/pom.xml index 2f1e3cd..8cf456d 100644 --- a/i18n-maven-plugin/src/it/ano-1494/utf-8/pom.xml +++ b/i18n-maven-plugin/src/it/ano-1494/utf-8/pom.xml @@ -59,8 +59,8 @@ </dependency> <dependency> - <groupId>log4j</groupId> - <artifactId>log4j</artifactId> + <groupId>org.apache.logging.log4j</groupId> + <artifactId>log4j-api</artifactId> <scope>test</scope> </dependency> diff --git a/i18n-maven-plugin/src/it/ano-672/pom.xml b/i18n-maven-plugin/src/it/ano-672/pom.xml index 52704d3..8a1e202 100644 --- a/i18n-maven-plugin/src/it/ano-672/pom.xml +++ b/i18n-maven-plugin/src/it/ano-672/pom.xml @@ -73,8 +73,8 @@ </dependency> <dependency> - <groupId>log4j</groupId> - <artifactId>log4j</artifactId> + <groupId>org.apache.logging.log4j</groupId> + <artifactId>log4j-api</artifactId> <scope>test</scope> </dependency> diff --git a/i18n-maven-plugin/src/it/evo-1507/pom.xml b/i18n-maven-plugin/src/it/evo-1507/pom.xml index eb2a08b..2adbc1f 100644 --- a/i18n-maven-plugin/src/it/evo-1507/pom.xml +++ b/i18n-maven-plugin/src/it/evo-1507/pom.xml @@ -59,8 +59,8 @@ </dependency> <dependency> - <groupId>log4j</groupId> - <artifactId>log4j</artifactId> + <groupId>org.apache.logging.log4j</groupId> + <artifactId>log4j-api</artifactId> <scope>test</scope> </dependency> diff --git a/i18n-maven-plugin/src/it/evo-integrity/src/pom.xml b/i18n-maven-plugin/src/it/evo-integrity/src/pom.xml index cfcad99..6da83a1 100644 --- a/i18n-maven-plugin/src/it/evo-integrity/src/pom.xml +++ b/i18n-maven-plugin/src/it/evo-integrity/src/pom.xml @@ -59,8 +59,8 @@ </dependency> <dependency> - <groupId>log4j</groupId> - <artifactId>log4j</artifactId> + <groupId>org.apache.logging.log4j</groupId> + <artifactId>log4j-api</artifactId> <scope>test</scope> </dependency> diff --git a/i18n-maven-plugin/src/main/java/org/nuiton/i18n/plugin/GenerateI18nEnumHelperMojo.java b/i18n-maven-plugin/src/main/java/org/nuiton/i18n/plugin/GenerateI18nEnumHelperMojo.java index 949bc57..8f58892 100644 --- a/i18n-maven-plugin/src/main/java/org/nuiton/i18n/plugin/GenerateI18nEnumHelperMojo.java +++ b/i18n-maven-plugin/src/main/java/org/nuiton/i18n/plugin/GenerateI18nEnumHelperMojo.java @@ -24,7 +24,7 @@ package org.nuiton.i18n.plugin; import com.google.common.base.Charsets; import com.google.common.io.Files; -import org.antlr.v4.runtime.ANTLRInputStream; +import org.antlr.v4.runtime.CharStreams; import org.antlr.v4.runtime.CommonTokenStream; import org.antlr.v4.runtime.TokenStream; import org.apache.commons.io.FileUtils; @@ -203,7 +203,7 @@ public class GenerateI18nEnumHelperMojo extends AbstractI18nMojo { } } - private Set<String> getEnumConstants(String anEnumType) throws ClassNotFoundException, IOException { + private Set<String> getEnumConstants(String anEnumType) throws IOException { getLog().info("Scan enum: " + anEnumType); @@ -232,7 +232,7 @@ public class GenerateI18nEnumHelperMojo extends AbstractI18nMojo { if (javaFile.exists()) { String content = FileUtils.readFileToString(javaFile, "UTF-8"); - TokenStream tokenStream = new CommonTokenStream(new Java8Lexer(new ANTLRInputStream(content))); + TokenStream tokenStream = new CommonTokenStream(new Java8Lexer(CharStreams.fromString(content))); Java8Parser parser = new Java8Parser(tokenStream); diff --git a/i18n-maven-plugin/src/main/java/org/nuiton/i18n/plugin/parser/impl/ParserGWTJavaMojo.java b/i18n-maven-plugin/src/main/java/org/nuiton/i18n/plugin/parser/impl/ParserGWTJavaMojo.java index c3ac9b6..328141d 100644 --- a/i18n-maven-plugin/src/main/java/org/nuiton/i18n/plugin/parser/impl/ParserGWTJavaMojo.java +++ b/i18n-maven-plugin/src/main/java/org/nuiton/i18n/plugin/parser/impl/ParserGWTJavaMojo.java @@ -24,7 +24,7 @@ */ package org.nuiton.i18n.plugin.parser.impl; -import org.antlr.v4.runtime.ANTLRInputStream; +import org.antlr.v4.runtime.CharStreams; import org.antlr.v4.runtime.CommonTokenStream; import org.antlr.v4.runtime.TokenStream; import org.apache.commons.io.IOUtils; @@ -52,6 +52,7 @@ import java.io.FileInputStream; import java.io.IOException; import java.io.InputStreamReader; import java.io.Reader; +import java.nio.charset.StandardCharsets; import java.util.HashSet; import java.util.Set; import java.util.regex.Pattern; @@ -172,33 +173,13 @@ public class ParserGWTJavaMojo extends AbstractI18nParserMojo { super(log, encoding, oldParser, acceptKeyPattern, showTouchedFiles); } - -// protected File prepareFile(File file) throws IOException { -// -// // clean the jsp to make it xml -// -// File result = entryUpdater.getMirrorFile(file); -// if (isVerbose()) { -// getLog().info("Will process [" + file + "] to " + result); -// } -// try { -// createDirectoryIfNecessary(result.getParentFile()); -// } catch (IOException e) { -// // don't care about it... -// } -// GWTJavaProcessor processor = new GWTJavaProcessor(); -// processor.setVerbose(isVerbose()); -// processor.process(file, result, getEncoding()); -// return result; -// } - @Override public void parseFile(File file) throws IOException { - Reader inputStream = new InputStreamReader(new FileInputStream(file), "UTF-8"); + Reader inputStream = new InputStreamReader(new FileInputStream(file), StandardCharsets.UTF_8); try { // parse the file - TokenStream tokenStream = new CommonTokenStream(new Java8Lexer(new ANTLRInputStream(inputStream))); + TokenStream tokenStream = new CommonTokenStream(new Java8Lexer(CharStreams.fromReader(inputStream))); Java8Parser parser = new Java8Parser(tokenStream); Java8Parser.CompilationUnitContext compilationUnitContext = parser.compilationUnit(); @@ -223,7 +204,7 @@ public class ParserGWTJavaMojo extends AbstractI18nParserMojo { private JavaParserVisitor(File file) { this.file = file; - annotationPrefix = new HashSet<String>(); + annotationPrefix = new HashSet<>(); annotationPrefix.add("Key"); annotationPrefix.add("LocalizableResource.Key"); annotationPrefix.add("com.google.gwt.i18n.client.LocalizableResource.Key"); diff --git a/i18n-maven-plugin/src/main/java/org/nuiton/i18n/plugin/parser/impl/ParserJavaMojo.java b/i18n-maven-plugin/src/main/java/org/nuiton/i18n/plugin/parser/impl/ParserJavaMojo.java index df3f5a4..a960e52 100755 --- a/i18n-maven-plugin/src/main/java/org/nuiton/i18n/plugin/parser/impl/ParserJavaMojo.java +++ b/i18n-maven-plugin/src/main/java/org/nuiton/i18n/plugin/parser/impl/ParserJavaMojo.java @@ -25,7 +25,7 @@ package org.nuiton.i18n.plugin.parser.impl; -import org.antlr.v4.runtime.ANTLRInputStream; +import org.antlr.v4.runtime.CharStreams; import org.antlr.v4.runtime.CommonTokenStream; import org.antlr.v4.runtime.TokenStream; import org.antlr.v4.runtime.tree.TerminalNode; @@ -149,7 +149,7 @@ public class ParserJavaMojo extends AbstractI18nParserMojo { // quick check if there is a org.nuiton.i18n.I18n match in content to avoid a costy parsing if (content.contains("org.nuiton.i18n.I18n")) { - TokenStream tokenStream = new CommonTokenStream(new Java8Lexer(new ANTLRInputStream(content))); + TokenStream tokenStream = new CommonTokenStream(new Java8Lexer(CharStreams.fromString(content))); Java8Parser parser = new Java8Parser(tokenStream); try { diff --git a/i18n-maven-plugin/src/main/java/org/nuiton/i18n/plugin/parser/impl/ProcessorHelper.java b/i18n-maven-plugin/src/main/java/org/nuiton/i18n/plugin/parser/impl/ProcessorHelper.java index 2d6c366..a963a45 100644 --- a/i18n-maven-plugin/src/main/java/org/nuiton/i18n/plugin/parser/impl/ProcessorHelper.java +++ b/i18n-maven-plugin/src/main/java/org/nuiton/i18n/plugin/parser/impl/ProcessorHelper.java @@ -37,6 +37,7 @@ import java.io.FileInputStream; import java.io.IOException; import java.io.InputStream; import java.io.OutputStream; +import java.nio.charset.Charset; import java.util.ArrayList; import java.util.Collections; import java.util.List; @@ -90,11 +91,9 @@ public class ProcessorHelper extends ProcessorUtil { filter.setVerbose(verbose); setInputFilter(filter); - InputStream in = new FileInputStream(filein); - try { - OutputStream out = new ByteArrayOutputStream(); - try { + try (InputStream in = new FileInputStream(filein)) { + try (OutputStream out = new ByteArrayOutputStream()) { doProcess(this, in, out, encoding); String lines = out.toString(); for (String line : lines.split("\n")) { @@ -103,24 +102,20 @@ public class ProcessorHelper extends ProcessorUtil { result.add(key); } } - } finally { - out.close(); } - } finally { - in.close(); } } public void saveKeysToFile(File fileout, Set<String> keys) throws IOException { StringBuilder buffer = new StringBuilder(); - List<String> sortedKeys = new ArrayList<String>(keys); + List<String> sortedKeys = new ArrayList<>(keys); Collections.sort(sortedKeys); - for (String key : keys) { + for (String key : sortedKeys) { buffer.append(key).append("\n"); } - FileUtils.writeStringToFile(fileout, buffer.toString()); + FileUtils.writeStringToFile(fileout, buffer.toString(), Charset.defaultCharset()); } } diff --git a/i18n-maven-plugin/src/test/java/org/nuiton/i18n/plugin/parser/impl/GWTJavaFileParserTest.java b/i18n-maven-plugin/src/test/java/org/nuiton/i18n/plugin/parser/impl/GWTJavaFileParserTest.java index 01f61f0..c98e51f 100644 --- a/i18n-maven-plugin/src/test/java/org/nuiton/i18n/plugin/parser/impl/GWTJavaFileParserTest.java +++ b/i18n-maven-plugin/src/test/java/org/nuiton/i18n/plugin/parser/impl/GWTJavaFileParserTest.java @@ -34,6 +34,7 @@ import org.nuiton.io.SortedProperties; import java.io.File; import java.io.IOException; +import java.nio.charset.Charset; import java.util.HashSet; import java.util.Set; @@ -56,7 +57,7 @@ public class GWTJavaFileParserTest { protected Set<String> detectedKeys; @Before - public void setUp() throws Exception { + public void setUp() { oldParser = new SortedProperties(ENCODING); parser = new ParserGWTJavaMojo.GWTJavaFileParser( @@ -70,12 +71,12 @@ public class GWTJavaFileParserTest { detectedKeys.add(key); } }; - detectedKeys = new HashSet<String>(); + detectedKeys = new HashSet<>(); } @After - public void tearDown() throws Exception { + public void tearDown() { detectedKeys.clear(); detectedKeys = null; parser = null; @@ -97,7 +98,7 @@ public class GWTJavaFileParserTest { "}"; File file = new File(FileUtils.getTempDirectory(), "getKeys"); - FileUtils.write(file, classContent); + FileUtils.write(file, classContent, Charset.defaultCharset()); parseFile(file, new String[]{"d","e","f"}, "a", "b", "c"); } diff --git a/i18n-maven-plugin/src/test/java/org/nuiton/i18n/plugin/parser/impl/JavaFileParserTest.java b/i18n-maven-plugin/src/test/java/org/nuiton/i18n/plugin/parser/impl/JavaFileParserTest.java index b9ec686..0658740 100644 --- a/i18n-maven-plugin/src/test/java/org/nuiton/i18n/plugin/parser/impl/JavaFileParserTest.java +++ b/i18n-maven-plugin/src/test/java/org/nuiton/i18n/plugin/parser/impl/JavaFileParserTest.java @@ -32,15 +32,11 @@ import org.junit.Before; import org.junit.Test; import org.nuiton.io.SortedProperties; -import static org.nuiton.i18n.I18n.t; - import java.io.File; import java.io.IOException; -import java.util.ArrayList; +import java.nio.charset.Charset; import java.util.HashSet; -import java.util.List; import java.util.Set; -import java.util.function.Consumer; /** * Tests the class {@link ParserJavaMojo.JavaFileParser} @@ -62,7 +58,7 @@ public class JavaFileParserTest { protected Set<String> detectedKeys; @Before - public void setUp() throws Exception { + public void setUp() { oldParser = new SortedProperties(ENCODING); @@ -77,11 +73,11 @@ public class JavaFileParserTest { detectedKeys.add(key); } }; - detectedKeys = new HashSet<String>(); + detectedKeys = new HashSet<>(); } @After - public void tearDown() throws Exception { + public void tearDown() { detectedKeys.clear(); detectedKeys = null; parser = null; @@ -105,7 +101,7 @@ public class JavaFileParserTest { "}"; File file = new File(FileUtils.getTempDirectory(), "getKeys"); - FileUtils.write(file, classContent); + FileUtils.write(file, classContent, Charset.defaultCharset()); parseLine(file, new String[]{"e"}, "a", "b", "c", "d"); } @@ -128,7 +124,7 @@ public class JavaFileParserTest { "}"; File file = new File(FileUtils.getTempDirectory(), "getKeys2"); - FileUtils.write(file, classContent); + FileUtils.write(file, classContent, Charset.defaultCharset()); parseLine(file, new String[]{"e"}, "a", "b", "c", "d"); } @@ -154,7 +150,7 @@ public class JavaFileParserTest { "}"; File file = new File(FileUtils.getTempDirectory(), "getKeys3"); - FileUtils.write(file, classContent); + FileUtils.write(file, classContent, Charset.defaultCharset()); parseLine(file, new String[]{"e", "aa"}, "a", "b", "c", "d"); } @@ -187,7 +183,7 @@ public class JavaFileParserTest { "}"; File file = new File(FileUtils.getTempDirectory(), "getKeys4"); - FileUtils.write(file, classContent); + FileUtils.write(file, classContent, Charset.defaultCharset()); parseLine(file, new String[]{}, "javaGetter.key1", "javaGetter.key3", "javaGetter.key3"); } @@ -215,7 +211,7 @@ public class JavaFileParserTest { "}"; File file = new File(FileUtils.getTempDirectory(), "getJava8Keys"); - FileUtils.write(file, classContent); + FileUtils.write(file, classContent, Charset.defaultCharset()); parseLine(file, new String[]{"s"}, "new string found", "new string found 2", "new string in consumer"); } @@ -236,7 +232,7 @@ public class JavaFileParserTest { "}"; File file = new File(FileUtils.getTempDirectory(), "getDoubleTKeys"); - FileUtils.write(file, classContent); + FileUtils.write(file, classContent, Charset.defaultCharset()); parseLine(file, new String[]{"no"}, "test deux t"); } diff --git a/nuiton-i18n/pom.xml b/nuiton-i18n/pom.xml index 3666d07..7f61560 100644 --- a/nuiton-i18n/pom.xml +++ b/nuiton-i18n/pom.xml @@ -79,8 +79,8 @@ </dependency> <dependency> - <groupId>log4j</groupId> - <artifactId>log4j</artifactId> + <groupId>org.apache.logging.log4j</groupId> + <artifactId>log4j-core</artifactId> <scope>test</scope> </dependency> diff --git a/pom.xml b/pom.xml index cd8fe12..4c47985 100644 --- a/pom.xml +++ b/pom.xml @@ -58,8 +58,8 @@ <!--Multilanguage maven-site --> <locales>fr,en</locales> - <mavenVersion>3.8.2</mavenVersion> - <pluginPluginVersion>3.6.1</pluginPluginVersion> + <mavenVersion>3.8.6</mavenVersion> + <pluginPluginVersion>3.6.4</pluginPluginVersion> <antlr4Version>4.9.0</antlr4Version> <javaVersion>1.8</javaVersion> @@ -76,7 +76,7 @@ <dependency> <groupId>com.google.guava</groupId> <artifactId>guava</artifactId> - <version>31.0.1-jre</version> + <version>31.1-jre</version> </dependency> <dependency> @@ -117,12 +117,19 @@ </dependency> <dependency> - <groupId>log4j</groupId> - <artifactId>log4j</artifactId> - <version>1.2.17</version> + <groupId>org.apache.logging.log4j</groupId> + <artifactId>log4j-api</artifactId> + <version>2.17.2</version> <scope>provided</scope> </dependency> + <dependency> + <groupId>org.apache.logging.log4j</groupId> + <artifactId>log4j-core</artifactId> + <version>2.17.2</version> + <scope>test</scope> + </dependency> + <dependency> <groupId>org.nuiton</groupId> <artifactId>nuiton-csv</artifactId> @@ -170,7 +177,7 @@ <dependency> <groupId>org.apache.maven.shared</groupId> <artifactId>maven-dependency-tree</artifactId> - <version>3.1.0</version> + <version>3.1.1</version> </dependency> <!-- provided dependencies --> @@ -219,21 +226,21 @@ <dependency> <groupId>org.apache.struts</groupId> <artifactId>struts2-core</artifactId> - <version>2.5.26</version> + <version>6.0.0</version> <scope>compile</scope> </dependency> <dependency> <groupId>org.codehaus.plexus</groupId> <artifactId>plexus-utils</artifactId> - <version>3.4.1</version> + <version>3.4.2</version> <scope>compile</scope> </dependency> <dependency> <groupId>org.codehaus.plexus</groupId> <artifactId>plexus-component-annotations</artifactId> - <version>2.1.0</version> + <version>2.1.1</version> </dependency> </dependencies> -- To stop receiving notification emails like this one, please contact nuiton.org SCM administrator <admin+scm@nuiton.org>.